[Secure-testing-commits] r38625 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Thu Dec 31 21:10:11 UTC 2015 

Author: sectracker
Date: 2015-12-31 21:10:11 +0000 (Thu, 31 Dec 2015)
New Revision: 38625

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-12-31 20:57:51 UTC (rev 38624)
+++ data/CVE/list	2015-12-31 21:10:11 UTC (rev 38625)
@@ -6324,8 +6324,8 @@
 	RESERVED
 CVE-2015-7448
 	RESERVED
-CVE-2015-7447
-	RESERVED
+CVE-2015-7447 (IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 ...)
+	TODO: check
 CVE-2015-7446
 	RESERVED
 CVE-2015-7445
@@ -6689,22 +6689,22 @@
 	TODO: check
 CVE-2015-7285 (CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 do ...)
 	TODO: check
-CVE-2015-7284
-	RESERVED
-CVE-2015-7283
-	RESERVED
-CVE-2015-7282
-	RESERVED
-CVE-2015-7281
-	RESERVED
-CVE-2015-7280
-	RESERVED
-CVE-2015-7279
-	RESERVED
-CVE-2015-7278
-	RESERVED
-CVE-2015-7277
-	RESERVED
+CVE-2015-7284 (Cross-site request forgery (CSRF) vulnerability on ZyXEL NBG-418N ...)
+	TODO: check
+CVE-2015-7283 (The web administration interface on ZyXEL NBG-418N devices with ...)
+	TODO: check
+CVE-2015-7282 (ReadyNet WRT300N-DD devices with firmware 1.0.26 use the same source ...)
+	TODO: check
+CVE-2015-7281 (Cross-site request forgery (CSRF) vulnerability on ReadyNet WRT300N-DD ...)
+	TODO: check
+CVE-2015-7280 (The web administration interface on ReadyNet WRT300N-DD devices with ...)
+	TODO: check
+CVE-2015-7279 (Amped Wireless R10000 devices with firmware 2.5.2.11 use an improper ...)
+	TODO: check
+CVE-2015-7278 (Cross-site request forgery (CSRF) vulnerability on Amped Wireless ...)
+	TODO: check
+CVE-2015-7277 (The web administration interface on Amped Wireless R10000 devices with ...)
+	TODO: check
 CVE-2015-7276
 	RESERVED
 CVE-2015-7275
@@ -9794,16 +9794,16 @@
 	RESERVED
 CVE-2015-6021
 	RESERVED
-CVE-2015-6020
-	RESERVED
-CVE-2015-6019
-	RESERVED
-CVE-2015-6018
-	RESERVED
-CVE-2015-6017
-	RESERVED
-CVE-2015-6016
-	RESERVED
+CVE-2015-6020 (ZyXEL PMG5318-B20A devices with firmware 1.00AANC0b5 allow remote ...)
+	TODO: check
+CVE-2015-6019 (The management portal on ZyXEL PMG5318-B20A devices with firmware ...)
+	TODO: check
+CVE-2015-6018 (The diagnostic-ping implementation on ZyXEL PMG5318-B20A devices with ...)
+	TODO: check
+CVE-2015-6017 (Multiple cross-site scripting (XSS) vulnerabilities in Forms/rpAuth_1 ...)
+	TODO: check
+CVE-2015-6016 (ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40(AXH.0), ...)
+	TODO: check
 CVE-2015-6015
 	RESERVED
 CVE-2015-6014
@@ -9842,12 +9842,12 @@
 	NOT-FOR-US: Impero Education Pro
 CVE-2015-5997 (Impero Education Pro before 5105 uses a hardcoded CBC key and ...)
 	NOT-FOR-US: Impero Education Pro
-CVE-2015-5996
-	RESERVED
-CVE-2015-5995
-	RESERVED
-CVE-2015-5994
-	RESERVED
+CVE-2015-5996 (Cross-site request forgery (CSRF) vulnerability on Mediabridge ...)
+	TODO: check
+CVE-2015-5995 (Mediabridge Medialink MWN-WAPR300N devices with firmware 5.07.50 and ...)
+	TODO: check
+CVE-2015-5994 (The web management interface on Mediabridge Medialink MWN-WAPR300N ...)
+	TODO: check
 CVE-2015-5993 (Buffer overflow in form2ping.cgi on Philippine Long Distance Telephone ...)
 	NOT-FOR-US: SpeedSurf
