[Secure-testing-commits] r22816 - data/CVE

Joey Hess joeyh at alioth.debian.org
Mon Jul 1 21:14:23 UTC 2013 

Author: joeyh
Date: 2013-07-01 21:14:23 +0000 (Mon, 01 Jul 2013)
New Revision: 22816

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-07-01 20:52:52 UTC (rev 22815)
+++ data/CVE/list	2013-07-01 21:14:23 UTC (rev 22816)
@@ -1,3 +1,33 @@
+CVE-2013-4735 (The Digital Alert Systems DASDEC EAS device before 2.0-2 and the ...)
+	TODO: check
+CVE-2013-4734 (dasdec_mkuser on the Digital Alert Systems DASDEC EAS device before ...)
+	TODO: check
+CVE-2013-4733 (The web server on the Digital Alert Systems DASDEC EAS device before ...)
+	TODO: check
+CVE-2013-4732 (** DISPUTED ** The administrative web server on the Digital Alert ...)
+	TODO: check
+CVE-2013-4731 (ajax.cgi in the web interface on the Choice Wireless Green Packet ...)
+	TODO: check
+CVE-2013-4730
+	RESERVED
+CVE-2013-4729
+	RESERVED
+CVE-2013-4728
+	RESERVED
+CVE-2013-4727
+	RESERVED
+CVE-2013-4726
+	RESERVED
+CVE-2013-4725
+	RESERVED
+CVE-2013-4724
+	RESERVED
+CVE-2013-4723
+	RESERVED
+CVE-2013-4722
+	RESERVED
+CVE-2010-5288 (Buffer overflow in the lsConnectionCached function in editcp in ...)
+	TODO: check
 CVE-2013-4721 (SQL injection vulnerability in the RSS feed from records extension ...)
 	NOT-FOR-US: records extension for TYPO3
 CVE-2013-4720 (SQL injection vulnerability in the WEC Discussion Forum extension ...)
@@ -124,8 +154,8 @@
 	RESERVED
 CVE-2013-4661
 	RESERVED
-CVE-2013-4660
-	RESERVED
+CVE-2013-4660 (The JS-YAML module before 2.0.5 for Node.js parses input without ...)
+	TODO: check
 CVE-2013-4659
 	RESERVED
 CVE-2013-4658
@@ -1273,22 +1303,22 @@
 	RESERVED
 CVE-2013-4099
 	RESERVED
-CVE-2013-4098
-	RESERVED
-CVE-2013-4097
-	RESERVED
-CVE-2013-4096
-	RESERVED
-CVE-2013-4095
-	RESERVED
-CVE-2013-4094
-	RESERVED
-CVE-2013-4093
-	RESERVED
-CVE-2013-4092
-	RESERVED
-CVE-2013-4091
-	RESERVED
+CVE-2013-4098 (ServerAdmin/ErrorViewer.jsp in DS3 Authentication Server allow remote ...)
+	TODO: check
+CVE-2013-4097 (ServerAdmin/TestDRConnection.jsp in DS3 Authentication Server allows ...)
+	TODO: check
+CVE-2013-4096 (ServerAdmin/TestTelnetConnection.jsp in DS3 Authentication Server ...)
+	TODO: check
+CVE-2013-4095 (plain/actionsets.html in the SecureSphere Operations Manager (SOM) ...)
+	TODO: check
+CVE-2013-4094 (The Key Management feature in the SecureSphere Operations Manager ...)
+	TODO: check
+CVE-2013-4093 (The SecureSphere Operations Manager (SOM) Management Server in Imperva ...)
+	TODO: check
+CVE-2013-4092 (The SecureSphere Operations Manager (SOM) Management Server in Imperva ...)
+	TODO: check
+CVE-2013-4091 (The SecureSphere Operations Manager (SOM) Management Server in Imperva ...)
+	TODO: check
 CVE-2013-4090
 	RESERVED
 CVE-2013-4089
@@ -2259,20 +2289,20 @@
 	RESERVED
 CVE-2013-3655
 	RESERVED
-CVE-2013-3654
-	RESERVED
-CVE-2013-3653
-	RESERVED
-CVE-2013-3652
-	RESERVED
-CVE-2013-3651
-	RESERVED
-CVE-2013-3650
-	RESERVED
-CVE-2013-3649
-	RESERVED
-CVE-2013-3648
-	RESERVED
+CVE-2013-3654 (Directory traversal vulnerability in LOCKON EC-CUBE 2.12.0 through ...)
+	TODO: check
+CVE-2013-3653 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+	TODO: check
+CVE-2013-3652 (Cross-site scripting (XSS) vulnerability in ...)
+	TODO: check
