[Secure-testing-commits] r25430 - data/CVE
Joey Hess
joeyh at moszumanska.debian.org
Thu Jan 30 21:14:18 UTC 2014
Author: joeyh
Date: 2014-01-30 21:14:18 +0000 (Thu, 30 Jan 2014)
New Revision: 25430
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-01-30 17:55:07 UTC (rev 25429)
+++ data/CVE/list 2014-01-30 21:14:18 UTC (rev 25430)
@@ -1,3 +1,271 @@
+CVE-2014-1828
+ RESERVED
+CVE-2014-1827
+ RESERVED
+CVE-2014-1826
+ RESERVED
+CVE-2014-1825
+ RESERVED
+CVE-2014-1824
+ RESERVED
+CVE-2014-1823
+ RESERVED
+CVE-2014-1822
+ RESERVED
+CVE-2014-1821
+ RESERVED
+CVE-2014-1820
+ RESERVED
+CVE-2014-1819
+ RESERVED
+CVE-2014-1818
+ RESERVED
+CVE-2014-1817
+ RESERVED
+CVE-2014-1816
+ RESERVED
+CVE-2014-1815
+ RESERVED
+CVE-2014-1814
+ RESERVED
+CVE-2014-1813
+ RESERVED
+CVE-2014-1812
+ RESERVED
+CVE-2014-1811
+ RESERVED
+CVE-2014-1810
+ RESERVED
+CVE-2014-1809
+ RESERVED
+CVE-2014-1808
+ RESERVED
+CVE-2014-1807
+ RESERVED
+CVE-2014-1806
+ RESERVED
+CVE-2014-1805
+ RESERVED
+CVE-2014-1804
+ RESERVED
+CVE-2014-1803
+ RESERVED
+CVE-2014-1802
+ RESERVED
+CVE-2014-1801
+ RESERVED
+CVE-2014-1800
+ RESERVED
+CVE-2014-1799
+ RESERVED
+CVE-2014-1798
+ RESERVED
+CVE-2014-1797
+ RESERVED
+CVE-2014-1796
+ RESERVED
+CVE-2014-1795
+ RESERVED
+CVE-2014-1794
+ RESERVED
+CVE-2014-1793
+ RESERVED
+CVE-2014-1792
+ RESERVED
+CVE-2014-1791
+ RESERVED
+CVE-2014-1790
+ RESERVED
+CVE-2014-1789
+ RESERVED
+CVE-2014-1788
+ RESERVED
+CVE-2014-1787
+ RESERVED
+CVE-2014-1786
+ RESERVED
+CVE-2014-1785
+ RESERVED
+CVE-2014-1784
+ RESERVED
+CVE-2014-1783
+ RESERVED
+CVE-2014-1782
+ RESERVED
+CVE-2014-1781
+ RESERVED
+CVE-2014-1780
+ RESERVED
+CVE-2014-1779
+ RESERVED
+CVE-2014-1778
+ RESERVED
+CVE-2014-1777
+ RESERVED
+CVE-2014-1776
+ RESERVED
+CVE-2014-1775
+ RESERVED
+CVE-2014-1774
+ RESERVED
+CVE-2014-1773
+ RESERVED
+CVE-2014-1772
+ RESERVED
+CVE-2014-1771
+ RESERVED
+CVE-2014-1770
+ RESERVED
+CVE-2014-1769
+ RESERVED
+CVE-2014-1768
+ RESERVED
+CVE-2014-1767
+ RESERVED
+CVE-2014-1766
+ RESERVED
+CVE-2014-1765
+ RESERVED
+CVE-2014-1764
+ RESERVED
+CVE-2014-1763
+ RESERVED
+CVE-2014-1762
+ RESERVED
+CVE-2014-1761
+ RESERVED
+CVE-2014-1760
+ RESERVED
+CVE-2014-1759
+ RESERVED
+CVE-2014-1758
+ RESERVED
+CVE-2014-1757
+ RESERVED
+CVE-2014-1756
+ RESERVED
+CVE-2014-1755
+ RESERVED
+CVE-2014-1754
+ RESERVED
+CVE-2014-1753
+ RESERVED
+CVE-2014-1752
+ RESERVED
+CVE-2014-1751
+ RESERVED
+CVE-2014-1749
+ RESERVED
+CVE-2014-1748
+ RESERVED
+CVE-2014-1747
+ RESERVED
+CVE-2014-1746
+ RESERVED
+CVE-2014-1745
+ RESERVED
+CVE-2014-1744
+ RESERVED
+CVE-2014-1743
+ RESERVED
+CVE-2014-1742
+ RESERVED
+CVE-2014-1741
+ RESERVED
+CVE-2014-1740
+ RESERVED
+CVE-2014-1739
+ RESERVED
+CVE-2014-1738
+ RESERVED
+CVE-2014-1737
+ RESERVED
+CVE-2014-1736
+ RESERVED
+CVE-2014-1735
+ RESERVED
+CVE-2014-1734
+ RESERVED
+CVE-2014-1733
+ RESERVED
+CVE-2014-1732
+ RESERVED
+CVE-2014-1731
+ RESERVED
+CVE-2014-1730
+ RESERVED
+CVE-2014-1729
+ RESERVED
+CVE-2014-1728
+ RESERVED
+CVE-2014-1727
+ RESERVED
+CVE-2014-1726
