[Secure-testing-commits] r35151 - data/CVE

Thu Jun 25 21:10:15 UTC 2015

Author: sectracker
Date: 2015-06-25 21:10:15 +0000 (Thu, 25 Jun 2015)
New Revision: 35151

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2015-06-25 20:37:47 UTC (rev 35150)
+++ data/CVE/list	2015-06-25 21:10:15 UTC (rev 35151)
@@ -1,23 +1,792 @@
+CVE-2015-5068 (XML external entity (XXE) vulnerability in SAP Mobile Platform 3 ...)
+	TODO: check
+CVE-2015-5067 (The (1) Cross-System Tools and (2) Data Transfer Workbench in SAP ...)
+	TODO: check
+CVE-2015-5066 (Multiple cross-site scripting (XSS) vulnerabilities in the MetalGenix ...)
+	TODO: check
+CVE-2015-5065 (Absolute path traversal vulnerability in proxy.php in the google ...)
+	TODO: check
+CVE-2015-5064 (Multiple cross-site scripting (XSS) vulnerabilities in MySql Lite ...)
+	TODO: check
+CVE-2015-5063 (Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe ...)
+	TODO: check
+CVE-2015-5062 (Open redirect vulnerability in SilverStripe CMS & Framework 3.1.13 ...)
+	TODO: check
+CVE-2015-5061 (Cross-site scripting (XSS) vulnerability in Zoho ManageEngine ...)
+	TODO: check
+CVE-2015-5060
+	RESERVED
+CVE-2015-5058
+	RESERVED
+CVE-2015-5056
+	RESERVED
+CVE-2015-5055
+	RESERVED
+CVE-2015-5054
+	RESERVED
+CVE-2015-5053
+	RESERVED
+CVE-2015-5052
+	RESERVED
+CVE-2015-5051
+	RESERVED
+CVE-2015-5050
+	RESERVED
+CVE-2015-5049
+	RESERVED
+CVE-2015-5048
+	RESERVED
+CVE-2015-5047
+	RESERVED
+CVE-2015-5046
+	RESERVED
+CVE-2015-5045
+	RESERVED
+CVE-2015-5044
+	RESERVED
+CVE-2015-5043
+	RESERVED
+CVE-2015-5042
+	RESERVED
+CVE-2015-5041
+	RESERVED
+CVE-2015-5040
+	RESERVED
+CVE-2015-5039
+	RESERVED
+CVE-2015-5038
+	RESERVED
+CVE-2015-5037
+	RESERVED
+CVE-2015-5036
+	RESERVED
+CVE-2015-5035
+	RESERVED
+CVE-2015-5034
+	RESERVED
+CVE-2015-5033
+	RESERVED
+CVE-2015-5032
+	RESERVED
+CVE-2015-5031
+	RESERVED
+CVE-2015-5030
+	RESERVED
+CVE-2015-5029
+	RESERVED
+CVE-2015-5028
+	RESERVED
+CVE-2015-5027
+	RESERVED
+CVE-2015-5026
+	RESERVED
+CVE-2015-5025
+	RESERVED
+CVE-2015-5024
+	RESERVED
+CVE-2015-5023
+	RESERVED
+CVE-2015-5022
+	RESERVED
+CVE-2015-5021
+	RESERVED
+CVE-2015-5020
+	RESERVED
+CVE-2015-5019
+	RESERVED
+CVE-2015-5018
+	RESERVED
+CVE-2015-5017
+	RESERVED
+CVE-2015-5016
+	RESERVED
+CVE-2015-5015
+	RESERVED
+CVE-2015-5014
+	RESERVED
+CVE-2015-5013
+	RESERVED
+CVE-2015-5012
+	RESERVED
+CVE-2015-5011
+	RESERVED
+CVE-2015-5010
+	RESERVED
+CVE-2015-5009
+	RESERVED
+CVE-2015-5008
+	RESERVED
+CVE-2015-5007
+	RESERVED
+CVE-2015-5006
+	RESERVED
+CVE-2015-5005
+	RESERVED
+CVE-2015-5004
+	RESERVED
+CVE-2015-5003
+	RESERVED
+CVE-2015-5002
+	RESERVED
+CVE-2015-5001
+	RESERVED
+CVE-2015-5000
+	RESERVED
+CVE-2015-4999
+	RESERVED
+CVE-2015-4998
+	RESERVED
+CVE-2015-4997
+	RESERVED
+CVE-2015-4996
+	RESERVED
+CVE-2015-4995
+	RESERVED
+CVE-2015-4994
+	RESERVED
+CVE-2015-4993
+	RESERVED
+CVE-2015-4992
+	RESERVED
+CVE-2015-4991
