[Secure-testing-commits] r38285 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Mon Dec 14 21:10:23 UTC 2015 

Author: sectracker
Date: 2015-12-14 21:10:23 +0000 (Mon, 14 Dec 2015)
New Revision: 38285

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-12-14 21:08:21 UTC (rev 38284)
+++ data/CVE/list	2015-12-14 21:10:23 UTC (rev 38285)
@@ -1,3 +1,13 @@
+CVE-2015-8548 (Multiple unspecified vulnerabilities in Google V8 before 4.7.80.23, as ...)
+	TODO: check
+CVE-2015-8546
+	RESERVED
+CVE-2015-8545
+	RESERVED
+CVE-2015-8544
+	RESERVED
+CVE-2015-8542
+	RESERVED
 CVE-2015-XXXX [Local Privilege Escalation in QEMU virtfs-proxy-helper]
 	- qemu <unfixed>
 	- qemu-kvm <removed>
@@ -24,6 +34,7 @@
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/12/11/3
 	NOTE: Fixed in 2.6.0
 CVE-2015-8547 [quassel: op command denial of service issue]
+	RESERVED
 	- quassel <unfixed> (bug #807801)
 	[wheezy] - quassel <not-affected> (Vulnerable code not present)
 	[squeeze] - quassel <not-affected> (Vulnerable code not present)
@@ -647,6 +658,7 @@
 	NOTE: http://sourceforge.net/p/libpng/code/ci/d9006f683c641793252d92254a75ae9b815b42ed/
 	NOTE: Fixed in 1.0.66, 1.2.56, 1.4.19, and 1.5.26
 CVE-2015-8543 [IPv6 connect causes a denial of service]
+	RESERVED
 	- linux <unfixed>
 	- linux-2.6 <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/09/3
@@ -5691,7 +5703,7 @@
 	- ipython <not-affected> (Affects versions 3.0 to 3.2.1)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/16/3
 CVE-2015-7940 (The Bouncy Castle Java library before 1.51 does not validate a point ...)
-	{DLA-361-1}
+	{DSA-3417-1 DLA-361-1}
 	- bouncycastle 1.51-1 (bug #802671)
 	NOTE: https://web-in-security.blogspot.ca/2015/09/practical-invalid-curve-attacks.html
 	NOTE: Commits: https://github.com/bcgit/bc-java/commit/5cb2f05
@@ -6160,23 +6172,19 @@
 	RESERVED
 CVE-2015-6792
 	RESERVED
-CVE-2015-6791
-	RESERVED
+CVE-2015-6791 (Multiple unspecified vulnerabilities in Google Chrome before ...)
 	- chromium-browser 47.0.2526.80-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6790
-	RESERVED
+CVE-2015-6790 (The WebPageSerializerImpl::openTagToString function in ...)
 	- chromium-browser 47.0.2526.80-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6789
-	RESERVED
+CVE-2015-6789 (Race condition in the MutationObserver implementation in Blink, as ...)
 	- chromium-browser 47.0.2526.80-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6788
-	RESERVED
+CVE-2015-6788 (The ObjectBackedNativeHandler class in ...)
 	- chromium-browser 47.0.2526.80-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
@@ -7119,52 +7127,52 @@
 	RESERVED
 CVE-2015-6423
 	RESERVED
-CVE-2015-6422
-	RESERVED
+CVE-2015-6422 (The self-service application in Cisco Unified Communications Domain ...)
+	TODO: check
 CVE-2015-6421
 	RESERVED
 CVE-2015-6420
 	RESERVED
-CVE-2015-6419
-	RESERVED
-CVE-2015-6418
-	RESERVED
-CVE-2015-6417
-	RESERVED
-CVE-2015-6416
-	RESERVED
-CVE-2015-6415
-	RESERVED
-CVE-2015-6414
-	RESERVED
-CVE-2015-6413
-	RESERVED
+CVE-2015-6419 (Cisco FireSIGHT Management Center with software 4.10.3, 5.2.0, 5.3.0, ...)
+	TODO: check
+CVE-2015-6418 (The random-number generator on Cisco Small Business RV routers 4.x and ...)
+	TODO: check
