[Secure-testing-commits] r32802 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Wed Mar 11 21:10:57 UTC 2015
Author: sectracker
Date: 2015-03-11 21:10:57 +0000 (Wed, 11 Mar 2015)
New Revision: 32802
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-03-11 19:31:21 UTC (rev 32801)
+++ data/CVE/list 2015-03-11 21:10:57 UTC (rev 32802)
@@ -1,3 +1,21 @@
+CVE-2015-2283
+ RESERVED
+CVE-2015-2282
+ RESERVED
+CVE-2015-2281
+ RESERVED
+CVE-2015-2280
+ RESERVED
+CVE-2015-2279
+ RESERVED
+CVE-2015-2278
+ RESERVED
+CVE-2015-2277
+ RESERVED
+CVE-2015-2276
+ RESERVED
+CVE-2015-2275
+ RESERVED
CVE-2015-2274
RESERVED
CVE-2015-2273
@@ -107,7 +125,8 @@
RESERVED
CVE-2015-2236
RESERVED
-CVE-2015-2235 (Secure Transport in Apple iOS through 8.1.3, Apple OS X through ...)
+CVE-2015-2235
+ REJECTED
NOT-FOR-US: Apple
CVE-2015-2234
RESERVED
@@ -143,8 +162,8 @@
RESERVED
CVE-2015-2218 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
NOT-FOR-US: wp_ajax_save_item function in wonderpluginaudio.php in the WonderPlugin Audio Player plugin for WordPress
-CVE-2015-2217
- RESERVED
+CVE-2015-2217 (Multiple cross-site scripting (XSS) vulnerabilities in Ultimate PHP ...)
+ TODO: check
CVE-2015-2216 (SQL injection vulnerability in ecomm-sizes.php in the Photocrati theme ...)
NOT-FOR-US: Photocrati theme for WordPress
CVE-2015-2215 (Open redirect vulnerability in the Services single sign-on server ...)
@@ -251,10 +270,10 @@
RESERVED
CVE-2015-2185
RESERVED
-CVE-2015-2184
- RESERVED
-CVE-2015-2183
- RESERVED
+CVE-2015-2184 (ZeusCart 4 allows remote attackers to obtain configuration information ...)
+ TODO: check
+CVE-2015-2183 (Multiple SQL injection vulnerabilities in the administrative backend ...)
+ TODO: check
CVE-2015-2182
RESERVED
CVE-2015-2181
@@ -1170,6 +1189,7 @@
NOTE: Introduced by: https://repos.entrouvert.org/lasso.git/commit/lasso/xml?id=154812b401e3845977b3a4892dbc5e5a0b9d03cf (v2.4.0)
CVE-2015-1782 [Using SSH_MSG_KEXINIT data unbounded]
RESERVED
+ {DSA-3182-1}
- libssh2 <unfixed> (bug #780249)
NOTE: http://www.libssh2.org/adv_20150311.html
CVE-2015-1781
@@ -1466,36 +1486,36 @@
RESERVED
CVE-2015-1637 (Schannel (aka Secure Channel) in Microsoft Windows Server 2003 SP2, ...)
NOT-FOR-US: Microsoft
-CVE-2015-1636
- RESERVED
+CVE-2015-1636 (Cross-site scripting (XSS) vulnerability in Microsoft SharePoint ...)
+ TODO: check
CVE-2015-1635
RESERVED
-CVE-2015-1634
- RESERVED
-CVE-2015-1633
- RESERVED
-CVE-2015-1632
- RESERVED
-CVE-2015-1631
- RESERVED
-CVE-2015-1630
- RESERVED
-CVE-2015-1629
- RESERVED
-CVE-2015-1628
- RESERVED
-CVE-2015-1627
- RESERVED
-CVE-2015-1626
- RESERVED
-CVE-2015-1625
- RESERVED
-CVE-2015-1624
- RESERVED
-CVE-2015-1623
- RESERVED
-CVE-2015-1622
- RESERVED
+CVE-2015-1634 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+ TODO: check
+CVE-2015-1633 (Cross-site scripting (XSS) vulnerability in Microsoft SharePoint ...)
+ TODO: check
+CVE-2015-1632 (Cross-site scripting (XSS) vulnerability in errorfe.aspx in Outlook ...)
+ TODO: check
+CVE-2015-1631 (Microsoft Exchange Server 2013 SP1 and Cumulative Update 7 allows ...)
