[Secure-testing-commits] r35492 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Wed Jul 15 21:10:15 UTC 2015
Author: sectracker
Date: 2015-07-15 21:10:15 +0000 (Wed, 15 Jul 2015)
New Revision: 35492
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-07-15 19:46:44 UTC (rev 35491)
+++ data/CVE/list 2015-07-15 21:10:15 UTC (rev 35492)
@@ -1,3 +1,13 @@
+CVE-2015-5521 (Cross-site scripting (XSS) vulnerability in BlackCat CMS 1.1.2 allows ...)
+ TODO: check
+CVE-2015-5520 (Cross-site scripting (XSS) vulnerability in the Users module in ...)
+ TODO: check
+CVE-2015-5519 (Cross-site scripting (XSS) vulnerability in the applyConvolution demo ...)
+ TODO: check
+CVE-2015-5518
+ RESERVED
+CVE-2015-5517
+ RESERVED
CVE-2015-8176
REJECTED
CVE-2015-5516
@@ -126,6 +136,7 @@
NOTE: https://bugs.kde.org/show_bug.cgi?id=340312
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/07/15/5
CVE-2013-7443 [SQLite array overrun in the skip-scan optimization]
+ RESERVED
- sqlite3 3.8.3-1
[wheezy] - sqlite3 <not-affected> (Vulnerable code introduced in 3.8.2)
[squeeze] - sqlite3 <not-affected> (Vulnerable code introduced in 3.8.2)
@@ -263,8 +274,8 @@
RESERVED
CVE-2015-5398
RESERVED
-CVE-2015-5397
- RESERVED
+CVE-2015-5397 (Cross-site request forgery (CSRF) vulnerability in Joomla! 3.2.0 ...)
+ TODO: check
CVE-2015-5396
RESERVED
CVE-2015-5394
@@ -409,16 +420,16 @@
TODO: check
CVE-2015-5363
RESERVED
-CVE-2015-5362
- RESERVED
+CVE-2015-5362 (The BFD daemon in Juniper Junos OS 12.1X44 before 12.1X44-D50, 12.1X46 ...)
+ TODO: check
CVE-2015-5361
RESERVED
CVE-2015-5360
RESERVED
-CVE-2015-5359
- RESERVED
-CVE-2015-5358
- RESERVED
+CVE-2015-5359 (Juniper Junos OS 12.1X44 before 12.1X44-D50, 12.1X46 before ...)
+ TODO: check
+CVE-2015-5358 (Juniper Junos OS 12.1X44 before 12.1X44-D50, 12.1X46 before ...)
+ TODO: check
CVE-2015-5357
RESERVED
CVE-2015-5356 (Cross-site scripting (XSS) vulnerability in admin/filebrowser.php in ...)
@@ -837,18 +848,15 @@
NOT-FOR-US: Zoho ManageEngine SupportCenter Plus
CVE-2015-5148 (SQL injection vulnerability in LivelyCart 1.2.0 allows remote ...)
NOT-FOR-US: LivelyCart
-CVE-2015-5145 [denial-of-service possibility in URL validation]
- RESERVED
+CVE-2015-5145 (validators.URLValidator in Django 1.8.x before 1.8.3 allows remote ...)
- python-django <not-affected> (Vulnerable code not present)
NOTE: https://www.djangoproject.com/weblog/2015/jul/08/security-releases/
-CVE-2015-5144 [header injection possibility since validators accept newlines in input]
- RESERVED
+CVE-2015-5144 (Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and ...)
{DSA-3305-1}
- python-django 1.7.9-1
NOTE: https://www.djangoproject.com/weblog/2015/jul/08/security-releases/
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-5144 has split out patches
-CVE-2015-5143 [denial-of-service possibility by filling session store]
- RESERVED
+CVE-2015-5143 (The session backends in Django before 1.4.21, 1.5.x through 1.6.x, ...)
{DSA-3305-1}
- python-django 1.7.9-1
NOTE: https://www.djangoproject.com/weblog/2015/jul/08/security-releases/
@@ -894,10 +902,10 @@
NOT-FOR-US: Adobe Flash Player
CVE-2015-5122 (Use-after-free vulnerability in the DisplayObject class in the ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2015-5121
- RESERVED
-CVE-2015-5120
- RESERVED
+CVE-2015-5121 (Adobe Shockwave Player before 12.1.9.159 allows attackers to execute ...)
