[Secure-testing-commits] r37135 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Fri Oct 16 21:10:13 UTC 2015
Author: sectracker
Date: 2015-10-16 21:10:12 +0000 (Fri, 16 Oct 2015)
New Revision: 37135
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-10-16 13:58:58 UTC (rev 37134)
+++ data/CVE/list 2015-10-16 21:10:12 UTC (rev 37135)
@@ -1,3 +1,61 @@
+CVE-2015-7840 (The command line management console (CMC) in SolarWinds Log and Event ...)
+ TODO: check
+CVE-2015-7839 (SolarWinds Log and Event Manager (LEM) allows remote attackers to ...)
+ TODO: check
+CVE-2015-7838 (ProcessFileUpload.jsp in SolarWinds Storage Manager before 6.2 allows ...)
+ TODO: check
+CVE-2015-7837
+ RESERVED
+CVE-2015-7836
+ RESERVED
+CVE-2015-7835
+ RESERVED
+CVE-2015-7834 (Multiple unspecified vulnerabilities in Google V8 before 4.6.85.23, as ...)
+ TODO: check
+CVE-2015-7833
+ RESERVED
+CVE-2015-7832
+ RESERVED
+CVE-2015-7831
+ RESERVED
+CVE-2015-7829 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, ...)
+ TODO: check
+CVE-2015-7828
+ RESERVED
+CVE-2015-7827
+ RESERVED
+CVE-2015-7826
+ RESERVED
+CVE-2015-7825
+ RESERVED
+CVE-2015-7824
+ RESERVED
+CVE-2015-7823
+ RESERVED
+CVE-2015-7822
+ RESERVED
+CVE-2015-7821
+ RESERVED
+CVE-2015-7820
+ RESERVED
+CVE-2015-7819
+ RESERVED
+CVE-2015-7818
+ RESERVED
+CVE-2015-7817
+ RESERVED
+CVE-2015-7816
+ RESERVED
+CVE-2015-7815
+ RESERVED
+CVE-2015-7814
+ RESERVED
+CVE-2015-7813
+ RESERVED
+CVE-2015-7812
+ RESERVED
+CVE-2013-7445 (The Direct Rendering Manager (DRM) subsystem in the Linux kernel ...)
+ TODO: check
CVE-2015-XXXX [lldpd: buffer overflow when handling management address TLV]
- lldpd <unfixed>
NOTE: https://github.com/vincentbernat/lldpd/commit/dd4f16e7e816f2165fba76e3d162cd8d2978dcb2
@@ -9,6 +67,7 @@
- dc3dd <unfixed> (bug #801872)
NOTE: http://seclists.org/bugtraq/2015/Oct/71
CVE-2015-7830
+ RESERVED
- wireshark <unfixed>
[squeeze] - wireshark <not-affected> (Vulnerable code not present)
NOTE: https://www.wireshark.org/security/wnpa-sec-2015-30.html
@@ -186,18 +245,18 @@
RESERVED
CVE-2015-7731
RESERVED
-CVE-2015-7730
- RESERVED
-CVE-2015-7729
- RESERVED
-CVE-2015-7728
- RESERVED
-CVE-2015-7727
- RESERVED
-CVE-2015-7726
- RESERVED
-CVE-2015-7725
- RESERVED
+CVE-2015-7730 (SAP BusinessObjects BI Platform 4.1, BusinessObjects Edge 4.0, and ...)
+ TODO: check
+CVE-2015-7729 (Eval injection in test-net.xsjs in the Web-based Development Workbench ...)
+ TODO: check
+CVE-2015-7728 (Cross-site scripting (XSS) vulnerability in user creation in the ...)
+ TODO: check
+CVE-2015-7727 (Multiple SQL injection vulnerabilities in the Web-based Development ...)
+ TODO: check
+CVE-2015-7726 (Cross-site scripting (XSS) vulnerability in role deletion in the ...)