+	RESERVED
+CVE-2015-4990
+	RESERVED
+CVE-2015-4989
+	RESERVED
+CVE-2015-4988
+	RESERVED
+CVE-2015-4987
+	RESERVED
+CVE-2015-4986
+	RESERVED
+CVE-2015-4985
+	RESERVED
+CVE-2015-4984
+	RESERVED
+CVE-2015-4983
+	RESERVED
+CVE-2015-4982
+	RESERVED
+CVE-2015-4981
+	RESERVED
+CVE-2015-4980
+	RESERVED
+CVE-2015-4979
+	RESERVED
+CVE-2015-4978
+	RESERVED
+CVE-2015-4977
+	RESERVED
+CVE-2015-4976
+	RESERVED
+CVE-2015-4975
+	RESERVED
+CVE-2015-4974
+	RESERVED
+CVE-2015-4973
+	RESERVED
+CVE-2015-4972
+	RESERVED
+CVE-2015-4971
+	RESERVED
+CVE-2015-4970
+	RESERVED
+CVE-2015-4969
+	RESERVED
+CVE-2015-4968
+	RESERVED
+CVE-2015-4967
+	RESERVED
+CVE-2015-4966
+	RESERVED
+CVE-2015-4965
+	RESERVED
+CVE-2015-4964
+	RESERVED
+CVE-2015-4963
+	RESERVED
+CVE-2015-4962
+	RESERVED
+CVE-2015-4961
+	RESERVED
+CVE-2015-4960
+	RESERVED
+CVE-2015-4959
+	RESERVED
+CVE-2015-4958
+	RESERVED
+CVE-2015-4957
+	RESERVED
+CVE-2015-4956
+	RESERVED
+CVE-2015-4955
+	RESERVED
+CVE-2015-4954
+	RESERVED
+CVE-2015-4953
+	RESERVED
+CVE-2015-4952
+	RESERVED
+CVE-2015-4951
+	RESERVED
+CVE-2015-4950
+	RESERVED
+CVE-2015-4949
+	RESERVED
+CVE-2015-4948
+	RESERVED
+CVE-2015-4947
+	RESERVED
+CVE-2015-4946
+	RESERVED
+CVE-2015-4945
+	RESERVED
+CVE-2015-4944
+	RESERVED
+CVE-2015-4943
+	RESERVED
+CVE-2015-4942
+	RESERVED
+CVE-2015-4941
+	RESERVED
+CVE-2015-4940
+	RESERVED
+CVE-2015-4939
+	RESERVED
+CVE-2015-4938
+	RESERVED
+CVE-2015-4937
+	RESERVED
+CVE-2015-4936
+	RESERVED
+CVE-2015-4935
+	RESERVED
+CVE-2015-4934
+	RESERVED
+CVE-2015-4933
+	RESERVED
+CVE-2015-4932
+	RESERVED
+CVE-2015-4931
+	RESERVED
+CVE-2015-4930
+	RESERVED
+CVE-2015-4929
+	RESERVED
+CVE-2015-4928
+	RESERVED
+CVE-2015-4927
+	RESERVED
+CVE-2015-4926
+	RESERVED
+CVE-2015-4925
+	RESERVED
+CVE-2015-4924
+	RESERVED
+CVE-2015-4923
+	RESERVED
+CVE-2015-4922
+	RESERVED
+CVE-2015-4921
+	RESERVED
+CVE-2015-4920
+	RESERVED
+CVE-2015-4919
+	RESERVED
+CVE-2015-4918
+	RESERVED
+CVE-2015-4917
+	RESERVED
+CVE-2015-4916
+	RESERVED
+CVE-2015-4915
+	RESERVED
+CVE-2015-4914
+	RESERVED
+CVE-2015-4913
+	RESERVED
+CVE-2015-4912
+	RESERVED
+CVE-2015-4911
+	RESERVED
+CVE-2015-4910
+	RESERVED
+CVE-2015-4909
+	RESERVED
+CVE-2015-4908
+	RESERVED
+CVE-2015-4907
+	RESERVED
+CVE-2015-4906
+	RESERVED
+CVE-2015-4905
+	RESERVED
+CVE-2015-4904
+	RESERVED
+CVE-2015-4903
+	RESERVED
+CVE-2015-4902
+	RESERVED
+CVE-2015-4901
+	RESERVED
+CVE-2015-4900
+	RESERVED
+CVE-2015-4899
+	RESERVED
+CVE-2015-4898
+	RESERVED
+CVE-2015-4897
+	RESERVED
+CVE-2015-4896
+	RESERVED
+CVE-2015-4895
+	RESERVED
+CVE-2015-4894
+	RESERVED
+CVE-2015-4893
+	RESERVED
+CVE-2015-4892
+	RESERVED
+CVE-2015-4891
+	RESERVED
+CVE-2015-4890
+	RESERVED
+CVE-2015-4889
+	RESERVED
+CVE-2015-4888
+	RESERVED
+CVE-2015-4887
+	RESERVED
+CVE-2015-4886
+	RESERVED
+CVE-2015-4885
+	RESERVED
+CVE-2015-4884
+	RESERVED
+CVE-2015-4883
+	RESERVED
+CVE-2015-4882
+	RESERVED
+CVE-2015-4881
+	RESERVED
+CVE-2015-4880
