From d8a2b3eb1b82a9a935eddd08583209f08e26815e Mon Sep 17 00:00:00 2001 From: security tracker role Date: Sat, 12 Jun 2021 08:10:30 +0000 Subject: automatic update --- data/CVE/list | 417 +++++++++++++++++++++++++++++----------------------------- 1 file changed, 212 insertions(+), 205 deletions(-) (limited to 'data') diff --git a/data/CVE/list b/data/CVE/list index 2593cd82b8..10b8d01a3c 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,21 @@ +CVE-2021-3600 + RESERVED +CVE-2021-3599 + RESERVED +CVE-2021-34681 + RESERVED +CVE-2021-34680 + RESERVED +CVE-2021-34679 (Thycotic Password Reset Server before 5.3.0 allows credential disclosu ...) + TODO: check +CVE-2021-34678 + RESERVED +CVE-2021-34677 + RESERVED +CVE-2021-34676 + RESERVED +CVE-2021-34675 + RESERVED CVE-2021-3598 RESERVED CVE-2021-3597 @@ -4726,38 +4744,27 @@ CVE-2021-32559 RESERVED CVE-2021-32558 RESERVED -CVE-2021-32557 - RESERVED +CVE-2021-32557 (It was discovered that the process_report() function in data/whoopsie- ...) NOT-FOR-US: Apport -CVE-2021-32556 - RESERVED +CVE-2021-32556 (It was discovered that the get_modified_conffiles() function in backen ...) NOT-FOR-US: Apport -CVE-2021-32555 - RESERVED +CVE-2021-32555 (It was discovered that read_file() in apport/hookutils.py would follow ...) NOT-FOR-US: Apport -CVE-2021-32554 - RESERVED +CVE-2021-32554 (It was discovered that read_file() in apport/hookutils.py would follow ...) NOT-FOR-US: Apport -CVE-2021-32553 - RESERVED +CVE-2021-32553 (It was discovered that read_file() in apport/hookutils.py would follow ...) NOT-FOR-US: Apport -CVE-2021-32552 - RESERVED +CVE-2021-32552 (It was discovered that read_file() in apport/hookutils.py would follow ...) NOT-FOR-US: Apport -CVE-2021-32551 - RESERVED +CVE-2021-32551 (It was discovered that read_file() in apport/hookutils.py would follow ...) NOT-FOR-US: Apport -CVE-2021-32550 - RESERVED +CVE-2021-32550 (It was discovered that read_file() in apport/hookutils.py would follow ...) NOT-FOR-US: Apport -CVE-2021-32549 - RESERVED +CVE-2021-32549 (It was discovered that read_file() in apport/hookutils.py would follow ...) NOT-FOR-US: Apport -CVE-2021-32548 - RESERVED +CVE-2021-32548 (It was discovered that read_file() in apport/hookutils.py would follow ...) NOT-FOR-US: Apport -CVE-2021-32547 - RESERVED +CVE-2021-32547 (It was discovered that read_file() in apport/hookutils.py would follow ...) NOT-FOR-US: Apport CVE-2021-32546 RESERVED @@ -6235,7 +6242,7 @@ CVE-2021-3527 (A flaw was found in the USB redirector device (usb-redir) of QEMU CVE-2021-3526 RESERVED CVE-2021-3525 - RESERVED + REJECTED CVE-2021-3524 (A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gate ...) - ceph 14.2.21-1 (bug #988889) [buster] - ceph (Minor issue) @@ -6571,62 +6578,62 @@ CVE-2021-31817 RESERVED CVE-2021-31816 RESERVED -CVE-2019-25042 (Unbound before 1.9.5 allows an out-of-bounds write via a compressed na ...) +CVE-2019-25042 (** DISPUTED ** Unbound before 