[Secure-testing-commits] r34084 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Tue May 5 09:10:17 UTC 2015
Author: sectracker
Date: 2015-05-05 09:10:17 +0000 (Tue, 05 May 2015)
New Revision: 34084
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-05-05 08:58:12 UTC (rev 34083)
+++ data/CVE/list 2015-05-05 09:10:17 UTC (rev 34084)
@@ -1,3 +1,367 @@
+CVE-2015-3643
+ RESERVED
+CVE-2015-3642
+ RESERVED
+CVE-2015-3641
+ RESERVED
+CVE-2015-3640
+ RESERVED
+CVE-2015-3639
+ RESERVED
+CVE-2015-3638
+ RESERVED
+CVE-2015-3637
+ RESERVED
+CVE-2015-3635
+ RESERVED
+CVE-2015-3634
+ RESERVED
+CVE-2015-3633 (Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1.5 allow ...)
+ TODO: check
+CVE-2015-3632 (Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1.5 allow ...)
+ TODO: check
+CVE-2015-3631
+ RESERVED
+CVE-2015-3630
+ RESERVED
+CVE-2015-3629
+ RESERVED
+CVE-2015-3628
+ RESERVED
+CVE-2015-3627
+ RESERVED
+CVE-2015-3626
+ RESERVED
+CVE-2015-3625
+ RESERVED
+CVE-2015-3624
+ RESERVED
+CVE-2015-3623
+ RESERVED
+CVE-2015-3621
+ RESERVED
+CVE-2015-3620
+ RESERVED
+CVE-2015-3619
+ RESERVED
+CVE-2015-3618
+ RESERVED
+CVE-2015-3617
+ RESERVED
+CVE-2015-3616
+ RESERVED
+CVE-2015-3615
+ RESERVED
+CVE-2015-3614
+ RESERVED
+CVE-2015-3613
+ RESERVED
+CVE-2015-3612
+ RESERVED
+CVE-2015-3611
+ RESERVED
+CVE-2015-3610
+ RESERVED
+CVE-2015-3609
+ RESERVED
+CVE-2015-3608
+ RESERVED
+CVE-2015-3607
+ RESERVED
+CVE-2015-3606
+ RESERVED
+CVE-2015-3605
+ RESERVED
+CVE-2015-3604
+ RESERVED
+CVE-2015-3603
+ RESERVED
+CVE-2015-3602
+ RESERVED
+CVE-2015-3601
+ RESERVED
+CVE-2015-3600
+ RESERVED
+CVE-2015-3599
+ RESERVED
+CVE-2015-3598
+ RESERVED
+CVE-2015-3597
+ RESERVED
+CVE-2015-3596
+ RESERVED
+CVE-2015-3595
+ RESERVED
+CVE-2015-3594
+ RESERVED
+CVE-2015-3593
+ RESERVED
+CVE-2015-3592
+ RESERVED
+CVE-2015-3591
+ RESERVED
+CVE-2015-3590
+ RESERVED
+CVE-2015-3589
+ RESERVED
+CVE-2015-3588
+ RESERVED
+CVE-2015-3587
+ RESERVED
+CVE-2015-3586
+ RESERVED
+CVE-2015-3585
+ RESERVED
+CVE-2015-3584
+ RESERVED
+CVE-2015-3583
+ RESERVED
+CVE-2015-3582
+ RESERVED
+CVE-2015-3581
+ RESERVED
+CVE-2015-3580
+ RESERVED
+CVE-2015-3579
+ RESERVED
+CVE-2015-3578
+ RESERVED
+CVE-2015-3577
+ RESERVED
+CVE-2015-3576
+ RESERVED
+CVE-2015-3575
+ RESERVED
+CVE-2015-3574
+ RESERVED
+CVE-2015-3573
+ RESERVED
+CVE-2015-3572
+ RESERVED
+CVE-2015-3571
+ RESERVED
+CVE-2015-3570
+ RESERVED
+CVE-2015-3569
+ RESERVED
+CVE-2015-3568
+ RESERVED
+CVE-2015-3567
+ RESERVED
+CVE-2015-3566
+ RESERVED
+CVE-2015-3565
+ RESERVED
+CVE-2015-3564
+ RESERVED
+CVE-2015-3563
+ RESERVED
+CVE-2015-3562
+ RESERVED
