diff options
author | security tracker role <sectracker@soriano.debian.org> | 2020-02-14 08:10:14 +0000 |
---|---|---|
committer | security tracker role <sectracker@soriano.debian.org> | 2020-02-14 08:10:14 +0000 |
commit | e5de7dae018e9f17baa89682f34c64ae7df17b24 (patch) | |
tree | 93f60a749ce82986f29d93f246fd7da8f5024a7e /data/CVE/2013.list | |
parent | 3285bac1a9d09b26a3bb90c25505ebecadf783e0 (diff) |
automatic update
Diffstat (limited to 'data/CVE/2013.list')
-rw-r--r-- | data/CVE/2013.list | 57 |
1 files changed, 28 insertions, 29 deletions
diff --git a/data/CVE/2013.list b/data/CVE/2013.list index 0482e7ab5e..6e149d345e 100644 --- a/data/CVE/2013.list +++ b/data/CVE/2013.list @@ -662,8 +662,8 @@ CVE-2013-7290 (The do_item_get function in items.c in memcached 1.4.4 and other NOTE: actual patch should be adjusted in case there is a further memcached upload accoring to upstream commit CVE-2013-7289 (Multiple cross-site scripting (XSS) vulnerabilities in register.php in ...) NOT-FOR-US: Andy's PHP Knowledgebase (Aphpkb) -CVE-2013-7287 - RESERVED +CVE-2013-7287 (MobileIron VSP < 5.9.1 and Sentry < 5.0 has an insecure encrypti ...) + TODO: check CVE-2013-7286 (MobileIron VSP < 5.9.1 and Sentry < 5.0 has a weak password obfu ...) TODO: check CVE-2013-7283 (Race condition in the libreswan.spec files for Red Hat Enterprise Linu ...) @@ -922,8 +922,8 @@ CVE-2013-7175 (Multiple SQL injection vulnerabilities in Avanset Visual CertExam NOT-FOR-US: Avanset Visual CertExam Manager CVE-2013-7174 (Absolute path traversal vulnerability in cgi-bin/jc.cgi in QNAP QTS be ...) NOT-FOR-US: QNAP QTS -CVE-2013-7173 - RESERVED +CVE-2013-7173 (Belkin n750 routers have a buffer overflow. ...) + TODO: check CVE-2013-7172 (Slackware 13.1, 13.37, 14.0 and 14.1 contain world-writable permission ...) - libiodbc2 <not-affected> (RPATH issue slackware specific) CVE-2013-7171 (Slackware 14.0 and 14.1, and Slackware LLVM 3.0-i486-2 and 3.3-i486-2, ...) @@ -1127,8 +1127,8 @@ CVE-2013-7100 (Buffer overflow in the unpacksms16 function in apps/app_sms.c in - asterisk 1:11.7.0~dfsg-1 (bug #732355) CVE-2013-7099 RESERVED -CVE-2013-7098 - RESERVED +CVE-2013-7098 (OpenConnect VPN client with GnuTLS before 5.02 contains a heap overflo ...) + TODO: check CVE-2013-7097 (Directory traversal vulnerability in 7 Media Web Solutions eduTrac bef ...) NOT-FOR-US: eduTrac CVE-2013-7096 (Multiple SQL injection vulnerabilities in SAP EMR Unwired allow remote ...) @@ -1658,8 +1658,8 @@ CVE-2013-6929 (SQL injection vulnerability in Cybozu Garoon 3.7 SP2 and earlier NOT-FOR-US: Cybozu Garoon CVE-2013-6928 RESERVED -CVE-2013-6927 - RESERVED +CVE-2013-6927 (Internet TRiLOGI Server (unknown versions) could allow a local user to ...) + TODO: check CVE-2013-6926 (The integrated HTTPS server in Siemens RuggedCom ROS before 3.12.2 all ...) NOT-FOR-US: Siemens CVE-2013-6925 (The integrated HTTPS server in Siemens RuggedCom ROS before 3.12.2 all ...) @@ -3245,12 +3245,12 @@ CVE-2013-6367 (The apic_get_tmcct function in arch/x86/kvm/lapic.c in the KVM su [wheezy] - linux 3.2.54-1 CVE-2013-6363 RESERVED -CVE-2013-6362 - RESERVED +CVE-2013-6362 (Xerox ColorCube and WorkCenter devices in 2013 had hardcoded FTP and s ...) + TODO: check CVE-2013-6361 RESERVED -CVE-2013-6360 - RESERVED +CVE-2013-6360 (TRENDnet TS-S402 has a