[Secure-testing-commits] r21035 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Thu Jan 24 21:14:34 UTC 2013
Author: joeyh
Date: 2013-01-24 21:14:33 +0000 (Thu, 24 Jan 2013)
New Revision: 21035
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-01-24 18:48:55 UTC (rev 21034)
+++ data/CVE/list 2013-01-24 21:14:33 UTC (rev 21035)
@@ -1,3 +1,41 @@
+CVE-2012-6521 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
+CVE-2012-6520 (Multiple SQL injection vulnerabilities in the advanced search in ...)
+ TODO: check
+CVE-2012-6519 (SQL injection vulnerability in modules/poll/index.php in DIY-CMS 1.0 ...)
+ TODO: check
+CVE-2012-6518 (Cross-site request forgery (CSRF) vulnerability in mod.php in DiY-CMS ...)
+ TODO: check
+CVE-2012-6517 (Multiple cross-site scripting (XSS) vulnerabilities in DiY-CMS 1.0 ...)
+ TODO: check
+CVE-2012-6516 (SQL injection vulnerability in PHP Ticket System Beta 1 allows remote ...)
+ TODO: check
+CVE-2012-6515 (eFront 3.6.10, 3.6.11 build 15059, and earlier allows remote attackers ...)
+ TODO: check
+CVE-2012-6514 (Cross-site scripting (XSS) vulnerability in the nBill (com_netinvoice) ...)
+ TODO: check
+CVE-2012-6513 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
+CVE-2012-6512 (The Organizer plugin 1.2.1 for WordPress allows remote attackers to ...)
+ TODO: check
+CVE-2012-6511 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+ TODO: check
+CVE-2012-6510 (Multiple cross-site scripting (XSS) vulnerabilities in NetArt Media ...)
+ TODO: check
+CVE-2012-6509 (Unrestricted file upload vulnerability in NetArt Media Car Portal 3.0 ...)
+ TODO: check
+CVE-2012-6508 (Multiple cross-site request forgery (CSRF) vulnerabilities in NetArt ...)
+ TODO: check
+CVE-2012-6507 (Multiple SQL injection vulnerabilities in admin.php in ChurchCMS 0.0.1 ...)
+ TODO: check
+CVE-2012-6506 (Multiple cross-site scripting (XSS) vulnerabilities in he Zingiri Web ...)
+ TODO: check
+CVE-2012-6505 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
+CVE-2012-6504 (SQL injection vulnerability in mods/hours/data/get_hours.php in PHP ...)
+ TODO: check
+CVE-2012-6503 (Unspecified vulnerability in the NinjaXplorer component before 1.0.7 ...)
+ TODO: check
CVE-2012-6502 (Microsoft Internet Explorer before 10 allows remote attackers to ...)
TODO: check
CVE-2013-1413
@@ -3745,8 +3783,7 @@
RESERVED
- zabbix <unfixed> (bug #697443)
NOTE: https://support.zabbix.com/browse/ZBX-5924
-CVE-2012-6085 [gnupg key import memory corruption]
- RESERVED
+CVE-2012-6085 (The read_block function in g10/import.c in GnuPG 1.4.x before 1.4.13 ...)
{DSA-2601-1}
- gnupg 1.4.12-7 (bug #697108)
- gnupg2 2.0.19-2 (bug #697251)
@@ -14419,8 +14456,8 @@
[squeeze] - linux-2.6 2.6.32-41squeeze1
NOTE: incomplete fix of CVE-2009-4307, introducing another issue:
NOTE: https://lkml.org/lkml/2012/2/20/422
-CVE-2012-2099
- RESERVED
+CVE-2012-2099 (Multiple cross-site scripting (XSS) vulnerabilities in Wikidforum 2.10 ...)
+ TODO: check
CVE-2012-2098 (Algorithmic complexity vulnerability in the sorting algorithms in ...)
- libcommons-compress-java 1.4.1-1 (low; bug #674448)
[squeeze] - libcommons-compress-java <no-dsa> (Minor issue)
@@ -14913,8 +14950,8 @@
NOT-FOR-US: Opera
CVE-2012-1923 (RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x ...)
NOT-FOR-US: RealNetworks Helix
-CVE-2012-1922
- RESERVED
+CVE-2012-1922 (Multiple cross-site request forgery (CSRF) vulnerabilities in Sitecom ...)
+ TODO: check
CVE-2012-1921 (Cross-site request forgery (CSRF) vulnerability in ...)
NOT-FOR-US: Sitecom
CVE-2012-1920 (@Mail WebMail Client in AtMail Open-Source 1.04 and earlier allows ...)
@@ -20763,8 +20800,7 @@
CVE-2011-4619 (The Server Gated Cryptography (SGC) implementation in OpenSSL before ...)
{DSA-2390-1}
- openssl 1.0.0h-1
-CVE-2011-4618
- RESERVED
+CVE-2011-4618 (Cross-site scripting (XSS) vulnerability in advancedtext.php in ...)
NOT-FOR-US: WordPress advanced-text-widget
CVE-2011-4617 (virtualenv.py in virtualenv before 1.5 allows local users to overwrite ...)
- python-virtualenv 1.6-1 (low; bug #652653)
More information about the Secure-testing-commits
mailing list