+CVE-2015-3561
+ RESERVED
+CVE-2015-3560
+ RESERVED
+CVE-2015-3559
+ RESERVED
+CVE-2015-3558
+ RESERVED
+CVE-2015-3557
+ RESERVED
+CVE-2015-3556
+ RESERVED
+CVE-2015-3555
+ RESERVED
+CVE-2015-3554
+ RESERVED
+CVE-2015-3553
+ RESERVED
+CVE-2015-3552
+ RESERVED
+CVE-2015-3551
+ RESERVED
+CVE-2015-3550
+ RESERVED
+CVE-2015-3549
+ RESERVED
+CVE-2015-3548
+ RESERVED
+CVE-2015-3547
+ RESERVED
+CVE-2015-3546
+ RESERVED
+CVE-2015-3545
+ RESERVED
+CVE-2015-3544
+ RESERVED
+CVE-2015-3543
+ RESERVED
+CVE-2015-3542
+ RESERVED
+CVE-2015-3541
+ RESERVED
+CVE-2015-3540
+ RESERVED
+CVE-2015-3539
+ RESERVED
+CVE-2015-3538
+ RESERVED
+CVE-2015-3537
+ RESERVED
+CVE-2015-3536
+ RESERVED
+CVE-2015-3535
+ RESERVED
+CVE-2015-3534
+ RESERVED
+CVE-2015-3533
+ RESERVED
+CVE-2015-3532
+ RESERVED
+CVE-2015-3531
+ RESERVED
+CVE-2015-3530
+ RESERVED
+CVE-2015-3529
+ RESERVED
+CVE-2015-3528
+ RESERVED
+CVE-2015-3527
+ RESERVED
+CVE-2015-3526
+ RESERVED
+CVE-2015-3525
+ RESERVED
+CVE-2015-3524
+ RESERVED
+CVE-2015-3523
+ RESERVED
+CVE-2015-3522
+ RESERVED
+CVE-2015-3521
+ RESERVED
+CVE-2015-3520
+ RESERVED
+CVE-2015-3519
+ RESERVED
+CVE-2015-3518
+ RESERVED
+CVE-2015-3517
+ RESERVED
+CVE-2015-3516
+ RESERVED
+CVE-2015-3515
+ RESERVED
+CVE-2015-3514
+ RESERVED
+CVE-2015-3513
+ RESERVED
+CVE-2015-3512
+ RESERVED
+CVE-2015-3511
+ RESERVED
+CVE-2015-3510
+ RESERVED
+CVE-2015-3509
+ RESERVED
+CVE-2015-3508
+ RESERVED
+CVE-2015-3507
+ RESERVED
+CVE-2015-3506
+ RESERVED
+CVE-2015-3505
+ RESERVED
+CVE-2015-3504
+ RESERVED
+CVE-2015-3503
+ RESERVED
+CVE-2015-3502
+ RESERVED
+CVE-2015-3501
+ RESERVED
+CVE-2015-3500
+ RESERVED
+CVE-2015-3499
+ RESERVED
+CVE-2015-3498
+ RESERVED
+CVE-2015-3497
+ RESERVED
+CVE-2015-3496
+ RESERVED
+CVE-2015-3495
+ RESERVED
+CVE-2015-3494
+ RESERVED
+CVE-2015-3493
+ RESERVED
+CVE-2015-3492
+ RESERVED
+CVE-2015-3491
+ RESERVED
+CVE-2015-3490
+ RESERVED
+CVE-2015-3489
+ RESERVED
+CVE-2015-3488
+ RESERVED
+CVE-2015-3487
+ RESERVED
+CVE-2015-3486
+ RESERVED
+CVE-2015-3485
+ RESERVED
+CVE-2015-3484
+ RESERVED
+CVE-2015-3483
+ RESERVED
+CVE-2015-3482
+ RESERVED
+CVE-2015-3481
+ RESERVED
+CVE-2015-3480
+ RESERVED
+CVE-2015-3479
+ RESERVED
+CVE-2015-3478
+ RESERVED
+CVE-2015-3477
+ RESERVED
+CVE-2015-3476
+ RESERVED
+CVE-2015-3475
+ RESERVED
+CVE-2015-3474
+ RESERVED
+CVE-2015-3473
+ RESERVED
+CVE-2015-3472
+ RESERVED
+CVE-2015-3471
+ RESERVED
+CVE-2015-3470
+ RESERVED
+CVE-2015-3469
+ RESERVED
+CVE-2015-3468
+ RESERVED
+CVE-2015-3467
+ RESERVED
+CVE-2015-3466
+ RESERVED
+CVE-2015-3465
+ RESERVED
+CVE-2015-3464
+ RESERVED
+CVE-2015-3463
+ RESERVED
+CVE-2015-3462