1.9.5 allows an out-of-bounds write via ...) {DLA-2652-1} - unbound 1.9.6-1 [stretch] - unbound (No longer supported, see DSA 4694) NOTE: https://github.com/NLnetLabs/unbound/commit/6c3a0b54ed8ace93d5b5ca7b8078dc87e75cd640 -CVE-2019-25041 (Unbound before 1.9.5 allows an assertion failure via a compressed name ...) +CVE-2019-25041 (** DISPUTED ** Unbound before 1.9.5 allows an assertion failure via a ...) {DLA-2652-1} - unbound 1.9.6-1 [stretch] - unbound (No longer supported, see DSA 4694) NOTE: https://github.com/NLnetLabs/unbound/commit/2d444a5037acff6024630b88092d9188f2f5d8fe -CVE-2019-25040 (Unbound before 1.9.5 allows an infinite loop via a compressed name in ...) +CVE-2019-25040 (** DISPUTED ** Unbound before 1.9.5 allows an infinite loop via a comp ...) {DLA-2652-1} - unbound 1.9.6-1 [stretch] - unbound (No longer supported, see DSA 4694) NOTE: https://github.com/NLnetLabs/unbound/commit/2d444a5037acff6024630b88092d9188f2f5d8fe -CVE-2019-25039 (Unbound before 1.9.5 allows an integer overflow in a size calculation ...) +CVE-2019-25039 (** DISPUTED ** Unbound before 1.9.5 allows an integer overflow in a si ...) {DLA-2652-1} - unbound 1.9.6-1 [stretch] - unbound (No longer supported, see DSA 4694) NOTE: https://github.com/NLnetLabs/unbound/commit/02080f6b180232f43b77f403d0c038e9360a460f -CVE-2019-25038 (Unbound before 1.9.5 allows an integer overflow in a size calculation ...) +CVE-2019-25038 (** DISPUTED ** Unbound before 1.9.5 allows an integer overflow in a si ...) {DLA-2652-1} - unbound 1.9.6-1 [stretch] - unbound (No longer supported, see DSA 4694) NOTE: https://github.com/NLnetLabs/unbound/commit/02080f6b180232f43b77f403d0c038e9360a460f -CVE-2019-25037 (Unbound before 1.9.5 allows an assertion failure and denial of service ...) +CVE-2019-25037 (** DISPUTED ** Unbound before 1.9.5 allows an assertion failure and de ...) {DLA-2652-1} - unbound 1.9.6-1 [stretch] - unbound (No longer supported, see DSA 4694) NOTE: https://github.com/NLnetLabs/unbound/commit/d2eb78e871153f22332d30c6647f3815148f21e5 -CVE-2019-25036 (Unbound before 1.9.5 allows an assertion failure and denial of service ...) +CVE-2019-25036 (** DISPUTED ** Unbound before 1.9.5 allows an assertion failure and de ...) {DLA-2652-1} - unbound 1.9.6-1 [stretch] - unbound (No longer supported, see DSA 4694) NOTE: https://github.com/NLnetLabs/unbound/commit/f5e06689d193619c57c33270c83f5e40781a261d -CVE-2019-25035 (Unbound before 1.9.5 allows an out-of-bounds write in sldns_bget_token ...) +CVE-2019-25035 (** DISPUTED ** Unbound before 1.9.5 allows an out-of-bounds write in s ...) {DLA-2652-1} - unbound 1.9.6-1 [stretch] - unbound (No longer supported, see DSA 4694) NOTE: https://github.com/NLnetLabs/unbound/commit/fa23ee8f31ba9a018c720ea822faaee639dc7a9c -CVE-2019-25034 (Unbound before 1.9.5 allows an integer overflow in sldns_str2wire_dnam ...) +CVE-2019-25034 (** DISPUTED ** Unbound before 1.9.5 allows an integer overflow