+ TODO: check
+CVE-2015-5120 (Adobe Shockwave Player before 12.1.9.159 allows attackers to execute ...)
+ TODO: check
CVE-2015-5119 (Use-after-free vulnerability in the ByteArray class in the ...)
NOT-FOR-US: Adobe Flash Player
CVE-2015-5118 (Heap-based buffer overflow in Adobe Flash Player before 13.0.0.302 and ...)
@@ -1010,8 +1018,7 @@
[wheezy] - openssh <no-dsa> (Minor issue)
NOTE: http://www.openwall.com/lists/oss-security/2015/07/01/7
NOTE: https://anongit.mindrot.org/openssh.git/commit/?h=V_6_9&id=1bf477d3cdf1a864646d59820878783d42357a1d
-CVE-2015-5147 [Stack overflow in redcarpet's header_anchor]
- RESERVED
+CVE-2015-5147 (Stack-based buffer overflow in the header_anchor function in the HTML ...)
- ruby-redcarpet <not-affected> (Affects v3.3.0 - v3.3.1)
NOTE: https://github.com/vmg/redcarpet/commit/2cee777c1e5babe8a1e2683d31ea75cc4afe55fb
NOTE: http://www.openwall.com/lists/oss-security/2015/06/29/3
@@ -2797,16 +2804,16 @@
RESERVED
CVE-2015-4273
RESERVED
-CVE-2015-4272
- RESERVED
+CVE-2015-4272 (Multiple cross-site scripting (XSS) vulnerabilities in the ccmivr page ...)
+ TODO: check
CVE-2015-4271
RESERVED
-CVE-2015-4270
- RESERVED
-CVE-2015-4269
- RESERVED
-CVE-2015-4268
- RESERVED
+CVE-2015-4270 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSIGHT ...)
+ TODO: check
+CVE-2015-4269 (The Tomcat throttling feature in Cisco Unified Communications Manager ...)
+ TODO: check
+CVE-2015-4268 (Multiple cross-site scripting (XSS) vulnerabilities in the Infra Admin ...)
+ TODO: check
CVE-2015-4267
RESERVED
CVE-2015-4266
@@ -3051,10 +3058,12 @@
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/06/03/20
NOTE: inflatehd not installed into the Debian binary packages
CVE-2015-5523 [small file can lead to a 4 Gb allocation; potential DoS]
+ RESERVED
- tidy <unfixed>
NOTE: https://github.com/htacg/tidy-html5/issues/217#issuecomment-108565501
NOTE: http://www.openwall.com/lists/oss-security/2015/06/04/2
CVE-2015-5522 [AddressSanitizer: heap-buffer-overflow WRITE of size 1]
+ RESERVED
- tidy <unfixed>
NOTE: https://github.com/htacg/tidy-html5/issues/217
NOTE: http://www.openwall.com/lists/oss-security/2015/06/04/2
@@ -5637,8 +5646,7 @@
NOTE: http://git.haproxy.org/?p=haproxy-1.5.git;a=commitdiff;h=7ec765568883b2d4e5a2796adbeb492a22ec9bd4 (1.5.x)
CVE-2015-3280
RESERVED
-CVE-2015-3279 [integer overflow leading to a heap-based buffer overflow]
- RESERVED
+CVE-2015-3279 (Integer overflow in filter/texttopdf.c in texttopdf in cups-filters ...)
{DSA-3303-1}
- cups-filters 1.0.71-1
NOTE: http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7365
@@ -5699,8 +5707,7 @@
[wheezy] - xen <no-dsa> (Can be fixed along with a future DSA)
[squeeze] - xen <not-affected> (xl not shipped in Squeeze)
NOTE: http://xenbits.xen.org/xsa/advisory-137.html
-CVE-2015-3258 [exttopdf heap-based buffer overflow]
- RESERVED
+CVE-2015-3258 (Heap-based buffer overflow in the WriteProlog function in ...)
{DSA-3303-1}
- cups-filters 1.0.70-1
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1235385
@@ -6550,8 +6557,8 @@
NOTE: http://downloads.asterisk.org/pub/security/AST-2015-003.html
NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-24847
NOTE: Patch: https://issues.asterisk.org/jira/secure/attachment/52082/asterisk-null-in-cn.patch
-CVE-2015-3007
- RESERVED
+CVE-2015-3007 (The Juniper SRX Series services gateways with Junos OS 12.1X46 before ...)
