[Secure-testing-commits] r29489 - data/CVE
Joey Hess
joeyh at moszumanska.debian.org
Fri Oct 17 21:14:13 UTC 2014
Author: joeyh
Date: 2014-10-17 21:14:13 +0000 (Fri, 17 Oct 2014)
New Revision: 29489
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-10-17 17:37:17 UTC (rev 29488)
+++ data/CVE/list 2014-10-17 21:14:13 UTC (rev 29489)
@@ -1,3 +1,45 @@
+CVE-2014-8316 (XML External Entity (XXE) vulnerability in polestar_xml.jsp in SAP ...)
+ TODO: check
+CVE-2014-8315 (polestar_xml.jsp in SAP BusinessObjects Explorer 14.0.5 build 882 ...)
+ TODO: check
+CVE-2014-8314 (Multiple cross-site scripting (XSS) vulnerabilities in SAP HANA ...)
+ TODO: check
+CVE-2014-8313 (Eval injection in ide/core/base/server/net.xsjs in the Developer ...)
+ TODO: check
+CVE-2014-8312 (Business Warehouse (BW) in SAP Netweaver AS ABAP 7.31 allows remote ...)
+ TODO: check
+CVE-2014-8311 (SAP BusinessObjects Edge 4.0 allows remote attackers to obtain ...)
+ TODO: check
+CVE-2014-8310 (The CMS CORBA listener in SAP BusinessObjects BI Edge 4.0 allows ...)
+ TODO: check
+CVE-2014-8309 (SAP BusinessObjects 4.0 and BusinessObjects XI (BOXI) R2 and 3.1 ...)
+ TODO: check
+CVE-2014-8308 (Cross-site scripting (XSS) vulnerability in the Send to Inbox ...)
+ TODO: check
+CVE-2014-8307 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+ TODO: check
+CVE-2014-8306 (SQL injection vulnerability in the sql_query function in cart.php in ...)
+ TODO: check
+CVE-2014-8305 (Open redirect vulnerability in the redir function in ...)
+ TODO: check
+CVE-2014-8304 (Cross-site scripting (XSS) vulnerability in In-Portal CMS 5.2.0 and ...)
+ TODO: check
+CVE-2014-8303 (Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk ...)
+ TODO: check
+CVE-2014-8302 (Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk ...)
+ TODO: check
+CVE-2014-8301 (Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk ...)
+ TODO: check
+CVE-2014-8300
+ RESERVED
+CVE-2014-8299
+ RESERVED
+CVE-2014-8298
+ RESERVED
+CVE-2014-8297
+ RESERVED
+CVE-2014-8296 (Cross-site scripting (XSS) vulnerability in the Modal Frame API module ...)
+ TODO: check
CVE-2014-XXXX [freecad downloads and executes code]
- freecad <unfixed> (bug #764814)
CVE-2014-8295 (SQL injection vulnerability in joblogs.php in Bacula-Web 5.2.10 allows ...)
@@ -494,8 +536,7 @@
RESERVED
- tigervnc <itp> (bug #650394)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1151312
-CVE-2014-8240
- RESERVED
+CVE-2014-8240 (Integer overflow in TigerVNC allows remote VNC servers to cause a ...)
- tigervnc <itp> (bug #650394)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1151307
CVE-2014-8086 (Race condition in the ext4_file_write_iter function in fs/ext4/file.c ...)
@@ -2385,8 +2426,8 @@
RESERVED
CVE-2014-7182
RESERVED
-CVE-2014-7181
- RESERVED
+CVE-2014-7181 (Cross-site scripting (XSS) vulnerability in the Max Foundry MaxButtons ...)
+ TODO: check
CVE-2014-7180
RESERVED
CVE-2014-7179
@@ -2518,8 +2559,7 @@
RESERVED
CVE-2014-7139 (Multiple cross-site scripting (XSS) vulnerabilities in the Contact ...)
NOT-FOR-US: WordPress plugin Contact Form DB
-CVE-2014-7138
- RESERVED
+CVE-2014-7138 (Cross-site scripting (XSS) vulnerability in the Google Calendar Events ...)
