[Secure-testing-commits] r36280 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Mon Aug 24 21:10:12 UTC 2015
Author: sectracker
Date: 2015-08-24 21:10:12 +0000 (Mon, 24 Aug 2015)
New Revision: 36280
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-08-24 17:39:09 UTC (rev 36279)
+++ data/CVE/list 2015-08-24 21:10:12 UTC (rev 36280)
@@ -1,3 +1,255 @@
+CVE-2015-6655
+ RESERVED
+CVE-2015-6654
+ RESERVED
+CVE-2015-6653
+ RESERVED
+CVE-2015-6652
+ RESERVED
+CVE-2015-6651
+ RESERVED
+CVE-2015-6650
+ RESERVED
+CVE-2015-6649
+ RESERVED
+CVE-2015-6648
+ RESERVED
+CVE-2015-6647
+ RESERVED
+CVE-2015-6646
+ RESERVED
+CVE-2015-6645
+ RESERVED
+CVE-2015-6644
+ RESERVED
+CVE-2015-6643
+ RESERVED
+CVE-2015-6642
+ RESERVED
+CVE-2015-6641
+ RESERVED
+CVE-2015-6640
+ RESERVED
+CVE-2015-6639
+ RESERVED
+CVE-2015-6638
+ RESERVED
+CVE-2015-6637
+ RESERVED
+CVE-2015-6636
+ RESERVED
+CVE-2015-6635
+ RESERVED
+CVE-2015-6634
+ RESERVED
+CVE-2015-6633
+ RESERVED
+CVE-2015-6632
+ RESERVED
+CVE-2015-6631
+ RESERVED
+CVE-2015-6630
+ RESERVED
+CVE-2015-6629
+ RESERVED
+CVE-2015-6628
+ RESERVED
+CVE-2015-6627
+ RESERVED
+CVE-2015-6626
+ RESERVED
+CVE-2015-6625
+ RESERVED
+CVE-2015-6624
+ RESERVED
+CVE-2015-6623
+ RESERVED
+CVE-2015-6622
+ RESERVED
+CVE-2015-6621
+ RESERVED
+CVE-2015-6620
+ RESERVED
+CVE-2015-6619
+ RESERVED
+CVE-2015-6618
+ RESERVED
+CVE-2015-6617
+ RESERVED
+CVE-2015-6616
+ RESERVED
+CVE-2015-6615
+ RESERVED
+CVE-2015-6614
+ RESERVED
+CVE-2015-6613
+ RESERVED
+CVE-2015-6612
+ RESERVED
+CVE-2015-6611
+ RESERVED
+CVE-2015-6610
+ RESERVED
+CVE-2015-6609
+ RESERVED
+CVE-2015-6608
+ RESERVED
+CVE-2015-6607
+ RESERVED
+CVE-2015-6606
+ RESERVED
+CVE-2015-6605
+ RESERVED
+CVE-2015-6604
+ RESERVED
+CVE-2015-6603
+ RESERVED
+CVE-2015-6602
+ RESERVED
+CVE-2015-6601
+ RESERVED
+CVE-2015-6600
+ RESERVED
+CVE-2015-6599
+ RESERVED
+CVE-2015-6598
+ RESERVED
+CVE-2015-6597
+ RESERVED
+CVE-2015-6596
+ RESERVED
+CVE-2015-6595
+ RESERVED
+CVE-2015-6594
+ RESERVED
+CVE-2015-6592
+ RESERVED
+CVE-2015-6591
+ RESERVED
+CVE-2015-6590
+ RESERVED
+CVE-2015-6589
+ RESERVED
+CVE-2015-6588
+ RESERVED
+CVE-2015-6587
+ RESERVED
+CVE-2015-6586
+ RESERVED
+CVE-2015-6585
+ RESERVED
+CVE-2015-6584
+ RESERVED
+CVE-2015-6583
+ RESERVED
+CVE-2015-6582
+ RESERVED
+CVE-2015-6581
+ RESERVED
+CVE-2015-6580
+ RESERVED
+CVE-2015-6579
+ RESERVED
+CVE-2015-6578
+ RESERVED
+CVE-2015-6577
+ RESERVED
+CVE-2015-6576
+ RESERVED
+CVE-2015-6575
+ RESERVED
+CVE-2015-6574
+ RESERVED
+CVE-2015-6573
+ RESERVED
+CVE-2015-6572
+ RESERVED
+CVE-2015-6571
+ RESERVED
+CVE-2015-6570
+ RESERVED
+CVE-2015-6569
+ RESERVED
+CVE-2015-6568
+ RESERVED
+CVE-2015-6567
+ RESERVED
+CVE-2015-6566
+ RESERVED
+CVE-2015-6562
+ RESERVED
+CVE-2015-6561
+ RESERVED
+CVE-2015-6560
+ RESERVED
+CVE-2015-6559
+ RESERVED
+CVE-2015-6558
+ RESERVED
+CVE-2015-6557 (IBM Tivoli Storage Manager for Databases: Data Protection for ...)
