[Secure-testing-commits] r25430 - data/CVE

Joey Hess joeyh at moszumanska.debian.org
Thu Jan 30 21:14:18 UTC 2014


Author: joeyh
Date: 2014-01-30 21:14:18 +0000 (Thu, 30 Jan 2014)
New Revision: 25430

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-01-30 17:55:07 UTC (rev 25429)
+++ data/CVE/list	2014-01-30 21:14:18 UTC (rev 25430)
@@ -1,3 +1,271 @@
+CVE-2014-1828
+	RESERVED
+CVE-2014-1827
+	RESERVED
+CVE-2014-1826
+	RESERVED
+CVE-2014-1825
+	RESERVED
+CVE-2014-1824
+	RESERVED
+CVE-2014-1823
+	RESERVED
+CVE-2014-1822
+	RESERVED
+CVE-2014-1821
+	RESERVED
+CVE-2014-1820
+	RESERVED
+CVE-2014-1819
+	RESERVED
+CVE-2014-1818
+	RESERVED
+CVE-2014-1817
+	RESERVED
+CVE-2014-1816
+	RESERVED
+CVE-2014-1815
+	RESERVED
+CVE-2014-1814
+	RESERVED
+CVE-2014-1813
+	RESERVED
+CVE-2014-1812
+	RESERVED
+CVE-2014-1811
+	RESERVED
+CVE-2014-1810
+	RESERVED
+CVE-2014-1809
+	RESERVED
+CVE-2014-1808
+	RESERVED
+CVE-2014-1807
+	RESERVED
+CVE-2014-1806
+	RESERVED
+CVE-2014-1805
+	RESERVED
+CVE-2014-1804
+	RESERVED
+CVE-2014-1803
+	RESERVED
+CVE-2014-1802
+	RESERVED
+CVE-2014-1801
+	RESERVED
+CVE-2014-1800
+	RESERVED
+CVE-2014-1799
+	RESERVED
+CVE-2014-1798
+	RESERVED
+CVE-2014-1797
+	RESERVED
+CVE-2014-1796
+	RESERVED
+CVE-2014-1795
+	RESERVED
+CVE-2014-1794
+	RESERVED
+CVE-2014-1793
+	RESERVED
+CVE-2014-1792
+	RESERVED
+CVE-2014-1791
+	RESERVED
+CVE-2014-1790
+	RESERVED
+CVE-2014-1789
+	RESERVED
+CVE-2014-1788
+	RESERVED
+CVE-2014-1787
+	RESERVED
+CVE-2014-1786
+	RESERVED
+CVE-2014-1785
+	RESERVED
+CVE-2014-1784
+	RESERVED
+CVE-2014-1783
+	RESERVED
+CVE-2014-1782
+	RESERVED
+CVE-2014-1781
+	RESERVED
+CVE-2014-1780
+	RESERVED
+CVE-2014-1779
+	RESERVED
+CVE-2014-1778
+	RESERVED
+CVE-2014-1777
+	RESERVED
+CVE-2014-1776
+	RESERVED
+CVE-2014-1775
+	RESERVED
+CVE-2014-1774
+	RESERVED
+CVE-2014-1773
+	RESERVED
+CVE-2014-1772
+	RESERVED
+CVE-2014-1771
+	RESERVED
+CVE-2014-1770
+	RESERVED
+CVE-2014-1769
+	RESERVED
+CVE-2014-1768
+	RESERVED
+CVE-2014-1767
+	RESERVED
+CVE-2014-1766
+	RESERVED
+CVE-2014-1765
+	RESERVED
+CVE-2014-1764
+	RESERVED
+CVE-2014-1763
+	RESERVED
+CVE-2014-1762
+	RESERVED
+CVE-2014-1761
+	RESERVED
+CVE-2014-1760
+	RESERVED
+CVE-2014-1759
+	RESERVED
+CVE-2014-1758
+	RESERVED
+CVE-2014-1757
+	RESERVED
+CVE-2014-1756
+	RESERVED
+CVE-2014-1755
+	RESERVED
+CVE-2014-1754
+	RESERVED
+CVE-2014-1753
+	RESERVED
+CVE-2014-1752
+	RESERVED
+CVE-2014-1751
+	RESERVED
+CVE-2014-1749
+	RESERVED
+CVE-2014-1748
+	RESERVED
+CVE-2014-1747
+	RESERVED
+CVE-2014-1746
+	RESERVED
+CVE-2014-1745
+	RESERVED
+CVE-2014-1744
+	RESERVED
+CVE-2014-1743
+	RESERVED
+CVE-2014-1742
+	RESERVED
+CVE-2014-1741
+	RESERVED
+CVE-2014-1740
+	RESERVED
+CVE-2014-1739
+	RESERVED
+CVE-2014-1738
+	RESERVED
+CVE-2014-1737
+	RESERVED
+CVE-2014-1736
+	RESERVED
+CVE-2014-1735
+	RESERVED
+CVE-2014-1734
+	RESERVED
+CVE-2014-1733
+	RESERVED
+CVE-2014-1732
+	RESERVED
+CVE-2014-1731
+	RESERVED
+CVE-2014-1730
+	RESERVED
+CVE-2014-1729
+	RESERVED
+CVE-2014-1728
+	RESERVED
+CVE-2014-1727
+	RESERVED
+CVE-2014-1726
+	RESERVED
+CVE-2014-1725
+	RESERVED
+CVE-2014-1724
+	RESERVED
+CVE-2014-1723
+	RESERVED
+CVE-2014-1722
