[Secure-testing-commits] r43706 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Mon Aug 1 21:10:09 UTC 2016 

Author: sectracker
Date: 2016-08-01 21:10:09 +0000 (Mon, 01 Aug 2016)
New Revision: 43706

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-08-01 19:03:56 UTC (rev 43705)
+++ data/CVE/list	2016-08-01 21:10:09 UTC (rev 43706)
@@ -1,3 +1,7 @@
+CVE-2016-6495
+	RESERVED
+CVE-2016-6493
+	RESERVED
 CVE-2016-XXXX [bruteforcable challenge responses in unprotected logfile]
 	- mongodb 1:2.6.12-1 (bug #833087)
 	NOTE: Fixed in experimental 1:2.6.11-1, first version in unstable 1:2.6.12-1
@@ -12,6 +16,7 @@
 CVE-2016-6486
 	RESERVED
 CVE-2016-6494 [world-readable .dbshell history file]
+	RESERVED
 	- mongodb <unfixed> (bug #832908)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/29/4
 CVE-2016-6491 [Buffer overflow]
@@ -2704,8 +2709,8 @@
 	RESERVED
 CVE-2016-5673
 	RESERVED
-CVE-2016-5672
-	RESERVED
+CVE-2016-5672 (Intel Crosswalk before 19.49.514.5, 20.x before 20.50.533.11, 21.x ...)
+	TODO: check
 CVE-2016-5671
 	RESERVED
 CVE-2016-5670
@@ -4454,8 +4459,8 @@
 	RESERVED
 CVE-2016-5139
 	RESERVED
-CVE-2016-5138
-	RESERVED
+CVE-2016-5138 (Integer overflow in the kbasep_vinstr_attach_client function in ...)
+	TODO: check
 CVE-2016-5137 (The CSPSource::schemeMatches function in ...)
 	{DSA-3637-1}
 	- chromium-browser 52.0.2743.82-1
@@ -5572,14 +5577,14 @@
 	RESERVED
 CVE-2016-4838
 	RESERVED
-CVE-2016-4837
-	RESERVED
+CVE-2016-4837 (SQL injection vulnerability in the Seed Coupon plugin before 1.6 for ...)
+	TODO: check
 CVE-2016-4836
 	RESERVED
 CVE-2016-4835
 	RESERVED
-CVE-2016-4834
-	RESERVED
+CVE-2016-4834 (modules/Users/actions/Save.php in Vtiger CRM 6.4.0 and earlier does ...)
+	TODO: check
 CVE-2016-4833
 	RESERVED
 CVE-2016-4832
@@ -7005,8 +7010,8 @@
 	RESERVED
 CVE-2016-4374
 	RESERVED
-CVE-2016-4373
-	RESERVED
+CVE-2016-4373 (The AdminUI in HPE Operations Manager (OM) before 9.21.130 on Linux, ...)
+	TODO: check
 CVE-2016-4372 (HPE iMC PLAT before 7.2 E0403P04, iMC EAD before 7.2 E0405P05, iMC APM ...)
 	TODO: check
 CVE-2016-4371 (HPE Service Manager Software 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, ...)
@@ -10312,8 +10317,7 @@
 	RESERVED
 CVE-2016-3121
 	RESERVED
-CVE-2016-3120
-	RESERVED
+CVE-2016-3120 (The validate_as_request function in kdc_util.c in the Key Distribution ...)
 	- krb5 1.14.3+dfsg-1 (bug #832572)
 	[jessie] - krb5 <no-dsa> (Minor issue; can be fixed along with a future DSA)
 	[wheezy] - krb5 <no-dsa> (Minor issue; can be fixed along with a future DSA)
@@ -13637,8 +13641,7 @@
 	RESERVED
 CVE-2016-2181
 	RESERVED
-CVE-2016-2180 [Fix OOB read in TS_OBJ_print_bio()]
-	RESERVED
+CVE-2016-2180 (The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 ...)
 	- openssl <unfixed>
 	[jessie] - openssl <no-dsa> (Wait until next openssl update round)
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=0ed26acce328ec16a3aa635f1ca37365e8c7403a
@@ -15879,20 +15882,20 @@
 	- chromium-browser 48.0.2564.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1611
-	RESERVED
-CVE-2016-1610
-	RESERVED
-CVE-2016-1609
-	RESERVED
-CVE-2016-1608
-	RESERVED
-CVE-2016-1607
-	RESERVED
+CVE-2016-1611 (Novell Filr 1.2 before Hot Patch 6 and 2.0 before Hot Patch 2 uses ...)
+	TODO: check
+CVE-2016-1610 (Directory traversal vulnerability in the email-template feature in ...)
+	TODO: check
+CVE-2016-1609 (Multiple cross-site scripting (XSS) vulnerabilities in Novell Filr ...)
+	TODO: check
+CVE-2016-1608 (vaconfig/time in Novell Filr before 1.2 Security Update 3 and 2.0 ...)
+	TODO: check
+CVE-2016-1607 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+	TODO: check
 CVE-2016-1606 (Multiple stack-based buffer overflows in COM objects in Micro Focus ...)
 	TODO: check
-CVE-2016-1605
-	RESERVED
+CVE-2016-1605 (Directory traversal vulnerability in the ReportViewServlet servlet in ...)
+	TODO: check
 CVE-2016-1604
 	RESERVED
 CVE-2016-1603
@@ -16372,8 +16375,8 @@
 	TODO: check
 CVE-2016-1462 (Cross-site scripting (XSS) vulnerability in the web-based management ...)
 	TODO: check
-CVE-2016-1461
-	RESERVED
+CVE-2016-1461 (Cisco AsyncOS on Email Security Appliance (ESA) devices through ...)
+	TODO: check
 CVE-2016-1460 (Cisco Wireless LAN Controller (WLC) devices 7.4(121.0) and ...)
 	TODO: check
 CVE-2016-1459 (Cisco IOS 12.4 and 15.0 through 15.5 and IOS XE 3.13 through 3.17 ...)

More information about the Secure-testing-commits mailing list