[Secure-testing-commits] r14553 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Fri Apr 23 21:14:16 UTC 2010
Author: joeyh
Date: 2010-04-23 21:14:16 +0000 (Fri, 23 Apr 2010)
New Revision: 14553
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-04-23 20:00:37 UTC (rev 14552)
+++ data/CVE/list 2010-04-23 21:14:16 UTC (rev 14553)
@@ -1,3 +1,59 @@
+CVE-2010-1490 (Unspecified vulnerability in IBM Cognos 8 Business Intelligence before ...)
+ TODO: check
+CVE-2009-4800 (Directory traversal vulnerability in Sysax Multi Server 4.3 and 4.5 ...)
+ TODO: check
+CVE-2009-4799 (Diskos CMS 6.x stores sensitive information under the web root with ...)
+ TODO: check
+CVE-2009-4798 (Multiple SQL injection vulnerabilities in Diskos CMS 6.x allow remote ...)
+ TODO: check
+CVE-2009-4797 (SQL injection vulnerability in browse.php in JobHut 1.2 and earlier ...)
+ TODO: check
+CVE-2009-4796 (Multiple SQL injection vulnerabilities in the ExecuteQueries function ...)
+ TODO: check
+CVE-2009-4795 (Multiple SQL injection vulnerabilities in Xlight FTP Server before ...)
+ TODO: check
+CVE-2009-4794 (Multiple SQL injection vulnerabilities in Community CMS 0.5 allow ...)
+ TODO: check
+CVE-2009-4793 (Unrestricted file upload vulnerability in ...)
+ TODO: check
+CVE-2009-4792 (SQL injection vulnerability in includes/content/member_content.php in ...)
+ TODO: check
+CVE-2009-4791 (Multiple SQL injection vulnerabilities in Family Connections (aka ...)
+ TODO: check
+CVE-2009-4790 (Multiple directory traversal vulnerabilities in Sysax Multi Server 4.5 ...)
+ TODO: check
+CVE-2009-4789 (Multiple PHP remote file inclusion vulnerabilities in the MojoBlog ...)
+ TODO: check
+CVE-2009-4788 (Multiple open redirect vulnerabilities in Pligg 1.0.2 and earlier ...)
+ TODO: check
+CVE-2009-4787 (Multiple cross-site request forgery (CSRF) vulnerabilities in Pligg ...)
+ TODO: check
+CVE-2009-4786 (Multiple cross-site scripting (XSS) vulnerabilities in Pligg before ...)
+ TODO: check
+CVE-2009-4785 (SQL injection vulnerability in the Quick News (com_quicknews) ...)
+ TODO: check
+CVE-2009-4784 (SQL injection vulnerability in the Joaktree (com_joaktree) component ...)
+ TODO: check
+CVE-2009-4783 (Multiple SQL injection vulnerabilities in Theeta CMS, possibly 0.01, ...)
+ TODO: check
+CVE-2009-4782 (Multiple cross-site scripting (XSS) vulnerabilities in Theeta CMS, ...)
+ TODO: check
+CVE-2009-4781 (TUKEVA Password Reminder before 1.0.0.4 uses a hard-coded password for ...)
+ TODO: check
+CVE-2009-4780 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+ TODO: check
+CVE-2009-4779 (Multiple PHP remote file inclusion vulnerabilities in NukeHall 0.3 and ...)
+ TODO: check
+CVE-2009-4778 (Multiple unspecified vulnerabilities in the PDF distiller in the ...)
+ TODO: check
+CVE-2009-4777 (Unspecified vulnerability in multiple versions of Hitachi ...)
+ TODO: check
+CVE-2009-4776 (Buffer overflow in Hitachi Cosminexus V4 through V8, Processing Kit ...)
+ TODO: check
+CVE-2009-4775 (Format string vulnerability in Ipswitch WS_FTP Professional 12 before ...)
+ TODO: check
+CVE-2009-4774 (Unspecified vulnerability in Sun Solaris 10 and OpenSolaris snv_49 ...)
+ TODO: check
CVE-2010-XXXX [cacti sql injection BONSAI-2010-0104]
- cacti <unfixed> (bug #578909)
NOTE: http://seclists.org/fulldisclosure/2010/Apr/272
@@ -9,8 +65,8 @@
[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.32)
CVE-2010-1487 (IBM Lotus Notes 7.0, 8.0, and 8.5 stores administrative credentials in ...)
NOT-FOR-US: IBM Lotus Notes
-CVE-2010-1486
- RESERVED
+CVE-2010-1486 (Multiple cross-site scripting (XSS) vulnerabilities in _invoice.asp in ...)
+ TODO: check
CVE-2010-1485
RESERVED
CVE-2010-1484
@@ -376,8 +432,7 @@
RESERVED
CVE-2010-1321
RESERVED
-CVE-2010-1320 [krb5: double-free]
- RESERVED
+CVE-2010-1320 (Double free vulnerability in do_tgs_req.c in the Key Distribution ...)
- krb5 1.8.1+dfsg-2 (bug #577490)
[lenny] - krb5 <not-affected> (Only affects 1.7/1.8)
NOTE: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-004.txt
@@ -471,8 +526,8 @@
RESERVED
CVE-2010-1279
RESERVED
-CVE-2010-1278
- RESERVED
+CVE-2010-1278 (Buffer overflow in the Atlcom.get_atlcom ActiveX control in gp.ocx in ...)
+ TODO: check
CVE-2010-1277 (SQL injection vulnerability in the user.authenticate method in the API ...)
- zabbix 1:1.8.2-1 (bug #577058)
[lenny] - zabbix <not-affected> (vulnerable code not present)
@@ -1143,10 +1198,10 @@
RESERVED
CVE-2010-1034
RESERVED
-CVE-2010-1033
- RESERVED
-CVE-2010-1032
- RESERVED
+CVE-2010-1033 (Multiple stack-based buffer overflows in a certain Tetradyne ActiveX ...)
+ TODO: check
+CVE-2010-1032 (Unspecified vulnerability in HP HP-UX B.11.11 allows local users to ...)
+ TODO: check
CVE-2010-1031 (Unspecified vulnerability in HP Insight Control for Linux (aka ...)
NOT-FOR-US: HP Insight Control
CVE-2010-1030 (Unspecified vulnerability in HP-UX B.11.31, with AudFilter rules ...)
@@ -1249,8 +1304,7 @@
NOT-FOR-US: Pulse CMS Basic
CVE-2010-0992 (Multiple cross-site request forgery (CSRF) vulnerabilities in Pulse ...)
NOT-FOR-US: Pulse CMS Basic
-CVE-2010-0991 [imlib2 issue]
- RESERVED
+CVE-2010-0991 (Multiple heap-based buffer overflows in imlib2 1.4.3 allow ...)
- imlib2 <undetermined>
NOTE: http://seclists.org/bugtraq/2010/Apr/196
TODO: check
@@ -2496,8 +2550,8 @@
RESERVED
CVE-2010-0594
RESERVED
-CVE-2010-0593
- RESERVED
+CVE-2010-0593 (The Cisco RVS4000 4-port Gigabit Security Router before 1.3.2.0, ...)
+ TODO: check
CVE-2010-0592 (The CTI Manager service in Cisco Unified Communications Manager (aka ...)
NOT-FOR-US: Cisco Unified Communications Manager
CVE-2010-0591 (Cisco Unified Communications Manager (aka CUCM, formerly CallManager) ...)
More information about the Secure-testing-commits
mailing list