+	RESERVED
+CVE-2014-1721
+	RESERVED
+CVE-2014-1720
+	RESERVED
+CVE-2014-1719
+	RESERVED
+CVE-2014-1718
+	RESERVED
+CVE-2014-1717
+	RESERVED
+CVE-2014-1716
+	RESERVED
+CVE-2014-1715
+	RESERVED
+CVE-2014-1714
+	RESERVED
+CVE-2014-1713
+	RESERVED
+CVE-2014-1712
+	RESERVED
+CVE-2014-1711
+	RESERVED
+CVE-2014-1710
+	RESERVED
+CVE-2014-1709
+	RESERVED
+CVE-2014-1708
+	RESERVED
+CVE-2014-1707
+	RESERVED
+CVE-2014-1706
+	RESERVED
+CVE-2014-1705
+	RESERVED
+CVE-2014-1704
+	RESERVED
+CVE-2014-1703
+	RESERVED
+CVE-2014-1702
+	RESERVED
+CVE-2014-1701
+	RESERVED
+CVE-2014-1700
+	RESERVED
+CVE-2014-1699
+	RESERVED
+CVE-2014-1698
+	RESERVED
+CVE-2014-1697
+	RESERVED
+CVE-2014-1696
+	RESERVED
+CVE-2014-1695
+	RESERVED
+CVE-2013-7318 (Cross-site scripting (XSS) vulnerability in BusinessFlow/login in ...)
+	TODO: check
 CVE-2013-XXXX [python's zipfile infinite loop on malformed files]
 	- python2.5 <removed> (low)
 	- python2.6 <removed> (low)
@@ -43,13 +311,16 @@
 	- swath 0.4.3-3 (low; bug #698189)
 	[squeeze] - swath 0.4.0-4+squeeze1
 CVE-2014-1750
+	RESERVED
 	NOT-FOR-US: WordPress plugin nokia-mapsplaces
 CVE-2014-1694
+	RESERVED
 	- otrs2 3.3.4-1
 	NOTE: https://www.otrs.com/security-advisory-2014-01-csrf-issue-customer-web-interface/
 CVE-2014-1693
+	RESERVED
 	- erlang <unfixed>
-CVE-2014-1692
+CVE-2014-1692 (The hash_buffer function in schnorr.c in OpenSSH through 6.4, when ...)
 	- openssh <not-affected> (J-PAKE not activated)
 CVE-2014-1691 [Possible remote code execution on horde3]
 	RESERVED
@@ -75,8 +346,8 @@
 	RESERVED
 CVE-2014-1684
 	RESERVED
-CVE-2014-1683
-	RESERVED
+CVE-2014-1683 (The bashMail function in ...)
+	TODO: check
 CVE-2014-1682
 	RESERVED
 CVE-2014-1681 (Multiple unspecified vulnerabilities in Google Chrome before ...)
@@ -1563,14 +1834,14 @@
 	RESERVED
 CVE-2014-0839
 	RESERVED
-CVE-2014-0838
-	RESERVED
-CVE-2014-0837
-	RESERVED
-CVE-2014-0836
-	RESERVED
-CVE-2014-0835
-	RESERVED
+CVE-2014-0838 (The AutoUpdate package before 6.4 for IBM Security QRadar SIEM 7.2 MR1 ...)
+	TODO: check
+CVE-2014-0837 (The AutoUpdate process in IBM Security QRadar SIEM 7.2 MR1 and earlier ...)
+	TODO: check
+CVE-2014-0836 (Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM ...)
+	TODO: check
+CVE-2014-0835 (Cross-site request forgery (CSRF) vulnerability in IBM Security QRadar ...)
+	TODO: check
 CVE-2014-0834
 	RESERVED
 CVE-2014-0833
@@ -1940,12 +2211,12 @@
 	RESERVED
 CVE-2014-0683
 	RESERVED
-CVE-2014-0682
-	RESERVED
-CVE-2014-0681
-	RESERVED
-CVE-2014-0680
-	RESERVED
+CVE-2014-0682 (Cisco WebEx Meetings Server allows remote authenticated users to ...)
+	TODO: check
+CVE-2014-0681 (Cross-site scripting (XSS) vulnerability in Cisco Identity Services ...)
+	TODO: check
+CVE-2014-0680 (Cross-site scripting (XSS) vulnerability in the HTTP control interface ...)
+	TODO: check
 CVE-2014-0679
 	RESERVED
 CVE-2014-0678 (The portal interface in Cisco Secure Access Control System (ACS) does ...)
@@ -4556,7 +4827,7 @@
 	NOT-FOR-US: ONEDC app
 CVE-2013-6811
 	RESERVED
-CVE-2013-6810 (The server in EMC Connectrix Manager Converged Network Edition (CMCNE) ...)