+ TODO: check
CVE-2015-3006
RESERVED
CVE-2015-3005 (Cross-site scripting (XSS) vulnerability in the Dynamic VPN in Juniper ...)
@@ -8226,64 +8233,64 @@
RESERVED
CVE-2015-2426
RESERVED
-CVE-2015-2425
- RESERVED
-CVE-2015-2424
- RESERVED
+CVE-2015-2425 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+ TODO: check
+CVE-2015-2424 (Microsoft PowerPoint 2007 SP3, Word 2007 SP3, PowerPoint 2010 SP2, ...)
+ TODO: check
CVE-2015-2423
RESERVED
-CVE-2015-2422
- RESERVED
-CVE-2015-2421
- RESERVED
+CVE-2015-2422 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+ TODO: check
+CVE-2015-2421 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+ TODO: check
CVE-2015-2420
RESERVED
-CVE-2015-2419
- RESERVED
+CVE-2015-2419 (JScript 9 in Microsoft Internet Explorer 10 and 11 allows remote ...)
+ TODO: check
CVE-2015-2418
RESERVED
-CVE-2015-2417
- RESERVED
-CVE-2015-2416
- RESERVED
-CVE-2015-2415
- RESERVED
-CVE-2015-2414
- RESERVED
-CVE-2015-2413
- RESERVED
-CVE-2015-2412
- RESERVED
-CVE-2015-2411
- RESERVED
-CVE-2015-2410
- RESERVED
+CVE-2015-2417 (OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows ...)
+ TODO: check
+CVE-2015-2416 (OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows ...)
+ TODO: check
+CVE-2015-2415 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 ...)
+ TODO: check
+CVE-2015-2414 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+ TODO: check
+CVE-2015-2413 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+ TODO: check
+CVE-2015-2412 (Microsoft Internet Explorer 10 and 11 allows remote attackers to read ...)
+ TODO: check
+CVE-2015-2411 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+ TODO: check
+CVE-2015-2410 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+ TODO: check
CVE-2015-2409
RESERVED
-CVE-2015-2408
- RESERVED
+CVE-2015-2408 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+ TODO: check
CVE-2015-2407
RESERVED
-CVE-2015-2406
- RESERVED
+CVE-2015-2406 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+ TODO: check
CVE-2015-2405
RESERVED
-CVE-2015-2404
- RESERVED
-CVE-2015-2403
- RESERVED
-CVE-2015-2402
- RESERVED
-CVE-2015-2401
- RESERVED
+CVE-2015-2404 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+ TODO: check
+CVE-2015-2403 (Microsoft Internet Explorer 8 allows remote attackers to execute ...)
+ TODO: check
+CVE-2015-2402 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+ TODO: check
+CVE-2015-2401 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+ TODO: check
CVE-2015-2400
RESERVED
CVE-2015-2399
RESERVED
-CVE-2015-2398
- RESERVED
-CVE-2015-2397
- RESERVED
+CVE-2015-2398 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+ TODO: check
+CVE-2015-2397 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+ TODO: check
CVE-2015-2396
RESERVED
CVE-2015-2395
@@ -8294,68 +8301,68 @@
RESERVED
CVE-2015-2392
RESERVED
-CVE-2015-2391
- RESERVED
-CVE-2015-2390
- RESERVED
-CVE-2015-2389
- RESERVED
-CVE-2015-2388
- RESERVED
-CVE-2015-2387
- RESERVED
+CVE-2015-2391 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
+ TODO: check
+CVE-2015-2390 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+ TODO: check
+CVE-2015-2389 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+ TODO: check
+CVE-2015-2388 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
+ TODO: check
+CVE-2015-2387 (ATMFD.DLL in the Adobe Type Manager Font Driver in Microsoft Windows ...)
