diff options
| author | security tracker role <sectracker@soriano.debian.org> | 2020-01-30 20:11:31 +0000 |
|---|---|---|
| committer | security tracker role <sectracker@soriano.debian.org> | 2020-01-30 20:11:31 +0000 |
| commit | de33f261a80c91ba5e6dac5b04335e558ca5ac01 (patch) | |
| tree | 0e8be3501dbd0ddf4b636107bac3bdc0f5b670d6 /data/CVE/2013.list | |
| parent | 3001400b166aa09d196ea89a1c48d967c7541078 (diff) | |
automatic update
Diffstat (limited to 'data/CVE/2013.list')
| -rw-r--r-- | data/CVE/2013.list | 40 |
1 files changed, 20 insertions, 20 deletions
diff --git a/data/CVE/2013.list b/data/CVE/2013.list index e2f330c11f..3033d92545 100644 --- a/data/CVE/2013.list +++ b/data/CVE/2013.list @@ -14839,10 +14839,10 @@ CVE-2013-1868 (Multiple buffer overflows in VideoLAN VLC media player 2.0.4 and [squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts) NOTE: http://www.videolan.org/security/sa1301.html NOTE: The freetype issue is a harmless NULL deref and won't be fixed -CVE-2013-1867 - RESERVED -CVE-2013-1866 - RESERVED +CVE-2013-1867 (Gemalto Tokend 2013 has an Arbitrary File Creation/Overwrite Vulnerabi ...) + TODO: check +CVE-2013-1866 (OpenSC OpenSC.tokend has an Arbitrary File Creation/Overwrite Vulnerab ...) + TODO: check CVE-2013-1865 (OpenStack Keystone Folsom (2012.2) does not properly perform revocatio ...) - keystone <not-affected> (only affects folsom) NOTE: fixed in experimental with keystone/2012.2.3-2 @@ -15797,8 +15797,8 @@ CVE-2013-1633 (easy_install in setuptools before 0.7 uses HTTP to retrieve packa NOTE: Lack of a security feature, not a vulnerability CVE-2013-1632 RESERVED -CVE-2013-1631 - RESERVED +CVE-2013-1631 (Verax NMS prior to 2.1.0 leaks connection details when any user execut ...) + TODO: check CVE-2013-1630 (pyshop before 0.7.1 uses HTTP to retrieve packages from the PyPI repos ...) NOT-FOR-US: pyshop CVE-2013-1629 (pip before 1.3 uses HTTP to retrieve packages from the PyPI repository ...) @@ -16612,12 +16612,12 @@ CVE-2013-1354 RESERVED CVE-2013-1353 RESERVED -CVE-2013-1352 - RESERVED -CVE-2013-1351 - RESERVED -CVE-2013-1350 - RESERVED +CVE-2013-1352 (Verax NMS prior to 2.1.0 uses an encryption key that is hardcoded in a ...) + TODO: check +CVE-2013-1351 (Verax NMS prior to 2.10 allows authentication via the encrypted passwo ...) + TODO: check +CVE-2013-1350 (Verax NMS prior to 2.1.0 has multiple security bypass vulnerabilities ...) + TODO: check CVE-2013-1349 (Eval injection vulnerability in ajax.php in openSIS 4.5 through 5.2 al ...) NOT-FOR-US: openSIS CVE-2013-1348 (The Yaml::parse function in Symfony 2.0.x before 2.0.22 remote attacke ...) @@ -18263,10 +18263,10 @@ CVE-2013-0741 (Cross-site scripting (XSS) vulnerability in imagegen.ashx in Perc NOT-FOR-US: Percipient Studios ImageGen CVE-2013-0740 (Open redirect vulnerability in Dell OpenManage Server Administrator (O ...) NOT-FOR-US: Dell OpenManage Server Administrator -CVE-2013-0739 - RESERVED -CVE-2013-0738 - RESERVED +CVE-2013-0739 (Chamilo 1.9.4 has XSS due to improper validation of user-supplied inpu ...) + TODO: check +CVE-2013-0738 (Chamilo 1.9.4 has Multiple XSS and HTML Injection Vulnerabilities: blo ...) + TODO: check CVE-2013-0737 (Cross-site scripting (XSS) vulnerability in BoltWire 3.5 and earlier a ...) NOT-FOR-US: BoltWire CVE-2013-0736 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Ming ...) @@ -18291,8 +18291,8 @@ CVE-2013-0727 (Multiple untrusted search path vulnerabilities in Global Mapper 1 NOT-FOR-US: Global Mapper CVE-2013-0726 (Stack-based buffer overflow in the ERM_convert_to_correct_webpath func ...) NOT-FOR-US: ERDAS ER Viewer -CVE-2013-0725 - RESERVED +CVE-2013-0725 (ERDAS ER Viewer 13.0 has dwmapi.dll and irml.dll libraries arbitrary c ...) + TODO: check CVE-2013-0724 (PHP remote file inclusion vulnerability in includes/generate-pdf.php i ...) NOT-FOR-US: Wordpress plugin ecommerce Shop Styling CVE-2013-0723 (Multiple heap-based buffer overflows in etxrw.dll in Kingsoft Spreadsh ...) @@ -19280,8 +19280,8 @@ CVE-2013-0293 (oVirt Node: Lock screen accepts F2 to drop to shell causing privi CVE-2013-0292 (The dbus_g_proxy_manager_filter function in dbus-gproxy in Dbus-glib b ...) - dbus-glib 0.100.1-1 (bug #700638; high) [squeeze] - dbus-glib 0.88-2.1+squeeze1 -CVE-2013-0291 - RESERVED +CVE-2013-0291 (NextGEN Gallery Plugin for WordPress 1.9.10 and 1.9.11 has a Path Disc ...) + TODO: check CVE-2013-0290 (The __skb_recv_datagram function in net/core/datagram.c in the Linux k ...) - linux <not-affected> (Introduced in 3.4, fixed in 3.8) - linux-2.6 <not-affected> (Introduced in 3.4) |