[Secure-testing-commits] r36800 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Wed Sep 23 09:10:12 UTC 2015


Author: sectracker
Date: 2015-09-23 09:10:12 +0000 (Wed, 23 Sep 2015)
New Revision: 36800

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-09-23 06:36:30 UTC (rev 36799)
+++ data/CVE/list	2015-09-23 09:10:12 UTC (rev 36800)
@@ -1,3 +1,27 @@
+CVE-2015-7308
+	RESERVED
+CVE-2015-7307 (Cross-site scripting (XSS) vulnerability in the CMS Updater module ...)
+	TODO: check
+CVE-2015-7306 (The CMS Updater module 7.x-1.x before 7.x-1.3 for Drupal does not ...)
+	TODO: check
+CVE-2015-7305 (The Scald module 7.x-1.x before 7.x-1.5 for Drupal does not properly ...)
+	TODO: check
+CVE-2015-7304 (Cross-site scripting (XSS) vulnerability in the amoCRM module 7.x-1.x ...)
+	TODO: check
+CVE-2015-7303 (Use-after-free vulnerability in the Update Manager service in Avira ...)
+	TODO: check
+CVE-2015-7302
+	RESERVED
+CVE-2015-7301
+	RESERVED
+CVE-2015-7300
+	RESERVED
+CVE-2015-7299
+	RESERVED
+CVE-2015-7298
+	RESERVED
+CVE-2015-7297
+	RESERVED
 CVE-2015-XXXX [Privilege escalation via core-gui]
 	- core-network <unfixed> (bug #799756)
 	NOTE: http://pf.itd.nrl.navy.mil/pipermail/core-users/2015-August/001837.html
@@ -803,8 +827,8 @@
 	RESERVED
 CVE-2015-6924
 	RESERVED
-CVE-2015-6923
-	RESERVED
+CVE-2015-6923 (The ndvbs module in VBox Communications Satellite Express Protocol ...)
+	TODO: check
 CVE-2015-6922
 	RESERVED
 CVE-2015-6921 (Cross-site scripting (XSS) vulnerability in the Zendesk Feedback Tab ...)
@@ -1182,8 +1206,7 @@
 	NOTE: https://github.com/LibVNC/libvncserver/commit/804335f9d296440bb708ca844f5d89b58b50b0c6
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/09/03/8
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=706087#c1 notes that the fix breaks ABI
-CVE-2015-6938 [XSS]
-	RESERVED
+CVE-2015-6938 (Cross-site scripting (XSS) vulnerability in the file browser in ...)
 	- ipython <unfixed> (low; bug #798886)
 	[wheezy] - ipython <no-dsa> (Minor issue)
 	[jessie] - ipython <no-dsa> (Minor issue)
@@ -1325,8 +1348,7 @@
 	- screen 4.3.1-2 (bug #797624)
 	NOTE: https://savannah.gnu.org/bugs/?45713
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/01/1
-CVE-2015-6749 [buffer overflow in aiff_open()]
-	RESERVED
+CVE-2015-6749 (Buffer overflow in the aiff_open function in oggenc/audio.c in ...)
 	- vorbis-tools <unfixed> (bug #797461)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/29/1
 	NOTE: https://trac.xiph.org/ticket/2212
@@ -1452,24 +1474,19 @@
 	RESERVED
 CVE-2015-6683
 	RESERVED
-CVE-2015-6682
-	RESERVED
+CVE-2015-6682 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2015-6681 (Adobe Shockwave Player before 12.2.0.162 allows attackers to execute ...)
 	NOT-FOR-US: Adobe Shockwave Player
 CVE-2015-6680 (Adobe Shockwave Player before 12.2.0.162 allows attackers to execute ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2015-6679
-	RESERVED
+CVE-2015-6679 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-6678
-	RESERVED
+CVE-2015-6678 (Buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-6677
-	RESERVED
+CVE-2015-6677 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-6676
-	RESERVED
+CVE-2015-6676 (Buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2015-6675 (Siemens RUGGEDCOM ROS 3.8.0 through 4.1.x permanently enables the IP ...)
 	NOT-FOR-US: Siemens RUGGEDCOM ROS
@@ -2416,8 +2433,8 @@
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7932c0bd7740f4cd2aa168d3ce0199e7af7d72d5 (v4.2-rc5)
 CVE-2015-6239
 	RESERVED
-CVE-2015-6238
-	RESERVED
+CVE-2015-6238 (Multiple cross-site scripting (XSS) vulnerabilities in the Google ...)
+	TODO: check
 CVE-2015-6237
 	RESERVED
 CVE-2015-6236
@@ -4033,8 +4050,8 @@
 	NOTE: libv8 not covered by security support
 CVE-2015-5604
 	RESERVED
-CVE-2015-5603
-	RESERVED
+CVE-2015-5603 (The HipChat for JIRA plugin before 6.30.0 for Atlassian JIRA allows ...)
+	TODO: check
 CVE-2015-5602
 	RESERVED
 CVE-2015-5601
@@ -4072,67 +4089,49 @@
 CVE-2015-5591
 	RESERVED
 	NOT-FOR-US: Zenphoto
-CVE-2015-5588
-	RESERVED
+CVE-2015-5588 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5587
-	RESERVED
+CVE-2015-5587 (Stack-based buffer overflow in Adobe Flash Player before 18.0.0.241 ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2015-5586
 	RESERVED
 CVE-2015-5585
 	RESERVED
-CVE-2015-5584
-	RESERVED
+CVE-2015-5584 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2015-5583
 	RESERVED
-CVE-2015-5582
-	RESERVED
+CVE-2015-5582 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5581
-	RESERVED
+CVE-2015-5581 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5580
-	RESERVED
+CVE-2015-5580 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5579
-	RESERVED
+CVE-2015-5579 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5578
-	RESERVED
+CVE-2015-5578 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5577
-	RESERVED
+CVE-2015-5577 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5576
-	RESERVED
+CVE-2015-5576 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5575
-	RESERVED
+CVE-2015-5575 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5574
-	RESERVED
+CVE-2015-5574 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5573
-	RESERVED
+CVE-2015-5573 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5572
-	RESERVED
+CVE-2015-5572 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5571
-	RESERVED
+CVE-2015-5571 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5570
-	RESERVED
+CVE-2015-5570 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2015-5569
 	RESERVED
-CVE-2015-5568
-	RESERVED
+CVE-2015-5568 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5567
-	RESERVED
+CVE-2015-5567 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2015-5566 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 ...)
 	NOT-FOR-US: Adobe Flash Player




More information about the Secure-testing-commits mailing list