+CVE-2015-6417 (Cisco Videoscape Distribution Suite Service Manager (VDS-SM) 3.4.0 and ...)
+	TODO: check
+CVE-2015-6416 (Cross-site scripting (XSS) vulnerability in Cisco Unified Email ...)
+	TODO: check
+CVE-2015-6415 (Cisco Unified Computing System (UCS) 2.2(3f)A on Fabric Interconnect ...)
+	TODO: check
+CVE-2015-6414 (Cisco TelePresence Video Communication Server (VCS) X8.6 uses the same ...)
+	TODO: check
+CVE-2015-6413 (Cisco TelePresence Video Communication Server (VCS) Expressway X8.6 ...)
+	TODO: check
 CVE-2015-6412
 	RESERVED
 CVE-2015-6411
 	RESERVED
-CVE-2015-6410
-	RESERVED
+CVE-2015-6410 (The Mobile and Remote Access (MRA) services implementation in Cisco ...)
+	TODO: check
 CVE-2015-6409
 	RESERVED
-CVE-2015-6408
-	RESERVED
-CVE-2015-6407
-	RESERVED
-CVE-2015-6406
-	RESERVED
-CVE-2015-6405
-	RESERVED
+CVE-2015-6408 (Cross-site request forgery (CSRF) vulnerability in Cisco Unity ...)
+	TODO: check
+CVE-2015-6407 (Cisco Emergency Responder 10.5(3.10000.9) allows remote attackers to ...)
+	TODO: check
+CVE-2015-6406 (Directory traversal vulnerability in the Tools menu in Cisco Emergency ...)
+	TODO: check
+CVE-2015-6405 (Cross-site request forgery (CSRF) vulnerability in Cisco Emergency ...)
+	TODO: check
 CVE-2015-6404
 	RESERVED
 CVE-2015-6403
 	RESERVED
-CVE-2015-6402
-	RESERVED
-CVE-2015-6401
-	RESERVED
-CVE-2015-6400
-	RESERVED
+CVE-2015-6402 (Cross-site scripting (XSS) vulnerability in the management interface ...)
+	TODO: check
+CVE-2015-6401 (Cisco EPC3928 devices with EDVA 5.5.10, 5.5.11, and 5.7.1 allow remote ...)
+	TODO: check
+CVE-2015-6400 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Emergency ...)
+	TODO: check
 CVE-2015-6399
 	RESERVED
 CVE-2015-6398
@@ -7173,8 +7181,8 @@
 	RESERVED
 CVE-2015-6396
 	RESERVED
-CVE-2015-6395
-	RESERVED
+CVE-2015-6395 (Cisco Prime Service Catalog 10.0, 10.0(R2), 10.1, and 11.0 does not ...)
+	TODO: check
 CVE-2015-6394 (The kernel in Cisco NX-OS 5.2(9)N1(1) on Nexus 5000 devices allows ...)
 	TODO: check
 CVE-2015-6393
@@ -7185,8 +7193,7 @@
 	TODO: check
 CVE-2015-6390 (Cross-site scripting (XSS) vulnerability in the management interface ...)
 	TODO: check
-CVE-2015-6389
-	RESERVED
+CVE-2015-6389 (Cisco Prime Collaboration Assurance before 11.0 has a hardcoded cmuser ...)
 	NOT-FOR-US: Cisco Prime Collaboration Assurance
 CVE-2015-6388 (Cisco Unified Computing System (UCS) Central software 1.3(0.1) allows ...)
 	TODO: check
@@ -7208,8 +7215,8 @@
 	TODO: check
 CVE-2015-6379 (The XML parser in the management interface in Cisco Adaptive Security ...)
 	TODO: check
-CVE-2015-6378
-	RESERVED
+CVE-2015-6378 (Cross-site request forgery (CSRF) vulnerability on Cisco DPQ3925 ...)
+	TODO: check
 CVE-2015-6377 (Cisco Virtual Topology System (VTS) 2.0(0) and 2.0(1) allows remote ...)
 	TODO: check
 CVE-2015-6376 (Cross-site request forgery (CSRF) vulnerability in Cisco TelePresence ...)
@@ -7242,8 +7249,8 @@
 	TODO: check
 CVE-2015-6362 (The web GUI in Cisco Connected Grid Network Management System (CG-NMS) ...)
 	TODO: check
-CVE-2015-6361
-	RESERVED
+CVE-2015-6361 (The administrative web interface on Cisco DPC3939 (XB3) devices with ...)
+	TODO: check
 CVE-2015-6360
 	RESERVED
 	[experimental] - srtp 1.5.3~dfsg-1

More information about the Secure-testing-commits mailing list