[Secure-testing-commits] r19294 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Tue May 22 21:14:33 UTC 2012
Author: joeyh
Date: 2012-05-22 21:14:33 +0000 (Tue, 22 May 2012)
New Revision: 19294
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-05-22 18:09:06 UTC (rev 19293)
+++ data/CVE/list 2012-05-22 21:14:33 UTC (rev 19294)
@@ -1,3 +1,53 @@
+CVE-2012-2925 (SQL injection vulnerability in engine.php in Simple PHP Agenda 2.2.8 ...)
+ TODO: check
+CVE-2012-2924 (PHP remote file inclusion vulnerability in admin/setup.inc.php in ...)
+ TODO: check
+CVE-2012-2923 (SQL injection vulnerability in news.php4 in Hypermethod eLearning ...)
+ TODO: check
+CVE-2012-2922 (The request_path function in includes/bootstrap.inc in Drupal 7.14 and ...)
+ TODO: check
+CVE-2012-2921 (Universal Feed Parser (aka feedparser or python-feedparser) before ...)
+ TODO: check
+CVE-2012-2920 (Cross-site scripting (XSS) vulnerability in the userphoto_options_page ...)
+ TODO: check
+CVE-2012-2919 (Directory traversal vulnerability in Upload/engine.php in Chevereto ...)
+ TODO: check
+CVE-2012-2918 (Cross-site scripting (XSS) vulnerability in Upload/engine.php in ...)
+ TODO: check
+CVE-2012-2917 (Cross-site scripting (XSS) vulnerability in the Share and Follow ...)
+ TODO: check
+CVE-2012-2916 (Cross-site scripting (XSS) vulnerability in sabre_class_admin.php in ...)
+ TODO: check
+CVE-2012-2915 (Stack-based buffer overflow in Lattice Semiconductor PAC-Designer ...)
+ TODO: check
+CVE-2012-2914 (Cross-site scripting (XSS) vulnerability in captchademo.php in ...)
+ TODO: check
+CVE-2012-2913 (Multiple cross-site scripting (XSS) vulnerabilities in the Leaflet ...)
+ TODO: check
+CVE-2012-2912 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+ TODO: check
+CVE-2012-2911 (Cross-site scripting (XSS) vulnerability in backupDB.php in ...)
+ TODO: check
+CVE-2012-2910 (Multiple cross-site scripting (XSS) vulnerabilities in SiliSoftware ...)
+ TODO: check
+CVE-2012-2909 (Multiple cross-site scripting (XSS) vulnerabilities in Viscacha ...)
+ TODO: check
+CVE-2012-2908 (Multiple SQL injection vulnerabilities in admin/bbcodes.php in ...)
+ TODO: check
+CVE-2012-2907 (Cross-site scripting (XSS) vulnerability in the aberdeen_breadcrumb ...)
+ TODO: check
+CVE-2012-2906 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+ TODO: check
+CVE-2012-2905 (Artiphp CMS 5.5.0 Neo (r422) stores database backups with predictable ...)
+ TODO: check
+CVE-2012-2904 (player.swf in LongTail JW Player 5.9 allows remote attackers to ...)
+ TODO: check
+CVE-2012-2903 (Multiple cross-site scripting (XSS) vulnerabilities in PHP Address ...)
+ TODO: check
+CVE-2012-2902 (Unrestricted file upload vulnerability in ...)
+ TODO: check
+CVE-2012-2901 (Cross-site scripting (XSS) vulnerability in the Profile List in the ...)
+ TODO: check
CVE-2012-2900
RESERVED
CVE-2012-2899
@@ -680,8 +730,8 @@
RESERVED
CVE-2012-2562
RESERVED
-CVE-2012-2561
- RESERVED
+CVE-2012-2561 (HP Business Service Management (BSM) 9.12 does not properly restrict ...)
+ TODO: check
CVE-2012-2560
RESERVED
CVE-2012-2559
@@ -1074,29 +1124,22 @@
RESERVED
CVE-2010-5105
RESERVED
-CVE-2010-5104 [TYPO3-SA-2010-022]
- RESERVED
+CVE-2010-5104 (The escapeStrForLike method in TYPO3 4.2.x before 4.2.16, 4.3.x before ...)
- typo3-src 4.3.9+dfsg1-1 (bug #607286)
-CVE-2010-5103 [TYPO3-SA-2010-022]
- RESERVED
+CVE-2010-5103 (SQL injection vulnerability in the list module in TYPO3 4.2.x before ...)
- typo3-src 4.3.9+dfsg1-1 (bug #607286)
-CVE-2010-5102 [TYPO3-SA-2010-022]
- RESERVED
+CVE-2010-5102 (Directory traversal vulnerability in mod/tools/em/class.em_unzip.php ...)
- typo3-src 4.3.9+dfsg1-1 (bug #607286)
-CVE-2010-5101 [TYPO3-SA-2010-022]
- RESERVED
+CVE-2010-5101 (Directory traversal vulnerability in the TypoScript setup in TYPO3 ...)
- typo3-src 4.3.9+dfsg1-1 (bug #607286)
-CVE-2010-5100 [TYPO3-SA-2010-022]
- RESERVED
+CVE-2010-5100 (Multiple cross-site scripting (XSS) vulnerabilities in the Install ...)