in sldn ...) {DLA-2652-1} - unbound 1.9.6-1 [stretch] - unbound (No longer supported, see DSA 4694) NOTE: https://github.com/NLnetLabs/unbound/commit/a3545867fcdec50307c776ce0af28d07046a52dd -CVE-2019-25033 (Unbound before 1.9.5 allows an integer overflow in the regional alloca ...) +CVE-2019-25033 (** DISPUTED ** Unbound before 1.9.5 allows an integer overflow in the ...) {DLA-2652-1} - unbound 1.9.6-1 [stretch] - unbound (No longer supported, see DSA 4694) NOTE: https://github.com/NLnetLabs/unbound/commit/226298bbd36f1f0fd9608e98c2ae85988b7bbdb8 -CVE-2019-25032 (Unbound before 1.9.5 allows an integer overflow in the regional alloca ...) +CVE-2019-25032 (** DISPUTED ** Unbound before 1.9.5 allows an integer overflow in the ...) {DLA-2652-1} - unbound 1.9.6-1 [stretch] - unbound (No longer supported, see DSA 4694) NOTE: https://github.com/NLnetLabs/unbound/commit/226298bbd36f1f0fd9608e98c2ae85988b7bbdb8 -CVE-2019-25031 (Unbound before 1.9.5 allows configuration injection in create_unbound_ ...) +CVE-2019-25031 (** DISPUTED ** Unbound before 1.9.5 allows configuration injection in ...) {DLA-2652-1} - unbound 1.9.6-1 [stretch] - unbound (No longer supported, see DSA 4694) @@ -20981,8 +20988,8 @@ CVE-2021-3258 (Question2Answer Q2A Ultimate SEO Version 1.3 is affected by cross NOT-FOR-US: Question2Answer Q2A Ultimate SEO CVE-2021-3257 RESERVED -CVE-2021-3256 - RESERVED +CVE-2021-3256 (KuaiFanCMS V5.x contains an arbitrary file read vulnerability in the h ...) + TODO: check CVE-2021-3255 RESERVED CVE-2021-3254 @@ -32354,8 +32361,8 @@ CVE-2021-21384 (shescape is a simple shell escape package for JavaScript. In she NOT-FOR-US: shescape CVE-2021-21383 (Wiki.js an open-source wiki app built on Node.js. Wiki.js before versi ...) NOT-FOR-US: Wiki.js -CVE-2021-21382 - RESERVED +CVE-2021-21382 (Restund is an open source NAT traversal server. The restund TURN serve ...) + TODO: check CVE-2021-21380 (XWiki Platform is a generic wiki platform offering runtime services fo ...) NOT-FOR-US: XWiki CVE-2021-21379 (XWiki Platform is a generic wiki platform offering runtime services fo ...) @@ -80709,89 +80716,89 @@ CVE-2020-13011 CVE-2020-13010 RESERVED CVE-2020-13009 - RESERVED + REJECTED CVE-2020-13008 - RESERVED + REJECTED CVE-2020-13007 - RESERVED + REJECTED CVE-2020-13006 - RESERVED + REJECTED CVE-2020-13005 - RESERVED + REJECTED CVE-2020-13004 - RESERVED + REJECTED CVE-2020-13003 - RESERVED + REJECTED CVE-2020-13002 - RESERVED + REJECTED CVE-2020-13001 - RESERVED + REJECTED CVE-2020-13000 - RESERVED + REJECTED CVE-2020-12999 - RESERVED + REJECTED CVE-2020-12998 - RESERVED + REJECTED CVE-2020-12997 - RESERVED + REJECTED CVE-2020-12996 - RESERVED + REJECTED CVE-2020-12995 - RESERVED + REJECTED CVE-2020-12994 - RESERVED + REJECTED CVE-2020-12993 - RESERVED + REJECTED CVE-2020-12992 - RESERVED + REJECTED CVE-2020-12991 - RESERVED + REJECTED CVE-2020-12990 - RESERVED + REJECTED CVE-2020-12989 - RESERVED + REJECTED