[Secure-testing-commits] r37089 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Mon Oct 12 21:10:10 UTC 2015
Author: sectracker
Date: 2015-10-12 21:10:10 +0000 (Mon, 12 Oct 2015)
New Revision: 37089
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-10-12 19:40:52 UTC (rev 37088)
+++ data/CVE/list 2015-10-12 21:10:10 UTC (rev 37089)
@@ -1,3 +1,5 @@
+CVE-2015-7810
+ RESERVED
CVE-2015-7808
RESERVED
CVE-2015-7807
@@ -86,6 +88,7 @@
TODO: check
CVE-2015-7809 [sandbox issue]
RESERVED
+ {DSA-3343-1}
- twig 1.20.0-1
NOTE: http://symfony.com/blog/security-release-twig-1-20-0
CVE-2015-7804 [Uninitialized pointer in phar_make_dirstream when zip entry filename is "/"]
@@ -290,6 +293,7 @@
- unzip <unfixed>
CVE-2015-7695 [ZF2015-08: Potential SQL injection vector using null byte for PDO (MsSql, SQLite)]
RESERVED
+ {DSA-3369-1}
- zendframework 1.12.16+dfsg-1
NOTE: http://framework.zend.com/security/advisory/ZF2015-08
NOTE: https://github.com/zendframework/zf1/commit/2ac9c30f73ec2e6235c602bed745749a551b4fe2
@@ -3444,12 +3448,12 @@
RESERVED
CVE-2015-6332
RESERVED
-CVE-2015-6331
- RESERVED
+CVE-2015-6331 (SQL injection vulnerability in the web framework in Cisco Prime ...)
+ TODO: check
CVE-2015-6330
RESERVED
-CVE-2015-6329
- RESERVED
+CVE-2015-6329 (SQL injection vulnerability in Cisco Prime Collaboration Provisioning ...)
+ TODO: check
CVE-2015-6328
RESERVED
CVE-2015-6327
@@ -3462,16 +3466,16 @@
RESERVED
CVE-2015-6323
RESERVED
-CVE-2015-6322
- RESERVED
+CVE-2015-6322 (The IPC channel in Cisco AnyConnect Secure Mobility Client 2.0.0343 ...)
+ TODO: check
CVE-2015-6321
RESERVED
CVE-2015-6320
RESERVED
CVE-2015-6319
RESERVED
-CVE-2015-6318
- RESERVED
+CVE-2015-6318 (Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 ...)
+ TODO: check
CVE-2015-6317
RESERVED
CVE-2015-6316
@@ -3580,8 +3584,7 @@
NOT-FOR-US: Cisco
CVE-2015-6264
RESERVED
-CVE-2015-6263
- RESERVED
+CVE-2015-6263 (The RADIUS client implementation in Cisco IOS 15.4(3)M2.2, when a ...)
NOT-FOR-US: Cisco IOS
CVE-2015-6262 (Cross-site request forgery (CSRF) vulnerability in Cisco Prime ...)
NOT-FOR-US: Cisco
@@ -5153,10 +5156,10 @@
TODO: check
CVE-2015-5648 (SQL injection vulnerability in list.php in phpRechnung before 1.6.5 ...)
TODO: check
-CVE-2015-5647
- RESERVED
-CVE-2015-5646
- RESERVED
+CVE-2015-5647 (The RSS Reader component in Cybozu Garoon 3.x through 3.7.5 and 4.x ...)
+ TODO: check
+CVE-2015-5646 (Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 allows remote ...)
+ TODO: check
CVE-2015-5645 (ICZ MATCHA SNS before 1.3.7 allows remote authenticated users to ...)
TODO: check
CVE-2015-5644 (The installer in ICZ MATCHA SNS before 1.3.7 does not properly ...)
@@ -5709,8 +5712,8 @@
RESERVED
CVE-2015-5444
RESERVED
-CVE-2015-5443
- RESERVED
+CVE-2015-5443 (HP 3PAR Service Processor SP 4.2.0.GA-29 (GA) SPOCC, SP 4.3.0.GA-17 ...)