+CVE-2013-3651 (LOCKON EC-CUBE 2.11.2 through 2.12.4 allows remote attackers to ...)
+	TODO: check
+CVE-2013-3650 (Directory traversal vulnerability in the lfCheckFileName function in ...)
+	TODO: check
+CVE-2013-3649 (Cross-site scripting (XSS) vulnerability in KENT-WEB CLIP-MAIL before ...)
+	TODO: check
+CVE-2013-3648 (Cross-site scripting (XSS) vulnerability in KENT-WEB POST-MAIL before ...)
+	TODO: check
 CVE-2013-3647 (The WebView class in the Cybozu Live application before 2.0.1 for ...)
 	NOT-FOR-US: Cybozu Live for Android
 CVE-2013-3646 (The Cybozu Live application before 2.0.1 for Android allows remote ...)
@@ -2405,8 +2435,8 @@
 	RESERVED
 CVE-2013-3582
 	RESERVED
-CVE-2013-3581
-	RESERVED
+CVE-2013-3581 (ajax.cgi in the web interface on the Choice Wireless Green Packet ...)
+	TODO: check
 CVE-2013-3580
 	RESERVED
 CVE-2013-3579
@@ -5321,14 +5351,13 @@
 	RESERVED
 CVE-2013-2343
 	RESERVED
-CVE-2013-2342
-	RESERVED
+CVE-2013-2342 (The HP StoreOnce D2D backup system with software before 3.0.0 has a ...)
+	TODO: check
 CVE-2013-2341
 	RESERVED
 CVE-2013-2340
 	RESERVED
-CVE-2013-2339
-	RESERVED
+CVE-2013-2339 (HP Smart Zero Core 4.3 and 4.3.1 on the t410 All-in-One Smart Zero ...)
 	NOT-FOR-US: HP Smart Zero Client
 CVE-2013-2338 (Unspecified vulnerability on HP Integrated Lights-Out 3 (aka iLO3) ...)
 	NOT-FOR-US: HP Integrated Lights-Out
@@ -5360,10 +5389,10 @@
 	NOT-FOR-US: HP Storage Data Protector
 CVE-2013-2324 (Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, ...)
 	NOT-FOR-US: HP Storage Data Protector
-CVE-2013-2323
-	RESERVED
-CVE-2013-2322
-	RESERVED
+CVE-2013-2323 (HP SQL/MX 3.0 through 3.2 on NonStop servers, when SQL/MP Objects are ...)
+	TODO: check
+CVE-2013-2322 (HP SQL/MX 3.2 and earlier on NonStop servers, when SQL/MP Objects are ...)
+	TODO: check
 CVE-2013-2321 (Cross-site scripting (XSS) vulnerability in HP Service Manager Web ...)
 	NOT-FOR-US: HP Service Manager
 CVE-2013-2320
@@ -5663,24 +5692,31 @@
 	[wheezy] - linux 3.2.46-1
 CVE-2013-2205
 	RESERVED
+	{DSA-2718-1}
 	- wordpress 3.5.2+dfsg-1 (bug #713947)
 CVE-2013-2204
 	RESERVED
+	{DSA-2718-1}
 	- wordpress 3.5.2+dfsg-1 (bug #713947)
 CVE-2013-2203
 	RESERVED
+	{DSA-2718-1}
 	- wordpress 3.5.2+dfsg-1 (bug #713947)
 CVE-2013-2202
 	RESERVED
+	{DSA-2718-1}
 	- wordpress 3.5.2+dfsg-1 (bug #713947)
 CVE-2013-2201
 	RESERVED
+	{DSA-2718-1}
 	- wordpress 3.5.2+dfsg-1 (bug #713947)
 CVE-2013-2200
 	RESERVED
+	{DSA-2718-1}
 	- wordpress 3.5.2+dfsg-1 (bug #713947)
 CVE-2013-2199
 	RESERVED
+	{DSA-2718-1}
 	- wordpress 3.5.2+dfsg-1 (bug #713947)
 CVE-2013-2198
 	RESERVED
@@ -5767,6 +5803,7 @@
 	{DSA-2713-1}
 	- curl 7.31.0-1
 CVE-2013-2173 (wp-includes/class-phpass.php in WordPress 3.5.1, when a ...)
+	{DSA-2718-1}
 	- wordpress 3.5.2+dfsg-1 (bug #713947)
 CVE-2013-2172
 	RESERVED
@@ -11984,8 +12021,8 @@
 	NOT-FOR-US: Arecont Vision
 CVE-2013-0138 (BitZipper 2013 before Update 1 allows remote attackers to execute ...)
 	NOT-FOR-US: BitZipper
-CVE-2013-0137
-	RESERVED
+CVE-2013-0137 (The default configuration of the Digital Alert Systems DASDEC EAS ...)
+	TODO: check
 CVE-2013-0136 (Multiple directory traversal vulnerabilities in the EditDocument ...)
 	NOT-FOR-US: Mutiny
 CVE-2013-0135 (Multiple SQL injection vulnerabilities in PHP Address Book 8.2.5 allow ...)

More information about the Secure-testing-commits mailing list