CVE-2020-12988 - RESERVED + REJECTED CVE-2020-12987 - RESERVED + REJECTED CVE-2020-12986 - RESERVED + REJECTED CVE-2020-12985 - RESERVED + REJECTED CVE-2020-12984 - RESERVED + REJECTED CVE-2020-12983 - RESERVED + REJECTED CVE-2020-12982 - RESERVED + REJECTED CVE-2020-12981 - RESERVED + REJECTED CVE-2020-12980 - RESERVED + REJECTED CVE-2020-12979 - RESERVED + REJECTED CVE-2020-12978 - RESERVED + REJECTED CVE-2020-12977 - RESERVED + REJECTED CVE-2020-12976 - RESERVED + REJECTED CVE-2020-12975 - RESERVED + REJECTED CVE-2020-12974 - RESERVED + REJECTED CVE-2020-12973 - RESERVED + REJECTED CVE-2020-12972 - RESERVED + REJECTED CVE-2020-12971 - RESERVED + REJECTED CVE-2020-12970 - RESERVED + REJECTED CVE-2020-12969 - RESERVED + REJECTED CVE-2020-12968 - RESERVED + REJECTED CVE-2020-12967 (The lack of nested page table protection in the AMD SEV/SEV-ES feature ...) NOT-FOR-US: AMD CVE-2020-12966 @@ -80809,11 +80816,11 @@ CVE-2020-12961 CVE-2020-12960 RESERVED CVE-2020-12959 - RESERVED + REJECTED CVE-2020-12958 RESERVED CVE-2020-12957 - RESERVED + REJECTED CVE-2020-12956 RESERVED CVE-2020-12955 @@ -80845,7 +80852,7 @@ CVE-2020-12943 CVE-2020-12942 RESERVED CVE-2020-12941 - RESERVED + REJECTED CVE-2020-12940 RESERVED CVE-2020-12939 @@ -80855,9 +80862,9 @@ CVE-2020-12938 CVE-2020-12937 RESERVED CVE-2020-12936 - RESERVED + REJECTED CVE-2020-12935 - RESERVED + REJECTED CVE-2020-12934 RESERVED CVE-2020-12933 (A denial of service vulnerability exists in the D3DKMTEscape handler f ...) @@ -80877,31 +80884,31 @@ CVE-2020-12927 (A potential vulnerability in a dynamically loaded AMD driver in CVE-2020-12926 (The Trusted Platform Modules (TPM) reference software may not properly ...) NOT-FOR-US: AMD CVE-2020-12925 - RESERVED + REJECTED CVE-2020-12924 - RESERVED + REJECTED CVE-2020-12923 - RESERVED + REJECTED CVE-2020-12922 - RESERVED + REJECTED CVE-2020-12921 - RESERVED + REJECTED CVE-2020-12920 RESERVED CVE-2020-12919 - RESERVED + REJECTED CVE-2020-12918 RESERVED CVE-2020-12917 - RESERVED + REJECTED CVE-2020-12916 - RESERVED + REJECTED CVE-2020-12915 - RESERVED + REJECTED CVE-2020-12914 - RESERVED + REJECTED CVE-2020-12913 - RESERVED + REJECTED CVE-2020-12912 (A potential vulnerability in the AMD extension to Linux "hwmon" servic ...) - linux 5.9.9-1 (unimportant) [buster] - linux (Vulnerable driver introduced later) @@ -80913,15 +80920,15 @@ CVE-2020-12912 (A potential vulnerability in the AMD extension to Linux "hwmon" CVE-2020-12911 (A denial of service vulnerability exists in the D3DKMTCreateAllocation ...) NOT-FOR-US: AMD ATIKMDAG.SYS CVE-2020-12910 - RESERVED + REJECTED CVE-2020-12909 - RESERVED + REJECTED CVE-2020-12908 RESERVED CVE-2020-12907 RESERVED CVE-2020-12906 - RESERVED + REJECTED CVE-2020-12905 RESERVED CVE-2020-12904 @@ -80941,7 +80948,7 @@ CVE-2020-12898 CVE-2020-12897 RESERVED CVE-2020-12896 - RESERVED + REJECTED CVE-2020-12895 RESERVED CVE-2020-12894 @@ -262408,55 +262415,55 @@ CVE-2017-5781 (A CSRF vulnerability in HPE Matrix Operating Environment version CVE-2017-5780 (A remote clickjacking vulnerability in HPE Matrix Operating Environmen ...) NOT-FOR-US: HPE Matrix Operating Environment CVE-2017-5779 - RESERVED + REJECTED CVE-2017-5778 - RESERVED + REJECTED CVE-2017-5777 - RESERVED + REJECTED CVE-2017-5776 - RESERVED + REJECTED CVE-2017-5775 - RESERVED + REJECTED CVE-2017-5774 - RESERVED + REJECTED CVE-2017-5773 - RESERVED + REJECTED CVE-2017-5772 - RESERVED + REJECTED CVE-2017-5771 - RESERVED + REJECTED CVE-2017-5770 - RESERVED + REJECTED CVE-2017-5769 - RESERVED + REJECTED CVE-2017-5768 - RESERVED + REJECTED CVE-2017-5767 - RESERVED + REJECTED CVE-2017-5766 - RESERVED + REJECTED CVE-2017-5765 - RESERVED + REJECTED CVE-2017-5764 - RESERVED + REJECTED CVE-2017-5763 - RESERVED + REJECTED CVE-2017-5762 - RESERVED + REJECTED CVE-2017-5761 - RESERVED + REJECTED CVE-2017-5760 - RESERVED + REJECTED CVE-2017-5759 - RESERVED + REJECTED CVE-2017-5758 - RESERVED + REJECTED CVE-2017-5757 - RESERVED + REJECTED CVE-2017-5756 - RESERVED + REJECTED CVE-2017-5755 - RESERVED + REJECTED CVE-2017-5754 (Systems with microprocessors utilizing speculative execution and indir ...) {DSA-4120-1 DSA-4082-1 DSA-4078-1 DLA-1232-1} - linux 4.14.12-1 @@ -262498,37 +262505,37 @@ CVE-2017-5753 (Systems with microprocessors utilizing speculative execution and NOTE: Paper: https://spectreattack.com/spectre.pdf NOTE: https://01.org/security/advisories/intel-oss-10002 CVE-2017-5752 - RESERVED + REJECTED CVE-2017-5751 - RESERVED + REJECTED CVE-2017-5750 - RESERVED + REJECTED CVE-2017-5749 - RESERVED + REJECTED CVE-2017-5748 - RESERVED + REJECTED CVE-2017-5747 - RESERVED + REJECTED CVE-2017-5746 - RESERVED + REJECTED CVE-2017-5745 - RESERVED + REJECTED CVE-2017-5744 - RESERVED + REJECTED CVE-2017-5743 - RESERVED + REJECTED CVE-2017-5742 - RESERVED + REJECTED CVE-2017-5741 - RESERVED + REJECTED CVE-2017-5740 - RESERVED + REJECTED CVE-2017-5739 - RESERVED + REJECTED CVE-2017-5738 (Escalation of privilege vulnerability in admin portal for Intel Unite ...) NOT-FOR-US: Intel Unite App CVE-2017-5737 - RESERVED + REJECTED CVE-2017-5736 (An elevation of privilege in Intel Software Guard Extensions Platform ...) NOT-FOR-US: Intel CVE-2017-5735 @@ -262544,31 +262551,31 @@ CVE-2017-5731 (Bounds checking in Tianocompress before November 7, 2017 may allo NOTE: https://bugzilla.tianocore.org/attachment.cgi?id=150 NOTE: https://edk2-docs.gitbooks.io/security-advisory/content/edk-ii-tianocompress-bounds-checking-issues.html CVE-2017-5730 - RESERVED + REJECTED CVE-2017-5729 (Frame replay vulnerability in Wi-Fi subsystem in Intel Dual-Band and T ...) NOT-FOR-US: Intel CVE-2017-5728 - RESERVED + REJECTED CVE-2017-5727 (Pointer dereference in subsystem in Intel Graphics Driver 15.40.x.x, 1 ...) NOT-FOR-US: Intel CVE-2017-5726 - RESERVED + REJECTED CVE-2017-5725 - RESERVED + REJECTED CVE-2017-5724 - RESERVED + REJECTED CVE-2017-5723 - RESERVED + REJECTED CVE-2017-5722 (Incorrect policy enforcement in system firmware for Intel NUC7i3BNK, N ...) NOT-FOR-US: Intel CVE-2017-5721 (Insufficient input validation in system firmware for Intel NUC7i3BNK, ...) NOT-FOR-US: Intel CVE-2017-5720 - RESERVED + REJECTED CVE-2017-5719 (A vulnerability in the Intel Deep Learning Training Tool Beta 1 allows ...) NOT-FOR-US: Intel CVE-2017-5718 - RESERVED + REJECTED CVE-2017-5717 (Type Confusion in Content Protection HECI Service in Intel Graphics Dr ...) NOT-FOR-US: Intel graphics driver CVE-2017-5716 @@ -262615,9 +262622,9 @@ CVE-2017-5715 (Systems with microprocessors utilizing speculative execution and - xen 4.11.1~pre+1.733450b39b-1 [jessie] - xen (Too intrusive to backport) CVE-2017-5714 - RESERVED + REJECTED CVE-2017-5713 - RESERVED + REJECTED CVE-2017-5712 (Buffer overflow in Active Management Technology (AMT) in Intel Managea ...) NOT-FOR-US: Intel CVE-2017-5711 (Multiple buffer overflows in Active Management Technology (AMT) in Int ...) @@ -262639,7 +262646,7 @@ CVE-2017-5704 (Platform sample code firmware included with 4th Gen Intel Core Pr CVE-2017-5703 (Configuration of SPI Flash in platforms based on multiple Intel platfo ...) NOT-FOR-US: Intel CVE-2017-5702 - RESERVED + REJECTED CVE-2017-5701 (Insecure platform configuration in system firmware for Intel NUC7i3BNK ...) NOT-FOR-US: Intel CVE-2017-5700 (Insufficient protection of password storage in system firmware for Int ...) @@ -262664,13 +262671,13 @@ CVE-2017-5692 (Out-of-bounds read condition in older versions of some Intel Grap CVE-2017-5691 (Incorrect check in Intel processors from 6th and 7th Generation Intel ...) NOT-FOR-US: Intel CPUs CVE-2017-5690 - RESERVED + REJECTED CVE-2017-5689 (An unprivileged network attacker could gain system privileges to provi ...) NOT-FOR-US: Intel AMT CVE-2017-5688 (There is an escalation of privilege vulnerability in the Intel Solid S ...) NOT-FOR-US: Intel Solid State Drive Toolbox CVE-2017-5687 - RESERVED + REJECTED CVE-2017-5686 (The BIOS in Intel NUC systems based on 6th Gen Intel Core processors p ...) NOT-FOR-US: BIOS in Intel NUC systems CVE-2017-5685 (The BIOS in Intel NUC systems based on 6th Gen Intel Core processors p ...) @@ -262682,7 +262689,7 @@ CVE-2017-5683 (Privilege escalation in IntelHAXM.sys driver in the Intel Hardwar CVE-2017-5682 (Intel PSET Application Install wrapper of Intel Parallel Studio XE, In ...) NOT-FOR-US: Intel PSET CVE-2017-5680 - RESERVED + REJECTED CVE-2016-10197 (The search_make_new function in evdns.c in libevent before 2.1.6-beta ...) {DSA-3789-1 DLA-824-1} - libevent 2.0.21-stable-3 (bug #854092) @@ -267667,9 +267674,9 @@ CVE-2017-4053 (Command Injection vulnerability in the web interface in McAfee Ad CVE-2017-4052 (Authentication Bypass vulnerability in the web interface in McAfee Adv ...) NOT-FOR-US: McAfee CVE-2017-4051 - RESERVED + REJECTED CVE-2017-4050 - RESERVED + REJECTED CVE-2017-4049 