+ TODO: check
+CVE-2015-6556
+ RESERVED
+CVE-2015-6555
+ RESERVED
+CVE-2015-6554
+ RESERVED
+CVE-2015-6553
+ RESERVED
+CVE-2015-6552
+ RESERVED
+CVE-2015-6551
+ RESERVED
+CVE-2015-6550
+ RESERVED
+CVE-2015-6549
+ RESERVED
+CVE-2015-6548
+ RESERVED
+CVE-2015-6547
+ RESERVED
+CVE-2015-6546
+ RESERVED
+CVE-2015-6545
+ RESERVED
+CVE-2015-6544
+ RESERVED
+CVE-2015-6543
+ RESERVED
+CVE-2015-6542
+ RESERVED
+CVE-2015-6541
+ RESERVED
+CVE-2015-6540
+ RESERVED
+CVE-2015-6539
+ RESERVED
+CVE-2015-6538
+ RESERVED
+CVE-2015-6537
+ RESERVED
+CVE-2015-6536
+ RESERVED
+CVE-2015-6535
+ RESERVED
+CVE-2015-6534
+ RESERVED
+CVE-2015-6533
+ RESERVED
+CVE-2015-6532
+ RESERVED
+CVE-2015-6531
+ RESERVED
+CVE-2015-6530 (Cross-site scripting (XSS) vulnerability in OpenText Secure MFT 2013 ...)
+ TODO: check
+CVE-2015-6529 (Multiple cross-site scripting (XSS) vulnerabilities in phpipam 1.1.010 ...)
+ TODO: check
+CVE-2015-6528 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+ TODO: check
+CVE-2015-6525
+ RESERVED
+CVE-2015-6524
+ RESERVED
CVE-2015-XXXX [PCRE Library Heap Overflow in compile_regex()]
- pcre3 <unfixed> (bug #796762)
[jessie] - pcre3 <no-dsa> (Minor issue)
@@ -46,6 +298,7 @@
NOTE: https://sourceforge.net/p/libpgf/code/147/
NOTE: https://sourceforge.net/p/libpgf/code/148/
CVE-2015-6527
+ RESERVED
- php5 <not-affected> (Specific to PHP 7)
NOTE: http://git.php.net/?p=php-src.git;a=commit;h=6aeee47b2cd47915ccfa3b41433a3f57aea24dd5
NOTE: https://bugs.php.net/bug.php?id=70140
@@ -595,12 +848,11 @@
RESERVED
CVE-2015-6259
RESERVED
-CVE-2015-6258
- RESERVED
+CVE-2015-6258 (The Internet Access Point Protocol (IAPP) module on Cisco Wireless LAN ...)
+ TODO: check
CVE-2015-6257
RESERVED
-CVE-2015-6256
- RESERVED
+CVE-2015-6256 (Cisco ASR 5000 devices with software 19.0.M0.60828 allow remote ...)
NOT-FOR-US: Cisco Aggregation Services Router
CVE-2015-6255 (Cross-site scripting (XSS) vulnerability in Cisco Unified Web and ...)