backdoor to enable TELNET. ...) + TODO: check CVE-2013-6359 (Munin::Master::Node in Munin before 2.0.18 allows remote attackers to ...) {DSA-2815-1 DLA-20-1} - munin 2.0.18-1 @@ -3448,8 +3448,8 @@ CVE-2013-6279 RESERVED CVE-2013-6278 RESERVED -CVE-2013-6277 - RESERVED +CVE-2013-6277 (QNAP VioCard 300 has hardcoded RSA private keys. ...) + TODO: check CVE-2013-6276 RESERVED CVE-2013-6274 @@ -4822,8 +4822,8 @@ CVE-2013-5691 (The (1) IPv6 and (2) ATM ioctl request handlers in the kernel in [wheezy] - kfreebsd-8 8.3-6+deb7u1 CVE-2013-5690 (Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange Ap ...) NOT-FOR-US: Open-Xchange -CVE-2013-5687 - RESERVED +CVE-2013-5687 (RiskNet Acquirer before hotfix 6.0 b7+ADHOC-443 ApplicationServiceBean ...) + TODO: check CVE-2013-5686 RESERVED CVE-2013-5685 @@ -5936,8 +5936,7 @@ CVE-2013-5214 RESERVED CVE-2013-5213 RESERVED -CVE-2013-5212 - RESERVED +CVE-2013-5212 (Cross-site Scripting (XSS) in EasyXDM before 2.4.18 allows remote atta ...) NOT-FOR-US: easyXDM CVE-2013-5211 (The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 al ...) - ntp 1:4.2.8p3+dfsg-1 (low; bug #733940) @@ -6868,10 +6867,10 @@ CVE-2013-4794 RESERVED CVE-2013-4793 (The update function in umbraco.webservices/templates/templateService.c ...) NOT-FOR-US: Umbraco -CVE-2013-4792 - RESERVED -CVE-2013-4791 - RESERVED +CVE-2013-4792 (PrestaShop before 1.4.11 allows logout CSRF. ...) + TODO: check +CVE-2013-4791 (PrestaShop before 1.4.11 allows Logistician, translators and other low ...) + TODO: check CVE-2013-4790 (Open-Xchange AppSuite before 7.0.2 rev14, 7.2.0 before rev11, 7.2.1 be ...) NOT-FOR-US: Open-Xchange CVE-2013-4789 (SQL injection vulnerability in modules/rss/rss.php in Cotonti before 0 ...) @@ -15748,8 +15747,8 @@ CVE-2013-1635 (ext/soap/soap.c in PHP before 5.3.22 and 5.4.x before 5.4.13 does - php5 5.4.4-14 (unimportant; bug #702221) NOTE: open_basedir not supported NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=702b436ef470cc02f8e2cc21f2fadeee42103c74 -CVE-2013-1634 - RESERVED +CVE-2013-1634 (A denial of service vulnerability exists in some motherboard implement ...) + TODO: check CVE-2013-1633 (easy_install in setuptools before 0.7 uses HTTP to retrieve packages f ...) - distribute <unfixed> (unimportant) NOTE: Lack of a security feature, not a vulnerability @@ -16467,10 +16466,10 @@ CVE-2013-1403 RESERVED CVE-2013-1402 (DigiLIBE 3.4 and possibly other versions sends a redirect but does not ...) NOT-FOR-US: DigiLIBE -CVE-2013-1401 - RESERVED -CVE-2013-1400 - RESERVED +CVE-2013-1401 (Multiple security bypass vulnerabilities in the editAnswer, deleteAnsw ...) + TODO: check +CVE-2013-1400 (Multiple SQL injection vulnerabilities in CWPPoll.js in WordPress Poll ...) + TODO: check CVE-2013-0243 (haskell-tls-extra before 0.6.1 has Basic Constraints attribute vulnera ...) - haskell-tls-extra 0.4.6.1-1 (bug #698545) CVE-2013-1399 (Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) ...) @@ -19228,7 +19227,7 @@ CVE-2013-0296 (Race condition in pigz before 2.2.5 uses permissions derived from - pigz 2.2.4-2 (low; bug #700608) [squeeze] - pigz 2.1.6-1+squeeze1 CVE-2013-0295 - RESERVED + REJECTED CVE-2013-0294 (packet.py in pyrad before 2.1 uses weak random numbers to generate RAD ...) - pyrad 2.0-2 (low; bug #700669) [wheezy] - pyrad 1.2-1+deb7u2 |