REJECTED CVE-2017-4048 @@ -267697,7 +267704,7 @@ CVE-2017-4038 CVE-2017-4037 REJECTED CVE-2017-4036 - RESERVED + REJECTED CVE-2017-4035 REJECTED CVE-2017-4034 @@ -267777,7 +267784,7 @@ CVE-2017-3998 CVE-2017-3997 REJECTED CVE-2017-3996 - RESERVED + REJECTED CVE-2017-3995 REJECTED CVE-2017-3994 @@ -267793,7 +267800,7 @@ CVE-2017-3990 CVE-2017-3989 REJECTED CVE-2017-3988 - RESERVED + REJECTED CVE-2017-3987 REJECTED CVE-2017-3986 @@ -267829,7 +267836,7 @@ CVE-2017-3972 (Infrastructure-based foot printing vulnerability in the web inter CVE-2017-3971 (Cryptanalysis vulnerability in the web interface in McAfee Network Sec ...) NOT-FOR-US: McAfee CVE-2017-3970 - RESERVED + REJECTED CVE-2017-3969 (Abuse of communication channels vulnerability in the server in McAfee ...) NOT-FOR-US: McAfee CVE-2017-3968 (Session fixation vulnerability in the web interface in McAfee Network ...) @@ -267895,7 +267902,7 @@ CVE-2017-3939 CVE-2017-3938 REJECTED CVE-2017-3937 - RESERVED + REJECTED CVE-2017-3936 (OS Command Injection vulnerability in McAfee ePolicy Orchestrator (ePO ...) NOT-FOR-US: McAfee CVE-2017-3935 (Network Data Loss Prevention is vulnerable to MIME type sniffing which ...) @@ -267905,7 +267912,7 @@ CVE-2017-3934 (Missing HTTP Strict Transport Security state information vulnerab CVE-2017-3933 (Embedding Script (XSS) in HTTP Headers vulnerability in McAfee Network ...) NOT-FOR-US: McAfee Network Data Loss Prevention CVE-2017-3932 - RESERVED + REJECTED CVE-2017-3931 REJECTED CVE-2017-3930 @@ -267913,45 +267920,45 @@ CVE-2017-3930 CVE-2017-3929 REJECTED CVE-2017-3928 - RESERVED + REJECTED CVE-2017-3927 - RESERVED + REJECTED CVE-2017-3926 - RESERVED + REJECTED CVE-2017-3925 - RESERVED + REJECTED CVE-2017-3924 - RESERVED + REJECTED CVE-2017-3923 - RESERVED + REJECTED CVE-2017-3922 - RESERVED + REJECTED CVE-2017-3921 - RESERVED + REJECTED CVE-2017-3920 - RESERVED + REJECTED CVE-2017-3919 - RESERVED + REJECTED CVE-2017-3918 - RESERVED + REJECTED CVE-2017-3917 - RESERVED + REJECTED CVE-2017-3916 - RESERVED + REJECTED CVE-2017-3915 - RESERVED + REJECTED CVE-2017-3914 - RESERVED + REJECTED CVE-2017-3913 - RESERVED + REJECTED CVE-2017-3912 (Bypassing password security vulnerability in McAfee Application and Ch ...) NOT-FOR-US: McAfee CVE-2017-3911 - RESERVED + REJECTED CVE-2017-3910 - RESERVED + REJECTED CVE-2017-3909 - RESERVED + REJECTED CVE-2017-3908 REJECTED CVE-2017-3907 (Code Injection vulnerability in the ePolicy Orchestrator (ePO) extensi ...) @@ -267961,7 +267968,7 @@ CVE-2017-3906 CVE-2017-3905 REJECTED CVE-2017-3904 - RESERVED + REJECTED CVE-2017-3903 REJECTED CVE-2017-3902 (Cross-site scripting (XSS) vulnerability in the Web user interface (UI ...) @@ -425157,35 +425164,35 @@ CVE-2009-4306 (Unspecified vulnerability in the EXT4_IOC_MOVE_EXT (aka move exte [lenny] - linux-2.6 (vulnerable code introduced in 2.6.31) - linux-2.6.24 (vulnerable code introduced in 2.6.31) CVE-2009-4291 - RESERVED + REJECTED