[Secure-testing-commits] r37360 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Mon Oct 26 21:10:12 UTC 2015
Author: sectracker
Date: 2015-10-26 21:10:12 +0000 (Mon, 26 Oct 2015)
New Revision: 37360
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-10-26 21:03:34 UTC (rev 37359)
+++ data/CVE/list 2015-10-26 21:10:12 UTC (rev 37360)
@@ -1,3 +1,75 @@
+CVE-2015-7979
+ RESERVED
+CVE-2015-7978
+ RESERVED
+CVE-2015-7977
+ RESERVED
+CVE-2015-7976
+ RESERVED
+CVE-2015-7975
+ RESERVED
+CVE-2015-7974
+ RESERVED
+CVE-2015-7973
+ RESERVED
+CVE-2015-7972
+ RESERVED
+CVE-2015-7971
+ RESERVED
+CVE-2015-7970
+ RESERVED
+CVE-2015-7969
+ RESERVED
+CVE-2015-7968
+ RESERVED
+CVE-2015-7967
+ RESERVED
+CVE-2015-7966
+ RESERVED
+CVE-2015-7965
+ RESERVED
+CVE-2015-7964
+ RESERVED
+CVE-2015-7963
+ RESERVED
+CVE-2015-7962
+ RESERVED
+CVE-2015-7961
+ RESERVED
+CVE-2015-7960
+ RESERVED
+CVE-2015-7959
+ RESERVED
+CVE-2015-7958
+ RESERVED
+CVE-2015-7957
+ RESERVED
+CVE-2015-7956
+ RESERVED
+CVE-2015-7955
+ RESERVED
+CVE-2015-7954
+ RESERVED
+CVE-2015-7953
+ RESERVED
+CVE-2015-7952
+ RESERVED
+CVE-2015-7951
+ RESERVED
+CVE-2015-7950
+ RESERVED
+CVE-2015-7949
+ RESERVED
+CVE-2015-7948
+ RESERVED
+CVE-2015-7947
+ RESERVED
+CVE-2015-7946
+ RESERVED
+CVE-2015-7945
+ RESERVED
+CVE-2015-7944
+ RESERVED
CVE-2015-XXXX [busybox: pointer misuse unziping files]
- busybox <unfixed> (bug #803097)
NOTE: http://www.openwall.com/lists/oss-security/2015/10/25/3
@@ -186,6 +258,7 @@
[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
CVE-2015-7943 [Open Redirect - SA-CORE-2015-004]
+ RESERVED
- drupal7 7.41-1
NOTE: https://www.drupal.org/SA-CORE-2015-004
NOTE: http://www.openwall.com/lists/oss-security/2015/10/21/6
@@ -2223,50 +2296,50 @@
RESERVED
CVE-2015-7024
RESERVED
-CVE-2015-7023
- RESERVED
+CVE-2015-7023 (CFNetwork in Apple iOS before 9.1 and OS X before 10.11.1 does not ...)
+ TODO: check
CVE-2015-7022 (The Telephony subsystem in Apple iOS before 9.1 allows attackers to ...)
TODO: check
-CVE-2015-7021
- RESERVED
-CVE-2015-7020
- RESERVED
-CVE-2015-7019
- RESERVED
-CVE-2015-7018
- RESERVED
+CVE-2015-7021 (The Graphics Drivers subsystem in Apple OS X before 10.11.1 allows ...)
+ TODO: check
+CVE-2015-7020 (The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X ...)
+ TODO: check
+CVE-2015-7019 (The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X ...)
+ TODO: check
+CVE-2015-7018 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows ...)
+ TODO: check
CVE-2015-7017 (CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes ...)
TODO: check
-CVE-2015-7016
- RESERVED
-CVE-2015-7015
- RESERVED
-CVE-2015-7014
- RESERVED
-CVE-2015-7013
- RESERVED
-CVE-2015-7012
- RESERVED
-CVE-2015-7011
- RESERVED
-CVE-2015-7010
- RESERVED
-CVE-2015-7009
- RESERVED
-CVE-2015-7008
- RESERVED
-CVE-2015-7007
- RESERVED
-CVE-2015-7006
- RESERVED
+CVE-2015-7016 (The MCX Application Restrictions component in Apple OS X before ...)
+ TODO: check
+CVE-2015-7015 (Heap-based buffer overflow in the DNS client library in configd in ...)
+ TODO: check
+CVE-2015-7014 (WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and ...)
+ TODO: check
+CVE-2015-7013 (WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, ...)
+ TODO: check
+CVE-2015-7012 (WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and ...)
+ TODO: check
+CVE-2015-7011 (WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, ...)