+ TODO: check
+CVE-2015-7725 (Multiple SQL injection vulnerabilities in the Web-based Development ...)
+ TODO: check
CVE-2015-7724
RESERVED
CVE-2015-7723
@@ -451,14 +510,11 @@
RESERVED
CVE-2015-7646
RESERVED
-CVE-2015-7645
- RESERVED
+CVE-2015-7645 (Adobe Flash Player 18.x through 18.0.0.252 and 19.x through 19.0.0.207 ...)
TODO: check
-CVE-2015-7644
- RESERVED
+CVE-2015-7644 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2015-7643
- RESERVED
+CVE-2015-7643 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 ...)
NOT-FOR-US: Adobe Flash Player
CVE-2015-7642
RESERVED
@@ -476,58 +532,48 @@
RESERVED
CVE-2015-7635
RESERVED
-CVE-2015-7634
- RESERVED
+CVE-2015-7634 (Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2015-7633
- RESERVED
+CVE-2015-7633 (Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2015-7632
- RESERVED
+CVE-2015-7632 (Buffer overflow in Adobe Flash Player before 18.0.0.252 and 19.x ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2015-7631
- RESERVED
+CVE-2015-7631 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2015-7630
- RESERVED
+CVE-2015-7630 (Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2015-7629
- RESERVED
+CVE-2015-7629 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2015-7628
- RESERVED
+CVE-2015-7628 (Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on ...)
TODO: check
-CVE-2015-7627
- RESERVED
+CVE-2015-7627 (Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2015-7626
- RESERVED
+CVE-2015-7626 (Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2015-7625
- RESERVED
+CVE-2015-7625 (Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2015-7624
- RESERVED
-CVE-2015-7623
- RESERVED
-CVE-2015-7622
- RESERVED
-CVE-2015-7621
- RESERVED
-CVE-2015-7620
- RESERVED
-CVE-2015-7619
- RESERVED
-CVE-2015-7618
- RESERVED
-CVE-2015-7617
- RESERVED
-CVE-2015-7616
- RESERVED
-CVE-2015-7615
- RESERVED
-CVE-2015-7614
- RESERVED
+CVE-2015-7624 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, ...)
+ TODO: check
+CVE-2015-7623 (The ANAuthenticateResource method in Adobe Reader and Acrobat 10.x ...)
+ TODO: check
+CVE-2015-7622 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, ...)
+ TODO: check
+CVE-2015-7621 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+ TODO: check
+CVE-2015-7620 (The ANSendForBrowserReview method in Adobe Reader and Acrobat 10.x ...)
+ TODO: check
+CVE-2015-7619 (The ANShareFile2 method in Adobe Reader and Acrobat 10.x before ...)
+ TODO: check
+CVE-2015-7618 (The CBAutoConfigCommentRepository method in Adobe Reader and Acrobat ...)
+ TODO: check
+CVE-2015-7617 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+ TODO: check
+CVE-2015-7616 (The ANVerifyComments method in Adobe Reader and Acrobat 10.x before ...)
+ TODO: check
+CVE-2015-7615 (Use-after-free vulnerability in a SaveAs feature in Adobe Reader and ...)
+ TODO: check
+CVE-2015-7614 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, ...)
+ TODO: check
CVE-2015-7612 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
NOT-FOR-US: McAfee
CVE-2015-7665
@@ -1047,42 +1093,32 @@
NOT-FOR-US: Schneider Electric InduSoft Web Studio
CVE-2015-7374 (The Remote Agent component in Schneider Electric InduSoft Web Studio ...)
NOT-FOR-US: Schneider Electric InduSoft Web Studio
-CVE-2015-7373
- RESERVED
+CVE-2015-7373 (Cross-site scripting (XSS) vulnerability in the "magic-macros" feature ...)
NOT-FOR-US: Revive Adserver
-CVE-2015-7372
- RESERVED
+CVE-2015-7372 (Directory traversal vulnerability in delivery-dev/al.php in Revive ...)