+	RESERVED
+CVE-2015-4879
+	RESERVED
+CVE-2015-4878
+	RESERVED
+CVE-2015-4877
+	RESERVED
+CVE-2015-4876
+	RESERVED
+CVE-2015-4875
+	RESERVED
+CVE-2015-4874
+	RESERVED
+CVE-2015-4873
+	RESERVED
+CVE-2015-4872
+	RESERVED
+CVE-2015-4871
+	RESERVED
+CVE-2015-4870
+	RESERVED
+CVE-2015-4869
+	RESERVED
+CVE-2015-4868
+	RESERVED
+CVE-2015-4867
+	RESERVED
+CVE-2015-4866
+	RESERVED
+CVE-2015-4865
+	RESERVED
+CVE-2015-4864
+	RESERVED
+CVE-2015-4863
+	RESERVED
+CVE-2015-4862
+	RESERVED
+CVE-2015-4861
+	RESERVED
+CVE-2015-4860
+	RESERVED
+CVE-2015-4859
+	RESERVED
+CVE-2015-4858
+	RESERVED
+CVE-2015-4857
+	RESERVED
+CVE-2015-4856
+	RESERVED
+CVE-2015-4855
+	RESERVED
+CVE-2015-4854
+	RESERVED
+CVE-2015-4853
+	RESERVED
+CVE-2015-4852
+	RESERVED
+CVE-2015-4851
+	RESERVED
+CVE-2015-4850
+	RESERVED
+CVE-2015-4849
+	RESERVED
+CVE-2015-4848
+	RESERVED
+CVE-2015-4847
+	RESERVED
+CVE-2015-4846
+	RESERVED
+CVE-2015-4845
+	RESERVED
+CVE-2015-4844
+	RESERVED
+CVE-2015-4843
+	RESERVED
+CVE-2015-4842
+	RESERVED
+CVE-2015-4841
+	RESERVED
+CVE-2015-4840
+	RESERVED
+CVE-2015-4839
+	RESERVED
+CVE-2015-4838
+	RESERVED
+CVE-2015-4837
+	RESERVED
+CVE-2015-4836
+	RESERVED
+CVE-2015-4835
+	RESERVED
+CVE-2015-4834
+	RESERVED
+CVE-2015-4833
+	RESERVED
+CVE-2015-4832
+	RESERVED
+CVE-2015-4831
+	RESERVED
+CVE-2015-4830
+	RESERVED
+CVE-2015-4829
+	RESERVED
+CVE-2015-4828
+	RESERVED
+CVE-2015-4827
+	RESERVED
+CVE-2015-4826
+	RESERVED
+CVE-2015-4825
+	RESERVED
+CVE-2015-4824
+	RESERVED
+CVE-2015-4823
+	RESERVED
+CVE-2015-4822
+	RESERVED
+CVE-2015-4821
+	RESERVED
+CVE-2015-4820
+	RESERVED
+CVE-2015-4819
+	RESERVED
+CVE-2015-4818
+	RESERVED
+CVE-2015-4817
+	RESERVED
+CVE-2015-4816
+	RESERVED
+CVE-2015-4815
+	RESERVED
+CVE-2015-4814
+	RESERVED
+CVE-2015-4813
+	RESERVED
+CVE-2015-4812
+	RESERVED
+CVE-2015-4811
+	RESERVED
+CVE-2015-4810
+	RESERVED
+CVE-2015-4809
+	RESERVED
+CVE-2015-4808
+	RESERVED
+CVE-2015-4807
+	RESERVED
+CVE-2015-4806
+	RESERVED
+CVE-2015-4805
+	RESERVED
+CVE-2015-4804
+	RESERVED
+CVE-2015-4803
+	RESERVED
+CVE-2015-4802
+	RESERVED
+CVE-2015-4801
+	RESERVED
+CVE-2015-4800
+	RESERVED
+CVE-2015-4799
+	RESERVED
+CVE-2015-4798
+	RESERVED
+CVE-2015-4797
+	RESERVED
+CVE-2015-4796
+	RESERVED
+CVE-2015-4795
+	RESERVED
+CVE-2015-4794
+	RESERVED
+CVE-2015-4793
+	RESERVED
+CVE-2015-4792
+	RESERVED
+CVE-2015-4791
+	RESERVED
+CVE-2015-4790
+	RESERVED
+CVE-2015-4789
+	RESERVED
+CVE-2015-4788
+	RESERVED
+CVE-2015-4787
+	RESERVED
+CVE-2015-4786
+	RESERVED
+CVE-2015-4785
+	RESERVED
+CVE-2015-4784
+	RESERVED
+CVE-2015-4783
+	RESERVED
+CVE-2015-4782
+	RESERVED
+CVE-2015-4781
+	RESERVED
+CVE-2015-4780
+	RESERVED
+CVE-2015-4779
+	RESERVED
+CVE-2015-4778
+	RESERVED
+CVE-2015-4777
+	RESERVED
+CVE-2015-4776
+	RESERVED
+CVE-2015-4775
+	RESERVED
+CVE-2015-4774
+	RESERVED
+CVE-2015-4773
+	RESERVED
+CVE-2015-4772
+	RESERVED
+CVE-2015-4771
+	RESERVED
+CVE-2015-4770
+	RESERVED
+CVE-2015-4769