+ RESERVED
+CVE-2015-3461
+ RESERVED
+CVE-2015-3460
+ RESERVED
CVE-2015-XXXX [buffer overflow]
- t1utils 1.38-4 (bug #779274)
NOTE: https://github.com/kohler/t1utils/issues/4
@@ -40,6 +404,7 @@
- keystone 2015.1.0-1
NOTE: Affects: versions through 2014.1.4, and 2014.2 versions through 2014.2.3
CVE-2015-3636
+ RESERVED
- linux <unfixed>
- linux-2.6 <removed>
NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a134f083e79fb4c3d0a925691e732c56911b4326 (v4.1-rc2)
@@ -67,6 +432,7 @@
CVE-2015-3447 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
TODO: check
CVE-2015-3622 [Heap overflow / invalid read]
+ RESERVED
- libtasn1-6 4.4-3
- libtasn1-3 <not-affected> (Introduced with 3.6)
NOTE: https://blog.fuzzing-project.org/9-Heap-overflow-invalid-read-in-Libtasn1-TFPA-0052015.html
@@ -79,8 +445,8 @@
- squid3 <unfixed> (unimportant)
NOTE: http://www.squid-cache.org/Advisories/SQUID-2015_1.txt
NOTE: Only affects custom builds with --enable-ssl (disabled for license purposes in Debian)
-CVE-2015-3446
- RESERVED
+CVE-2015-3446 (The Framework Daemon in AlienVault Unified Security Management before ...)
+ TODO: check
CVE-2015-3445
RESERVED
CVE-2015-3444
@@ -95,8 +461,8 @@
RESERVED
CVE-2015-3436
RESERVED
-CVE-2015-3435
- RESERVED
+CVE-2015-3435 (Samsung Security Manager (SSM) before 1.31 allows remote attackers to ...)
+ TODO: check
CVE-2015-3434
RESERVED
CVE-2015-3433
@@ -348,8 +714,7 @@
NOT-FOR-US: ZFS on Linux Debian packages specific as published in the archive.zfsonlinux.org repositories
CVE-2015-3338
RESERVED
-CVE-2015-3337 [Directory traversal]
- RESERVED
+CVE-2015-3337 (Directory traversal vulnerability in Elasticsearch before 1.4.5 and ...)
{DSA-3241-1}
- elasticsearch <unfixed>
NOTE: https://www.elastic.co/blog/elasticsearch-1-5-2-and-1-4-5-released
@@ -785,8 +1150,7 @@
- foreman <itp> (bug #663101)
CVE-2015-3154
RESERVED
-CVE-2015-3153 [sensitive HTTP server headers also sent to proxies]
- RESERVED
+CVE-2015-3153 (The default configuration for cURL and libcurl before 7.42.1 sends ...)
{DSA-3240-1}
- curl 7.42.1-1
[wheezy] - curl <no-dsa> (Too intrusive to backport)
@@ -3279,8 +3643,8 @@
RESERVED
CVE-2015-2249
RESERVED
-CVE-2015-2248
- RESERVED
+CVE-2015-2248 (Cross-site request forgery (CSRF) vulnerability in the user portal in ...)
+ TODO: check
CVE-2015-2247 (Unspecified vulnerability in Boosted Boards skateboards allows ...)
NOT-FOR-US: Boosted Boards skateboards
CVE-2015-2246
@@ -6296,8 +6660,7 @@
RESERVED
CVE-2015-1251
RESERVED
-CVE-2015-1250
- RESERVED
+CVE-2015-1250 (Multiple unspecified vulnerabilities in Google Chrome before ...)