+ TODO: check
CVE-2015-2386
RESERVED
-CVE-2015-2385
- RESERVED
-CVE-2015-2384
- RESERVED
-CVE-2015-2383
- RESERVED
-CVE-2015-2382
- RESERVED
-CVE-2015-2381
- RESERVED
-CVE-2015-2380
- RESERVED
-CVE-2015-2379
- RESERVED
-CVE-2015-2378
- RESERVED
-CVE-2015-2377
- RESERVED
-CVE-2015-2376
- RESERVED
-CVE-2015-2375
- RESERVED
-CVE-2015-2374
- RESERVED
-CVE-2015-2373
- RESERVED
-CVE-2015-2372
- RESERVED
-CVE-2015-2371
- RESERVED
-CVE-2015-2370
- RESERVED
-CVE-2015-2369
- RESERVED
-CVE-2015-2368
- RESERVED
-CVE-2015-2367
- RESERVED
-CVE-2015-2366
- RESERVED
-CVE-2015-2365
- RESERVED
-CVE-2015-2364
- RESERVED
-CVE-2015-2363
- RESERVED
-CVE-2015-2362
- RESERVED
-CVE-2015-2361
- RESERVED
+CVE-2015-2385 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+ TODO: check
+CVE-2015-2384 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+ TODO: check
+CVE-2015-2383 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+ TODO: check
+CVE-2015-2382 (win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows ...)
+ TODO: check
+CVE-2015-2381 (win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows ...)
+ TODO: check
+CVE-2015-2380 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...)
+ TODO: check
+CVE-2015-2379 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...)
+ TODO: check
+CVE-2015-2378 (Untrusted search path vulnerability in Microsoft Excel 2007 SP3, Excel ...)
+ TODO: check
+CVE-2015-2377 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 ...)
+ TODO: check
+CVE-2015-2376 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 ...)
+ TODO: check
+CVE-2015-2375 (Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel ...)
+ TODO: check
+CVE-2015-2374 (The Netlogon service in Microsoft Windows Server 2003 SP2 and R2 SP2, ...)
+ TODO: check
+CVE-2015-2373 (The Remote Desktop Protocol (RDP) server service in Microsoft Windows ...)
+ TODO: check
+CVE-2015-2372 (vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with ...)
+ TODO: check
+CVE-2015-2371 (The Windows Installer service in Microsoft Windows Server 2003 SP2 and ...)
+ TODO: check
+CVE-2015-2370 (The authentication implementation in the RPC subsystem in Microsoft ...)
+ TODO: check
+CVE-2015-2369 (Untrusted search path vulnerability in Windows Media Device Manager in ...)
+ TODO: check
+CVE-2015-2368 (Untrusted search path vulnerability in Microsoft Windows 7 SP1, ...)
+ TODO: check
+CVE-2015-2367 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 ...)
+ TODO: check
+CVE-2015-2366 (win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1, ...)
+ TODO: check
+CVE-2015-2365 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 ...)
+ TODO: check
+CVE-2015-2364 (The graphics component in Microsoft Windows Server 2003 SP2 and R2 ...)
+ TODO: check
+CVE-2015-2363 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 ...)
+ TODO: check
+CVE-2015-2362 (Hyper-V in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8, ...)
+ TODO: check
+CVE-2015-2361 (Hyper-V in Microsoft Windows 8.1 and Windows Server 2012 R2 does not ...)
+ TODO: check
CVE-2015-2360 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 ...)
NOT-FOR-US: Microsoft Windows Server
CVE-2015-2359 (Cross-site scripting (XSS) vulnerability in the web applications in ...)
@@ -9702,12 +9709,12 @@
NOT-FOR-US: IBM
CVE-2015-1947
RESERVED
-CVE-2015-1946
- RESERVED
+CVE-2015-1946 (IBM WebSphere Application Server (WAS) 8.5 before 8.5.5.6, and ...)
+ TODO: check
CVE-2015-1945 (Unspecified vulnerability in the Reference Data Management component ...)
NOT-FOR-US: IBM InfoSphere
-CVE-2015-1944
- RESERVED
+CVE-2015-1944 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 ...)
+ TODO: check
CVE-2015-1943
RESERVED
CVE-2015-1942 (The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 ...)
@@ -9722,8 +9729,8 @@
NOT-FOR-US: IBM
CVE-2015-1937 (IBM PowerVC 1.2.0.x through 1.2.0.4, 1.2.1.x through 1.2.1.2, and ...)
NOT-FOR-US: IBM PowerVC
-CVE-2015-1936
- RESERVED
+CVE-2015-1936 (The administrative console in IBM WebSphere Application Server (WAS) ...)