+ RESERVED
+CVE-2014-1725
+ RESERVED
+CVE-2014-1724
+ RESERVED
+CVE-2014-1723
+ RESERVED
+CVE-2014-1722
+ RESERVED
+CVE-2014-1721
+ RESERVED
+CVE-2014-1720
+ RESERVED
+CVE-2014-1719
+ RESERVED
+CVE-2014-1718
+ RESERVED
+CVE-2014-1717
+ RESERVED
+CVE-2014-1716
+ RESERVED
+CVE-2014-1715
+ RESERVED
+CVE-2014-1714
+ RESERVED
+CVE-2014-1713
+ RESERVED
+CVE-2014-1712
+ RESERVED
+CVE-2014-1711
+ RESERVED
+CVE-2014-1710
+ RESERVED
+CVE-2014-1709
+ RESERVED
+CVE-2014-1708
+ RESERVED
+CVE-2014-1707
+ RESERVED
+CVE-2014-1706
+ RESERVED
+CVE-2014-1705
+ RESERVED
+CVE-2014-1704
+ RESERVED
+CVE-2014-1703
+ RESERVED
+CVE-2014-1702
+ RESERVED
+CVE-2014-1701
+ RESERVED
+CVE-2014-1700
+ RESERVED
+CVE-2014-1699
+ RESERVED
+CVE-2014-1698
+ RESERVED
+CVE-2014-1697
+ RESERVED
+CVE-2014-1696
+ RESERVED
+CVE-2014-1695
+ RESERVED
+CVE-2013-7318 (Cross-site scripting (XSS) vulnerability in BusinessFlow/login in ...)
+ TODO: check
CVE-2013-XXXX [python's zipfile infinite loop on malformed files]
- python2.5 <removed> (low)
- python2.6 <removed> (low)
@@ -43,13 +311,16 @@
- swath 0.4.3-3 (low; bug #698189)
[squeeze] - swath 0.4.0-4+squeeze1
CVE-2014-1750
+ RESERVED
NOT-FOR-US: WordPress plugin nokia-mapsplaces
CVE-2014-1694
+ RESERVED
- otrs2 3.3.4-1
NOTE: https://www.otrs.com/security-advisory-2014-01-csrf-issue-customer-web-interface/
CVE-2014-1693
+ RESERVED
- erlang <unfixed>
-CVE-2014-1692
+CVE-2014-1692 (The hash_buffer function in schnorr.c in OpenSSH through 6.4, when ...)
- openssh <not-affected> (J-PAKE not activated)
CVE-2014-1691 [Possible remote code execution on horde3]
RESERVED
@@ -75,8 +346,8 @@
RESERVED
CVE-2014-1684
RESERVED
-CVE-2014-1683
- RESERVED
+CVE-2014-1683 (The bashMail function in ...)
+ TODO: check
CVE-2014-1682
RESERVED
CVE-2014-1681 (Multiple unspecified vulnerabilities in Google Chrome before ...)
@@ -1563,14 +1834,14 @@
RESERVED
CVE-2014-0839
RESERVED
-CVE-2014-0838
- RESERVED
-CVE-2014-0837
- RESERVED
-CVE-2014-0836
- RESERVED
-CVE-2014-0835
- RESERVED
+CVE-2014-0838 (The AutoUpdate package before 6.4 for IBM Security QRadar SIEM 7.2 MR1 ...)
+ TODO: check
+CVE-2014-0837 (The AutoUpdate process in IBM Security QRadar SIEM 7.2 MR1 and earlier ...)
+ TODO: check
+CVE-2014-0836 (Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM ...)
+ TODO: check
+CVE-2014-0835 (Cross-site request forgery (CSRF) vulnerability in IBM Security QRadar ...)
+ TODO: check
CVE-2014-0834
RESERVED
CVE-2014-0833
@@ -1940,12 +2211,12 @@
RESERVED
CVE-2014-0683
RESERVED
-CVE-2014-0682
- RESERVED
-CVE-2014-0681
- RESERVED
-CVE-2014-0680
- RESERVED
+CVE-2014-0682 (Cisco WebEx Meetings Server allows remote authenticated users to ...)
+ TODO: check
+CVE-2014-0681 (Cross-site scripting (XSS) vulnerability in Cisco Identity Services ...)
+ TODO: check
+CVE-2014-0680 (Cross-site scripting (XSS) vulnerability in the HTTP control interface ...)
+ TODO: check
CVE-2014-0679
RESERVED
CVE-2014-0678 (The portal interface in Cisco Secure Access Control System (ACS) does ...)