+ TODO: check
+CVE-2015-7010 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows ...)
+ TODO: check
+CVE-2015-7009 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows ...)
+ TODO: check
+CVE-2015-7008 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows ...)
+ TODO: check
+CVE-2015-7007 (Script Editor in Apple OS X before 10.11.1 allows remote attackers to ...)
+ TODO: check
+CVE-2015-7006 (Directory traversal vulnerability in the BOM (aka Bill of Materials) ...)
+ TODO: check
CVE-2015-7005 (WebKit, as used in Apple iOS before 9.1, allows remote attackers to ...)
TODO: check
CVE-2015-7004 (The kernel in Apple iOS before 9.1 allows attackers to cause a denial ...)
TODO: check
-CVE-2015-7003
- RESERVED
-CVE-2015-7002
- RESERVED
+CVE-2015-7003 (coreaudiod in Audio in Apple OS X before 10.11.1 does not initialize ...)
+ TODO: check
+CVE-2015-7002 (WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and ...)
+ TODO: check
CVE-2015-7001
RESERVED
CVE-2015-7000 (Notification Center in Apple iOS before 9.1 mishandles changes to ...)
@@ -2277,34 +2350,34 @@
RESERVED
CVE-2015-6997 (The X.509 certificate-trust implementation in Apple iOS before 9.1 ...)
TODO: check
-CVE-2015-6996
- RESERVED
-CVE-2015-6995
- RESERVED
-CVE-2015-6994
- RESERVED
-CVE-2015-6993
- RESERVED
+CVE-2015-6996 (IOAcceleratorFamily in Apple iOS before 9.1, OS X before 10.11.1, and ...)
+ TODO: check
+CVE-2015-6995 (The Disk Images component in Apple iOS before 9.1 and OS X before ...)
+ TODO: check
+CVE-2015-6994 (The kernel in Apple iOS before 9.1 and OS X before 10.11.1 mishandles ...)
+ TODO: check
+CVE-2015-6993 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows ...)
+ TODO: check
CVE-2015-6992 (CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes ...)
TODO: check
-CVE-2015-6991
- RESERVED
-CVE-2015-6990
- RESERVED
-CVE-2015-6989
- RESERVED
-CVE-2015-6988
- RESERVED
-CVE-2015-6987
- RESERVED
+CVE-2015-6991 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows ...)
+ TODO: check
+CVE-2015-6990 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows ...)
+ TODO: check
+CVE-2015-6989 (Grand Central Dispatch in Apple iOS before 9.1, OS X before 10.11.1, ...)
+ TODO: check
+CVE-2015-6988 (The kernel in Apple iOS before 9.1 and OS X before 10.11.1 does not ...)
+ TODO: check
+CVE-2015-6987 (The File Bookmark component in Apple OS X before 10.11.1 allows local ...)
+ TODO: check
CVE-2015-6986 (com.apple.driver.AppleVXD393 in the Graphics Driver subsystem in Apple ...)
TODO: check
-CVE-2015-6985
- RESERVED
-CVE-2015-6984
- RESERVED
-CVE-2015-6983
- RESERVED
+CVE-2015-6985 (Apple Type Services (ATS) in Apple OS X before 10.11.1 allows remote ...)
+ TODO: check
+CVE-2015-6984 (libarchive in Apple OS X before 10.11.1 allows attackers to write to ...)
+ TODO: check
+CVE-2015-6983 (Double free vulnerability in Apple iOS before 9.1 and OS X before ...)
+ TODO: check
CVE-2015-6982 (WebKit, as used in Apple iOS before 9.1, allows remote attackers to ...)
TODO: check
CVE-2015-6981 (WebKit, as used in Apple iOS before 9.1, allows remote attackers to ...)
@@ -2313,16 +2386,16 @@
RESERVED
CVE-2015-6979 (GasGauge in Apple iOS before 9.1 allows attackers to execute arbitrary ...)
TODO: check
-CVE-2015-6978
- RESERVED
-CVE-2015-6977
- RESERVED
-CVE-2015-6976
- RESERVED
+CVE-2015-6978 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows ...)
+ TODO: check
+CVE-2015-6977 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows ...)
+ TODO: check
+CVE-2015-6976 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows ...)
+ TODO: check
CVE-2015-6975 (CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes ...)
TODO: check
-CVE-2015-6974
- RESERVED
+CVE-2015-6974 (IOHIDFamily in Apple iOS before 9.1, OS X before 10.11.1, and watchOS ...)
+ TODO: check
CVE-2015-6973 (Multiple cross-site request forgery (CSRF) vulnerabilities in Ignite ...)