NOT-FOR-US: Revive Adserver
-CVE-2015-7371
- RESERVED
+CVE-2015-7371 (Revive Adserver before 3.2.2 does not restrict access to run-mpe.php, ...)
NOT-FOR-US: Revive Adserver
-CVE-2015-7370
- RESERVED
+CVE-2015-7370 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
NOT-FOR-US: Revive Adserver
-CVE-2015-7369
- RESERVED
+CVE-2015-7369 (The default Flash cross-domain policy (crossdomain.xml) in Revive ...)
NOT-FOR-US: Revive Adserver
-CVE-2015-7368
- RESERVED
+CVE-2015-7368 (Revive Adserver before 3.2.2 does not send the appropriate ...)
NOT-FOR-US: Revive Adserver
-CVE-2015-7367
- RESERVED
+CVE-2015-7367 (Revive Adserver before 3.2.2 allows remote attackers to perform ...)
NOT-FOR-US: Revive Adserver
-CVE-2015-7366
- RESERVED
+CVE-2015-7366 (Multiple cross-site request forgery (CSRF) vulnerabilities in Revive ...)
NOT-FOR-US: Revive Adserver
-CVE-2015-7365
- RESERVED
+CVE-2015-7365 (Cross-site scripting (XSS) vulnerability in the plugin upgrade form in ...)
NOT-FOR-US: Revive Adserver
-CVE-2015-7364
- RESERVED
+CVE-2015-7364 (The HTML_Quickform library, as used in Revive Adserver before 3.2.2, ...)
NOT-FOR-US: Revive Adserver
CVE-2015-7363
RESERVED
CVE-2015-7362
RESERVED
-CVE-2015-7361
- RESERVED
+CVE-2015-7361 (FortiOS 5.2.3, when configured to use High Availability (HA) and the ...)
+ TODO: check
CVE-2015-7360
RESERVED
CVE-2015-XXXX [DoS]
@@ -2522,18 +2558,15 @@
RESERVED
CVE-2015-6764
RESERVED
-CVE-2015-6763
- RESERVED
+CVE-2015-6763 (Multiple unspecified vulnerabilities in Google Chrome before ...)
- chromium-browser <unfixed>
[wheezy] - chromium-browser <end-of-life>
[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6762
- RESERVED
+CVE-2015-6762 (The CSSFontFaceSrcValue::fetch function in ...)
- chromium-browser <unfixed>
[wheezy] - chromium-browser <end-of-life>
[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6761
- RESERVED
+CVE-2015-6761 (The update_dimensions function in libavcodec/vp8.c in FFmpeg through ...)
- ffmpeg <unfixed>
- libav <removed>
- chromium-browser 44.0.2403.157-1
@@ -2543,33 +2576,27 @@
NOTE: https://code.google.com/p/chromium/issues/detail?id=532967
NOTE: Starting with 44.0.2403.157-1 chromium uses the ffmpeg system copy
NOTE: It looks like this relates to multithreaded decoding of VPx codecs, which is not implemented in the squeeze version. But I'm not sure as the second bug report is still private.
-CVE-2015-6760
- RESERVED
+CVE-2015-6760 (The Image11::map function in renderer/d3d/d3d11/Image11.cpp in ...)
- chromium-browser <unfixed>
[wheezy] - chromium-browser <end-of-life>
[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6759
- RESERVED
+CVE-2015-6759 (The shouldTreatAsUniqueOrigin function in ...)
- chromium-browser <unfixed>
[wheezy] - chromium-browser <end-of-life>
[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6758
- RESERVED
+CVE-2015-6758 (The CPDF_Document::GetPage function in ...)
- chromium-browser <unfixed>
[wheezy] - chromium-browser <end-of-life>
[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6757
- RESERVED
+CVE-2015-6757 (Use-after-free vulnerability in ...)