{DSA-3242-1}
- chromium-browser 42.0.2311.135-1
[wheezy] - chromium-browser <end-of-life>
@@ -6333,8 +6696,7 @@
- chromium-browser 42.0.2311.90-1
[wheezy] - chromium-browser <end-of-life>
[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1243
- RESERVED
+CVE-2015-1243 (Use-after-free vulnerability in the MutationObserver::disconnect ...)
{DSA-3242-1}
- chromium-browser 42.0.2311.135-1
[wheezy] - chromium-browser <end-of-life>
@@ -7626,12 +7988,12 @@
RESERVED
CVE-2015-0915
RESERVED
-CVE-2015-0914
- RESERVED
-CVE-2015-0913
- RESERVED
-CVE-2015-0912
- RESERVED
+CVE-2015-0914 (EasyCTF before 1.4 does not validate the session ID, which allows ...)
+ TODO: check
+CVE-2015-0913 (Cross-site scripting (XSS) vulnerability in EasyCTF before 1.4 allows ...)
+ TODO: check
+CVE-2015-0912 (EasyCTF before 1.4 allows remote authenticated users to write ...)
+ TODO: check
CVE-2015-0911 (Directory traversal vulnerability in TAGAWA Takao TransmitMail 1.0.11 ...)
TODO: check
CVE-2015-0910 (Cross-site scripting (XSS) vulnerability in TAGAWA Takao TransmitMail ...)
@@ -8151,12 +8513,12 @@
RESERVED
CVE-2015-0715
RESERVED
-CVE-2015-0714
- RESERVED
+CVE-2015-0714 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Finesse ...)
+ TODO: check
CVE-2015-0713
RESERVED
-CVE-2015-0712
- RESERVED
+CVE-2015-0712 (The session-manager service in Cisco StarOS 12.0, 12.2(300), 14.0, and ...)
+ TODO: check
CVE-2015-0711 (The hamgr service in the IPv6 Proxy Mobile (PM) implementation in ...)
TODO: check
CVE-2015-0710 (The Overlay Transport Virtualization (OTV) implementation in Cisco IOS ...)
@@ -9167,8 +9529,8 @@
RESERVED
CVE-2015-0533
RESERVED
-CVE-2015-0532
- RESERVED
+CVE-2015-0532 (EMC RSA Identity Management and Governance (IMG) 6.9 before P04 and ...)
+ TODO: check
CVE-2015-0531
RESERVED
CVE-2015-0530 (Buffer overflow in an unspecified function in nsr_render_log in EMC ...)
@@ -11209,8 +11571,7 @@
[wheezy] - nova <not-affected> (Vulnerable code not present)
CVE-2015-0258
RESERVED
-CVE-2015-0257
- RESERVED
+CVE-2015-0257 (Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 uses ...)
NOT-FOR-US: ovirt / RHEV
CVE-2015-0256
RESERVED
@@ -11298,8 +11659,7 @@
CVE-2015-0238
RESERVED
NOT-FOR-US: selinux-policy as shipped with Red Hat OpenShift 2
-CVE-2015-0237
- RESERVED
+CVE-2015-0237 (Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 ignores ...)
NOT-FOR-US: Red Hat vdms
CVE-2015-0236 (libvirt before 1.2.12 allow remote authenticated users to obtain the ...)
- libvirt 1.2.9-8 (bug #776065)
@@ -13480,8 +13840,8 @@
NOT-FOR-US: WordPress plugin wpSS
CVE-2014-8362
RESERVED
-CVE-2014-8361
- RESERVED
+CVE-2014-8361 (The miniigd SOAP service in Realtek SDK allows remote attackers to ...)
+ TODO: check
CVE-2014-8360 (Directory traversal vulnerability in inc/autoload.function.php in GLPI ...)
- glpi <unfixed> (unimportant)
NOTE: Only supported behind an authenticated HTTP zone
@@ -25184,8 +25544,7 @@
CVE-2014-3599
RESERVED
NOT-FOR-US: HornetQ
-CVE-2014-3598
- RESERVED
+CVE-2014-3598 (The Jpeg2KImagePlugin plugin in Pillow before 2.5.3 allows remote ...)
- pillow 2.5.3-1
- python-imaging <not-affected> (Vulnerable code not present)
CVE-2014-3597 (Multiple buffer overflows in the php_parserr function in ...)
More information about the Secure-testing-commits
mailing list