NOT-FOR-US: WordPress plugin Google Calendar Events
CVE-2014-7137
RESERVED
@@ -2695,202 +2735,202 @@
RESERVED
CVE-2014-7051
RESERVED
-CVE-2014-7050
- RESERVED
-CVE-2014-7049
- RESERVED
-CVE-2014-7048
- RESERVED
+CVE-2014-7050 (The givenu give (aka com.givenu.give) application 1.5.3 for Android ...)
+ TODO: check
+CVE-2014-7049 (The SomTodo - Task/To-do widget (aka com.somcloud.somtodo) application ...)
+ TODO: check
+CVE-2014-7048 (The Bear ID Lock (aka com.wBearIDLock) application 0.1 for Android ...)
+ TODO: check
CVE-2014-7047 (The Ocean Avenue Mobile Pro (aka com.oceanavenue.mobile) application ...)
TODO: check
CVE-2014-7046 (The George Wassouf (aka com.devkhr32.georgewassouf) application 1.0 ...)
TODO: check
-CVE-2014-7045
- RESERVED
-CVE-2014-7044
- RESERVED
-CVE-2014-7043
- RESERVED
-CVE-2014-7042
- RESERVED
-CVE-2014-7041
- RESERVED
-CVE-2014-7040
- RESERVED
-CVE-2014-7039
- RESERVED
-CVE-2014-7038
- RESERVED
-CVE-2014-7037
- RESERVED
-CVE-2014-7036
- RESERVED
-CVE-2014-7035
- RESERVED
-CVE-2014-7034
- RESERVED
-CVE-2014-7033
- RESERVED
-CVE-2014-7032
- RESERVED
-CVE-2014-7031
- RESERVED
-CVE-2014-7030
- RESERVED
-CVE-2014-7029
- RESERVED
-CVE-2014-7028
- RESERVED
-CVE-2014-7027
- RESERVED
-CVE-2014-7026
- RESERVED
-CVE-2014-7025
- RESERVED
-CVE-2014-7024
- RESERVED
-CVE-2014-7023
- RESERVED
-CVE-2014-7022
- RESERVED
-CVE-2014-7021
- RESERVED
-CVE-2014-7020
- RESERVED
-CVE-2014-7019
- RESERVED
-CVE-2014-7018
- RESERVED
-CVE-2014-7017
- RESERVED
-CVE-2014-7016
- RESERVED
-CVE-2014-7015
- RESERVED
+CVE-2014-7045 (The Bust Out Bail (aka com.onesolutionapps.bustoutbailandroid) ...)
+ TODO: check
+CVE-2014-7044 (The Street Walker (aka kt.road.StreetWalker) application 0.0.1 for ...)
+ TODO: check
+CVE-2014-7043 (The Cadpage (aka net.anei.cadpage) application 1.7.44 for Android does ...)
+ TODO: check
+CVE-2014-7042 (The My nTelos (aka com.telespree.ntelospostpay) application 1.1.2 for ...)
+ TODO: check
+CVE-2014-7041 (The SimGene (aka com.japanbioinformatics.simgene) application 1.3 for ...)
+ TODO: check
+CVE-2014-7040 (The UniCredit Investors (aka eu.unicreditgroup.brand.ucinvestors) ...)
+ TODO: check
+CVE-2014-7039 (The Wild Women United (aka com.wildwomenunited) application 1.0 for ...)
+ TODO: check
+CVE-2014-7038 (The Al Jazeera (aka com.Al.Jazeera.net) application 6.0 for Android ...)
+ TODO: check
+CVE-2014-7037 (The Noble Sticker "FREE" (aka com.kuronecostudio.kizokustamp.free) ...)
+ TODO: check
+CVE-2014-7036 (The Quest Federal CU Mobile (aka com.metova.cuae.questfcu) application ...)
+ TODO: check
+CVE-2014-7035 (The Harmonizers Planet (aka uk.co.pixelkicks.fifthharmony) application ...)
+ TODO: check
+CVE-2014-7034 (The Senator Inn & Spa (aka ...)
+ TODO: check
+CVE-2014-7033 (The Cure Viewer (aka com.livedoor.android.cureviewer) application 1.03 ...)
+ TODO: check
+CVE-2014-7032 (The MYHABIT (aka com.amazon.myhabit) application @7F080041 for Android ...)