+	RESERVED
+CVE-2015-4768
+	RESERVED
+CVE-2015-4767
+	RESERVED
+CVE-2015-4766
+	RESERVED
+CVE-2015-4765
+	RESERVED
+CVE-2015-4764
+	RESERVED
+CVE-2015-4763
+	RESERVED
+CVE-2015-4762
+	RESERVED
+CVE-2015-4761
+	RESERVED
+CVE-2015-4760
+	RESERVED
+CVE-2015-4759
+	RESERVED
+CVE-2015-4758
+	RESERVED
+CVE-2015-4757
+	RESERVED
+CVE-2015-4756
+	RESERVED
+CVE-2015-4755
+	RESERVED
+CVE-2015-4754
+	RESERVED
+CVE-2015-4753
+	RESERVED
+CVE-2015-4752
+	RESERVED
+CVE-2015-4751
+	RESERVED
+CVE-2015-4750
+	RESERVED
+CVE-2015-4749
+	RESERVED
+CVE-2015-4748
+	RESERVED
+CVE-2015-4747
+	RESERVED
+CVE-2015-4746
+	RESERVED
+CVE-2015-4745
+	RESERVED
+CVE-2015-4744
+	RESERVED
+CVE-2015-4743
+	RESERVED
+CVE-2015-4742
+	RESERVED
+CVE-2015-4741
+	RESERVED
+CVE-2015-4740
+	RESERVED
+CVE-2015-4739
+	RESERVED
+CVE-2015-4738
+	RESERVED
+CVE-2015-4737
+	RESERVED
+CVE-2015-4736
+	RESERVED
+CVE-2015-4735
+	RESERVED
+CVE-2015-4734
+	RESERVED
+CVE-2015-4733
+	RESERVED
+CVE-2015-4732
+	RESERVED
+CVE-2015-4731
+	RESERVED
+CVE-2015-4730
+	RESERVED
+CVE-2015-4729
+	RESERVED
+CVE-2015-4728
+	RESERVED
+CVE-2015-4727
+	RESERVED
+CVE-2015-4726 (PHP remote file inclusion vulnerability in ajax/myajaxphp.php in ...)
+	TODO: check
+CVE-2015-4725 (Cross-site scripting (XSS) vulnerability in forgot.php in AudioShare ...)
+	TODO: check
+CVE-2015-4724
+	RESERVED
+CVE-2015-4723
+	RESERVED
+CVE-2015-4722
+	RESERVED
+CVE-2015-4721
+	RESERVED
+CVE-2015-4720
+	RESERVED
+CVE-2015-4719
+	RESERVED
+CVE-2015-4718
+	RESERVED
+CVE-2015-4717
+	RESERVED
+CVE-2015-4716
+	RESERVED
+CVE-2015-4715
+	RESERVED
+CVE-2015-4714 (Cross-site scripting (XSS) vulnerability in the DreamBox DM500-S ...)
+	TODO: check
+CVE-2015-4713 (SQL injection vulnerability in ApPHP Hotel Site 3.x.x allows remote ...)
+	TODO: check
+CVE-2015-4712
+	RESERVED
+CVE-2015-4711
+	RESERVED
+CVE-2015-4710
+	RESERVED
+CVE-2015-4709
+	RESERVED
+CVE-2015-4708
+	RESERVED
+CVE-2015-4705
+	RESERVED
+CVE-2015-4702
+	RESERVED
+CVE-2015-4701
+	RESERVED
+CVE-2015-4699
+	RESERVED
+CVE-2015-4698
+	RESERVED
+CVE-2015-4697
+	RESERVED
+CVE-2015-4694
+	RESERVED
+CVE-2015-4693
+	RESERVED
+CVE-2015-4691
+	RESERVED
+CVE-2015-4690
+	RESERVED
+CVE-2015-4689
+	RESERVED
+CVE-2015-4688
+	RESERVED
+CVE-2015-4687
+	RESERVED
+CVE-2015-4686
+	RESERVED
+CVE-2015-4685
+	RESERVED
+CVE-2015-4684
+	RESERVED
+CVE-2015-4683
+	RESERVED
+CVE-2015-4682
+	RESERVED
+CVE-2015-4681
+	RESERVED
+CVE-2015-4679 (Multiple cross-site scripting (XSS) vulnerabilities in the web ...)
+	TODO: check
+CVE-2015-4678 (SQL injection vulnerability in Persian Car CMS 1.0 allows remote ...)
+	TODO: check
+CVE-2015-4677 (Cross-site request forgery (CSRF) vulnerability in FiverrScript (aka ...)
+	TODO: check
+CVE-2015-4676 (SQL injection vulnerability in ticket.php in TickFa 1.x allows remote ...)
+	TODO: check
+CVE-2015-4675 (Buffer overflow in the Tiny SRP library (aka TinySRP) allows remote ...)
