[Secure-testing-commits] r22137 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Thu May 2 21:14:56 UTC 2013
Author: joeyh
Date: 2013-05-02 21:14:56 +0000 (Thu, 02 May 2013)
New Revision: 22137
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-05-02 19:44:10 UTC (rev 22136)
+++ data/CVE/list 2013-05-02 21:14:56 UTC (rev 22137)
@@ -1,3 +1,23 @@
+CVE-2013-3318
+ RESERVED
+CVE-2013-3317
+ RESERVED
+CVE-2013-3316
+ RESERVED
+CVE-2013-3315
+ RESERVED
+CVE-2013-3314
+ RESERVED
+CVE-2013-3313
+ RESERVED
+CVE-2013-3312
+ RESERVED
+CVE-2013-3311
+ RESERVED
+CVE-2013-3310
+ RESERVED
+CVE-2009-5135 (The Java XML parser in Echo before 2.1.1 and 3.x before 3.0.b6 allows ...)
+ TODO: check
CVE-2013-3309
RESERVED
CVE-2013-3308
@@ -94,8 +114,7 @@
CVE-2013-3267
RESERVED
- joomla <itp> (bug #571794)
-CVE-2013-3266 [Insufficient input validation in the NFS server]
- RESERVED
+CVE-2013-3266 (The nfsrvd_readdir function in sys/fs/nfsserver/nfs_nfsdport.c in the ...)
- kfreebsd-9 9.0-11 (bug #706414)
- kfreebsd-8 <unfixed> (bug #706418)
NOTE: http://www.freebsd.org/security/advisories/FreeBSD-SA-13:05.nfsserver.asc
@@ -448,8 +467,8 @@
RESERVED
CVE-2013-3108
RESERVED
-CVE-2013-3107
- RESERVED
+CVE-2013-3107 (VMware vCenter Server 5.1 before Update 1, when anonymous LDAP binding ...)
+ TODO: check
CVE-2013-3106
RESERVED
CVE-2013-3105
@@ -502,10 +521,10 @@
RESERVED
CVE-2013-3081
RESERVED
-CVE-2013-3080
- RESERVED
-CVE-2013-3079
- RESERVED
+CVE-2013-3080 (VMware vCenter Server Appliance (vCSA) 5.1 before Update 1 allows ...)
+ TODO: check
+CVE-2013-3079 (VMware vCenter Server Appliance (vCSA) 5.1 before Update 1 allows ...)
+ TODO: check
CVE-2013-3078
RESERVED
CVE-2013-3077
@@ -537,12 +556,12 @@
RESERVED
CVE-2013-3064
RESERVED
-CVE-2013-3063
- RESERVED
-CVE-2013-3062
- RESERVED
-CVE-2013-3061
- RESERVED
+CVE-2013-3063 (SAP BASIS Communication Services 4.6B through 7.30 allows remote ...)
+ TODO: check
+CVE-2013-3062 (The CP_RC_TRANSACTION_CALL_BY_SET function in the Engineering ...)
+ TODO: check
+CVE-2013-3061 (The ISHMED-PATRED_TRANSACT_RFCCALL function in the IS-H ...)
+ TODO: check
CVE-2013-3060 (The web console in Apache ActiveMQ before 5.8.0 does not require ...)
- activemq <unfixed>
TODO: check
@@ -2220,8 +2239,8 @@
RESERVED
CVE-2013-2322
RESERVED
-CVE-2013-2321
- RESERVED
+CVE-2013-2321 (Cross-site scripting (XSS) vulnerability in HP Service Manager Web ...)
+ TODO: check
CVE-2013-2320
RESERVED
CVE-2013-2319
@@ -3872,11 +3891,11 @@
CVE-2013-1666
RESERVED
- foswiki <itp> (bug #509864)
-CVE-2013-1665 (OpenStack Keystone Essex and Folsom allows remote attackers to read ...)