+ TODO: check
+CVE-2014-7031 (The RedAtoms Three (aka com.redatoms.mojodroid.tw.gp) application 2.5 ...)
+ TODO: check
+CVE-2014-7030 (The Dieta Dukan passo a passo (aka ...)
+ TODO: check
+CVE-2014-7029 (The Bultmonster Registret (aka com.bultmonster.registret) application ...)
+ TODO: check
+CVE-2014-7028 (The Ibis pau centre (aka com.myapphone.android.myappibispaucentre) ...)
+ TODO: check
+CVE-2014-7027 (The Esercizi per le donne (aka ...)
+ TODO: check
+CVE-2014-7026 (The LIFE TIME FITNESS (aka com.lifetimefitness.ltfmobile) application ...)
+ TODO: check
+CVE-2014-7025 (The Who-is-it? Lite name caller time limited free (aka ...)
+ TODO: check
+CVE-2014-7024 (The Hardest Game Collection (aka com.lotfun.abuse) application 1.5.0 ...)
+ TODO: check
+CVE-2014-7023 (The Find Color (aka com.chudong.color) application 1.1.1 for Android ...)
+ TODO: check
+CVE-2014-7022 (The Modelisme.com forum/portail (aka com.tapatalk.modelismecomforum) ...)
+ TODO: check
+CVE-2014-7021 (The Leg Surgery - Kids Games (aka com.harriskerioe.legsurgery) ...)
+ TODO: check
+CVE-2014-7020 (The Diabetes Forum (aka com.tapatalk.diabetescoukdiabetesforum) ...)
+ TODO: check
+CVE-2014-7019 (The Clarks Inn (aka com.ClarksInn) application 3.3.0 for Android does ...)
+ TODO: check
+CVE-2014-7018 (The LOVE DANCE (aka com.efunfun.ddianle.lovedance) application ...)
+ TODO: check
+CVE-2014-7017 (The Tim Ban Bon Phuong (aka com.entertaiment.timbanbonphuong) ...)
+ TODO: check
+CVE-2014-7016 (The Mahasna Batik (aka com.batik.mahasna) application 1.0 for Android ...)
+ TODO: check
+CVE-2014-7015 (The JJ Texas Hold'em Poker (aka cn.jj.poker) application 1.13.23.HD ...)
+ TODO: check
CVE-2014-7014
RESERVED
-CVE-2014-7013
- RESERVED
-CVE-2014-7012
- RESERVED
-CVE-2014-7011
- RESERVED
-CVE-2014-7010
- RESERVED
-CVE-2014-7009
- RESERVED
-CVE-2014-7008
- RESERVED
-CVE-2014-7007
- RESERVED
-CVE-2014-7006
- RESERVED
-CVE-2014-7005
- RESERVED
-CVE-2014-7004
- RESERVED
-CVE-2014-7003
- RESERVED
-CVE-2014-7002
- RESERVED
-CVE-2014-7001
- RESERVED
-CVE-2014-7000
- RESERVED
-CVE-2014-6999
- RESERVED
-CVE-2014-6998
- RESERVED
-CVE-2014-6997
- RESERVED
-CVE-2014-6996
- RESERVED
-CVE-2014-6995
- RESERVED
-CVE-2014-6994
- RESERVED
-CVE-2014-6993
- RESERVED
-CVE-2014-6992
- RESERVED
-CVE-2014-6991
- RESERVED
-CVE-2014-6990
- RESERVED
-CVE-2014-6989
- RESERVED
-CVE-2014-6988
- RESERVED
-CVE-2014-6987
- RESERVED
-CVE-2014-6986
- RESERVED
-CVE-2014-6985
- RESERVED
-CVE-2014-6984
- RESERVED
-CVE-2014-6983
- RESERVED
-CVE-2014-6982
- RESERVED
-CVE-2014-6981
- RESERVED
-CVE-2014-6980
- RESERVED
-CVE-2014-6979
- RESERVED
-CVE-2014-6978
- RESERVED
-CVE-2014-6977
- RESERVED
-CVE-2014-6976
- RESERVED
-CVE-2014-6975
- RESERVED
-CVE-2014-6974
- RESERVED
-CVE-2014-6973
- RESERVED
-CVE-2014-6972
- RESERVED
-CVE-2014-6971
- RESERVED
-CVE-2014-6970
- RESERVED
-CVE-2014-6969
- RESERVED
-CVE-2014-6968
- RESERVED
-CVE-2014-6967
- RESERVED
-CVE-2014-6966
- RESERVED
-CVE-2014-6965
- RESERVED
-CVE-2014-6964
- RESERVED
-CVE-2014-6963
- RESERVED
-CVE-2014-6962
- RESERVED
-CVE-2014-6961
- RESERVED
-CVE-2014-6960
- RESERVED
-CVE-2014-6959
- RESERVED
-CVE-2014-6958
- RESERVED
-CVE-2014-6957
- RESERVED
-CVE-2014-6956
- RESERVED
-CVE-2014-6955
- RESERVED
-CVE-2014-6954
- RESERVED
-CVE-2014-6953
- RESERVED
+CVE-2014-7013 (The Funny Photo Color Editor (aka com.doirdeditor.funcloreditor) ...)
