[Secure-testing-commits] r22816 - data/CVE

Joey Hess Mon, 01 Jul 2013 14:14:51 -0700

Author: joeyh
Date: 2013-07-01 21:14:23 +0000 (Mon, 01 Jul 2013)
New Revision: 22816


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2013-07-01 20:52:52 UTC (rev 22815)
+++ data/CVE/list       2013-07-01 21:14:23 UTC (rev 22816)
@@ -1,3 +1,33 @@
+CVE-2013-4735 (The Digital Alert Systems DASDEC EAS device before 2.0-2 and 
the ...)
+       TODO: check
+CVE-2013-4734 (dasdec_mkuser on the Digital Alert Systems DASDEC EAS device 
before ...)
+       TODO: check
+CVE-2013-4733 (The web server on the Digital Alert Systems DASDEC EAS device 
before ...)
+       TODO: check
+CVE-2013-4732 (** DISPUTED ** The administrative web server on the Digital 
Alert ...)
+       TODO: check
+CVE-2013-4731 (ajax.cgi in the web interface on the Choice Wireless Green 
Packet ...)
+       TODO: check
+CVE-2013-4730
+       RESERVED
+CVE-2013-4729
+       RESERVED
+CVE-2013-4728
+       RESERVED
+CVE-2013-4727
+       RESERVED
+CVE-2013-4726
+       RESERVED
+CVE-2013-4725
+       RESERVED
+CVE-2013-4724
+       RESERVED
+CVE-2013-4723
+       RESERVED
+CVE-2013-4722
+       RESERVED
+CVE-2010-5288 (Buffer overflow in the lsConnectionCached function in editcp in 
...)
+       TODO: check
 CVE-2013-4721 (SQL injection vulnerability in the RSS feed from records 
extension ...)
        NOT-FOR-US: records extension for TYPO3
 CVE-2013-4720 (SQL injection vulnerability in the WEC Discussion Forum 
extension ...)
@@ -124,8 +154,8 @@
        RESERVED
 CVE-2013-4661
        RESERVED
-CVE-2013-4660
-       RESERVED
+CVE-2013-4660 (The JS-YAML module before 2.0.5 for Node.js parses input 
without ...)
+       TODO: check
 CVE-2013-4659
        RESERVED
 CVE-2013-4658
@@ -1273,22 +1303,22 @@
        RESERVED
 CVE-2013-4099
        RESERVED
-CVE-2013-4098
-       RESERVED
-CVE-2013-4097
-       RESERVED
-CVE-2013-4096
-       RESERVED
-CVE-2013-4095
-       RESERVED
-CVE-2013-4094
-       RESERVED
-CVE-2013-4093
-       RESERVED
-CVE-2013-4092
-       RESERVED
-CVE-2013-4091
-       RESERVED
+CVE-2013-4098 (ServerAdmin/ErrorViewer.jsp in DS3 Authentication Server allow 
remote ...)
+       TODO: check
+CVE-2013-4097 (ServerAdmin/TestDRConnection.jsp in DS3 Authentication Server 
allows ...)
+       TODO: check
+CVE-2013-4096 (ServerAdmin/TestTelnetConnection.jsp in DS3 Authentication 
Server ...)
+       TODO: check
+CVE-2013-4095 (plain/actionsets.html in the SecureSphere Operations Manager 
(SOM) ...)
+       TODO: check
+CVE-2013-4094 (The Key Management feature in the SecureSphere Operations 
Manager ...)
+       TODO: check
+CVE-2013-4093 (The SecureSphere Operations Manager (SOM) Management Server in 
Imperva ...)
+       TODO: check
+CVE-2013-4092 (The SecureSphere Operations Manager (SOM) Management Server in 
Imperva ...)
+       TODO: check
+CVE-2013-4091 (The SecureSphere Operations Manager (SOM) Management Server in 
Imperva ...)
+       TODO: check
 CVE-2013-4090
        RESERVED
 CVE-2013-4089
@@ -2259,20 +2289,20 @@
        RESERVED
 CVE-2013-3655
        RESERVED
-CVE-2013-3654
-       RESERVED
-CVE-2013-3653
-       RESERVED
-CVE-2013-3652
-       RESERVED
-CVE-2013-3651
-       RESERVED
-CVE-2013-3650
-       RESERVED
-CVE-2013-3649
-       RESERVED
-CVE-2013-3648
-       RESERVED
+CVE-2013-3654 (Directory traversal vulnerability in LOCKON EC-CUBE 2.12.0 
through ...)
+       TODO: check
+CVE-2013-3653 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+       TODO: check
+CVE-2013-3652 (Cross-site scripting (XSS) vulnerability in ...)
+       TODO: check
+CVE-2013-3651 (LOCKON EC-CUBE 2.11.2 through 2.12.4 allows remote attackers to 
...)