+	TODO: check
 CVE-2015-5070
 	- wesnoth-1.13 <unfixed>
-        - wesnoth-1.12 <unfixed>
-        - wesnoth-1.10 <removed>
-        - wesnoth-1.8 <removed>
+	- wesnoth-1.12 <unfixed>
+	- wesnoth-1.10 <removed>
+	- wesnoth-1.8 <removed>
 	NOTE: https://github.com/wesnoth/wesnoth/commit/b2738ffb2fdd2550ececb74f76f75583c43c8b59
 CVE-2015-5069
 	- wesnoth-1.13 <unfixed>
-        - wesnoth-1.12 <unfixed>
-        - wesnoth-1.10 <removed>
-        - wesnoth-1.8 <removed>
+	- wesnoth-1.12 <unfixed>
+	- wesnoth-1.10 <removed>
+	- wesnoth-1.8 <removed>
 	NOTE: https://github.com/wesnoth/wesnoth/commit/f8914468182e8d0a1551b430c0879ba236fe4d6d
 CVE-2015-5059 [Information disclosure]
+	RESERVED
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://github.com/mantisbt/mantisbt/commit/f39cf525 (1.2.x)
 	NOTE: https://mantisbt.org/bugs/view.php?id=19873
 CVE-2015-5057
+	RESERVED
 	NOT-FOR-US: WordPress plugin broken-link-checker
 CVE-2015-4707 [IPython XSS in JSON error responses -- /api/notebooks path]
+	RESERVED
 	- ipython <unfixed> (bug #789824)
 	[jessie] - ipython <no-dsa> (Minor issue)
 	[wheezy] - ipython <not-affected> (Problematic code introduced in rel-2.0.0)
@@ -25,22 +794,29 @@
 	NOTE: https://github.com/ipython/ipython/commit/1fcc9943c000ab553ebc029db99ecbd0536960d6
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/22/4
 CVE-2015-4706 [IPython XSS in JSON error responses -- /api/contents path]
+	RESERVED
 	- ipython <not-affected> (Only affects 3.x)
 CVE-2015-4704
+	RESERVED
 	NOT-FOR-US: WordPress plugin download-zip-attachments
 CVE-2015-4703
+	RESERVED
 	NOT-FOR-US: WordPress plugin wp-instance-rename
 CVE-2015-4700 [Crafted BPF filters may crash kernel during JIT optimisation]
+	RESERVED
 	- linux <unfixed>
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Introduced in v3.0-rc1)
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3f7352bf21f8fd7ba3e2fcef9488756f188e12be (v4.1-rc6)
 	NOTE: Introduced in: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0a14842f5a3c0e88a1e59fac5c3025db39721f74 (v3.0-rc1)
 CVE-2015-4696 [wmf2gd/wmf2eps use after free]
+	RESERVED
 	- libwmf <unfixed> (bug #784192)
 CVE-2015-4695 [meta_pen_create heap buffer overflow]
+	RESERVED
 	- libwmf <unfixed> (bug #784205)
 CVE-2015-4680 [insufficent CRL application]
+	RESERVED
 	- freeradius <unfixed> (bug #789623)
 	[jessie] - freeradius <no-dsa> (Minor issue)
 	[wheezy] - freeradius <no-dsa> (Minor issue)
@@ -100,10 +876,10 @@
 	RESERVED
 CVE-2015-4647
 	RESERVED
-CVE-2015-4641
-	RESERVED
-CVE-2015-4640
-	RESERVED
+CVE-2015-4641 (Directory traversal vulnerability in the SwiftKey language-pack update ...)
+	TODO: check
+CVE-2015-4640 (The SwiftKey language-pack update implementation on Samsung Galaxy S4, ...)
+	TODO: check
 CVE-2012-6692 (Cross-site scripting (XSS) vulnerability in js/wp-seo-metabox.js in ...)
 	NOT-FOR-US: WordPress plugin wordpress-seo
 CVE-2015-4652 [GSM DTAP dissector could crash]
@@ -242,14 +1018,14 @@
 	RESERVED
 CVE-2015-4591
 	RESERVED
-CVE-2015-4590
-	RESERVED
+CVE-2015-4590 (The extractFrom function in Internals/QuotedString.cpp in Arduino JSON ...)
+	TODO: check
 CVE-2015-4589
 	RESERVED
 CVE-2015-4587 (Cross-site scripting (XSS) vulnerability in the Alcatel-Lucent ...)
 	TODO: check
-CVE-2015-4586
-	RESERVED
+CVE-2015-4586 (Cross-site request forgery (CSRF) vulnerability in Alcatel-Lucent ...)
+	TODO: check
 CVE-2015-4585
 	RESERVED
 CVE-2015-4584
@@ -644,8 +1420,7 @@
 	NOT-FOR-US: Magnifica Webscripts Anima Gallery
 CVE-2015-4414 (Directory traversal vulnerability in download_audio.php in the SE ...)
 	NOT-FOR-US: WordPress plugin se-html5-album-audio-player
-CVE-2015-4413
-	RESERVED
+CVE-2015-4413 (Cross-site scripting (XSS) vulnerability in the new_fb_sign_button ...)
 	NOT-FOR-US: WordPress plugin nextend-facebook-connect
 CVE-2015-4409
 	RESERVED
@@ -1024,52 +1799,52 @@
 	RESERVED
 CVE-2015-4220
 	RESERVED
-CVE-2015-4219
-	RESERVED
-CVE-2015-4218
-	RESERVED
+CVE-2015-4219 (Cisco Secure Access Control System before 5.4(0.46.2) and 5.5 before ...)