+CVE-2013-1665 (The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used ...)
{DSA-2634-1}
- keystone 2012.1.1-13 (bug #700948)
- python-django 1.4.4-1
-CVE-2013-1664 (OpenStack Keystone Essex, Folsom, and Grizzly; Compute (Nova) Essex ...)
+CVE-2013-1664 (The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used ...)
- keystone 2012.1.1-13 (bug #700948)
- nova 2012.1.1-13 (bug #700949)
- cinder 2012.2.3-1 (bug #700950)
@@ -4763,8 +4782,8 @@
RESERVED
CVE-2013-1339
RESERVED
-CVE-2013-1338
- RESERVED
+CVE-2013-1338 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through ...)
+ TODO: check
CVE-2013-1337
RESERVED
CVE-2013-1336
@@ -4993,10 +5012,10 @@
RESERVED
CVE-2013-1231
RESERVED
-CVE-2013-1230
- RESERVED
-CVE-2013-1229
- RESERVED
+CVE-2013-1230 (Cisco Unified Communications Domain Manager allows remote attackers to ...)
+ TODO: check
+CVE-2013-1229 (TMSSNMPService.exe in TelePresence Manager in Cisco TelePresence ...)
+ TODO: check
CVE-2013-1228
RESERVED
CVE-2013-1227 (Cross-site scripting (XSS) vulnerability in the web framework in Cisco ...)
@@ -5133,16 +5152,16 @@
NOT-FOR-US: Cisco
CVE-2013-1161 (The XML parser in the Cisco Jabber IM application for Android allows ...)
NOT-FOR-US: Cisco
-CVE-2013-1160
- RESERVED
-CVE-2013-1159
- RESERVED
-CVE-2013-1158
- RESERVED
-CVE-2013-1157
- RESERVED
-CVE-2013-1156
- RESERVED
+CVE-2013-1160 (Cross-site scripting (XSS) vulnerability in the OpenView web menus in ...)
+ TODO: check
+CVE-2013-1159 (Cross-site scripting (XSS) vulnerability in the Netcool Impact (NCI) ...)
+ TODO: check
+CVE-2013-1158 (Cross-site scripting (XSS) vulnerability in the IBM Tivoli Monitoring ...)
+ TODO: check
+CVE-2013-1157 (Cross-site scripting (XSS) vulnerability in the IBM Tivoli Monitoring ...)
+ TODO: check
+CVE-2013-1156 (Directory traversal vulnerability in Cisco Prime Central for Hosted ...)
+ TODO: check
CVE-2013-1155 (The auth-proxy functionality in Cisco Firewall Services Module (FWSM) ...)
NOT-FOR-US: Cisco Firewall Services Module
CVE-2013-1154 (The Cisco Small Business 200 Series Smart Switch 1.2.7.76 and earlier, ...)
@@ -6345,8 +6364,8 @@
NOT-FOR-US: e107
CVE-2013-0700 (Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to ...)
NOT-FOR-US: Siemens SIMATIC
-CVE-2013-0699
- RESERVED
+CVE-2013-0699 (The Galil RIO-47100 Pocket PLC allows remote attackers to cause a ...)
+ TODO: check
CVE-2013-0698
RESERVED
CVE-2013-0697
@@ -6397,8 +6416,8 @@
NOT-FOR-US: Siemens WinCC
CVE-2013-0674 (Buffer overflow in the RegReader ActiveX control in Siemens WinCC ...)
NOT-FOR-US: Siemens WinCC
-CVE-2013-0673
- RESERVED
+CVE-2013-0673 (Directory traversal vulnerability in the web interface in the Health ...)
+ TODO: check
CVE-2013-0672 (Cross-site scripting (XSS) vulnerability in the HMI web application in ...)
NOT-FOR-US: Siemens WinCC
CVE-2013-0671 (Directory traversal vulnerability in Siemens WinCC (TIA Portal) 11 ...)
