[Secure-testing-commits] r33177 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Thu Mar 26 21:10:15 UTC 2015
Author: sectracker
Date: 2015-03-26 21:10:15 +0000 (Thu, 26 Mar 2015)
New Revision: 33177
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-03-26 19:25:13 UTC (rev 33176)
+++ data/CVE/list 2015-03-26 21:10:15 UTC (rev 33177)
@@ -1,3 +1,93 @@
+CVE-2015-2745
+ RESERVED
+CVE-2015-2744
+ RESERVED
+CVE-2015-2743
+ RESERVED
+CVE-2015-2742
+ RESERVED
+CVE-2015-2741
+ RESERVED
+CVE-2015-2740
+ RESERVED
+CVE-2015-2739
+ RESERVED
+CVE-2015-2738
+ RESERVED
+CVE-2015-2737
+ RESERVED
+CVE-2015-2736
+ RESERVED
+CVE-2015-2735
+ RESERVED
+CVE-2015-2734
+ RESERVED
+CVE-2015-2733
+ RESERVED
+CVE-2015-2732
+ RESERVED
+CVE-2015-2731
+ RESERVED
+CVE-2015-2730
+ RESERVED
+CVE-2015-2729
+ RESERVED
+CVE-2015-2728
+ RESERVED
+CVE-2015-2727
+ RESERVED
+CVE-2015-2726
+ RESERVED
+CVE-2015-2725
+ RESERVED
+CVE-2015-2724
+ RESERVED
+CVE-2015-2723
+ RESERVED
+CVE-2015-2722
+ RESERVED
+CVE-2015-2721
+ RESERVED
+CVE-2015-2720
+ RESERVED
+CVE-2015-2719
+ RESERVED
+CVE-2015-2718
+ RESERVED
+CVE-2015-2717
+ RESERVED
+CVE-2015-2716
+ RESERVED
+CVE-2015-2715
+ RESERVED
+CVE-2015-2714
+ RESERVED
+CVE-2015-2713
+ RESERVED
+CVE-2015-2712
+ RESERVED
+CVE-2015-2711
+ RESERVED
+CVE-2015-2710
+ RESERVED
+CVE-2015-2709
+ RESERVED
+CVE-2015-2708
+ RESERVED
+CVE-2015-2707
+ RESERVED
+CVE-2015-2706
+ RESERVED
+CVE-2015-2705
+ RESERVED
+CVE-2015-2703 (Multiple cross-site scripting (XSS) vulnerabilities in Websense TRITON ...)
+ TODO: check
+CVE-2015-2702 (Cross-site scripting (XSS) vulnerability in the Message Log in the ...)
+ TODO: check
+CVE-2015-2701 (Cross-site request forgery (CSRF) vulnerability in CS-Cart 4.2.4 ...)
+ TODO: check
+CVE-2014-9711 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+ TODO: check
CVE-2015-2700
RESERVED
CVE-2015-2699
@@ -25,6 +115,7 @@
NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=89205
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/03/25/6
CVE-2015-2704 [Retrieve info destined for config files after join]
+ RESERVED
- realmd <unfixed> (bug #781179)
NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=89207
CVE-2015-XXXX [Multiple vulnerabilities]
@@ -48,7 +139,7 @@
TODO: check
CVE-2015-2677 (Multiple cross-site scripting (XSS) vulnerabilities in ocPortal before ...)
TODO: check
-CVE-2015-2676 (Cross-site request forgery (CSRF) vulnerability in the Asus RT-G32 ...)
+CVE-2015-2676 (Cross-site request forgery (CSRF) vulnerability in the ASUS RT-G32 ...)
NOT-FOR-US: Asus
CVE-2015-2689 [Assertion failure in dns.c, possibly connected to UDP DoS attack]
RESERVED
@@ -789,8 +880,7 @@
NOT-FOR-US: MyBB
CVE-2015-2332 (Cross-site scripting (XSS) vulnerability in member.php in MyBB (aka ...)
NOT-FOR-US: MyBB
-CVE-2015-2559 [SA-CORE-2015-001: Access bypass]
- RESERVED
+CVE-2015-2559 (Drupal 6.x before 6.35 and 7.x before 7.35 allows remote authenticated ...)
{DSA-3200-1}
- drupal7 7.32-1+deb8u2 (bug #780772)
- drupal6 <removed>
@@ -830,15 +920,13 @@
RESERVED
CVE-2015-2321
RESERVED
-CVE-2015-2317 [Mitigated possible XSS attack via user-supplied redirect URLs]
- RESERVED
+CVE-2015-2317 (The utils.http.is_safe_url function in Django before 1.4.20, 1.5.x, ...)
{DSA-3204-1}
- python-django 1.7.7-1 (bug #780873)
[squeeze] - python-django <no-dsa> (Minor issue, can wait next security upload)
NOTE: https://github.com/django/django/commit/2342693b31f740a422abf7267c53b4e7bc487c1b (1.4.x)
NOTE: https://github.com/django/django/commit/2a4113dbd532ce952308992633d802dc169a75f1 (1.7.x)
-CVE-2015-2316 [Denial-of-service possibility with strip_tags()]
- RESERVED
+CVE-2015-2316 (The utils.html.strip_tags function in Django 1.6.x before 1.6.11, ...)