+	TODO: check
+CVE-2015-4218 (The web-based user interface in Cisco Jabber through 9.6(3) and 9.7 ...)
+	TODO: check
 CVE-2015-4217
 	RESERVED
 CVE-2015-4216
 	RESERVED
-CVE-2015-4215
-	RESERVED
-CVE-2015-4214
-	RESERVED
-CVE-2015-4213
-	RESERVED
-CVE-2015-4212
-	RESERVED
-CVE-2015-4211
-	RESERVED
-CVE-2015-4210
-	RESERVED
-CVE-2015-4209
-	RESERVED
-CVE-2015-4208
-	RESERVED
-CVE-2015-4207
-	RESERVED
+CVE-2015-4215 (Cisco Wireless LAN Controller (WLC) devices with software 7.5(102.0) ...)
+	TODO: check
+CVE-2015-4214 (Cisco Unified MeetingPlace 8.6(1.2) and 8.6(1.9) allows remote ...)
+	TODO: check
+CVE-2015-4213 (Cisco NX-OS 1.1(1g) on Nexus 9000 devices allows remote authenticated ...)
+	TODO: check
+CVE-2015-4212 (Cisco WebEx Meeting Center allows remote attackers to obtain sensitive ...)
+	TODO: check
+CVE-2015-4211 (Cisco AnyConnect Secure Mobility Client 3.1(60) on Windows does not ...)
+	TODO: check
+CVE-2015-4210 (Cross-site scripting (XSS) vulnerability in Cisco WebEx Meeting Center ...)
+	TODO: check
+CVE-2015-4209 (Cisco WebEx Meeting Center does not properly determine authorization ...)
+	TODO: check
+CVE-2015-4208 (Cisco WebEx Meeting Center does not properly restrict the content of ...)
+	TODO: check
+CVE-2015-4207 (Cisco WebEx Meeting Center places a meeting's access number in a URL, ...)
+	TODO: check
 CVE-2015-4206
 	RESERVED
-CVE-2015-4205
-	RESERVED
-CVE-2015-4204
-	RESERVED
-CVE-2015-4203
-	RESERVED
-CVE-2015-4202
-	RESERVED
-CVE-2015-4201
-	RESERVED
-CVE-2015-4200
-	RESERVED
+CVE-2015-4205 (Cisco IOS XR 5.3.1 on ASR 9000 devices allows remote attackers to ...)
+	TODO: check
+CVE-2015-4204 (Memory leak in Cisco IOS 12.2 in the Performance Routing Engine (PRE) ...)
+	TODO: check
+CVE-2015-4203 (Race condition in Cisco IOS 12.2SCH in the Performance Routing Engine ...)
+	TODO: check
+CVE-2015-4202 (Cisco IOS 12.2SCH on uBR10000 router Cable Modem Termination Systems ...)
+	TODO: check
+CVE-2015-4201 (The Gateway General Packet Radio Service Support Node (GGSN) component ...)
+	TODO: check
+CVE-2015-4200 (Memory leak in the IPv6-to-IPv4 functionality in Cisco IOS 15.3S in ...)
+	TODO: check
 CVE-2015-4199
 	RESERVED
-CVE-2015-4198
-	RESERVED
-CVE-2015-4197
-	RESERVED
+CVE-2015-4198 (Cross-site scripting (XSS) vulnerability in the web framework on Cisco ...)
+	TODO: check
+CVE-2015-4197 (Cisco NX-OS 5.2(5) on Nexus 7000 devices allows remote attackers to ...)
+	TODO: check
 CVE-2015-4196
 	RESERVED
 CVE-2015-4195 (Cisco IOS XR 5.1.1.K9SEC allows remote authenticated users to cause a ...)
@@ -1084,8 +1859,8 @@
 	TODO: check
 CVE-2015-4190 (Cisco Cloud Portal in Cisco Prime Service Catalog 9.4.1_vortex on ...)
 	TODO: check
-CVE-2015-4189
-	RESERVED
+CVE-2015-4189 (Cross-site request forgery (CSRF) vulnerability in Cisco Data Center ...)
+	TODO: check
 CVE-2015-4188 (SQL injection vulnerability in the Manager interface in Cisco Prime ...)
 	TODO: check
 CVE-2015-4187
@@ -1113,6 +1888,7 @@
 CVE-2010-5324 (Directory traversal vulnerability in UploadServlet in the Remote ...)
 	NOT-FOR-US: Novell ZENworks Configuration Management
 CVE-2015-4692 [kvm: x86: NULL pointer dereference in kvm_apic_has_events function]
+	RESERVED
 	- linux <unfixed>
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	- linux-2.6 <not-affected> (vulnerable code not present)
@@ -2005,8 +2781,8 @@
 	NOT-FOR-US: Roomcloud plugin for WordPress
 CVE-2015-3901
 	RESERVED
-CVE-2015-3900
-	RESERVED
+CVE-2015-3900 (RubyGems 2.0.x before 2.0.16, 2.2.x before 2.2.4, and 2.4.x before ...)