NOT-FOR-US: Openfire
CVE-2015-6972 (Multiple cross-site scripting (XSS) vulnerabilities in Ignite Realtime ...)
@@ -3629,8 +3702,8 @@
RESERVED
CVE-2015-6485
RESERVED
-CVE-2015-6484
- RESERVED
+CVE-2015-6484 (3S-Smart CODESYS Gateway Server before 2.3.9.48 allows remote ...)
+ TODO: check
CVE-2015-6483
RESERVED
CVE-2015-6482 (Runtime Toolkit before 2.4.7.48 in 3S-Smart CODESYS before 2.3.9.48 ...)
@@ -3915,8 +3988,8 @@
RESERVED
CVE-2015-6342
RESERVED
-CVE-2015-6341
- RESERVED
+CVE-2015-6341 (The Web Management GUI on Cisco Wireless LAN Controller (WLC) devices ...)
+ TODO: check
CVE-2015-6340
RESERVED
CVE-2015-6339
@@ -3927,8 +4000,8 @@
RESERVED
CVE-2015-6336
RESERVED
-CVE-2015-6335
- RESERVED
+CVE-2015-6335 (The policy implementation in Cisco FireSIGHT Management Center ...)
+ TODO: check
CVE-2015-6334 (Cisco ASR 5000 and 5500 devices with software 18.0.0.57828 and ...)
TODO: check
CVE-2015-6333 (Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows ...)
@@ -3943,17 +4016,13 @@
NOT-FOR-US: Cisco
CVE-2015-6328 (The web framework in Cisco Prime Collaboration Assurance (PCA) 10.5(1) ...)
NOT-FOR-US: Cisco
-CVE-2015-6327
- RESERVED
+CVE-2015-6327 (The IKEv1 implementation in Cisco Adaptive Security Appliance (ASA) ...)
NOT-FOR-US: Cisco
-CVE-2015-6326
- RESERVED
+CVE-2015-6326 (Cisco Adaptive Security Appliance (ASA) software 7.2 and 8.2 before ...)
NOT-FOR-US: Cisco
-CVE-2015-6325
- RESERVED
+CVE-2015-6325 (Cisco Adaptive Security Appliance (ASA) software 7.2 and 8.2 before ...)
NOT-FOR-US: Cisco
-CVE-2015-6324
- RESERVED
+CVE-2015-6324 (The DHCPv6 relay implementation in Cisco Adaptive Security Appliance ...)
NOT-FOR-US: Cisco
CVE-2015-6323
RESERVED
@@ -4892,50 +4961,50 @@
RESERVED
CVE-2015-5946
RESERVED
-CVE-2015-5945
- RESERVED
-CVE-2015-5944
- RESERVED
-CVE-2015-5943
- RESERVED
-CVE-2015-5942
- RESERVED
+CVE-2015-5945 (The Sandbox subsystem in Apple OS X before 10.11.1 allows local users ...)
+ TODO: check
+CVE-2015-5944 (CoreText in Apple OS X before 10.11.1 allows remote attackers to ...)
+ TODO: check
+CVE-2015-5943 (SecurityAgent in Apple OS X before 10.11.1 does not prevent synthetic ...)
+ TODO: check
+CVE-2015-5942 (FontParser in Apple iOS before 9.1, OS X before 10.11.1, and watchOS ...)
+ TODO: check
CVE-2015-5941
RESERVED
-CVE-2015-5940
- RESERVED
-CVE-2015-5939
- RESERVED
-CVE-2015-5938
- RESERVED
-CVE-2015-5937
- RESERVED
-CVE-2015-5936
- RESERVED
-CVE-2015-5935
- RESERVED
-CVE-2015-5934
- RESERVED
-CVE-2015-5933
- RESERVED
-CVE-2015-5932
- RESERVED
-CVE-2015-5931
- RESERVED
-CVE-2015-5930
- RESERVED
-CVE-2015-5929
- RESERVED
-CVE-2015-5928
- RESERVED
-CVE-2015-5927
- RESERVED
-CVE-2015-5926
- RESERVED
-CVE-2015-5925
- RESERVED
-CVE-2015-5924
- RESERVED
+CVE-2015-5940 (The Accelerate Framework component in Apple iOS before 9.1 and OS X ...)
+ TODO: check
+CVE-2015-5939 (ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS ...)
+ TODO: check
+CVE-2015-5938 (ImageIO in Apple OS X before 10.11.1 allows remote attackers to ...)
+ TODO: check
+CVE-2015-5937 (ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS ...)
+ TODO: check
+CVE-2015-5936 (ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS ...)
+ TODO: check
+CVE-2015-5935 (ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS ...)