+       TODO: check
+CVE-2013-3650 (Directory traversal vulnerability in the lfCheckFileName 
function in ...)
+       TODO: check
+CVE-2013-3649 (Cross-site scripting (XSS) vulnerability in KENT-WEB CLIP-MAIL 
before ...)
+       TODO: check
+CVE-2013-3648 (Cross-site scripting (XSS) vulnerability in KENT-WEB POST-MAIL 
before ...)
+       TODO: check
 CVE-2013-3647 (The WebView class in the Cybozu Live application before 2.0.1 
for ...)
        NOT-FOR-US: Cybozu Live for Android
 CVE-2013-3646 (The Cybozu Live application before 2.0.1 for Android allows 
remote ...)
@@ -2405,8 +2435,8 @@
        RESERVED
 CVE-2013-3582
        RESERVED
-CVE-2013-3581
-       RESERVED
+CVE-2013-3581 (ajax.cgi in the web interface on the Choice Wireless Green 
Packet ...)
+       TODO: check
 CVE-2013-3580
        RESERVED
 CVE-2013-3579
@@ -5321,14 +5351,13 @@
        RESERVED
 CVE-2013-2343
        RESERVED
-CVE-2013-2342
-       RESERVED
+CVE-2013-2342 (The HP StoreOnce D2D backup system with software before 3.0.0 
has a ...)
+       TODO: check
 CVE-2013-2341
        RESERVED
 CVE-2013-2340
        RESERVED
-CVE-2013-2339
-       RESERVED
+CVE-2013-2339 (HP Smart Zero Core 4.3 and 4.3.1 on the t410 All-in-One Smart 
Zero ...)
        NOT-FOR-US: HP Smart Zero Client
 CVE-2013-2338 (Unspecified vulnerability on HP Integrated Lights-Out 3 (aka 
iLO3) ...)
        NOT-FOR-US: HP Integrated Lights-Out
@@ -5360,10 +5389,10 @@
        NOT-FOR-US: HP Storage Data Protector
 CVE-2013-2324 (Unspecified vulnerability in HP Storage Data Protector 6.20, 
6.21, ...)
        NOT-FOR-US: HP Storage Data Protector
-CVE-2013-2323
-       RESERVED
-CVE-2013-2322
-       RESERVED
+CVE-2013-2323 (HP SQL/MX 3.0 through 3.2 on NonStop servers, when SQL/MP 
Objects are ...)
+       TODO: check
+CVE-2013-2322 (HP SQL/MX 3.2 and earlier on NonStop servers, when SQL/MP 
Objects are ...)
+       TODO: check
 CVE-2013-2321 (Cross-site scripting (XSS) vulnerability in HP Service Manager 
Web ...)
        NOT-FOR-US: HP Service Manager
 CVE-2013-2320
@@ -5663,24 +5692,31 @@
        [wheezy] - linux 3.2.46-1
 CVE-2013-2205
        RESERVED
+       {DSA-2718-1}
        - wordpress 3.5.2+dfsg-1 (bug #713947)
 CVE-2013-2204
        RESERVED
+       {DSA-2718-1}
        - wordpress 3.5.2+dfsg-1 (bug #713947)
 CVE-2013-2203
        RESERVED
+       {DSA-2718-1}
        - wordpress 3.5.2+dfsg-1 (bug #713947)
 CVE-2013-2202
        RESERVED
+       {DSA-2718-1}
        - wordpress 3.5.2+dfsg-1 (bug #713947)
 CVE-2013-2201
        RESERVED
+       {DSA-2718-1}
        - wordpress 3.5.2+dfsg-1 (bug #713947)
 CVE-2013-2200
        RESERVED
+       {DSA-2718-1}
        - wordpress 3.5.2+dfsg-1 (bug #713947)
 CVE-2013-2199
        RESERVED
+       {DSA-2718-1}
        - wordpress 3.5.2+dfsg-1 (bug #713947)
 CVE-2013-2198
        RESERVED
@@ -5767,6 +5803,7 @@
        {DSA-2713-1}
        - curl 7.31.0-1
 CVE-2013-2173 (wp-includes/class-phpass.php in WordPress 3.5.1, when a ...)
+       {DSA-2718-1}
        - wordpress 3.5.2+dfsg-1 (bug #713947)
 CVE-2013-2172
        RESERVED
@@ -11984,8 +12021,8 @@
        NOT-FOR-US: Arecont Vision
 CVE-2013-0138 (BitZipper 2013 before Update 1 allows remote attackers to 
execute ...)
        NOT-FOR-US: BitZipper
-CVE-2013-0137
-       RESERVED
+CVE-2013-0137 (The default configuration of the Digital Alert Systems DASDEC 
EAS ...)
+       TODO: check
 CVE-2013-0136 (Multiple directory traversal vulnerabilities in the 
EditDocument ...)
        NOT-FOR-US: Mutiny
 CVE-2013-0135 (Multiple SQL injection vulnerabilities in PHP Address Book 
8.2.5 allow ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r22816 - data/CVE

Reply via email to