NOT-FOR-US: Cisco Unified Web and E-Mail Interaction Manager
@@ -616,6 +868,7 @@
NOTE: http://review.gluster.org/#/c/10780/
NOTE: https://github.com/gluster/glusterfs/commit/b5ceb1a9de9af563b0f91e2a3138fa5a95cad9f6
CVE-2015-6526 [perf on ppc64 can loop forever getting userlevel stacktraces]
+ RESERVED
- linux 4.1.3-1
[wheezy] - linux <not-affected> (No ppc64 yet)
- linux-2.6 <not-affected> (No ppc64 yet)
@@ -1250,19 +1503,19 @@
[wheezy] - request-tracker4 <not-affected> (Vulnerable code not present)
NOTE: https://github.com/bestpractical/rt/commit/36a461947b00b105336adb4997d1c7767d8484c4
NOTE: http://www.openwall.com/lists/oss-security/2015/08/13/8
-CVE-2015-6565 [Incorrectly set TTYs to be world-writable]
+CVE-2015-6565 (sshd in OpenSSH 6.8 and 6.9 uses world-writable permissions for TTY ...)
- openssh <not-affected> (Vulnerable code introduce in V_6_8_P1)
NOTE: https://anongit.mindrot.org/openssh.git/commit/?id=6f941396b6835ad18018845f515b0c4fe20be21a
NOTE: Issue introduced with https://anongit.mindrot.org/openssh.git/commit/?id=a5883d4eccb94b16c355987f58f86a7dee17a0c2 (V_6_8_P1)
NOTE: http://www.openwall.com/lists/oss-security/2015/08/12/1
-CVE-2015-6563 [Privilege separation weakness related to PAM support]
+CVE-2015-6563 (The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD ...)
- openssh 1:6.9p1-1 (bug #795711)
[jessie] - openssh <no-dsa> (Minor issue)
[wheezy] - openssh <no-dsa> (Minor issue)
[squeeze] - openssh <no-dsa> (Minor issue)
NOTE: https://anongit.mindrot.org/openssh.git/commit/?id=d4697fe9a28dab7255c60433e4dd23cf7fce8a8b
NOTE: http://www.openwall.com/lists/oss-security/2015/08/11/9
-CVE-2015-6564 [Use-after-free bug related to PAM support]
+CVE-2015-6564 (Use-after-free vulnerability in the mm_answer_pam_free_ctx function in ...)
- openssh 1:6.9p1-1 (bug #795711)
[jessie] - openssh <no-dsa> (Minor issue)
[wheezy] - openssh <no-dsa> (Minor issue)
@@ -2269,8 +2522,8 @@
RESERVED
CVE-2015-5567
RESERVED
-CVE-2015-5566
- RESERVED
+CVE-2015-5566 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 ...)
+ TODO: check
CVE-2015-5565 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 ...)
NOT-FOR-US: Adobe Flash Player
CVE-2015-5564 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 ...)
@@ -2713,12 +2966,12 @@
RESERVED
CVE-2015-5409
RESERVED
-CVE-2015-5408
- RESERVED
-CVE-2015-5407
- RESERVED
-CVE-2015-5406
- RESERVED
+CVE-2015-5408 (HP CentralView Fraud Risk Management 11.1, 11.2, and 11.3; CentralView ...)
+ TODO: check
+CVE-2015-5407 (HP CentralView Fraud Risk Management 11.1, 11.2, and 11.3; CentralView ...)
+ TODO: check
+CVE-2015-5406 (HP CentralView Fraud Risk Management 11.1, 11.2, and 11.3; CentralView ...)
+ TODO: check
CVE-2015-5405
RESERVED
CVE-2015-5404
@@ -3239,9 +3492,9 @@
CVE-2015-5194
RESERVED
CVE-2015-5193
- RESERVED
+ REJECTED
CVE-2015-5192
- RESERVED
+ REJECTED
CVE-2015-5191
RESERVED
CVE-2015-5190
@@ -3842,10 +4095,10 @@
RESERVED
CVE-2015-4951
RESERVED
-CVE-2015-4950
- RESERVED
-CVE-2015-4949
- RESERVED
+CVE-2015-4950 (The mailbox-restore feature in IBM Tivoli Storage Manager for Mail: ...)
+ TODO: check
+CVE-2015-4949 (IBM Tivoli Storage Manager for Databases: Data Protection for ...)
