[Secure-testing-commits] r37438 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Thu Oct 29 21:10:20 UTC 2015
Author: sectracker
Date: 2015-10-29 21:10:20 +0000 (Thu, 29 Oct 2015)
New Revision: 37438
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-10-29 21:07:19 UTC (rev 37437)
+++ data/CVE/list 2015-10-29 21:10:20 UTC (rev 37438)
@@ -1,3 +1,33 @@
+CVE-2015-8022
+ RESERVED
+CVE-2015-8021
+ RESERVED
+CVE-2015-8020
+ RESERVED
+CVE-2015-8018
+ RESERVED
+CVE-2015-8017
+ RESERVED
+CVE-2015-8016
+ RESERVED
+CVE-2015-8015
+ RESERVED
+CVE-2015-8014
+ RESERVED
+CVE-2015-8013
+ RESERVED
+CVE-2015-8012
+ RESERVED
+CVE-2015-8011
+ RESERVED
+CVE-2015-8009
+ RESERVED
+CVE-2015-8008
+ RESERVED
+CVE-2015-8007
+ RESERVED
+CVE-2015-8006
+ RESERVED
CVE-2015-XXXX [iptables-persistent minor local info leak]
- iptables-persistent <unfixed> (low; bug #764645)
[squeeze] - iptables-persistent <no-dsa> (Minor issue)
@@ -53,6 +83,7 @@
NOTE: http://hg.dovecot.org/dovecot-2.2/rev/05e0700daea3
TODO: check
CVE-2015-8019 [Buffer overflow when copying data from skbuff to userspace]
+ RESERVED
- linux <unfixed>
- linux-2.6 <removed>
NOTE: http://www.openwall.com/lists/oss-security/2015/10/27/11
@@ -187,6 +218,7 @@
NOTE: https://github.com/relan/exfat/commit/35a1f77f9be2d8b21731f758baba4334935bf18b
NOTE: will possibly not get a CVE, cf. http://www.openwall.com/lists/oss-security/2015/10/29/13
CVE-2015-8010 [XSS in the Icinga Classic-UI]
+ RESERVED
- icinga <unfixed>
NOTE: Introduced by: https://dev.icinga.org/issues/593 in 1.3.
NOTE: Upstream issue: https://dev.icinga.org/issues/10453
@@ -1067,8 +1099,7 @@
RESERVED
CVE-2015-7650
RESERVED
-CVE-2015-7649
- RESERVED
+CVE-2015-7649 (Adobe Shockwave Player before 12.2.1.171 allows attackers to execute ...)
NOT-FOR-US: Adobe Shockwave Player
CVE-2015-7648 (Adobe Flash Player before 18.0.0.255 and 19.x before 19.0.0.226 on ...)
NOT-FOR-US: Adobe Flash Player
@@ -2592,7 +2623,7 @@
NOT-FOR-US: Pentaho
CVE-2015-7989 [Cross-site scripting vulnerability in the user list table]
RESERVED
- {DSA-3375-1 DLA-321-1}
+ {DSA-3383-1 DSA-3375-1 DLA-321-1}
- wordpress 4.3.1+dfsg-1 (bug #799140)
NOTE: https://github.com/WordPress/WordPress/commit/f91a5fd10ea7245e5b41e288624819a37adf290a
NOTE: http://www.openwall.com/lists/oss-security/2015/10/26/7
@@ -4714,8 +4745,8 @@
RESERVED
CVE-2015-6035
RESERVED
-CVE-2015-6034
- RESERVED
+CVE-2015-6034 (EPSON Network Utility 4.10 uses weak permissions (Everyone: Full ...)
+ TODO: check
CVE-2015-6033
RESERVED
CVE-2015-6032
@@ -4775,8 +4806,8 @@
NOT-FOR-US: Web Reference Database (aka refbase)
CVE-2015-6007 (Cross-site request forgery (CSRF) vulnerability in Web Reference ...)
NOT-FOR-US: Web Reference Database (aka refbase)
-CVE-2015-6006
- RESERVED
+CVE-2015-6006 (The AddUserFinding implementation in Medicomp MEDCIN Engine ...)
+ TODO: check
CVE-2015-6005
RESERVED
CVE-2015-6004
@@ -5574,7 +5605,7 @@
NOT-FOR-US: Websense Content Gateway
CVE-2015-5734
RESERVED
- {DSA-3332-1 DLA-294-1}
+ {DSA-3383-1 DSA-3332-1 DLA-294-1}
- wordpress 4.2.4+dfsg-1 (bug #794560)
NOTE: https://core.trac.wordpress.org/changeset/33549
CVE-2015-5733
@@ -5591,12 +5622,12 @@
NOTE: https://core.trac.wordpress.org/changeset/33541
CVE-2015-5732
RESERVED
- {DSA-3332-1 DLA-294-1}
+ {DSA-3383-1 DSA-3332-1 DLA-294-1}
- wordpress 4.2.4+dfsg-1 (bug #794560)
NOTE: https://core.trac.wordpress.org/changeset/33529
CVE-2015-5731
RESERVED
- {DSA-3332-1 DLA-294-1}
+ {DSA-3383-1 DSA-3332-1 DLA-294-1}
- wordpress 4.2.4+dfsg-1 (bug #794560)
NOTE: https://core.trac.wordpress.org/changeset/33542
NOTE: https://core.trac.wordpress.org/changeset/33543
@@ -5614,13 +5645,13 @@
RESERVED
CVE-2015-5715
RESERVED
- {DSA-3375-1 DLA-321-1}
+ {DSA-3383-1 DSA-3375-1 DLA-321-1}
- wordpress 4.3.1+dfsg-1 (bug #799140)
NOTE: https://wordpress.org/news/2015/09/wordpress-4-3-1/
NOTE: https://github.com/WordPress/WordPress/commit/9c57f3a4291f2311ae05f22c10eedeb0f69337ab
CVE-2015-5714
RESERVED
- {DSA-3375-1 DLA-321-1}
+ {DSA-3383-1 DSA-3375-1 DLA-321-1}
- wordpress 4.3.1+dfsg-1 (bug #799140)
NOTE: https://wordpress.org/news/2015/09/wordpress-4-3-1/
NOTE: https://github.com/WordPress/WordPress/commit/f72b21af23da6b6d54208e5c1d65ececdaa109c8
@@ -5800,14 +5831,14 @@
RESERVED
CVE-2015-5672
RESERVED
-CVE-2015-5671
- RESERVED
-CVE-2015-5670
- RESERVED
-CVE-2015-5669
- RESERVED
-CVE-2015-5668
- RESERVED
+CVE-2015-5671 (Techno Project Japan Enisys Gw before 1.4.1 allows remote attackers to ...)
