[Secure-testing-commits] r38703 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Mon Jan 4 21:10:11 UTC 2016
Author: sectracker
Date: 2016-01-04 21:10:11 +0000 (Mon, 04 Jan 2016)
New Revision: 38703
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-01-04 20:24:55 UTC (rev 38702)
+++ data/CVE/list 2016-01-04 21:10:11 UTC (rev 38703)
@@ -1,3 +1,73 @@
+CVE-2016-1282
+ RESERVED
+CVE-2016-1281
+ RESERVED
+CVE-2015-8742 (The dissect_CPMSetBindings function in epan/dissectors/packet-mswsp.c ...)
+ TODO: check
+CVE-2015-8741 (The dissect_ppi function in epan/dissectors/packet-ppi.c in the PPI ...)
+ TODO: check
+CVE-2015-8740 (The dissect_tds7_colmetadata_token function in ...)
+ TODO: check
+CVE-2015-8739 (The ipmi_fmt_udpport function in epan/dissectors/packet-ipmi.c in the ...)
+ TODO: check
+CVE-2015-8738 (The s7comm_decode_ud_cpu_szl_subfunc function in ...)
+ TODO: check
+CVE-2015-8737 (The mp2t_open function in wiretap/mp2t.c in the MP2T file parser in ...)
+ TODO: check
+CVE-2015-8736 (The mp2t_find_next_pcr function in wiretap/mp2t.c in the MP2T file ...)
+ TODO: check
+CVE-2015-8735 (The get_value function in epan/dissectors/packet-btatt.c in the ...)
+ TODO: check
+CVE-2015-8734 (The dissect_nwp function in epan/dissectors/packet-nwp.c in the NWP ...)
+ TODO: check
+CVE-2015-8733 (The ngsniffer_process_record function in wiretap/ngsniffer.c in the ...)
+ TODO: check
+CVE-2015-8732 (The dissect_zcl_pwr_prof_pwrprofstatersp function in ...)
+ TODO: check
+CVE-2015-8731 (The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c ...)
+ TODO: check
+CVE-2015-8730 (epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark ...)
+ TODO: check
+CVE-2015-8729 (The ascend_seek function in wiretap/ascendtext.c in the Ascend file ...)
+ TODO: check
+CVE-2015-8728 (The Mobile Identity parser in (1) epan/dissectors/packet-ansi_a.c in ...)
+ TODO: check
+CVE-2015-8727 (The dissect_rsvp_common function in epan/dissectors/packet-rsvp.c in ...)
+ TODO: check
+CVE-2015-8726 (wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before ...)
+ TODO: check
+CVE-2015-8725 (The dissect_diameter_base_framed_ipv6_prefix function in ...)
+ TODO: check
+CVE-2015-8724 (The AirPDcapDecryptWPABroadcastKey function in epan/crypt/airpdcap.c ...)
+ TODO: check
+CVE-2015-8723 (The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the ...)
+ TODO: check
+CVE-2015-8722 (epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark ...)
+ TODO: check
+CVE-2015-8721 (Buffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c ...)
+ TODO: check
+CVE-2015-8720 (The dissect_ber_GeneralizedTime function in ...)
+ TODO: check
+CVE-2015-8719 (The dissect_dns_answer function in epan/dissectors/packet-dns.c in the ...)
+ TODO: check
+CVE-2015-8718 (Double free vulnerability in epan/dissectors/packet-nlm.c in the NLM ...)
+ TODO: check
+CVE-2015-8717 (The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP ...)
+ TODO: check
+CVE-2015-8716 (The init_t38_info_conv function in epan/dissectors/packet-t38.c in the ...)
+ TODO: check
+CVE-2015-8715 (epan/dissectors/packet-alljoyn.c in the AllJoyn dissector in Wireshark ...)
+ TODO: check
+CVE-2015-8714 (The dissect_dcom_OBJREF function in epan/dissectors/packet-dcom.c in ...)
+ TODO: check
+CVE-2015-8713 (epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark ...)
+ TODO: check
+CVE-2015-8712 (The dissect_hsdsch_channel_info function in ...)
+ TODO: check
+CVE-2015-8711 (epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark ...)
+ TODO: check
+CVE-2015-8707
+ RESERVED
CVE-2015-8744 [net: vmxnet3: incorrect l2 header validation leads to a crash]
- qemu 1:2.5+dfsg-1
[wheezy] - qemu <not-affected> (Vulnerable code introduced later)
@@ -26,12 +96,13 @@
NOTE: https://github.com/htacg/tidy-html5/issues/341
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/01/03/4
CVE-2014-9759 [MantisBT SOAP API can be used to disclose confidential settings]
+ RESERVED
- mantis <not-affected> (Affects >= 1.3.0-beta.1)
NOTE: http://github.com/mantisbt/mantisbt/commit/7927c275
NOTE: https://sourceforge.net/p/mantisbt/mailman/message/32948048/
NOTE: https://mantisbt.org/bugs/view.php?id=20277
NOTE: http://www.openwall.com/lists/oss-security/2016/01/02/1
-CVE-2016-1283 [PCRE Library Heap Overflow Vulnerability]
+CVE-2016-1283 (The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles ...)