+ TODO: check
+CVE-2014-7012 (The Coffee Inn (aka lt.lemonlabs.android.coffeeinn) application 2.0.1 ...)
+ TODO: check
+CVE-2014-7011 (The NWTC Mobile (aka com.dub.app.nwtc) application 1.4.17 for Android ...)
+ TODO: check
+CVE-2014-7010 (The UTSA Mobile (aka com.dub.app.utsa) application 1.4.21 for Android ...)
+ TODO: check
+CVE-2014-7009 (The HKBN My Account (aka com.hkbn.myaccount) application @7F070015 for ...)
+ TODO: check
+CVE-2014-7008 (The Forum FrAndroid beta (aka com.tapatalk.forumfrandroidcom) ...)
+ TODO: check
+CVE-2014-7007 (The Master Mix (aka com.nobexinc.wls_24832536.rc) application 3.3.5 ...)
+ TODO: check
+CVE-2014-7006 (The HydFM (aka com.apheliontechnologies.hydfm) application 1.1.9 for ...)
+ TODO: check
+CVE-2014-7005 (The Foconet (aka suporte.com.foconet) application 1.0 for Android does ...)
+ TODO: check
+CVE-2014-7004 (The PETA (aka com.peta.android) application 1.1 for Android does not ...)
+ TODO: check
+CVE-2014-7003 (The Goodwin (aka com.goodwin.Goodwin) application 1.15 for Android ...)
+ TODO: check
+CVE-2014-7002 (The Sopexa Pavillon France (aka com.goomeoevents.pavillonfrance) ...)
+ TODO: check
+CVE-2014-7001 (The Jian Ren (aka cn.sh.scustom.janren) application 1.5.1 for Android ...)
+ TODO: check
+CVE-2014-7000 (The Paul Alexander Campaign (aka hr.apps.n51261427) application 4.5.8 ...)
+ TODO: check
+CVE-2014-6999 (The Questoes OAB (aka com.pedefeijao.questoesoab) application ...)
+ TODO: check
+CVE-2014-6998 (The PinkFong TV (aka kr.co.smartstudy.pinkfongtv_android_googlemarket) ...)
+ TODO: check
+CVE-2014-6997 (The Dino Village (aka com.tappocket.dinovillage) application 1.6 for ...)
+ TODO: check
+CVE-2014-6996 (The Martial Arts Battle Card (aka com.tapenjoy.zjh.tw) application ...)
+ TODO: check
+CVE-2014-6995 (The adidas eyewear (aka com.adidasep.eyewear) application 1.2 for ...)
+ TODO: check
+CVE-2014-6994 (The Atecea (aka com.atecea) application 1.2 for Android does not ...)
+ TODO: check
+CVE-2014-6993 (The Codeeta Coupons (aka com.codeeta.promos) application 1.0.5 for ...)
+ TODO: check
+CVE-2014-6992 (The Timeless Black (aka com.apptive.android.apps.timeless) application ...)
+ TODO: check
+CVE-2014-6991 (The LiveAuctions.tv (aka air.LiveAndroidMaxx) application 2.005 for ...)