 CVE-2015-5992 (Cross-site scripting (XSS) vulnerability in form2WlanSetup.cgi on ...)
@@ -19004,8 +19004,8 @@
 	RESERVED
 CVE-2015-2919
 	RESERVED
-CVE-2015-2918
-	RESERVED
+CVE-2015-2918 (The Studio component in OrientDB Server Community Edition before ...)
+	TODO: check
 CVE-2015-2917 (Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 ...)
 	NOT-FOR-US: Securifi Almond
 CVE-2015-2916 (Cross-site request forgery (CSRF) vulnerability on Securifi Almond ...)
@@ -19014,10 +19014,10 @@
 	NOT-FOR-US: Securifi Almond
 CVE-2015-2914 (Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 ...)
 	NOT-FOR-US: Securifi Almond
-CVE-2015-2913
-	RESERVED
-CVE-2015-2912
-	RESERVED
+CVE-2015-2913 (server/network/protocol/http/OHttpSessionManager.java in the Studio ...)
+	TODO: check
+CVE-2015-2912 (The JSONP endpoint in the Studio component in OrientDB Server ...)
+	TODO: check
 CVE-2015-2911
 	RESERVED
 CVE-2015-2910
@@ -19048,12 +19048,12 @@
 	TODO: check
 CVE-2015-2897 (Sierra Wireless ALEOS before 4.4.2 on AirLink ES, GX, and LS devices ...)
 	NOT-FOR-US: Sierra Wireless ALEOS
-CVE-2015-2896
-	RESERVED
-CVE-2015-2895
-	RESERVED
-CVE-2015-2894
-	RESERVED
+CVE-2015-2896 (The up.time client in Idera Uptime Infrastructure Monitor through 7.6 ...)
+	TODO: check
+CVE-2015-2895 (Buffer overflow in the up.time client in Idera Uptime Infrastructure ...)
+	TODO: check
+CVE-2015-2894 (Format string vulnerability in the up.time client in Idera Uptime ...)
+	TODO: check
 CVE-2015-2893
 	RESERVED
 CVE-2015-2892
@@ -19094,12 +19094,11 @@
 	NOTE: https://www.usenix.org/conference/woot15/workshop-program/presentation/barresi
 	NOTE: http://www.antoniobarresi.com/security/cloud/2015/07/30/cain/
 	TODO: check closer the referenced advisories
-CVE-2015-2876
-	RESERVED
-CVE-2015-2875
-	RESERVED
-CVE-2015-2874
-	RESERVED
+CVE-2015-2876 (Unrestricted file upload vulnerability on Seagate GoFlex Satellite, ...)
+	TODO: check
+CVE-2015-2875 (Absolute path traversal vulnerability on Seagate GoFlex Satellite, ...)
+	TODO: check
+CVE-2015-2874 (Seagate GoFlex Satellite, Seagate Wireless Mobile Storage, Seagate ...)
 	NOT-FOR-US: Seagate GoFlex
 CVE-2015-2873 (Trend Micro Deep Discovery Inspector (DDI) on Deep Discovery Threat ...)
 	NOT-FOR-US: Trend Micro
@@ -40338,8 +40337,8 @@
 	{DSA-3062-1 DLA-82-1}
 	- wget 1.16-1 (bug #766981)
 	NOTE: http://git.savannah.gnu.org/cgit/wget.git/commit/?id=18b0979357ed7dc4e11d4f2b1d7e0f5932d82aa7
-CVE-2014-4876
-	RESERVED
+CVE-2014-4876 (Toshiba 4690 Operating System 6 Release 3, when the ADXSITCF logical ...)
+	TODO: check
 CVE-2014-4875 (CreateBossCredentials.jar in Toshiba CHEC before 6.6 build 4014 and ...)
 	NOT-FOR-US: CreateBossCredentials.jar in Toshiba CHEC
 CVE-2014-4874 (BMC Track-It! 11.3.0.355 allows remote authenticated users to read ...)
@@ -44631,8 +44630,8 @@
 	NOT-FOR-US: Cisco IOS
 CVE-2014-3261 (Buffer overflow in the Smart Call Home implementation in Cisco NX-OS ...)
 	NOT-FOR-US: Cisco NX-OS
-CVE-2014-3260
-	RESERVED
+CVE-2014-3260 (Pacom 1000 CCU and RTU GMS devices allow remote attackers to spoof the ...)
+	TODO: check
 CVE-2014-3259
 	RESERVED
 CVE-2014-3258

More information about the Secure-testing-commits mailing list