[Secure-testing-commits] r34328 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Mon May 18 21:10:18 UTC 2015
Author: sectracker
Date: 2015-05-18 21:10:17 +0000 (Mon, 18 May 2015)
New Revision: 34328
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-05-18 18:36:18 UTC (rev 34327)
+++ data/CVE/list 2015-05-18 21:10:17 UTC (rev 34328)
@@ -1,3 +1,49 @@
+CVE-2015-4010
+ RESERVED
+CVE-2015-4009
+ RESERVED
+CVE-2015-4008
+ RESERVED
+CVE-2015-4007
+ RESERVED
+CVE-2015-4006
+ RESERVED
+CVE-2015-4005
+ RESERVED
+CVE-2015-4004
+ RESERVED
+CVE-2015-4003
+ RESERVED
+CVE-2015-4002
+ RESERVED
+CVE-2015-4001
+ RESERVED
+CVE-2015-4000
+ RESERVED
+CVE-2015-3999
+ RESERVED
+CVE-2015-3998
+ RESERVED
+CVE-2015-3997
+ RESERVED
+CVE-2015-3996
+ RESERVED
+CVE-2015-3995
+ RESERVED
+CVE-2015-3994
+ RESERVED
+CVE-2015-3993
+ RESERVED
+CVE-2015-3992
+ RESERVED
+CVE-2015-3991
+ RESERVED
+CVE-2015-3990
+ RESERVED
+CVE-2015-3989 (Multiple cross-site scripting (XSS) vulnerabilities in concrete5 ...)
+ TODO: check
+CVE-2014-9719
+ RESERVED
CVE-2015-XXXX [various functions allow \0 in paths where they shouldn't]
- php5 <unfixed>
NOTE: https://bugs.php.net/bug.php?id=69418
@@ -1648,8 +1694,8 @@
RESERVED
CVE-2015-3326 (Trend Micro ScanMail for Microsoft Exchange (SMEX) 10.2 before Hot Fix ...)
TODO: check
-CVE-2015-3325
- RESERVED
+CVE-2015-3325 (SQL injection vulnerability in forum.php in the WP Symposium plugin ...)
+ TODO: check
CVE-2015-3324 (The ThinkServer System Manager (TSM) Baseboard Management Controller ...)
NOT-FOR-US: ThinkServer
CVE-2015-3323 (The ThinkServer System Manager (TSM) Baseboard Management Controller ...)
@@ -2903,6 +2949,7 @@
[jessie] - network-manager <no-dsa> (Minor issue)
CVE-2015-2923 [IPv6 Hop limit lowering via RA messages]
RESERVED
+ {DSA-3175-2}
- kfreebsd-10 10.1~svn274115-4 (bug #782107)
[jessie] - kfreebsd-10 <no-dsa> (kfreebsd not a release arch)
- kfreebsd-9 <removed>
@@ -2969,8 +3016,7 @@
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/04/01/4
NOTE: https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/
TODO: check (various libraries)
-CVE-2015-2810
- RESERVED
+CVE-2015-2810 (Integer overflow in the HwpApp::CHncSDS_Manager function in Hancom ...)
NOT-FOR-US: Hancom Office Hwp
CVE-2015-2809 (The Multicast DNS (mDNS) responder in Synology DiskStation Manager ...)
NOT-FOR-US: Synology DiskStation Manager
@@ -4587,8 +4633,8 @@
RESERVED
CVE-2015-2251
RESERVED
-CVE-2015-2250
- RESERVED
+CVE-2015-2250 (Multiple cross-site scripting (XSS) vulnerabilities in concrete5 ...)
+ TODO: check
CVE-2015-2249
RESERVED
CVE-2015-2248 (Cross-site request forgery (CSRF) vulnerability in the user portal in ...)
@@ -7161,7 +7207,7 @@
CVE-2015-1415 (The bsdinstall installer in FreeBSD 10.x before 10.1 p9, when ...)
NOT-FOR-US: FreeBSD installer
CVE-2015-1414 (Integer overflow in FreeBSD before 8.4 p24, 9.x before 9.3 p10. 10.0 ...)
- {DSA-3175-1}
+ {DSA-3175-2 DSA-3175-1}
- kfreebsd-10 10.1~svn274115-4 (bug #779195)
- kfreebsd-9 <removed> (bug #779201)
- kfreebsd-8 <removed> (bug #779202)
@@ -9448,38 +9494,38 @@
RESERVED
CVE-2015-0739
RESERVED
-CVE-2015-0738
- RESERVED
+CVE-2015-0738 (Cross-site scripting (XSS) vulnerability in the Web Tracking Report ...)
+ TODO: check
CVE-2015-0737
RESERVED
-CVE-2015-0736
- RESERVED
-CVE-2015-0735
- RESERVED
+CVE-2015-0736 (Cross-site request forgery (CSRF) vulnerability in Cisco MediaSense ...)
+ TODO: check
+CVE-2015-0735 (Cross-site request forgery (CSRF) vulnerability in Cisco Unified ...)
+ TODO: check
CVE-2015-0734 (Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Email ...)
TODO: check
CVE-2015-0733
RESERVED
CVE-2015-0732
RESERVED
-CVE-2015-0731
- RESERVED
-CVE-2015-0730
- RESERVED
-CVE-2015-0729
- RESERVED
+CVE-2015-0731 (The ISDN implementation in Cisco IOS 15.3S allows remote attackers to ...)
+ TODO: check
+CVE-2015-0730 (The SMB module in Cisco Wide Area Application Services (WAAS) 6.0(1) ...)
+ TODO: check
+CVE-2015-0729 (Cross-site scripting (XSS) vulnerability in Cisco Secure Access ...)
+ TODO: check
CVE-2015-0728 (Cross-site scripting (XSS) vulnerability in Cisco Access Control ...)
TODO: check
CVE-2015-0727 (Cross-site scripting (XSS) vulnerability in the HTTP module in Cisco ...)
TODO: check
-CVE-2015-0726
- RESERVED
+CVE-2015-0726 (The web administration interface on Cisco Wireless LAN Controller ...)
+ TODO: check
CVE-2015-0725
RESERVED
CVE-2015-0724 (Multiple cross-site scripting (XSS) vulnerabilities in dncs 7.0.0.12 ...)
TODO: check
-CVE-2015-0723
- RESERVED
+CVE-2015-0723 (The wireless web-authentication subsystem on Cisco Wireless LAN ...)
+ TODO: check
CVE-2015-0722
RESERVED
CVE-2015-0721
@@ -9490,8 +9536,8 @@
RESERVED
CVE-2015-0718
RESERVED
-CVE-2015-0717
- RESERVED
+CVE-2015-0717 (Cisco Unified Communications Manager 10.0(1.10000.12) allows local ...)
+ TODO: check
CVE-2015-0716 (Cross-site request forgery (CSRF) vulnerability in the CUCReports page ...)
TODO: check
CVE-2015-0715 (SQL injection vulnerability in the administrative web interface in ...)
@@ -11575,8 +11621,8 @@
NOT-FOR-US: Schneider Electric Invensys
CVE-2014-9205 (Stack-based buffer overflow in the PmBase64Decode function in an ...)
NOT-FOR-US: MICROSYS PROMOTIC
-CVE-2014-9204
- RESERVED
+CVE-2014-9204 (Stack-based buffer overflow in OPCTest.exe in Rockwell Automation ...)
+ TODO: check
CVE-2014-9203 (Buffer overflow in the Field Device Tool (FDT) Frame application in ...)
NOT-FOR-US: HART Device Type Manager (DTM) library
CVE-2014-9202
More information about the Secure-testing-commits
mailing list