+ TODO: check
+CVE-2015-5670 (Cross-site scripting (XSS) vulnerability in Techno Project Japan ...)
+ TODO: check
+CVE-2015-5669 (Techno Project Japan Enisys Gw before 1.4.1 allows remote ...)
+ TODO: check
+CVE-2015-5668 (SQL injection vulnerability in Techno Project Japan Enisys Gw before ...)
+ TODO: check
CVE-2015-5667
RESERVED
CVE-2015-5666
@@ -5934,7 +5965,7 @@
[squeeze] - wordpress <not-affected> (Vulnerable code not present)
NOTE: https://core.trac.wordpress.org/changeset/33357
CVE-2015-5622 (Cross-site scripting (XSS) vulnerability in WordPress before 4.2.3 ...)
- {DSA-3332-1 DLA-294-1}
+ {DSA-3383-1 DSA-3332-1 DLA-294-1}
- wordpress 4.2.3+dfsg-1
NOTE: https://core.trac.wordpress.org/changeset/33359
CVE-2015-5611 (Unspecified vulnerability in Uconnect before 15.26.1, as used in ...)
@@ -7635,8 +7666,8 @@
RESERVED
CVE-2015-5041
RESERVED
-CVE-2015-5040
- RESERVED
+CVE-2015-5040 (Buffer overflow in IBM Domino 8.5.1 through 8.5.3 before 8.5.3 FP6 ...)
+ TODO: check
CVE-2015-5039
RESERVED
CVE-2015-5038
@@ -7721,14 +7752,14 @@
RESERVED
CVE-2015-4998
RESERVED
-CVE-2015-4997
- RESERVED
+CVE-2015-4997 (IBM WebSphere Portal 8.5.0 before CF08 allows remote attackers to ...)
+ TODO: check
CVE-2015-4996
RESERVED
CVE-2015-4995
RESERVED
-CVE-2015-4994
- RESERVED
+CVE-2015-4994 (Buffer overflow in IBM Domino 8.5.1 through 8.5.3 before 8.5.3 FP6 ...)
+ TODO: check
CVE-2015-4993
RESERVED
CVE-2015-4992 (IBM Sterling B2B Integrator 5.2 before 5020500_8 allows remote ...)
@@ -13734,14 +13765,14 @@
RESERVED
CVE-2015-2902
RESERVED
-CVE-2015-2901
- RESERVED
-CVE-2015-2900
- RESERVED
-CVE-2015-2899
- RESERVED
-CVE-2015-2898
- RESERVED
+CVE-2015-2901 (Multiple stack-based buffer overflows in Medicomp MEDCIN Engine ...)
+ TODO: check
+CVE-2015-2900 (The AddUserFinding add_userfinding2 function in Medicomp MEDCIN Engine ...)
+ TODO: check
+CVE-2015-2899 (Heap-based buffer overflow in the QualifierList ...)
+ TODO: check
+CVE-2015-2898 (Multiple stack-based buffer overflows in Medicomp MEDCIN Engine before ...)
+ TODO: check
CVE-2015-2897 (Sierra Wireless ALEOS before 4.4.2 on AirLink ES, GX, and LS devices ...)
NOT-FOR-US: Sierra Wireless ALEOS
CVE-2015-2896
@@ -15998,7 +16029,7 @@
NOT-FOR-US: NetCat CMS
CVE-2015-2213 [SQL injection]
RESERVED
- {DSA-3332-1 DLA-294-1}
+ {DSA-3383-1 DSA-3332-1 DLA-294-1}
- wordpress 4.2.4+dfsg-1 (bug #794560)
NOTE: https://core.trac.wordpress.org/changeset/33555
NOTE: https://core.trac.wordpress.org/changeset/33556
@@ -24985,8 +25016,8 @@
NOT-FOR-US: IBM
CVE-2014-8913 (Cross-site scripting (XSS) vulnerability in the Process Portal in IBM ...)
NOT-FOR-US: IBM
-CVE-2014-8912
- RESERVED
+CVE-2014-8912 (IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 ...)
+ TODO: check
CVE-2014-8911 (Cross-site scripting (XSS) vulnerability in IBM Content Navigator ...)
NOT-FOR-US: IBM Content Navigator
CVE-2014-8910 (IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 ...)
More information about the Secure-testing-commits
mailing list