+ TODO: check
+CVE-2015-5934 (Audio in Apple OS X before 10.11.1 allows remote attackers to execute ...)
+ TODO: check
+CVE-2015-5933 (Audio in Apple OS X before 10.11.1 allows remote attackers to execute ...)
+ TODO: check
+CVE-2015-5932 (The kernel in Apple OS X before 10.11.1 allows local users to gain ...)
+ TODO: check
+CVE-2015-5931 (WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, ...)
+ TODO: check
+CVE-2015-5930 (WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and ...)
+ TODO: check
+CVE-2015-5929 (WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and ...)
+ TODO: check
+CVE-2015-5928 (WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and ...)
+ TODO: check
+CVE-2015-5927 (FontParser in Apple iOS before 9.1, OS X before 10.11.1, and watchOS ...)
+ TODO: check
+CVE-2015-5926 (The CoreGraphics component in Apple iOS before 9.1, OS X before ...)
+ TODO: check
+CVE-2015-5925 (The CoreGraphics component in Apple iOS before 9.1, OS X before ...)
+ TODO: check
+CVE-2015-5924 (The OpenGL implementation in Apple iOS before 9.1 and OS X before ...)
+ TODO: check
CVE-2015-5923 (Apple iOS before 9.0.2 does not properly restrict the options ...)
TODO: check
CVE-2015-5922 (Unspecified vulnerability in International Components for Unicode ...)
@@ -6205,8 +6274,7 @@
RESERVED
CVE-2015-5449
RESERVED
-CVE-2015-5448
- RESERVED
+CVE-2015-5448 (HP Asset Manager 9.40 and 9.41 before 9.41.11103 P4-rev1 and 9.50 ...)
NOT-FOR-US: HP Asset Manager
CVE-2015-5447
RESERVED
@@ -6995,7 +7063,7 @@
CVE-2015-5197
REJECTED
CVE-2015-5196
- RESERVED
+ REJECTED
NOTE: To be rejected, is a duplicate of CVE-2015-7703, update entry once REJECTED
CVE-2015-5195 [ntpd crash when processing config commands with statistics type]
RESERVED
@@ -7503,14 +7571,14 @@
RESERVED
CVE-2015-5015
RESERVED
-CVE-2015-5014
- RESERVED
+CVE-2015-5014 (IBM Cognos Disclosure Management (CDM) 10.1.x and 10.2.x before 10.2.4 ...)
+ TODO: check
CVE-2015-5013
RESERVED
CVE-2015-5012
RESERVED
-CVE-2015-5011
- RESERVED
+CVE-2015-5011 (IBM WebSphere Message Broker 8 before 8.0.0.6 and Integration Bus 9 ...)
+ TODO: check
CVE-2015-5010
RESERVED
CVE-2015-5009
@@ -7569,8 +7637,8 @@
RESERVED
CVE-2015-4982
RESERVED
-CVE-2015-4981
- RESERVED
+CVE-2015-4981 (IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and ...)
+ TODO: check
CVE-2015-4980 (Unspecified vulnerability in IBM WebSphere Commerce 7.0.0.6 through ...)
NOT-FOR-US: IBM WebSphere
CVE-2015-4979
@@ -7583,8 +7651,8 @@
RESERVED
CVE-2015-4975
RESERVED
-CVE-2015-4974
- RESERVED
+CVE-2015-4974 (IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and ...)
+ TODO: check
CVE-2015-4973 (Cross-site scripting (XSS) vulnerability in IBM Multi-Enterprise ...)
NOT-FOR-US: IBM
CVE-2015-4972
@@ -19871,16 +19939,16 @@
RESERVED
CVE-2015-1006
RESERVED
-CVE-2015-1005
- RESERVED
+CVE-2015-1005 (IniNet embeddedWebServer (aka eWebServer) before 2.02 for Windows CE ...)
+ TODO: check
CVE-2015-1004
RESERVED
-CVE-2015-1003
- RESERVED
-CVE-2015-1002
- RESERVED
-CVE-2015-1001
- RESERVED
+CVE-2015-1003 (Directory traversal vulnerability in IniNet embeddedWebServer (aka ...)
+ TODO: check
+CVE-2015-1002 (IniNet embeddedWebServer (aka eWebServer) before 2.02 mishandles URL ...)
+ TODO: check
+CVE-2015-1001 (Multiple stack-based buffer overflows in IniNet embeddedWebServer (aka ...)
+ TODO: check
CVE-2015-1000 (Stack-based buffer overflow in the OpenForIPCamTest method in the ...)
NOT-FOR-US: SStreamVideo ActiveX control
CVE-2015-0999 (Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and ...)
More information about the Secure-testing-commits
mailing list