[Secure-testing-commits] r36880 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Mon Sep 28 21:10:11 UTC 2015
Author: sectracker
Date: 2015-09-28 21:10:11 +0000 (Mon, 28 Sep 2015)
New Revision: 36880
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-09-28 18:11:40 UTC (rev 36879)
+++ data/CVE/list 2015-09-28 21:10:11 UTC (rev 36880)
@@ -1,3 +1,51 @@
+CVE-2015-7383 (Multiple cross-site scripting (XSS) vulnerabilities in Web Reference ...)
+ TODO: check
+CVE-2015-7382 (SQL injection vulnerability in install.php in Web Reference Database ...)
+ TODO: check
+CVE-2015-7381 (Multiple PHP remote file inclusion vulnerabilities in install.php in ...)
+ TODO: check
+CVE-2015-7380
+ RESERVED
+CVE-2015-7379
+ RESERVED
+CVE-2015-7378
+ RESERVED
+CVE-2015-7377
+ RESERVED
+CVE-2015-7376
+ RESERVED
+CVE-2015-7375 (Schneider Electric InduSoft Web Studio before 8.0 allows remote ...)
+ TODO: check
+CVE-2015-7374 (The Remote Agent component in Schneider Electric InduSoft Web Studio ...)
+ TODO: check
+CVE-2015-7373
+ RESERVED
+CVE-2015-7372
+ RESERVED
+CVE-2015-7371
+ RESERVED
+CVE-2015-7370
+ RESERVED
+CVE-2015-7369
+ RESERVED
+CVE-2015-7368
+ RESERVED
+CVE-2015-7367
+ RESERVED
+CVE-2015-7366
+ RESERVED
+CVE-2015-7365
+ RESERVED
+CVE-2015-7364
+ RESERVED
+CVE-2015-7363
+ RESERVED
+CVE-2015-7362
+ RESERVED
+CVE-2015-7361
+ RESERVED
+CVE-2015-7360
+ RESERVED
CVE-2015-XXXX [DoS]
- libemail-address-perl 1.908-1
NOTE: as of 1.908 as mitigation default value for nestable
@@ -1128,6 +1176,7 @@
NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=df14e6c0b9592cbb24d5381dfc6106b14f915e75 (VER-2-5-3)
NOTE: http://www.openwall.com/lists/oss-security/2015/09/11/4
CVE-2014-9746 [use of uninitialized data]
+ RESERVED
- freetype 2.6-1 (bug #798619)
NOTE: https://launchpad.net/bugs/1449225
NOTE: http://www.ubuntu.com/usn/usn-2739-1/
@@ -1135,6 +1184,7 @@
NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=8b281f83e8516535756f92dbf90940ac44bd45e1 (VER-2-5-3)
NOTE: http://www.openwall.com/lists/oss-security/2015/09/11/4
CVE-2014-9747 [t42parse.c vulnerability]
+ RESERVED
- freetype 2.6-1 (bug #798619)
NOTE: https://launchpad.net/bugs/1449225
NOTE: http://www.ubuntu.com/usn/usn-2739-1/
@@ -2124,8 +2174,8 @@
NOT-FOR-US: Moxa switches
CVE-2015-6464 (The administrative web interface on Moxa EDS-405A and EDS-408A ...)
NOT-FOR-US: Moxa switches
-CVE-2015-6463
- RESERVED
+CVE-2015-6463 (CodeWrights HART Comm DTM components, as used with Endress+Hauser ...)
+ TODO: check
CVE-2015-6462
RESERVED
CVE-2015-6461
@@ -2436,8 +2486,8 @@
RESERVED
CVE-2015-6308
RESERVED
-CVE-2015-6307
- RESERVED
+CVE-2015-6307 (Cisco FirePOWER (formerly Sourcefire) 7000 and 8000 devices with ...)
+ TODO: check
CVE-2015-6306 (Cisco AnyConnect Secure Mobility Client 4.1(8) on OS X and Linux does ...)
NOT-FOR-US: Cisco
CVE-2015-6305 (Untrusted search path vulnerability in the ...)
@@ -2490,14 +2540,11 @@
NOT-FOR-US: Cisco IOS
CVE-2015-6281
RESERVED
-CVE-2015-6280
- RESERVED
+CVE-2015-6280 (The SSHv2 functionality in Cisco IOS 15.2, 15.3, 15.4, and 15.5 and ...)
NOT-FOR-US: Cisco IOS
-CVE-2015-6279
- RESERVED
+CVE-2015-6279 (The IPv6 snooping functionality in the first-hop security subsystem in ...)
NOT-FOR-US: Cisco IOS
-CVE-2015-6278
- RESERVED
+CVE-2015-6278 (The IPv6 snooping functionality in the first-hop security subsystem in ...)
NOT-FOR-US: Cisco IOS
CVE-2015-6277 (The ARP implementation in Cisco NX-OS on Nexus 1000V devices for ...)
NOT-FOR-US: Cisco
@@ -3022,18 +3069,18 @@
RESERVED
CVE-2015-6013
RESERVED
-CVE-2015-6012
- RESERVED
-CVE-2015-6011
- RESERVED
-CVE-2015-6010
- RESERVED
-CVE-2015-6009
- RESERVED
-CVE-2015-6008
- RESERVED
-CVE-2015-6007
- RESERVED
+CVE-2015-6012 (Multiple open redirect vulnerabilities in Web Reference Database (aka ...)
+ TODO: check
+CVE-2015-6011 (Web Reference Database (aka refbase) through 0.9.6 and bleeding-edge ...)
+ TODO: check
+CVE-2015-6010 (Multiple cross-site scripting (XSS) vulnerabilities in Web Reference ...)
+ TODO: check
+CVE-2015-6009 (Multiple SQL injection vulnerabilities in Web Reference Database (aka ...)
+ TODO: check
+CVE-2015-6008 (install.php in Web Reference Database (aka refbase) through 0.9.6 ...)
+ TODO: check
+CVE-2015-6007 (Cross-site request forgery (CSRF) vulnerability in Web Reference ...)
+ TODO: check
CVE-2015-6006
RESERVED
CVE-2015-6005
@@ -8656,8 +8703,8 @@
RESERVED
CVE-2015-3975
RESERVED
-CVE-2015-3974
- RESERVED
+CVE-2015-3974 (EasyIO EasyIO-30P-SF controllers with firmware before 0.5.21 and 2.x ...)
+ TODO: check
CVE-2015-3973
RESERVED
CVE-2015-3972
@@ -21214,8 +21261,8 @@
NOT-FOR-US: OPCTest.exe in Rockwell Automation RSLinx Classic
CVE-2014-9203 (Buffer overflow in the Field Device Tool (FDT) Frame application in ...)
NOT-FOR-US: HART Device Type Manager (DTM) library
-CVE-2014-9202
- RESERVED
+CVE-2014-9202 (Multiple stack-based buffer overflows in an unspecified DLL file in ...)
+ TODO: check
CVE-2014-9201 (Beckwith Electric M-6200 Digital Voltage Regulator Control with ...)
NOT-FOR-US: Beckwith Electric digital voltage regulators
CVE-2014-9200 (Stack-based buffer overflow in an unspecified DLL file in a DTM ...)
More information about the Secure-testing-commits
mailing list