+ TODO: check
CVE-2015-5442 (Unspecified vulnerability in HP Software Update before 5.005.002.002 ...)
NOT-FOR-US: HP Software Update
CVE-2015-5441
@@ -8058,11 +8061,9 @@
NOT-FOR-US: Cisco
CVE-2015-4549
RESERVED
-CVE-2015-4548
- RESERVED
+CVE-2015-4548 (EMC RSA Web Threat Detection before 5.1 SP1 allows local users to ...)
NOT-FOR-US: EMC RSA Web Threat Detection
-CVE-2015-4547
- RESERVED
+CVE-2015-4547 (EMC RSA Web Threat Detection before 5.1 SP1 stores a cleartext AnnoDB ...)
NOT-FOR-US: EMC RSA Web Threat Detection
CVE-2015-4546 (Directory traversal vulnerability in EMC RSA OneStep 6.9 before build ...)
NOT-FOR-US: EMC RSA OneStep
@@ -8670,8 +8671,8 @@
NOT-FOR-US: Cisco TelePresence Video Communication Server
CVE-2015-4326
RESERVED
-CVE-2015-4325
- RESERVED
+CVE-2015-4325 (The process-management implementation in Cisco TelePresence Video ...)
+ TODO: check
CVE-2015-4324 (Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware ...)
NOT-FOR-US: Cisco
CVE-2015-4323 (Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware ...)
@@ -8790,8 +8791,8 @@
NOT-FOR-US: Cisco
CVE-2015-4266 (The web interface in Cisco Identity Services Engine (ISE) 1.1(4.1), ...)
NOT-FOR-US: Cisco
-CVE-2015-4265
- RESERVED
+CVE-2015-4265 (Cisco Unified Computing System (UCS) B Blade Server Software 2.2.x ...)
+ TODO: check
CVE-2015-4264
RESERVED
CVE-2015-4263 (The Control and Provisioning functionality in Cisco Mobility Services ...)
@@ -14563,8 +14564,8 @@
RESERVED
CVE-2015-2343
RESERVED
-CVE-2015-2342
- RESERVED
+CVE-2015-2342 (The JMX RMI service in VMware vCenter Server 5.0 before u3e, 5.1 ...)
+ TODO: check
CVE-2015-2341 (VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.6, ...)
NOT-FOR-US: VMware
CVE-2015-2340 (TPInt.dll in VMware Workstation 10.x before 10.0.6 and 11.x before ...)
@@ -18030,16 +18031,14 @@
[squeeze] - perl <no-dsa> (Minor issue)
NOTE: https://rt.perl.org/Public/Bug/Display.html?id=119505
NOTE: http://www.openwall.com/lists/oss-security/2015/01/23/9
-CVE-2015-1304
- RESERVED
+CVE-2015-1304 (object-observe.js in Google V8, as used in Google Chrome before ...)
- chromium-browser 45.0.2454.101-1
[jessie] - chromium-browser <no-dsa> (minor issue)
[wheezy] - chromium-browser <end-of-life>
[squeeze] - chromium-browser <end-of-life>
- libv8-3.14 <unfixed> (unimportant)
NOTE: libv8 not covered by security support
-CVE-2015-1303
- RESERVED
+CVE-2015-1303 (bindings/core/v8/V8DOMWrapper.h in Blink, as used in Google Chrome ...)
- chromium-browser 45.0.2454.101-1
[jessie] - chromium-browser <no-dsa> (minor issue)
[wheezy] - chromium-browser <end-of-life>
@@ -19108,8 +19107,8 @@
NOTE: https://github.com/expressjs/serve-static/issues/26
CVE-2015-1048 (Open redirect vulnerability in the integrated web server on Siemens ...)
NOT-FOR-US: Simens
-CVE-2015-1047
- RESERVED
+CVE-2015-1047 (vpxd in VMware vCenter Server 5.0 before u3e, 5.1 before u3, and 5.5 ...)
+ TODO: check
CVE-2015-1046
RESERVED
CVE-2015-1045
More information about the Secure-testing-commits
mailing list