CVE-2009-4290 - RESERVED + REJECTED CVE-2009-4289 - RESERVED + REJECTED CVE-2009-4288 - RESERVED + REJECTED CVE-2009-4287 - RESERVED + REJECTED CVE-2009-4286 - RESERVED + REJECTED CVE-2009-4285 - RESERVED + REJECTED CVE-2009-4284 - RESERVED + REJECTED CVE-2009-4283 - RESERVED + REJECTED CVE-2009-4282 - RESERVED + REJECTED CVE-2009-4281 - RESERVED + REJECTED CVE-2009-4280 - RESERVED + REJECTED CVE-2009-4279 - RESERVED + REJECTED CVE-2009-4278 - RESERVED + REJECTED CVE-2009-4277 - RESERVED + REJECTED CVE-2009-4276 REJECTED CVE-2009-4275 @@ -426299,7 +426306,7 @@ CVE-2009-3894 (Multiple untrusted search path vulnerabilities in dstat before 0. [etch] - dstat (Minor issue) NOTE: http://svn.rpmforge.net/svn/trunk/tools/dstat/ChangeLog CVE-2009-3893 - RESERVED + REJECTED CVE-2009-3891 (Cross-site scripting (XSS) vulnerability in wp-admin/press-this.php in ...) - wordpress 2.8.6-1 (low) [etch] - wordpress (Vulnerable code not present) @@ -429685,7 +429692,7 @@ CVE-2009-2901 (The autodeployment process in Apache Tomcat 5.5.0 through 5.5.28 - tomcat6 (Windows-only) - tomcat5.5 (Windows-only) CVE-2009-2900 - RESERVED + REJECTED CVE-2009-2899 (The monitor perl script in the Sybase database plug-in in SpringSource ...) NOT-FOR-US: SpringSource Hyperic HQ CVE-2009-2898 (Cross-site scripting (XSS) vulnerability in the Alerts list feature in ...) @@ -436714,7 +436721,7 @@ CVE-2009-0787 (The ecryptfs_write_metadata_to_contents function in the eCryptfs CVE-2009-0786 REJECTED CVE-2009-0785 - RESERVED + REJECTED CVE-2009-0784 (Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.2009031 ...) {DSA-1755-1} - systemtap 0.0.20090314-2 @@ -447827,7 +447834,7 @@ CVE-2008-2662 (Multiple integer overflows in the rb_str_buf_append function in R CVE-2008-2661 RESERVED CVE-2008-2660 - RESERVED + REJECTED CVE-2008-2659 RESERVED CVE-2008-2658 @@ -451163,7 +451170,7 @@ CVE-2008-1240 (LiveConnect in Mozilla Firefox before 2.0.0.13 and SeaMonkey befo - xulrunner 1.8.1.13-1 - iceape 1.1.9-1 CVE-2008-1239 - RESERVED + REJECTED CVE-2008-1238 (Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9, when gener ...) {DSA-1534-2 DSA-1535-1 DSA-1534-1 DSA-1532-1} - iceweasel 2.0.0.13-1 @@ -452031,7 +452038,7 @@ CVE-2008-0887 (gnome-screensaver before 2.22.1, when a remote authentication ser CVE-2008-0886 REJECTED CVE-2008-0885 - RESERVED + REJECTED CVE-2008-0884 (The Replace function in the capp-lspp-config script in the (1) lspp-ea ...) NOT-FOR-US: Red Hat Enterprise Linux NOTE: Seems Redhat specific @@ -494402,7 +494409,7 @@ CVE-2005-2494 (kcheckpass in KDE 3.2.0 up to 3.4.2 allows local users to gain ro {DSA-815-1} - kdebase 4:3.4.2-3 (bug #327039; medium) CVE-2005-2493 - RESERVED + REJECTED CVE-2005-2492 (The raw_sendmsg function in the Linux kernel 2.6 before 2.6.13.1 allow ...) - linux-2.6 2.6.12-7 (bug #327416; medium) CVE-2005-2491 (Integer overflow in pcre_compile.c in Perl Compatible Regular Expressi ...) -- cgit v1.2.3