+	TODO: check
 CVE-2015-3899
 	RESERVED
 CVE-2015-3898
@@ -3786,15 +4562,13 @@
 	- pam <unfixed> (bug #789986)
 	NOTE: https://git.fedorahosted.org/cgit/linux-pam.git/commit/?id=e89d4c97385ff8180e6e81e84c5aa745daf28a79
 	NOTE: https://www.redhat.com/archives/pam-list/2015-June/msg00001.html
-CVE-2015-3237 [SMB send off unrelated memory contents]
-	RESERVED
+CVE-2015-3237 (The smb_request_state function in cURL and libcurl 7.40.0 through ...)
 	- curl 7.43.0-1
 	[jessie] - curl <not-affected> (Vulnerable code not present)
 	[wheezy] - curl <not-affected> (Vulnerable code not present)
 	[squeeze] - curl <not-affected> (Vulnerable code not present)
 	NOTE: http://curl.haxx.se/docs/adv_20150617B.html
-CVE-2015-3236 [lingering HTTP credentials in connection re-use]
-	RESERVED
+CVE-2015-3236 (cURL and libcurl 7.40.0 through 7.42.1 sends the HTTP Basic ...)
 	- curl 7.43.0-1
 	[jessie] - curl <not-affected> (Vulnerable code not present)
 	[wheezy] - curl <not-affected> (Vulnerable code not present)
@@ -3803,27 +4577,23 @@
 CVE-2015-3235
 	RESERVED
 	- foreman <itp> (bug #663101)
-CVE-2015-3234 [Impersonation]
-	RESERVED
+CVE-2015-3234 (The OpenID module in Drupal 6.x before 6.36 and 7.x before 7.38 allows ...)
 	{DSA-3291-1}
 	- drupal7 7.38-1
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2015-002
-CVE-2015-3233 [Open redirect]
-	RESERVED
+CVE-2015-3233 (Open redirect vulnerability in the Overlay module in Drupal 7.x before ...)
 	{DSA-3291-1}
 	- drupal7 7.38-1
 	- drupal6 <not-affected> (Only affects Drupal 7.x)
 	NOTE: https://www.drupal.org/SA-CORE-2015-002
-CVE-2015-3232 [Open redirect]
-	RESERVED
+CVE-2015-3232 (Open redirect vulnerability in the Field UI module in Drupal 7.x ...)
 	{DSA-3291-1}
 	- drupal7 7.38-1
 	- drupal6 <not-affected> (Only affects Drupal 7.x)
 	NOTE: https://www.drupal.org/SA-CORE-2015-002
-CVE-2015-3231 [Information disclosure]
-	RESERVED
+CVE-2015-3231 (The Render cache system in Drupal 7.x before 7.38, when used to cache ...)
 	{DSA-3291-1}
 	- drupal7 7.38-1
 	- drupal6 <not-affected> (Only affects Drupal 7.x)
@@ -4250,18 +5020,17 @@
 	RESERVED
 CVE-2015-3114
 	RESERVED
-CVE-2015-3113 [code execution issue fixed in APSB15-14]
-	RESERVED
+CVE-2015-3113 (Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and ...)
 	NOT-FOR-US: Adobe Flash Player
 	NOTE: https://helpx.adobe.com/security/products/flash-player/apsb15-14.html
-CVE-2015-3112
-	RESERVED
-CVE-2015-3111
-	RESERVED
-CVE-2015-3110
-	RESERVED
-CVE-2015-3109
-	RESERVED
+CVE-2015-3112 (Adobe Photoshop CC before 16.0 (aka 2015.0.0) and Adobe Bridge CC ...)
+	TODO: check
+CVE-2015-3111 (Heap-based buffer overflow in Adobe Photoshop CC before 16.0 (aka ...)
+	TODO: check
+CVE-2015-3110 (Integer overflow in Adobe Photoshop CC before 16.0 (aka 2015.0.0) and ...)
+	TODO: check
+CVE-2015-3109 (Adobe Photoshop CC before 16.0 (aka 2015.0.0) allows attackers to ...)
+	TODO: check
 CVE-2015-3108 (Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2015-3107 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.292 ...)
@@ -4868,7 +5637,7 @@
 CVE-2015-2866
 	RESERVED
 CVE-2015-2865
-	RESERVED
+	REJECTED
 CVE-2015-2864
 	RESERVED
 CVE-2015-2863
@@ -4877,10 +5646,10 @@
 	RESERVED
 CVE-2015-2861 (Cross-site request forgery (CSRF) vulnerability in Vesta Control Panel ...)
 	TODO: check
-CVE-2015-2860
-	RESERVED
-CVE-2015-2859
-	RESERVED
+CVE-2015-2860 (Directory traversal vulnerability in Avigilon Control Center (ACC) 4 ...)
+	TODO: check
+CVE-2015-2859 (Intel McAfee ePolicy Orchestrator (ePO) 4.x through 4.6.9 and 5.x ...)
+	TODO: check
 CVE-2015-2858
 	RESERVED
 CVE-2015-2857
@@ -5096,8 +5865,8 @@
 	RESERVED
 CVE-2015-2798
 	RESERVED
-CVE-2015-2797
-	RESERVED
+CVE-2015-2797 (Stack-based buffer overflow in AirTies Air 6372, 5760, 5750, 5650TT, ...)