- chromium-browser <unfixed>
[wheezy] - chromium-browser <end-of-life>
[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6756
- RESERVED
+CVE-2015-6756 (Use-after-free vulnerability in the CPDFSDK_PageView implementation in ...)
- chromium-browser <unfixed>
[wheezy] - chromium-browser <end-of-life>
[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6755
- RESERVED
+CVE-2015-6755 (The ContainerNode::parserInsertBefore function in ...)
- chromium-browser <unfixed>
[wheezy] - chromium-browser <end-of-life>
[squeeze] - chromium-browser <end-of-life>
@@ -2600,8 +2627,8 @@
NOTE: http://seclists.org/bugtraq/2015/Aug/161
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/09/01/8
TODO: check
-CVE-2015-6723
- RESERVED
+CVE-2015-6723 (The ANTrustPropagateAll method in Adobe Reader and Acrobat 10.x before ...)
+ TODO: check
CVE-2015-6806 (The MScrollV function in ansi.c in GNU screen 4.3.1 and earlier does ...)
{DSA-3352-1 DLA-305-1}
- screen 4.3.1-2 (bug #797624)
@@ -2631,10 +2658,10 @@
NOTE: http://www.openwall.com/lists/oss-security/2015/08/28/3
CVE-2015-6726
RESERVED
-CVE-2015-6725
- RESERVED
-CVE-2015-6724
- RESERVED
+CVE-2015-6725 (The ANSendForSharedReview method in Adobe Reader and Acrobat 10.x ...)
+ TODO: check
+CVE-2015-6724 (The ANSendForApproval method in Adobe Reader and Acrobat 10.x before ...)
+ TODO: check
CVE-2015-5723 [Security Misconfiguration Vulnerability in various Doctrine projects]
RESERVED
{DSA-3369-1}
@@ -2659,86 +2686,86 @@
NOTE: http://www.doctrine-project.org/2015/08/31/security_misconfiguration_vulnerability_in_various_doctrine_projects.html
NOTE: https://github.com/aws/aws-sdk-php/releases/tag/3.2.1
NOTE: http://framework.zend.com/security/advisory/ZF2015-07
-CVE-2015-6722
- RESERVED
-CVE-2015-6721
- RESERVED
-CVE-2015-6720
- RESERVED
-CVE-2015-6719
- RESERVED
-CVE-2015-6718
- RESERVED
-CVE-2015-6717
- RESERVED
-CVE-2015-6716
- RESERVED
-CVE-2015-6715
- RESERVED
-CVE-2015-6714
- RESERVED
-CVE-2015-6713
- RESERVED
-CVE-2015-6712
- RESERVED
-CVE-2015-6711
- RESERVED
-CVE-2015-6710
- RESERVED
-CVE-2015-6709
- RESERVED
-CVE-2015-6708
- RESERVED
-CVE-2015-6707
- RESERVED
-CVE-2015-6706
- RESERVED
-CVE-2015-6705
- RESERVED
-CVE-2015-6704
- RESERVED
-CVE-2015-6703
- RESERVED
-CVE-2015-6702
- RESERVED
-CVE-2015-6701
- RESERVED
-CVE-2015-6700
- RESERVED
-CVE-2015-6699
- RESERVED
-CVE-2015-6698
- RESERVED
-CVE-2015-6697
- RESERVED
-CVE-2015-6696
- RESERVED
-CVE-2015-6695
- RESERVED
-CVE-2015-6694
- RESERVED
-CVE-2015-6693
- RESERVED
-CVE-2015-6692
- RESERVED
-CVE-2015-6691
- RESERVED
-CVE-2015-6690
- RESERVED
-CVE-2015-6689
- RESERVED
-CVE-2015-6688
- RESERVED
-CVE-2015-6687
- RESERVED
-CVE-2015-6686
- RESERVED
-CVE-2015-6685
- RESERVED
-CVE-2015-6684
- RESERVED
-CVE-2015-6683
- RESERVED
+CVE-2015-6722 (The CBSharedReviewStatusDialog method in Adobe Reader and Acrobat 10.x ...)