+ TODO: check
+CVE-2015-1630 (Cross-site scripting (XSS) vulnerability in Outlook Web App (OWA) in ...)
+ TODO: check
+CVE-2015-1629 (Cross-site scripting (XSS) vulnerability in Outlook Web App (OWA) in ...)
+ TODO: check
+CVE-2015-1628 (Cross-site scripting (XSS) vulnerability in Outlook Web App (OWA) in ...)
+ TODO: check
+CVE-2015-1627 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+ TODO: check
+CVE-2015-1626 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+ TODO: check
+CVE-2015-1625 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
+ TODO: check
+CVE-2015-1624 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+ TODO: check
+CVE-2015-1623 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+ TODO: check
+CVE-2015-1622 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+ TODO: check
CVE-2015-1621 (Cross-site scripting (XSS) vulnerability in the Webform prepopulate ...)
NOT-FOR-US: Webform module for Drupal
CVE-2015-1620
@@ -3355,8 +3375,8 @@
RESERVED
CVE-2015-1068
RESERVED
-CVE-2015-1067
- RESERVED
+CVE-2015-1067 (Secure Transport in Apple iOS before 8.2, Apple OS X through 10.10.2, ...)
+ TODO: check
CVE-2015-1066
RESERVED
CVE-2015-1065
@@ -4932,8 +4952,8 @@
NOT-FOR-US: Puppet module rabbitmq
CVE-2014-9567 (Unrestricted file upload vulnerability in process-upload.php in ...)
NOT-FOR-US: ProjectSend
-CVE-2014-9566
- RESERVED
+CVE-2014-9566 (Multiple SQL injection vulnerabilities in the Manage Accounts page in ...)
+ TODO: check
CVE-2014-9565
RESERVED
CVE-2014-9564
@@ -7508,8 +7528,7 @@
NOTE: http://git.php.net/?p=php-src.git;a=commit;h=71335e6ebabc1b12c057d8017fd811892ecdfd24
CVE-2015-0272
RESERVED
-CVE-2015-0271 [OpenStack dashboard: log file arbitrary file retrieval]
- RESERVED
+CVE-2015-0271 (The log-viewing function in the Red Hat redhat-access-plugin before ...)
- horizon <not-affected> (RedHat-specific plugin)
CVE-2015-0270
RESERVED
@@ -7761,8 +7780,8 @@
[wheezy] - qpid-cpp <no-dsa> (Minor issue)
CVE-2015-0202
RESERVED
-CVE-2015-0201
- RESERVED
+CVE-2015-0201 (The Java SockJS client in Pivotal Spring Framework 4.1.x before 4.1.5 ...)
+ TODO: check
CVE-2015-0200
RESERVED
CVE-2015-0199
@@ -7963,62 +7982,62 @@
RESERVED
CVE-2015-0101
RESERVED
-CVE-2015-0100
- RESERVED
-CVE-2015-0099
- RESERVED
+CVE-2015-0100 (Microsoft Internet Explorer 8 allows remote attackers to execute ...)
+ TODO: check
+CVE-2015-0099 (Microsoft Internet Explorer 10 allows remote attackers to execute ...)
+ TODO: check
CVE-2015-0098
RESERVED
-CVE-2015-0097
- RESERVED
-CVE-2015-0096
- RESERVED
-CVE-2015-0095
- RESERVED
-CVE-2015-0094
- RESERVED
-CVE-2015-0093
- RESERVED
-CVE-2015-0092
- RESERVED
-CVE-2015-0091
- RESERVED
-CVE-2015-0090
- RESERVED
-CVE-2015-0089
- RESERVED
-CVE-2015-0088
- RESERVED
-CVE-2015-0087
- RESERVED
-CVE-2015-0086
- RESERVED
-CVE-2015-0085
- RESERVED
-CVE-2015-0084
- RESERVED
+CVE-2015-0097 (Microsoft Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Excel ...)
+ TODO: check
+CVE-2015-0096 (Untrusted search path vulnerability in Microsoft Windows Server 2003 ...)
+ TODO: check
+CVE-2015-0095 (The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows ...)
+ TODO: check
+CVE-2015-0094 (The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows ...)
+ TODO: check
+CVE-2015-0093 (Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista ...)
+ TODO: check
+CVE-2015-0092 (Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista ...)
+ TODO: check
+CVE-2015-0091 (Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista ...)
+ TODO: check
+CVE-2015-0090 (Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista ...)
+ TODO: check
+CVE-2015-0089 (Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista ...)