@@ -6411,8 +6430,8 @@
NOT-FOR-US: Siemens WinCC
CVE-2013-0667 (Cross-site scripting (XSS) vulnerability in the HMI web application in ...)
NOT-FOR-US: Siemens WinCC
-CVE-2013-0666
- RESERVED
+CVE-2013-0666 (The configuration utility in MatrikonOPC Security Gateway 1.0 allows ...)
+ TODO: check
CVE-2013-0665 (Schweitzer Engineering Laboratories (SEL) AcSELerator QuickSet before ...)
NOT-FOR-US: Schweitzer Engineering Laboratories AcSELerator QuickSet
CVE-2013-0664 (The FactoryCast service on the Schneider Electric Quantum 140NOE77111 ...)
@@ -6683,8 +6702,8 @@
NOT-FOR-US: IBM WebSphere Application Server
CVE-2013-0539
RESERVED
-CVE-2013-0538
- RESERVED
+CVE-2013-0538 (Cross-site scripting (XSS) vulnerability in IBM Lotus Notes 8.x before ...)
+ TODO: check
CVE-2013-0537
RESERVED
CVE-2013-0536
@@ -7993,10 +8012,10 @@
RESERVED
CVE-2013-0142
RESERVED
-CVE-2013-0141
- RESERVED
-CVE-2013-0140
- RESERVED
+CVE-2013-0141 (Directory traversal vulnerability in McAfee ePolicy Orchestrator (ePO) ...)
+ TODO: check
+CVE-2013-0140 (SQL injection vulnerability in the Agent-Handler component in McAfee ...)
+ TODO: check
CVE-2013-0139 (The Arecont Vision AV1355DN MegaDome camera allows remote attackers to ...)
NOT-FOR-US: Arecont Vision
CVE-2013-0138 (BitZipper 2013 before Update 1 allows remote attackers to execute ...)
@@ -8024,8 +8043,8 @@
TODO: check
CVE-2013-0128 (The Contact Customer Support feature in the TigerText Free Private ...)
NOT-FOR-US: TigerText
-CVE-2013-0127
- RESERVED
+CVE-2013-0127 (IBM Lotus Notes 8.x before 8.5.3 FP4 Interim Fix 1 and 9.0 before ...)
+ TODO: check
CVE-2013-0126 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
NOT-FOR-US: Verizon router
CVE-2013-0125 (Cross-site scripting (XSS) vulnerability in fileview.asp in C2 ...)
@@ -11140,8 +11159,8 @@
NOT-FOR-US: vbadvanced CMPS
CVE-2012-5223 (The proc_deutf function in includes/functions_vbseocp_abstract.php in ...)
NOT-FOR-US: vBSEO
-CVE-2012-5222
- RESERVED
+CVE-2012-5222 (HP Service Manager Web Tier 9.31 before 9.31.2004 p2 allows remote ...)
+ TODO: check
CVE-2012-5221 (Unspecified vulnerability on the HP LaserJet 4xxx, 5200, 90xx, M30xx, ...)
TODO: check
CVE-2012-5220 (Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, ...)
@@ -11766,8 +11785,8 @@
NOT-FOR-US: Vanilla Forums
CVE-2012-4953 (The decomposer engine in Symantec Endpoint Protection (SEP) 11.0, ...)
NOT-FOR-US: Symantec Endpoint Protection
-CVE-2012-4952
- RESERVED
+CVE-2012-4952 (Henry Schein Dentrix G5 before 15.1.294 has a single internal-database ...)
+ TODO: check
CVE-2012-4951 (Multiple SQL injection vulnerabilities in terminal/paramedit.aspx in ...)
NOT-FOR-US: VeriFone VeriCentre Web Console
CVE-2012-4950 (Cross-site scripting (XSS) vulnerability in the Keyword Search page in ...)
More information about the Secure-testing-commits
mailing list