+ TODO: check
CVE-2015-4948
RESERVED
CVE-2015-4947
@@ -3866,8 +4119,8 @@
RESERVED
CVE-2015-4939
RESERVED
-CVE-2015-4938
- RESERVED
+CVE-2015-4938 (IBM WebSphere Application Server 7.x before 7.0.0.39, 8.0.x before ...)
+ TODO: check
CVE-2015-4937
RESERVED
CVE-2015-4936 (Unspecified vulnerability in IBM WebSphere eXtreme Scale 8.6 through ...)
@@ -4808,8 +5061,7 @@
RESERVED
CVE-2015-4538
RESERVED
-CVE-2015-4537
- RESERVED
+CVE-2015-4537 (Lockbox in EMC Documentum D2 before 4.5 uses a hardcoded passphrase ...)
NOT-FOR-US: EMC Documentum D2
CVE-2015-4536 (EMC Documentum Content Server before 7.0 P20, 7.1 before P18, and 7.2 ...)
NOT-FOR-US: EMC Documentum Content Server
@@ -5323,8 +5575,8 @@
RESERVED
CVE-2015-4332
RESERVED
-CVE-2015-4331
- RESERVED
+CVE-2015-4331 (Cisco Prime Infrastructure (PI) 1.4(0.45) and earlier, when AAA ...)
+ TODO: check
CVE-2015-4330
RESERVED
CVE-2015-4329 (The administrator web interface in Cisco TelePresence Video ...)
@@ -5349,8 +5601,8 @@
TODO: check
CVE-2015-4319 (The password-change feature in the administrative web interface in ...)
TODO: check
-CVE-2015-4318
- RESERVED
+CVE-2015-4318 (Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 ...)
+ TODO: check
CVE-2015-4317 (Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 ...)
TODO: check
CVE-2015-4316 (The Mobile and Remote Access (MRA) endpoint-validation feature in ...)
@@ -8565,8 +8817,7 @@
CVE-2015-3220
RESERVED
- tlslite <removed>
-CVE-2015-3219 [XSS in Horizon Heat stack creation]
- RESERVED
+CVE-2015-3219 (Cross-site scripting (XSS) vulnerability in the Orchestration/Stack ...)
- horizon 2015.1.0+2015.06.09.git15.e63af6c598-1 (bug #788306)
[jessie] - horizon <no-dsa> (Minor issue)
[wheezy] - horizon <not-affected> (Vulnerable code not present)
@@ -9321,12 +9572,12 @@
RESERVED
CVE-2015-2985
RESERVED
-CVE-2015-2984
- RESERVED
-CVE-2015-2983
- RESERVED
-CVE-2015-2982
- RESERVED
+CVE-2015-2984 (I-O DATA DEVICE WN-G54/R2 routers with firmware before 1.03 and ...)
+ TODO: check
+CVE-2015-2983 (Cross-site request forgery (CSRF) vulnerability in admin.php in PHP ...)
+ TODO: check
+CVE-2015-2982 (Cross-site scripting (XSS) vulnerability in jquery.lightbox-0.5.min.js ...)
+ TODO: check
CVE-2015-2981
RESERVED
CVE-2015-2980 (The Yodobashi application 1.2.1.0 and earlier for Android allows ...)
@@ -9504,16 +9755,16 @@
RESERVED
CVE-2015-2909
RESERVED
-CVE-2015-2908
- RESERVED
-CVE-2015-2907
- RESERVED
-CVE-2015-2906
- RESERVED
-CVE-2015-2905
- RESERVED
-CVE-2015-2904
- RESERVED
+CVE-2015-2908 (** DISPUTED ** Mobile Devices (aka MDI) C4 OBD-II dongles with ...)
+ TODO: check
+CVE-2015-2907 (** DISPUTED ** Mobile Devices (aka MDI) C4 OBD-II dongles with ...)
+ TODO: check
+CVE-2015-2906 (** DISPUTED ** Mobile Devices (aka MDI) C4 OBD-II dongles with ...)
+ TODO: check
+CVE-2015-2905 (Cross-site request forgery (CSRF) vulnerability on Actiontec GT784WN ...)