+ TODO: check
CVE-2015-1935
RESERVED
CVE-2015-1934
@@ -9740,8 +9747,8 @@
NOT-FOR-US: IBM
CVE-2015-1928
RESERVED
-CVE-2015-1927
- RESERVED
+CVE-2015-1927 (The default configuration of IBM WebSphere Application Server (WAS) ...)
+ TODO: check
CVE-2015-1926
RESERVED
CVE-2015-1925 (Stack-based buffer overflow in the server in IBM Tivoli Storage ...)
@@ -9760,8 +9767,8 @@
NOT-FOR-US: IBM
CVE-2015-1918
RESERVED
-CVE-2015-1917
- RESERVED
+CVE-2015-1917 (Cross-site scripting (XSS) vulnerability in the Active Content ...)
+ TODO: check
CVE-2015-1916 (Unspecified vulnerability in IBM Java 8 before SR1 allows remote ...)
NOT-FOR-US: IBM JDK
CVE-2015-1915 (The Endpoint Manager for Remote Control component in IBM Tivoli ...)
@@ -9820,8 +9827,8 @@
NOT-FOR-US: IBM InfoSphere BigInsights
CVE-2015-1888
RESERVED
-CVE-2015-1887
- RESERVED
+CVE-2015-1887 (IBM WebSphere Portal 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 ...)
+ TODO: check
CVE-2015-1886 (The Remote Document Conversion Service (DCS) in IBM WebSphere Portal ...)
NOT-FOR-US: IBM WebSphere Portal
CVE-2015-1885 (WebSphereOauth20SP.ear in IBM WebSphere Application Server (WAS) 7.0 ...)
@@ -10272,20 +10279,20 @@
RESERVED
CVE-2015-1768 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 ...)
NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1767
- RESERVED
+CVE-2015-1767 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+ TODO: check
CVE-2015-1766 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2015-1765 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2015-1764 (The web applications in Microsoft Exchange Server 2013 SP1 and ...)
NOT-FOR-US: Microsoft Exchange Server
-CVE-2015-1763
- RESERVED
-CVE-2015-1762
- RESERVED
-CVE-2015-1761
- RESERVED
+CVE-2015-1763 (Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 ...)
+ TODO: check
+CVE-2015-1762 (Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 ...)
+ TODO: check
+CVE-2015-1761 (Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 ...)
+ TODO: check
CVE-2015-1760 (Microsoft Office Compatibility Pack SP3, Office 2010 SP2, Office 2013 ...)
NOT-FOR-US: Microsoft Office
CVE-2015-1759 (Microsoft Office Compatibility Pack SP3 allows remote attackers to ...)
@@ -10330,8 +10337,8 @@
NOT-FOR-US: Microsoft Internet Explorer
CVE-2015-1739 (Microsoft Internet Explorer 10 and 11 allows remote attackers to gain ...)
NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1738
- RESERVED
+CVE-2015-1738 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
+ TODO: check
CVE-2015-1737 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2015-1736 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
@@ -10340,16 +10347,16 @@
NOT-FOR-US: Microsoft Internet Explorer
CVE-2015-1734
RESERVED
-CVE-2015-1733
- RESERVED
+CVE-2015-1733 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+ TODO: check
CVE-2015-1732 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2015-1731 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2015-1730 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1729
- RESERVED
+CVE-2015-1729 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+ TODO: check
CVE-2015-1728 (Microsoft Windows Media Player 10 through 12 allows remote attackers ...)
NOT-FOR-US: Microsoft Windows
CVE-2015-1727 (Buffer overflow in the kernel-mode drivers in Microsoft Windows Server ...)
@@ -10847,10 +10854,10 @@
NOT-FOR-US: Plain Black WebGUI
CVE-2015-1562 (Multiple cross-site scripting (XSS) vulnerabilities in Saurus CMS ...)
NOT-FOR-US: Saurus CMS
-CVE-2015-1561
- RESERVED
-CVE-2015-1560
- RESERVED
+CVE-2015-1561 (The escape_command function in ...)
+ TODO: check
+CVE-2015-1560 (SQL injection vulnerability in the isUserAdmin function in ...)
+ TODO: check
CVE-2015-1559 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
NOT-FOR-US: Epignosis eFront
CVE-2015-1557
More information about the Secure-testing-commits
mailing list