+ TODO: check
+CVE-2014-6990 (The Albasit artes y danza (aka ...)
+ TODO: check
+CVE-2014-6989 (The Germanwings (aka com.germanwings.android) application 2.1.13 for ...)
+ TODO: check
+CVE-2014-6988 (The Quotes in Images (aka pt.lumberapps.imagensfrases) application ...)
+ TODO: check
+CVE-2014-6987 (The Mass Gaming TV (aka net.massgamers) application 1.0 for Android ...)
+ TODO: check
+CVE-2014-6986 (The Pregnancy Tips (aka com.rareartifact.tipsforpregnant71C80129) ...)
+ TODO: check
+CVE-2014-6985 (The Georgia Packing (aka com.tapatalk.georgiapackingorg) application ...)
+ TODO: check
+CVE-2014-6984 (The Shots (aka com.shots.android) application 1.0.8 for Android does ...)
+ TODO: check
+CVE-2014-6983 (The NBE (aka com.nbe.app) application 1.1 for Android does not verify ...)
+ TODO: check
+CVE-2014-6982 (The Arabic Troll Football (aka com.hamoosh.ArabicTrollFootball) ...)
+ TODO: check
+CVE-2014-6981 (The Taiwan Business Bank (aka com.mitake.TBB) application 2.04 for ...)
+ TODO: check
+CVE-2014-6980 (The LINE PLAY (aka jp.naver.lineplay.android) application 2.3.1.1 for ...)
+ TODO: check
+CVE-2014-6979 (The MiWay Insurance Ltd (aka com.MiWay.MD) application 1.2 for Android ...)
+ TODO: check
+CVE-2014-6978 (The Karim Rahal Essoulami (aka ...)
+ TODO: check
+CVE-2014-6977 (The eLearn (aka ...)
+ TODO: check
+CVE-2014-6976 (The Aeroexpress (aka ru.lynx.aero) application 2.6.2 for Android does ...)
+ TODO: check
+CVE-2014-6975 (The Twin Lin (aka com.twinlin.twmo) application 5 for Android does not ...)
+ TODO: check
+CVE-2014-6974 (The MifaShow Hairstyles (aka com.mifashow) application 3.7 for Android ...)
+ TODO: check
+CVE-2014-6973 (The Care4Kids (aka com.codetherapy.care4kids) application 1.03 for ...)
+ TODO: check
+CVE-2014-6972 (The Kazakhstan Radio (aka com.wordbox.kazakhstanRadio) application 2.5 ...)
+ TODO: check
+CVE-2014-6971 (The Easy Video Downloader (aka com.simon.padillar.EasyVideo) ...)
+ TODO: check
+CVE-2014-6970 (The North American Ismaili Games (aka hr.apps.n166983741) application ...)
+ TODO: check
+CVE-2014-6969 (The Deltin Suites (aka com.DeltinSuites) application 3.4.1 for Android ...)
+ TODO: check
+CVE-2014-6968 (The Grandma's Grotto (aka com.mobileappsuite.grandmasgrotto) ...)
+ TODO: check
+CVE-2014-6967 (The Albion College (aka com.vivomobile.albioncollege) application ...)
+ TODO: check
+CVE-2014-6966 (The West Bend School District (aka net.parentlink.westbend) ...)
+ TODO: check
+CVE-2014-6965 (The FAZ.NET (aka net.faz.FAZ) application 1.0.1 for Android does not ...)
+ TODO: check
+CVE-2014-6964 (The Hanyang University Admissions (aka kr.ac.hanyang.planner) ...)
+ TODO: check
+CVE-2014-6963 (The feiron (aka es.sw.feironmobile.app) application 1.1 for Android ...)
+ TODO: check
+CVE-2014-6962 (The Elk Grove PublicStuff (aka com.wassabi.elkgrove) application 3.2 ...)
+ TODO: check
+CVE-2014-6961 (The SudaniNet (aka com.sudaninet.wtwqiqbegq_btwlda) application 2.0 ...)
+ TODO: check
+CVE-2014-6960 (The Multitrac (aka com.multitrac) application 1.04 for Android does ...)
+ TODO: check
+CVE-2014-6959 (The QinCard (aka com.haowan.qincard) application 2.0 for Android does ...)