- python-django 1.7.7-1 (bug #780874)
[wheezy] - python-django <not-affected> (vulnerable code not present)
[squeeze] - python-django <not-affected> (vulnerable code not present)
@@ -5868,10 +5956,10 @@
RESERVED
CVE-2015-0674
RESERVED
-CVE-2015-0673
- RESERVED
-CVE-2015-0672
- RESERVED
+CVE-2015-0673 (Cisco Mobility Services Engine (MSE) 8.0(110.0) allows remote ...)
+ TODO: check
+CVE-2015-0672 (The DHCPv4 server in Cisco IOS XR 5.2.2 on ASR 9000 devices allows ...)
+ TODO: check
CVE-2015-0671 (The DNS implementation in Cisco Videoscape Distribution Suite for ...)
TODO: check
CVE-2015-0670 (The default configuration of Cisco Small Business IP phones SPA 300 ...)
@@ -5914,52 +6002,37 @@
NOT-FOR-US: Cisco
CVE-2015-0651 (Cross-site request forgery (CSRF) vulnerability in the web GUI in ...)
NOT-FOR-US: Cisco
-CVE-2015-0650
- RESERVED
+CVE-2015-0650 (The Service Discovery Gateway (aka mDNS Gateway) in Cisco IOS 12.2, ...)
NOT-FOR-US: Cisco
-CVE-2015-0649
- RESERVED
+CVE-2015-0649 (Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to ...)
NOT-FOR-US: Cisco
-CVE-2015-0648
- RESERVED
+CVE-2015-0648 (Memory leak in Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows ...)
NOT-FOR-US: Cisco
-CVE-2015-0647
- RESERVED
+CVE-2015-0647 (Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to ...)
NOT-FOR-US: Cisco
-CVE-2015-0646
- RESERVED
-CVE-2015-0645
- RESERVED
+CVE-2015-0646 (Memory leak in the TCP input module in Cisco IOS 12.2, 12.4, 15.0, ...)
+ TODO: check
+CVE-2015-0645 (The Layer 4 Redirect (L4R) feature in Cisco IOS XE 2.x and 3.x before ...)
NOT-FOR-US: Cisco
-CVE-2015-0644
- RESERVED
+CVE-2015-0644 (AppNav in Cisco IOS XE 3.8 through 3.10 before 3.10.3S, 3.11 before ...)
NOT-FOR-US: Cisco
-CVE-2015-0643
- RESERVED
+CVE-2015-0643 (Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE ...)
NOT-FOR-US: Cisco
-CVE-2015-0642
- RESERVED
+CVE-2015-0642 (Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE ...)
NOT-FOR-US: Cisco
-CVE-2015-0641
- RESERVED
+CVE-2015-0641 (Cisco IOS XE 2.x and 3.x before 3.9.0S, 3.10 before 3.10.0S, 3.11 ...)
NOT-FOR-US: Cisco
-CVE-2015-0640
- RESERVED
+CVE-2015-0640 (The high-speed logging (HSL) feature in Cisco IOS XE 2.x and 3.x ...)
NOT-FOR-US: Cisco
-CVE-2015-0639
- RESERVED
+CVE-2015-0639 (The Common Flow Table (CFT) feature in Cisco IOS XE 3.6 and 3.7 before ...)
NOT-FOR-US: Cisco
-CVE-2015-0638
- RESERVED
+CVE-2015-0638 (Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3, when a VRF interface is ...)
NOT-FOR-US: Cisco
-CVE-2015-0637
- RESERVED
+CVE-2015-0637 (The Autonomic Networking Infrastructure (ANI) implementation in Cisco ...)
NOT-FOR-US: Cisco
-CVE-2015-0636
- RESERVED
+CVE-2015-0636 (The Autonomic Networking Infrastructure (ANI) implementation in Cisco ...)
NOT-FOR-US: Cisco
-CVE-2015-0635
- RESERVED
+CVE-2015-0635 (The Autonomic Networking Infrastructure (ANI) implementation in Cisco ...)
NOT-FOR-US: Cisco
CVE-2015-0634
RESERVED
@@ -8658,8 +8731,7 @@
CVE-2015-0296
RESERVED
- texlive-base <not-affected> (Specific to Red Hat packaging/postinst)
-CVE-2015-0295 [DoS vulnerability in BMP images handler]
- RESERVED
+CVE-2015-0295 (The BMP decoder in QtGui in QT before 5.5 does not properly calculate ...)
- qt4-x11 4:4.8.6+git64-g5dc8b2b+dfsg-3 (bug #779550)
[wheezy] - qt4-x11 <no-dsa> (Minor issue)
[experimental] - qtbase-opensource-src 5.4.1+dfsg-2
More information about the Secure-testing-commits
mailing list