+ TODO: check
+CVE-2015-2904 (Actiontec GT784WN modems with firmware before NCS01-1.0.13 have ...)
+ TODO: check
CVE-2015-2903
RESERVED
CVE-2015-2902
@@ -9579,10 +9830,10 @@
RESERVED
CVE-2015-2874
RESERVED
-CVE-2015-2873
- RESERVED
-CVE-2015-2872
- RESERVED
+CVE-2015-2873 (Trend Micro Deep Discovery Inspector (DDI) on Deep Discovery Threat ...)
+ TODO: check
+CVE-2015-2872 (Multiple cross-site scripting (XSS) vulnerabilities in Trend Micro ...)
+ TODO: check
CVE-2015-2871 (Chiyu BF-660C fingerprint access-control devices allow remote ...)
NOT-FOR-US: Chiyu BF-660C fingerprint access-control devices
CVE-2015-2870 (Cross-site scripting (XSS) vulnerability on Chiyu BF-630, BF-630W, and ...)
@@ -11989,8 +12240,8 @@
RESERVED
CVE-2015-2138
RESERVED
-CVE-2015-2137
- RESERVED
+CVE-2015-2137 (Unspecified vulnerability in HP Operations Manager i (OMi) 9.22, 9.23, ...)
+ TODO: check
CVE-2015-2136
RESERVED
CVE-2015-2135
@@ -11999,8 +12250,8 @@
NOT-FOR-US: Hewlett-Packard
CVE-2015-2133
RESERVED
-CVE-2015-2132
- RESERVED
+CVE-2015-2132 (Unspecified vulnerability in the execve system-call implementation in ...)
+ TODO: check
CVE-2015-2131
RESERVED
CVE-2015-2130
@@ -12329,16 +12580,16 @@
RESERVED
CVE-2015-2019 (IBM Tivoli Security Directory Server 6.0 before iFix 75, 6.1 before ...)
NOT-FOR-US: IBM
-CVE-2015-2018
- RESERVED
+CVE-2015-2018 (IBM Integration Bus 9 and 10 before 10.0.0.1 and WebSphere Message ...)
+ TODO: check
CVE-2015-2017
RESERVED
CVE-2015-2016
RESERVED
-CVE-2015-2015
- RESERVED
-CVE-2015-2014
- RESERVED
+CVE-2015-2015 (Cross-site scripting (XSS) vulnerability in pubnames.ntf (aka the ...)
+ TODO: check
+CVE-2015-2014 (Open redirect vulnerability in the web server in IBM Domino 8.5 before ...)
+ TODO: check
CVE-2015-2013
RESERVED
CVE-2015-2012
@@ -12381,8 +12632,8 @@
RESERVED
CVE-2015-1993
RESERVED
-CVE-2015-1992
- RESERVED
+CVE-2015-1992 (IBM Systems Director 5.2.x, 6.1.x, 6.2.0.x, 6.2.1.x, 6.3.0.0, 6.3.1.x, ...)
+ TODO: check
CVE-2015-1991
RESERVED
CVE-2015-1990
@@ -12501,8 +12752,8 @@
RESERVED
CVE-2015-1933
RESERVED
-CVE-2015-1932
- RESERVED
+CVE-2015-1932 (IBM WebSphere Application Server 7.x before 7.0.0.39, 8.0.x before ...)
+ TODO: check
CVE-2015-1931
RESERVED
NOT-FOR-US: IBM JDK
@@ -38497,8 +38748,8 @@
NOT-FOR-US: LYSESOFT
CVE-2014-1973 (Directory traversal vulnerability in the NextApp File Explorer ...)
NOT-FOR-US: NextApp File Explorer application for Android
-CVE-2014-1972
- RESERVED
+CVE-2014-1972 (Apache Tapestry before 5.3.6 relies on client-side object storage ...)
+ TODO: check
CVE-2014-1971 (Cross-site scripting (XSS) vulnerability in Silex before 2.0.0 allows ...)
NOT-FOR-US: Silex
CVE-2014-1970 (Directory traversal vulnerability in the ES File Explorer File Manager ...)
More information about the Secure-testing-commits
mailing list