[Secure-testing-commits] r44227 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Tue Aug 30 21:10:11 UTC 2016
Author: sectracker
Date: 2016-08-30 21:10:11 +0000 (Tue, 30 Aug 2016)
New Revision: 44227
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-08-30 21:08:37 UTC (rev 44226)
+++ data/CVE/list 2016-08-30 21:10:11 UTC (rev 44227)
@@ -1,3 +1,29 @@
+CVE-2016-7110
+ RESERVED
+CVE-2016-7109
+ RESERVED
+CVE-2016-7108
+ RESERVED
+CVE-2016-7107
+ RESERVED
+CVE-2016-7106
+ RESERVED
+CVE-2016-7105
+ RESERVED
+CVE-2016-7104
+ RESERVED
+CVE-2016-7102
+ RESERVED
+CVE-2016-7101
+ RESERVED
+CVE-2016-7100
+ RESERVED
+CVE-2016-7099
+ RESERVED
+CVE-2016-7096
+ RESERVED
+CVE-2016-7095
+ RESERVED
CVE-2016-XXXX [allows the 'amanda' user to execute any code as root, and to execute an interactive shell as root]
- amanda 1:3.3.9-1
TODO: check
@@ -2,6 +28,8 @@
CVE-2016-7111
+ RESERVED
- mantis <not-affected> (Vulnerable code introduced in 1.3.0-rc.2)
NOTE: https://github.com/mantisbt/mantisbt/commit/b3511d2feb47eaee41feb5f69cf3c8a2c9acd229
NOTE: https://mantisbt.org/bugs/view.php?id=21263
CVE-2016-7103
+ RESERVED
- jqueryui <unfixed>
@@ -20,11 +48,13 @@
CVE-2016-7090
RESERVED
CVE-2016-7098
+ RESERVED
- wget <unfixed> (low)
[jessie] - wget <no-dsa> (Minor issue)
NOTE: http://git.savannah.gnu.org/cgit/wget.git/commit/?id=9ffb64ba6a8121909b01e984deddce8d096c498d
NOTE: http://git.savannah.gnu.org/cgit/wget.git/commit/?id=690c47e3b18c099843cdf557a0425d701fca4957
CVE-2016-7097 [Setting a POSIX ACL via setxattr doesn't clear the setgid bit]
+ RESERVED
- linux <unfixed>
NOTE: http://www.spinics.net/lists/linux-fsdevel/msg98328.html
NOTE: http://marc.info/?l=linux-fsdevel&m=147162313630259&w=2
@@ -682,6 +712,7 @@
CVE-2016-6793
RESERVED
CVE-2015-8954 [suricata: evasion issues]
+ RESERVED
- suricata 2.0.6-1 (bug #777523)
[wheezy] - suricata <no-dsa> (Minor issue)
[squeeze] - suricata <no-dsa> (Minor issue)
@@ -2098,7 +2129,7 @@
RESERVED
NOT-FOR-US: Red Hat QCI
CVE-2016-6339
- RESERVED
+ REJECTED
CVE-2016-6338
RESERVED
NOT-FOR-US: ovirt-engine
@@ -4381,8 +4412,8 @@
NOT-FOR-US: Huawei
CVE-2016-5722 (OceanStor 5300 V3, 5500 V3, 5600 V3, 5800 V3, 6800 V3, 18800 V3, and ...)
NOT-FOR-US: OceanStor
-CVE-2016-5721
- RESERVED
+CVE-2016-5721 (Multiple cross-site scripting (XSS) vulnerabilities in Zimbra ...)
+ TODO: check
CVE-2016-5720
RESERVED
CVE-2016-5719
@@ -4457,8 +4488,8 @@
RESERVED
CVE-2016-5684
RESERVED
-CVE-2016-5683
- RESERVED
+CVE-2016-5683 (ReadyDesk 9.1 allows local users to determine cleartext SQL Server ...)
+ TODO: check
CVE-2016-5682
RESERVED
CVE-2016-5681 (Stack-based buffer overflow in dws/api/Login on D-Link DIR-850L B1 ...)
@@ -4495,12 +4526,12 @@
NOT-FOR-US: Creston
CVE-2016-5665
RESERVED
-CVE-2016-5664
- RESERVED
-CVE-2016-5663
- RESERVED
-CVE-2016-5662
- RESERVED
+CVE-2016-5664 (Directory traversal vulnerability on Accellion Kiteworks appliances ...)
+ TODO: check
+CVE-2016-5663 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+ TODO: check
+CVE-2016-5662 (Accellion Kiteworks appliances before kw2016.03.00 use setuid-root ...)
+ TODO: check
CVE-2016-5661 (Accela Civic Platform Citizen Access portal relies on the client to ...)
NOT-FOR-US: Accela
CVE-2016-5660 (Cross-site scripting (XSS) vulnerability in AttachmentsList.aspx in ...)
@@ -6696,12 +6727,12 @@
RESERVED
CVE-2016-5051
RESERVED
-CVE-2016-5050
- RESERVED
-CVE-2016-5049
- RESERVED
-CVE-2016-5048
- RESERVED
+CVE-2016-5050 (Unrestricted file upload vulnerability in chat/sendfile.aspx in ...)
+ TODO: check
+CVE-2016-5049 (Directory traversal vulnerability in chat/openattach.aspx in ReadyDesk ...)
+ TODO: check
+CVE-2016-5048 (SQL injection vulnerability in chat/staff/default.aspx in ReadyDesk ...)
+ TODO: check
CVE-2016-5047
RESERVED
CVE-2016-5046
@@ -8882,8 +8913,8 @@
RESERVED
CVE-2016-4379
RESERVED
-CVE-2016-4378
- RESERVED
+CVE-2016-4378 (The (1) Device Manager, (2) Tiered Storage Manager, (3) Replication ...)
+ TODO: check
CVE-2016-4377 (HPE Smart Update in Storage Sizing Tool before 13.0, Converged ...)
TODO: check
CVE-2016-4376 (HPE FOS before 7.4.1d and 8.x before 8.0.1 on StoreFabric B switches ...)
@@ -9163,18 +9194,18 @@
RESERVED
CVE-2016-4271
RESERVED
-CVE-2016-4270
- RESERVED
-CVE-2016-4269
- RESERVED
-CVE-2016-4268
- RESERVED
-CVE-2016-4267
- RESERVED
-CVE-2016-4266
- RESERVED
-CVE-2016-4265
- RESERVED
+CVE-2016-4270 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-4269 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-4268 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-4267 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-4266 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-4265 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
+ TODO: check
CVE-2016-4264
RESERVED
CVE-2016-4263
@@ -9465,8 +9496,8 @@
NOT-FOR-US: Adobe
CVE-2016-4120 (Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before ...)
NOT-FOR-US: Adobe
-CVE-2016-4119
- RESERVED
+CVE-2016-4119 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
CVE-2016-4118 (Untrusted search path vulnerability in the add-in installer in Adobe ...)
NOT-FOR-US: Adobe
CVE-2016-4117 (Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to ...)
@@ -31600,8 +31631,8 @@
NOT-FOR-US: HP Systems Insight Manager
CVE-2015-5401
RESERVED
-CVE-2015-5399
- RESERVED
+CVE-2015-5399 (Cross-site scripting (XSS) vulnerability in PHPVibe before 4.21 allows ...)
+ TODO: check
CVE-2015-5398
RESERVED
CVE-2015-5397 (Cross-site request forgery (CSRF) vulnerability in Joomla! 3.2.0 ...)
More information about the Secure-testing-commits
mailing list