- typo3-src 4.3.9+dfsg1-1 (bug #607286)
CVE-2010-5099 [TYPO3-SA-2010-022]
RESERVED
- typo3-src 4.3.9+dfsg1-1 (bug #607286)
-CVE-2010-5098 [TYPO3-SA-2010-022]
- RESERVED
+CVE-2010-5098 (Cross-site scripting (XSS) vulnerability in the FORM content object in ...)
- typo3-src 4.3.9+dfsg1-1 (bug #607286)
-CVE-2010-5097 [TYPO3-SA-2010-022]
- RESERVED
+CVE-2010-5097 (Cross-site scripting (XSS) vulnerability in the click enlarge ...)
- typo3-src 4.3.9+dfsg1-1 (bug #607286)
CVE-2010-5096 [MyBB multiple SQL injection vulnerabilities]
RESERVED
@@ -1193,8 +1236,7 @@
RESERVED
CVE-2012-2377
RESERVED
-CVE-2012-2376
- RESERVED
+CVE-2012-2376 (Buffer overflow in the com_print_typeinfo function in PHP 5.4.3 and ...)
- php5 <not-affected> (Windows-specific vulnerability)
CVE-2012-2375
RESERVED
@@ -1264,37 +1306,34 @@
- pam-shield <unfixed> (low; bug #658830)
[squeeze] - pam-shield <no-dsa> (Minor issue)
CVE-2012-2349
- RESERVED
+ REJECTED
CVE-2012-2348
- RESERVED
+ REJECTED
CVE-2012-2347
- RESERVED
+ REJECTED
CVE-2012-2346
- RESERVED
+ REJECTED
CVE-2012-2345
- RESERVED
+ REJECTED
CVE-2012-2344
- RESERVED
+ REJECTED
CVE-2012-2343
- RESERVED
+ REJECTED
CVE-2012-2342
- RESERVED
+ REJECTED
CVE-2012-2341 (Cross-site request forgery (CSRF) vulnerability in the Take Control ...)
NOTE: http://www.openwall.com/lists/oss-security/2012/05/10/6
NOTE: http://www.openwall.com/lists/oss-security/2012/05/11/2
NOT-FOR-US: Drupal Take Control
-CVE-2012-2340 [Drupal SA-CONTRIB-2012-074]
- RESERVED
+CVE-2012-2340 (The Contact Forms module 7.x-1.x before 7.x-1.2 for Drupal does not ...)
NOTE: http://www.openwall.com/lists/oss-security/2012/05/10/6
NOTE: http://www.openwall.com/lists/oss-security/2012/05/11/2
NOT-FOR-US: Drupal Contact Forms
-CVE-2012-2339 [Drupal SA-CONTRIB-2012-073]
- RESERVED
+CVE-2012-2339 (Cross-site scripting (XSS) vulnerability in the Glossary module ...)
NOTE: http://www.openwall.com/lists/oss-security/2012/05/10/6
NOTE: http://www.openwall.com/lists/oss-security/2012/05/11/2
NOT-FOR-US: Drupal Glossary
-CVE-2012-2338 [galette SQL injection]
- RESERVED
+CVE-2012-2338 (SQL injection vulnerability in includes/picture.class.php in Galette ...)
NOT-FOR-US: Galette
NOTE: http://redmine.ulysses.fr/issues/250
NOTE: http://redmine.ulysses.fr/projects/galette/repository/revisions/8c13ec159ba
@@ -1481,8 +1520,8 @@
NOT-FOR-US: Comodo Internet Security
CVE-2012-2272
RESERVED
-CVE-2012-2271
- RESERVED
+CVE-2012-2271 (Buffer overflow in the InitLicenKeys function in a certain ActiveX ...)
+ TODO: check
CVE-2012-2270 (Open redirect vulnerability in index.php (aka the Login Page) in ...)
- owncloud <itp> (bug #648674)
CVE-2012-2269 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 3.0.0 ...)
@@ -3834,8 +3873,8 @@
RESERVED
CVE-2012-1250
RESERVED
-CVE-2012-1249
- RESERVED
+CVE-2012-1249 (The iLunascape application 1.0.4.0 and earlier for Android does not ...)
+ TODO: check
CVE-2012-1248 (app/config/core.php in baserCMS 1.6.15 and earlier does not properly ...)
TODO: check
CVE-2012-1247 (Cross-site scripting (XSS) vulnerability in KENT-WEB WEB MART 1.7 and ...)
@@ -6342,14 +6381,14 @@
RESERVED
CVE-2012-0300
RESERVED
-CVE-2012-0299
- RESERVED
-CVE-2012-0298
- RESERVED
-CVE-2012-0297
- RESERVED
-CVE-2012-0296
- RESERVED
+CVE-2012-0299 (The file-management scripts in the management GUI in Symantec Web ...)
+ TODO: check
+CVE-2012-0298 (The file-management scripts in the management GUI in Symantec Web ...)
+ TODO: check
+CVE-2012-0297 (The management GUI in Symantec Web Gateway 5.0.x before 5.0.3 does not ...)
+ TODO: check
+CVE-2012-0296 (Multiple cross-site scripting (XSS) vulnerabilities in the management ...)
+ TODO: check
CVE-2012-0295
RESERVED
CVE-2012-0294
More information about the Secure-testing-commits
mailing list