+CVE-2013-6810 (The server in Brocade Network Advisor before 12.1.0, as used in EMC ...)
 	NOT-FOR-US: EMC Connectrix Manager Converged Network Edition
 CVE-2013-6809 (Format string vulnerability in the client in Tftpd32 before 4.50 ...)
 	NOT-FOR-US: Tftpd32
@@ -6252,8 +6523,8 @@
 	RESERVED
 CVE-2013-6142 (DNP3Driver.exe in the DNP3 driver in Schneider Electric ClearSCADA ...)
 	NOT-FOR-US: Schneider Electric ClearSCADA
-CVE-2013-6141
-	RESERVED
+CVE-2013-6141 (Unspecified vulnerability in op5 Monitor before 6.1.3 allows attackers ...)
+	TODO: check
 CVE-2013-6140
 	RESERVED
 CVE-2013-6139
@@ -8783,8 +9054,8 @@
 CVE-2013-5093 (The renderLocalView function in render/views.py in graphite-web in ...)
 	- graphite-web 0.9.12+debian-1 (bug #720454)
 	NOTE: http://ceriksen.com/2013/08/20/graphite-remote-code-execution-vulnerability-advisory/
-CVE-2013-5092
-	RESERVED
+CVE-2013-5092 (Cross-site scripting (XSS) vulnerability in afa/php/Login.php in ...)
+	TODO: check
 CVE-2013-5091 (SQL injection vulnerability in CalendarCommon.php in vTiger CRM 5.4.0 ...)
 	NOT-FOR-US: vTiger CRM
 CVE-2013-5090
@@ -8962,8 +9233,8 @@
 	RESERVED
 CVE-2013-5006 (main_internet.php on the Western Digital My Net N600 and N750 with ...)
 	NOT-FOR-US: Western Digital Router
-CVE-2013-5005
-	RESERVED
+CVE-2013-5005 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+	TODO: check
 CVE-2013-5004
 	RESERVED
 CVE-2013-4994
@@ -9225,8 +9496,8 @@
 	NOT-FOR-US: DeWeS web server (Twilight CMS)
 CVE-2013-4899 (Cross-site scripting (XSS) vulnerability in Twilight CMS 5.17 and ...)
 	NOT-FOR-US: Twilight CMS
-CVE-2013-4898
-	RESERVED
+CVE-2013-4898 (Unrestricted file upload vulnerability in the user profile page ...)
+	TODO: check
 CVE-2013-4897
 	REJECTED
 CVE-2013-4896
@@ -9241,12 +9512,12 @@
 	RESERVED
 CVE-2013-4891
 	RESERVED
-CVE-2013-4889
-	RESERVED
-CVE-2013-4888
-	RESERVED
-CVE-2013-4887
-	RESERVED
+CVE-2013-4889 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+	TODO: check
+CVE-2013-4888 (Cross-site scripting (XSS) vulnerability in index.php in Digital ...)
+	TODO: check
+CVE-2013-4887 (SQL injection vulnerability in index.php in Digital Signage Xibo 1.4.2 ...)
+	TODO: check
 CVE-2013-4886
 	RESERVED
 CVE-2013-4885 (The http-domino-enum-passwords.nse script in NMap before 6.40, when ...)
@@ -9766,10 +10037,10 @@
 	RESERVED
 CVE-2013-4663
 	RESERVED
-CVE-2013-4662
-	RESERVED
-CVE-2013-4661
-	RESERVED
+CVE-2013-4662 (The Quick Search API in CiviCRM 4.2.0 through 4.2.9 and 4.3.0 through ...)
+	TODO: check
+CVE-2013-4661 (CiviCRM 2.0.0 through 4.2.9 and 4.3.0 through 4.3.3 does not properly ...)
+	TODO: check
 CVE-2013-4660 (The JS-YAML module before 2.0.5 for Node.js parses input without ...)
 	NOT-FOR-US: js-yaml
 CVE-2013-4659
@@ -14773,8 +15044,8 @@
 	REJECTED
 CVE-2013-2748
 	RESERVED
-CVE-2013-2747
-	RESERVED
+CVE-2013-2747 (The password reset feature in Courion Access Risk Management Suite ...)
+	TODO: check
 CVE-2013-2746
 	RESERVED
 CVE-2013-2745 [SQL Injection]
@@ -23470,8 +23741,7 @@
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy1
 	NOTE: https://github.com/tpyo/amazon-s3-php-class/pull/36
 	NOTE: https://tracker.moodle.org/browse/MDL-40615
-CVE-2012-6086 [zabbix insecure curl usage]
-	RESERVED
+CVE-2012-6086 (libs/zbxmedia/eztexting.c in Zabbix 1.8.x before 1.8.18rc1, 2.0.x ...)
 	- zabbix 1:2.0.7+dfsg-1 (bug #697443)
 	[squeeze] - zabbix <no-dsa> (Will be handled through point update)
 	NOTE: https://support.zabbix.com/browse/ZBX-5924




More information about the Secure-testing-commits mailing list