+	TODO: check
 CVE-2015-2796
 	RESERVED
 CVE-2015-2795
@@ -5348,7 +6117,7 @@
 CVE-2015-2724
 	RESERVED
 CVE-2015-2723
-	RESERVED
+	REJECTED
 CVE-2015-2722
 	RESERVED
 CVE-2015-2721
@@ -6422,8 +7191,7 @@
 CVE-2015-2309 [Unsafe methods in the Request class]
 	RESERVED
 	- symfony 2.3.21+dfsg-4
-CVE-2015-2308 [Esi Code Injection]
-	RESERVED
+CVE-2015-2308 (Eval injection vulnerability in the HttpCache class in HttpKernel in ...)
 	- symfony 2.3.21+dfsg-4
 CVE-2015-2307
 	RESERVED
@@ -6941,8 +7709,8 @@
 	[wheezy] - clamav <no-dsa> (Clamav is only updated through -updates)
 	[jessie] - clamav 0.98.7+dfsg-0+deb8u1
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/625f5a9b8f008b8714850e4aa064dee1de06e534
-CVE-2015-2169
-	RESERVED
+CVE-2015-2169 (Cross-site scripting (XSS) vulnerability in Zoho ManageEngine ...)
+	TODO: check
 CVE-2015-2168
 	REJECTED
 CVE-2015-2167 (Open redirect vulnerability in the 3PI Manager in Ericsson Drutt ...)
@@ -10789,8 +11557,8 @@
 	RESERVED
 CVE-2015-0974
 	RESERVED
-CVE-2015-0972
-	RESERVED
+CVE-2015-0972 (Pearson ProctorCache before 2015.1.17 uses the same hardcoded password ...)
+	TODO: check
 CVE-2015-0971 (The DER parser in Suricata before 2.0.8 allows remote attackers to ...)
 	{DSA-3254-1}
 	- suricata 2.0.8-1
@@ -12763,8 +13531,8 @@
 	NOT-FOR-US: EMC Isilon OneFS
 CVE-2015-0527 (EMC Documentum xCelerated Management System (xMS) 1.1 before P14 ...)
 	NOT-FOR-US: EMC
-CVE-2015-0526
-	RESERVED
+CVE-2015-0526 (Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA ...)
+	TODO: check
 CVE-2015-0525 (The Gateway Provisioning service in EMC Secure Remote Services Virtual ...)
 	NOT-FOR-US: EMC
 CVE-2015-0524 (SQL injection vulnerability in the Gateway Provisioning service in EMC ...)
@@ -24768,13 +25536,11 @@
 	NOT-FOR-US: SAP
 CVE-2014-5171 (SAP HANA Extend Application Services (XS) does not encrypt ...)
 	NOT-FOR-US: SAP
-CVE-2013-7398 [No SSL HostName verification]
-	RESERVED
+CVE-2013-7398 (main/java/com/ning/http/client/AsyncHttpClientConfig.java in Async ...)
 	- async-http-client <not-affected> (Vulnerable code not present, bug #773364)
 	NOTE: https://github.com/AsyncHttpClient/async-http-client/issues/197
 	NOTE: https://github.com/AsyncHttpClient/async-http-client/commit/3c9152e2c75f7e8b654beec40383748a14c6b51b
-CVE-2013-7397 [SSL/TLS certificate verification disabled]
-	RESERVED
+CVE-2013-7397 (Async Http Client (aka AHC or async-http-client) before 1.9.0 skips ...)
 	- async-http-client 1.6.5-3
 	[wheezy] - async-http-client <no-dsa> (Minor issue)
 	NOTE: https://github.com/AsyncHttpClient/async-http-client/issues/352
@@ -25564,8 +26330,8 @@
 CVE-2014-4883 (resolv.c in the DNS resolver in uIP, and dns.c in the DNS resolver in ...)
 	- xen <not-affected> (LWIP DNS code not present in Xen Debian packages)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1169008
-CVE-2014-4882
-	RESERVED
+CVE-2014-4882 (Aptexx Resident Anywhere does not require authentication, which allows ...)
+	TODO: check
 CVE-2014-4881 (The PartyTrack library for Android does not verify X.509 certificates ...)
 	NOT-FOR-US: PartyTrack library for Android
 CVE-2014-4880 (Buffer overflow in Hikvision DVR DS-7204 Firmware 2.2.10 build 131009, ...)
@@ -25580,8 +26346,8 @@
 	NOTE: http://git.savannah.gnu.org/cgit/wget.git/commit/?id=18b0979357ed7dc4e11d4f2b1d7e0f5932d82aa7
 CVE-2014-4876
 	RESERVED
-CVE-2014-4875
-	RESERVED
+CVE-2014-4875 (CreateBossCredentials.jar in Toshiba CHEC before 6.6 build 4014 and ...)
+	TODO: check
 CVE-2014-4874 (BMC Track-It! 11.3.0.355 allows remote authenticated users to read ...)
 	NOT-FOR-US: BMC Track-It!
 CVE-2014-4873 (SQL injection vulnerability in TrackItWeb/Grid/GetData in BMC ...)