@@ -4556,7 +4827,7 @@
NOT-FOR-US: ONEDC app
CVE-2013-6811
RESERVED
-CVE-2013-6810 (The server in EMC Connectrix Manager Converged Network Edition (CMCNE) ...)
+CVE-2013-6810 (The server in Brocade Network Advisor before 12.1.0, as used in EMC ...)
NOT-FOR-US: EMC Connectrix Manager Converged Network Edition
CVE-2013-6809 (Format string vulnerability in the client in Tftpd32 before 4.50 ...)
NOT-FOR-US: Tftpd32
@@ -6252,8 +6523,8 @@
RESERVED
CVE-2013-6142 (DNP3Driver.exe in the DNP3 driver in Schneider Electric ClearSCADA ...)
NOT-FOR-US: Schneider Electric ClearSCADA
-CVE-2013-6141
- RESERVED
+CVE-2013-6141 (Unspecified vulnerability in op5 Monitor before 6.1.3 allows attackers ...)
+ TODO: check
CVE-2013-6140
RESERVED
CVE-2013-6139
@@ -8783,8 +9054,8 @@
CVE-2013-5093 (The renderLocalView function in render/views.py in graphite-web in ...)
- graphite-web 0.9.12+debian-1 (bug #720454)
NOTE: http://ceriksen.com/2013/08/20/graphite-remote-code-execution-vulnerability-advisory/
-CVE-2013-5092
- RESERVED
+CVE-2013-5092 (Cross-site scripting (XSS) vulnerability in afa/php/Login.php in ...)
+ TODO: check
CVE-2013-5091 (SQL injection vulnerability in CalendarCommon.php in vTiger CRM 5.4.0 ...)
NOT-FOR-US: vTiger CRM
CVE-2013-5090
@@ -8962,8 +9233,8 @@
RESERVED
CVE-2013-5006 (main_internet.php on the Western Digital My Net N600 and N750 with ...)
NOT-FOR-US: Western Digital Router
-CVE-2013-5005
- RESERVED
+CVE-2013-5005 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+ TODO: check
CVE-2013-5004
RESERVED
CVE-2013-4994
@@ -9225,8 +9496,8 @@
NOT-FOR-US: DeWeS web server (Twilight CMS)
CVE-2013-4899 (Cross-site scripting (XSS) vulnerability in Twilight CMS 5.17 and ...)
NOT-FOR-US: Twilight CMS
-CVE-2013-4898
- RESERVED
+CVE-2013-4898 (Unrestricted file upload vulnerability in the user profile page ...)
+ TODO: check
CVE-2013-4897
REJECTED
CVE-2013-4896
@@ -9241,12 +9512,12 @@
RESERVED
CVE-2013-4891
RESERVED
-CVE-2013-4889
- RESERVED
-CVE-2013-4888
- RESERVED
-CVE-2013-4887
- RESERVED
+CVE-2013-4889 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+ TODO: check
+CVE-2013-4888 (Cross-site scripting (XSS) vulnerability in index.php in Digital ...)
+ TODO: check
+CVE-2013-4887 (SQL injection vulnerability in index.php in Digital Signage Xibo 1.4.2 ...)
+ TODO: check
CVE-2013-4886
RESERVED
CVE-2013-4885 (The http-domino-enum-passwords.nse script in NMap before 6.40, when ...)
@@ -9766,10 +10037,10 @@
RESERVED
CVE-2013-4663
RESERVED
-CVE-2013-4662
- RESERVED
-CVE-2013-4661
- RESERVED
+CVE-2013-4662 (The Quick Search API in CiviCRM 4.2.0 through 4.2.9 and 4.3.0 through ...)
+ TODO: check
+CVE-2013-4661 (CiviCRM 2.0.0 through 4.2.9 and 4.3.0 through 4.3.3 does not properly ...)
+ TODO: check
CVE-2013-4660 (The JS-YAML module before 2.0.5 for Node.js parses input without ...)
NOT-FOR-US: js-yaml
CVE-2013-4659
@@ -14773,8 +15044,8 @@
REJECTED
CVE-2013-2748
RESERVED
-CVE-2013-2747
- RESERVED
+CVE-2013-2747 (The password reset feature in Courion Access Risk Management Suite ...)
+ TODO: check
CVE-2013-2746
RESERVED
CVE-2013-2745 [SQL Injection]
@@ -23470,8 +23741,7 @@
[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy1
NOTE: https://github.com/tpyo/amazon-s3-php-class/pull/36
NOTE: https://tracker.moodle.org/browse/MDL-40615
-CVE-2012-6086 [zabbix insecure curl usage]
- RESERVED
+CVE-2012-6086 (libs/zbxmedia/eztexting.c in Zabbix 1.8.x before 1.8.18rc1, 2.0.x ...)
- zabbix 1:2.0.7+dfsg-1 (bug #697443)
[squeeze] - zabbix <no-dsa> (Will be handled through point update)
NOTE: https://support.zabbix.com/browse/ZBX-5924
More information about the Secure-testing-commits
mailing list