+ TODO: check
+CVE-2015-6721 (The CBSharedReviewSecurityDialog method in Adobe Reader and Acrobat ...)
+ TODO: check
+CVE-2015-6720 (The ANRunSharedReviewEmailStep method in Adobe Reader and Acrobat 10.x ...)
+ TODO: check
+CVE-2015-6719 (The CBSharedReviewCloseDialog method in Adobe Reader and Acrobat 10.x ...)
+ TODO: check
+CVE-2015-6718 (The CBSharedReviewIfOfflineDialog method in Adobe Reader and Acrobat ...)
+ TODO: check
+CVE-2015-6717 (The DynamicAnnotStore method in Adobe Reader and Acrobat 10.x before ...)
+ TODO: check
+CVE-2015-6716 (The ANSendForFormDistribution method in Adobe Reader and Acrobat 10.x ...)
+ TODO: check
+CVE-2015-6715 (The Function apply implementation in Adobe Reader and Acrobat 10.x ...)
+ TODO: check
+CVE-2015-6714 (The Function bind implementation in Adobe Reader and Acrobat 10.x ...)
+ TODO: check
+CVE-2015-6713 (The Function call implementation in Adobe Reader and Acrobat 10.x ...)
+ TODO: check
+CVE-2015-6712 (The ANSendApprovalToAuthorEnabled method in Adobe Reader and Acrobat ...)
+ TODO: check
+CVE-2015-6711 (The DoIdentityDialog method in Adobe Reader and Acrobat 10.x before ...)
+ TODO: check
+CVE-2015-6710 (The CBBBRInit method in Adobe Reader and Acrobat 10.x before 10.1.16 ...)
+ TODO: check
+CVE-2015-6709 (The CBBBRInvite method in Adobe Reader and Acrobat 10.x before 10.1.16 ...)
+ TODO: check
+CVE-2015-6708 (The ANStartApproval method in Adobe Reader and Acrobat 10.x before ...)
+ TODO: check
+CVE-2015-6707 (The ANSendForReview method in Adobe Reader and Acrobat 10.x before ...)
+ TODO: check
+CVE-2015-6706 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, ...)
+ TODO: check
+CVE-2015-6705 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, ...)
+ TODO: check
+CVE-2015-6704 (The animations property implementation in Adobe Reader and Acrobat ...)
+ TODO: check
+CVE-2015-6703 (The loadFlashMovie function in Adobe Reader and Acrobat 10.x before ...)
+ TODO: check
+CVE-2015-6702 (The createSquareMesh function in Adobe Reader and Acrobat 10.x before ...)
+ TODO: check
+CVE-2015-6701 (The ambientIlluminationColor property implementation in Adobe Reader ...)
+ TODO: check
+CVE-2015-6700 (The setBackground function in Adobe Reader and Acrobat 10.x before ...)
+ TODO: check
+CVE-2015-6699 (The addForegroundSprite function in Adobe Reader and Acrobat 10.x ...)
+ TODO: check
+CVE-2015-6698 (Heap-based buffer overflow in the AcroForm implementation in Adobe ...)
+ TODO: check
+CVE-2015-6697 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, ...)
+ TODO: check
+CVE-2015-6696 (Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before ...)
+ TODO: check
+CVE-2015-6695 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, ...)
+ TODO: check
+CVE-2015-6694 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, ...)
+ TODO: check
+CVE-2015-6693 (The signatureSetSeedValue method in Adobe Reader and Acrobat 10.x ...)
+ TODO: check
+CVE-2015-6692 (Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.16 and ...)
+ TODO: check
+CVE-2015-6691 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+ TODO: check
+CVE-2015-6690 (Use-after-free vulnerability in the popUpMenuEx method in Adobe Reader ...)
