diff options
| author | security tracker role <sectracker@soriano.debian.org> | 2020-02-12 20:10:26 +0000 |
|---|---|---|
| committer | security tracker role <sectracker@soriano.debian.org> | 2020-02-12 20:10:26 +0000 |
| commit | 21629a91bd6b31f6d0b865e36d074e56f3723afa (patch) | |
| tree | ec748e0f5153083172134b63128259d55d79c504 /data/CVE/2014.list | |
| parent | 599c1dbbfd254204f570933072ff03d490facde0 (diff) | |
automatic update
Diffstat (limited to 'data/CVE/2014.list')
| -rw-r--r-- | data/CVE/2014.list | 32 |
1 files changed, 14 insertions, 18 deletions
diff --git a/data/CVE/2014.list b/data/CVE/2014.list index fabcdf60cb..dc1166d432 100644 --- a/data/CVE/2014.list +++ b/data/CVE/2014.list @@ -3254,8 +3254,7 @@ CVE-2014-9420 (The rock_continue function in fs/isofs/rock.c in the Linux kernel [wheezy] - linux 3.2.65-1 - linux-2.6 <removed> NOTE: Upstream fix: https://git.kernel.org/linus/f54e18f1b831c92f6512d2eedb224cd63d607d3d (v3.19-rc1) -CVE-2014-9390 [arbitrary command execution vulnerability on case-insensitive file systems] - RESERVED +CVE-2014-9390 (Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x befo ...) {DLA-237-1} - git 1:2.1.4-1 [wheezy] - git <no-dsa> (Minor issue) @@ -6641,8 +6640,7 @@ CVE-2014-8129 (LibTIFF 4.0.3 allows remote attackers to cause a denial of servic NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2487 (tiff2pdf) NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2488 (tiff2pdf) NOTE: The tiff3 source package doesn't build the TIFF tools, but most of these bugs are in the library -CVE-2014-8128 [out-of-bounds write] - RESERVED +CVE-2014-8128 (LibTIFF prior to 4.0.4, as used in Apple iOS before 8.4 and OS X befor ...) {DSA-3273-1 DLA-693-1 DLA-610-1 DLA-221-1} - tiff 4.0.3-12.3 (bug #776185) - tiff3 <removed> @@ -11132,8 +11130,8 @@ CVE-2014-6264 RESERVED CVE-2014-6263 RESERVED -CVE-2014-6262 - RESERVED +CVE-2014-6262 (Multiple format string vulnerabilities in the python module in RRDtool ...) + TODO: check CVE-2014-6261 (Zenoss Core through 5 Beta 3 does not properly implement the Check For ...) - zenoss <itp> (bug #361253) CVE-2014-6260 (Zenoss Core through 5 Beta 3 does not require a password for modifying ...) @@ -14123,8 +14121,8 @@ CVE-2014-4970 RESERVED CVE-2014-4969 RESERVED -CVE-2014-4968 - RESERVED +CVE-2014-4968 (The WebView class and use of the WebView.addJavascriptInterface method ...) + TODO: check CVE-2014-4967 RESERVED - ansible 1.6.8+dfsg-1 @@ -14993,8 +14991,7 @@ CVE-2014-4608 (** DISPUTED ** Multiple integer overflows in the lzo1x_decompress [squeeze] - linux-2.6 2.6.32-48squeeze9 NOTE: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=206a81c18401c0cde6e579164f752c4b147324ce NOTE: Not exploitable with the block sizes used in kernel images -CVE-2014-4607 - RESERVED +CVE-2014-4607 (Integer overflow in the LZO algorithm variant in Oberhumer liblzo2 and ...) {DSA-2995-1 DLA-35-1} - lzo <removed> - lzo2 2.08-1 (bug #752861) @@ -16750,8 +16747,8 @@ CVE-2014-3862 (CDA.xsl in HL7 C-CDA 1.1 and earlier allows remote attackers to d NOT-FOR-US: HL7 C-CDA CVE-2014-3861 (Cross-site scripting (XSS) vulnerability in CDA.xsl in HL7 C-CDA 1.1 a ...) NOT-FOR-US: HL7 C-CDA -CVE-2014-3860 - RESERVED +CVE-2014-3860 (Xilisoft Video Converter Ultimate 7.8.1 build-20140505 has a DLL Hijac ...) + TODO: check CVE-2014-3859 (libdns in ISC BIND 9.10.0 before P2 does not properly handle EDNS opti ...) - bind9 <not-affected> (Only affects 9.10.0, 9.10.0-P1) NOTE: https://kb.isc.org/article/AA-01166 @@ -20328,8 +20325,8 @@ CVE-2014-2597 (PCNetSoftware RAC Server 4.0.4 and 4.0.5 allows local users to ca NOT-FOR-US: PCNetSoftware RAC Server CVE-2014-2596 RESERVED -CVE-2014-2595 - RESERVED +CVE-2014-2595 (Barracuda Web Application Firewall (WAF) 7.8.1.013 allows remote attac ...) + TODO: check CVE-2014-2594 RESERVED CVE-2014-2593 (The management console in Aruba Networks ClearPass Policy Manager 6.3. ...) @@ -20385,8 +20382,8 @@ CVE-2014-2562 RESERVED CVE-2014-2561 RESERVED -CVE-2014-2560 - RESERVED +CVE-2014-2560 (The PhonerLite phone before 2.15 provides hashed credentials in a resp ...) + TODO: check CVE-2014-2559 (Multiple cross-site request forgery (CSRF) vulnerabilities in twitget. ...) NOT-FOR-US: WordPress plugin Twitget CVE-2014-2558 (The File Gallery plugin before 1.7.9.2 for WordPress does not properly ...) @@ -25947,8 +25944,7 @@ CVE-2014-0236 (file before 5.18, as used in the Fileinfo component in PHP before NOTE: https://bugs.php.net/bug.php?id=67329 CVE-2014-0235 REJECTED -CVE-2014-0234 - RESERVED +CVE-2014-0234 (The default configuration of broker.conf in Red Hat OpenShift Enterpri ...) NOT-FOR-US: OpenShift CVE-2014-0233 (Red Hat OpenShift Enterprise 2.0 and 2.1 and OpenShift Origin allow re ...) NOT-FOR-US: OpenShift |