+ TODO: check
+CVE-2015-0088 (Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista ...)
+ TODO: check
+CVE-2015-0087 (Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista ...)
+ TODO: check
+CVE-2015-0086 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...)
+ TODO: check
+CVE-2015-0085 (Use-after-free vulnerability in Microsoft Office 2007 SP3, Excel 2007 ...)
+ TODO: check
+CVE-2015-0084 (The Task Scheduler in Microsoft Windows 7 SP1, Windows Server 2008 R2 ...)
+ TODO: check
CVE-2015-0083
RESERVED
CVE-2015-0082
RESERVED
-CVE-2015-0081
- RESERVED
-CVE-2015-0080
- RESERVED
-CVE-2015-0079
- RESERVED
-CVE-2015-0078
- RESERVED
-CVE-2015-0077
- RESERVED
-CVE-2015-0076
- RESERVED
-CVE-2015-0075
- RESERVED
-CVE-2015-0074
- RESERVED
-CVE-2015-0073
- RESERVED
+CVE-2015-0081 (Windows Text Services (WTS) in Microsoft Windows Server 2003 SP2, ...)
+ TODO: check
+CVE-2015-0080 (Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server ...)
+ TODO: check
+CVE-2015-0079 (The Remote Desktop Protocol (RDP) implementation in Microsoft Windows ...)
+ TODO: check
+CVE-2015-0078 (win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows ...)
+ TODO: check
+CVE-2015-0077 (The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows ...)
+ TODO: check
+CVE-2015-0076 (The photo-decoder implementation in Microsoft Windows Vista SP2, ...)
+ TODO: check
+CVE-2015-0075 (The kernel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, ...)
+ TODO: check
+CVE-2015-0074 (Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista ...)
+ TODO: check
+CVE-2015-0073 (The Windows Registry Virtualization feature in the kernel in Microsoft ...)
+ TODO: check
CVE-2015-0072 (Cross-site scripting (XSS) vulnerability in Microsoft Internet ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2015-0071 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
@@ -8051,8 +8070,8 @@
NOT-FOR-US: Microsoft
CVE-2015-0057 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 ...)
NOT-FOR-US: Microsoft
-CVE-2015-0056
- RESERVED
+CVE-2015-0056 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+ TODO: check
CVE-2015-0055 (Microsoft Internet Explorer 10 and 11 allows remote attackers to gain ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2015-0054 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
@@ -8099,8 +8118,8 @@
RESERVED
CVE-2015-0033
RESERVED
-CVE-2015-0032
- RESERVED
+CVE-2015-0032 (vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with ...)
+ TODO: check
CVE-2015-0031 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2015-0030 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
@@ -8153,8 +8172,8 @@
RESERVED
CVE-2015-0006 (The Network Location Awareness (NLA) service in Microsoft Windows ...)
NOT-FOR-US: Microsoft Windows
-CVE-2015-0005
- RESERVED
+CVE-2015-0005 (The NETLOGON service in Microsoft Windows Server 2003 SP2, Windows ...)
+ TODO: check
CVE-2015-0004 (The User Profile Service (aka ProfSvc) in Microsoft Windows Server ...)
NOT-FOR-US: Microsoft Windows
CVE-2015-0003 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 ...)
@@ -10552,8 +10571,7 @@
NOT-FOR-US: UberFire Framework
CVE-2014-8113
RESERVED
-CVE-2014-8112 [password hashing bypassed when "nsslapd-unhashed-pw-switch" is set to off]
- RESERVED
+CVE-2014-8112 (389 Directory Server 1.3.1.x, 1.3.2.x before 1.3.2.27, and 1.3.3.x ...)
- 389-ds-base 1.3.3.5-4 (bug #779909)
CVE-2014-8111
RESERVED
@@ -10578,8 +10596,7 @@
- qemu-kvm <removed>
[squeeze] - qemu-kvm <end-of-life>
NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2014-12/msg00508.html
-CVE-2014-8105 [information disclosure through 'cn=changelog' subtree]
- RESERVED
+CVE-2014-8105 (389 Directory Server before 1.3.2.27 and 1.3.3.x before 1.3.3.9 does ...)
- 389-ds-base 1.3.3.5-4 (bug #779909)
CVE-2014-8103 (X.Org Server (aka xserver and xorg-server) 1.15.0 through 1.16.x ...)
- xorg-server 2:1.16.2.901-1
More information about the Secure-testing-commits
mailing list