+ TODO: check
+CVE-2015-6689 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+ TODO: check
+CVE-2015-6688 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+ TODO: check
+CVE-2015-6687 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+ TODO: check
+CVE-2015-6686 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, ...)
+ TODO: check
+CVE-2015-6685 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, ...)
+ TODO: check
+CVE-2015-6684 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+ TODO: check
+CVE-2015-6683 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+ TODO: check
CVE-2015-6682 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 ...)
NOT-FOR-US: Adobe Flash Player
CVE-2015-6681 (Adobe Shockwave Player before 12.2.0.162 allows attackers to execute ...)
@@ -3148,8 +3175,8 @@
NOT-FOR-US: pfSense
CVE-2015-6508 (Cross-site scripting (XSS) vulnerability in pfSense before 2.2.3 ...)
NOT-FOR-US: pfSense
-CVE-2015-6507
- RESERVED
+CVE-2015-6507 (The hdbsql client 1.00.091.00 Build 1418659308-1530 in SAP HANA allows ...)
+ TODO: check
CVE-2015-6833 [Files extracted from archive may be placed outside of destination directory]
RESERVED
{DSA-3344-1}
@@ -3519,10 +3546,10 @@
RESERVED
CVE-2015-6335
RESERVED
-CVE-2015-6334
- RESERVED
-CVE-2015-6333
- RESERVED
+CVE-2015-6334 (Cisco ASR 5000 and 5500 devices with software 18.0.0.57828 and ...)
+ TODO: check
+CVE-2015-6333 (Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows ...)
+ TODO: check
CVE-2015-6332 (Cisco Prime Infrastructure 2.2 allows remote attackers to cause a ...)
NOT-FOR-US: Cisco
CVE-2015-6331 (SQL injection vulnerability in the web framework in Cisco Prime ...)
@@ -4174,8 +4201,8 @@
RESERVED
CVE-2015-6004
RESERVED
-CVE-2015-6003
- RESERVED
+CVE-2015-6003 (Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 ...)
+ TODO: check
CVE-2015-6002
RESERVED
CVE-2015-6001
@@ -5214,8 +5241,8 @@
RESERVED
CVE-2015-5661
RESERVED
-CVE-2015-5660
- RESERVED
+CVE-2015-5660 (Cross-site request forgery (CSRF) vulnerability in eXtplorer before ...)
+ TODO: check
CVE-2015-5659 (SQL injection vulnerability in Network Applied Communication ...)
TODO: check
CVE-2015-5658
@@ -5387,14 +5414,14 @@
NOT-FOR-US: Adobe Flash Player
CVE-2015-5587 (Stack-based buffer overflow in Adobe Flash Player before 18.0.0.241 ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2015-5586
- RESERVED
+CVE-2015-5586 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before ...)
+ TODO: check
CVE-2015-5585
RESERVED
CVE-2015-5584 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2015-5583
- RESERVED
+CVE-2015-5583 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, ...)
+ TODO: check
CVE-2015-5582 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on ...)
NOT-FOR-US: Adobe Flash Player
CVE-2015-5581 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 ...)
@@ -5421,8 +5448,7 @@
NOT-FOR-US: Adobe Flash Player
CVE-2015-5570 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2015-5569
- RESERVED
+CVE-2015-5569 (Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on ...)
NOT-FOR-US: Adobe Flash Player
CVE-2015-5568 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on ...)
NOT-FOR-US: Adobe Flash Player
@@ -7208,8 +7234,8 @@
NOT-FOR-US: IBM
CVE-2015-4949 (IBM Tivoli Storage Manager for Databases: Data Protection for ...)
NOT-FOR-US: IBM
-CVE-2015-4948
- RESERVED
+CVE-2015-4948 (netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre ...)
+ TODO: check
CVE-2015-4947 (Stack-based buffer overflow in the Administration Server in IBM HTTP ...)
NOT-FOR-US: IBM WebSphere
CVE-2015-4946
More information about the Secure-testing-commits
mailing list