+ TODO: check
+CVE-2014-6958 (The ISMRM-ESMRMB 2014 (aka ...)
+ TODO: check
+CVE-2014-6957 (The scottcolibmn (aka com.bredir.boopsie.scottlib) application 4.5.110 ...)
+ TODO: check
+CVE-2014-6956 (The Hydrogen Water (aka com.appzone628) application 1.0 for Android ...)
+ TODO: check
+CVE-2014-6955 (The Le Grand Bleu (aka com.appzone468) application 1.0 for Android ...)
+ TODO: check
+CVE-2014-6954 (The Deer Hunting Calls + Guide (aka com.anawaz.deerhuntingcalls.free) ...)
+ TODO: check
+CVE-2014-6953 (The AFTERLIFE WITH ARCHIE (aka ...)
+ TODO: check
CVE-2014-6952 (The Manga Facts (aka app.mangafacts.ar) application 1.0 for Android ...)
TODO: check
CVE-2014-6951 (The OneFile Ignite (aka uk.co.onefile.ignite) application 1.19 for ...)
@@ -7683,8 +7723,8 @@
RESERVED
CVE-2014-4882
RESERVED
-CVE-2014-4881
- RESERVED
+CVE-2014-4881 (The PartyTrack library for Android does not verify X.509 certificates ...)
+ TODO: check
CVE-2014-4880
RESERVED
CVE-2014-4879
@@ -10504,11 +10544,9 @@
RESERVED
CVE-2014-3681 (Cross-site scripting (XSS) vulnerability in CloudBees Jenkins before ...)
- jenkins 1.565.3-1 (bug #763899)
-CVE-2014-3680 [SECURITY-138: Password exposure in DOM]
- RESERVED
+CVE-2014-3680 (CloudBees Jenkins before 1.583 and LTS before 1.565.3 allows remote ...)
- jenkins 1.565.3-1 (bug #763899)
-CVE-2014-3679 [lack of access control in the monitoring plug-in]
- RESERVED
+CVE-2014-3679 (The Monitoring plugin before 1.53.0 for CloudBees Jenkins allows ...)
NOT-FOR-US: Jenkins monitoring plugin
NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01
CVE-2014-3678 (Cross-site scripting (XSS) vulnerability in the Monitoring plugin ...)
@@ -10543,24 +10581,19 @@
RESERVED
- php5 5.6.2+dfsg-1
NOTE: https://bugs.php.net/bug.php?id=68027
-CVE-2014-3667 [SECURITY-155: exposure of plugin code]
- RESERVED
+CVE-2014-3667 (CloudBees Jenkins before 1.583 and LTS before 1.565.3 does not ...)
- jenkins 1.565.3-1 (bug #763899)
-CVE-2014-3666 [SECURITY-150: remote code execution from CLI]
- RESERVED
+CVE-2014-3666 (CloudBees Jenkins before 1.583 and LTS before 1.565.3 allows remote ...)
- jenkins 1.565.3-1 (bug #763899)
CVE-2014-3665
RESERVED
CVE-2014-3664 (Directory traversal vulnerability in CloudBees Jenkins before 1.583 ...)
- jenkins 1.565.3-1 (bug #763899)
-CVE-2014-3663 [SECURITY-127/SECURITY-128: privilege escalation in job configuration permission]
- RESERVED
+CVE-2014-3663 (CloudBees Jenkins before 1.583 and LTS before 1.565.3 allows remote ...)
- jenkins 1.565.3-1 (bug #763899)
-CVE-2014-3662 [SECURITY-110: User name discovery]
- RESERVED
+CVE-2014-3662 (CloudBees Jenkins before 1.583 and LTS before 1.565.3 allows remote ...)
- jenkins 1.565.3-1 (bug #763899)
-CVE-2014-3661 [SECURITY-87: anonymous DoS attack through CLI handshake]
- RESERVED
+CVE-2014-3661 (CloudBees Jenkins before 1.583 and LTS before 1.565.3 allows remote ...)
- jenkins 1.565.3-1 (bug #763899)
CVE-2014-3660 [libxml2 billion laugh variant]
RESERVED
More information about the Secure-testing-commits
mailing list