- pcre3 <unfixed> (bug #809706)
[jessie] - pcre3 <no-dsa> (Minor issue)
[wheezy] - pcre3 <not-affected> (Vulnerable code not present)
@@ -1003,6 +1074,7 @@
[squeeze] - stalin <no-dsa> (Minor issue)
NOTE: http://www.openwall.com/lists/oss-security/2015/12/27/1
CVE-2015-8708 [for incomplete fix for CVE-2015-8614]
+ RESERVED
- claws-mail <unfixed>
- macopix <not-affected> (Incomplete fix not applied)
CVE-2015-8614 [no bounds checking on the output buffer in conv_jistoeuc, conv_euctojis, conv_sjistoeuc]
@@ -1209,6 +1281,7 @@
NOTE: https://github.com/blueman-project/blueman/commit/a3845bbed5fdddf14daec436b7e74f62719a71c1
NOTE: http://www.openwall.com/lists/oss-security/2015/12/18/6
CVE-2015-8709 [privilege escalation in user namespaces]
+ RESERVED
- linux 4.3.3-3
[wheezy] - linux <not-affected> (Vulnerable code not present)
- linux-2.6 <not-affected> (Vulnerable code not present)
@@ -2892,11 +2965,9 @@
RESERVED
CVE-2015-8510
RESERVED
-CVE-2015-8509
- RESERVED
+CVE-2015-8509 (Template.pm in Bugzilla 2.x, 3.x, and 4.x before 4.2.16, 4.3.x and ...)
- bugzilla4 <itp> (bug #669643)
-CVE-2015-8508
- RESERVED
+CVE-2015-8508 (Cross-site scripting (XSS) vulnerability in showdependencygraph.cgi in ...)
- bugzilla4 <itp> (bug #669643)
CVE-2015-8507 (mediaserver in Android 6.0 before 2015-12-01 allows remote attackers ...)
- android <itp> (bug #459219)
@@ -4654,8 +4725,7 @@
NOT-FOR-US: SAP
CVE-2015-8028 (Multiple buffer overflows in SAP 3D Visual Enterprise Viewer (VEV) ...)
NOT-FOR-US: SAP
-CVE-2015-8027 [denial of service vulnerability]
- RESERVED
+CVE-2015-8027 (Node.js 0.12.x before 0.12.9, 4.x before 4.2.3, and 5.x before 5.1.1 ...)
- nodejs 4.2.3~dfsg-1 (bug #806385)
[jessie] - nodejs <not-affected> (0.10 series not affected)
NOTE: https://nodejs.org/en/blog/vulnerability/cve-2015-8027_cve-2015-6764/
@@ -6309,8 +6379,8 @@
RESERVED
CVE-2015-7490
RESERVED
-CVE-2015-7489
- RESERVED
+CVE-2015-7489 (IBM SPSS Statistics 22.0.0.2 before IF10 and 23.0.0.2 before IF7 uses ...)
+ TODO: check
CVE-2015-7488
RESERVED
CVE-2015-7487
@@ -6375,20 +6445,20 @@
RESERVED
CVE-2015-7457
RESERVED
-CVE-2015-7456
- RESERVED
+CVE-2015-7456 (IBM Spectrum Scale 4.1.1 before 4.1.1.4, and 4.2.0.0, allows remote ...)
+ TODO: check
CVE-2015-7455
RESERVED
CVE-2015-7454
RESERVED
CVE-2015-7453
RESERVED
-CVE-2015-7452
- RESERVED
-CVE-2015-7451
- RESERVED
-CVE-2015-7450
- RESERVED
+CVE-2015-7452 (IBM Maximo Asset Management 7.5 before 7.5.0.9 FP9 and 7.6 before ...)
+ TODO: check
+CVE-2015-7451 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
+ TODO: check
+CVE-2015-7450 (IBM Tivoli Common Reporting (TCR) 2.1 before IF14, 2.1.1 before IF22, ...)
+ TODO: check
CVE-2015-7449
RESERVED
CVE-2015-7448
@@ -6397,68 +6467,68 @@
TODO: check
CVE-2015-7446
RESERVED
-CVE-2015-7445
- RESERVED
+CVE-2015-7445 (IBM Multi-Enterprise Integration Gateway 1.0 through 1.0.0.1 and B2B ...)
+ TODO: check
CVE-2015-7444
RESERVED
CVE-2015-7443
RESERVED
-CVE-2015-7442
- RESERVED
-CVE-2015-7441
- RESERVED
+CVE-2015-7442 (consoleinst.sh in IBM Installation Manager before 1.7.4.4 and 1.8.x ...)
+ TODO: check
+CVE-2015-7441 (Remote Artifact Loader (RAL) in IBM WebSphere Process Server 7 and ...)
+ TODO: check
CVE-2015-7440
RESERVED
CVE-2015-7439
RESERVED
-CVE-2015-7438
- RESERVED
-CVE-2015-7437
- RESERVED
-CVE-2015-7436
- RESERVED
-CVE-2015-7435
- RESERVED
+CVE-2015-7438 (IBM Sterling B2B Integrator 5.2 allows local users to obtain sensitive ...)
+ TODO: check
+CVE-2015-7437 (Queue Watcher in IBM Sterling B2B Integrator 5.2 allows local users to ...)
+ TODO: check
+CVE-2015-7436 (IBM Tivoli Common Reporting (TCR) 2.1 before IF14, 2.1.1 before IF22, ...)
+ TODO: check
+CVE-2015-7435 (IBM Tivoli Common Reporting (TCR) 2.1 before IF14, 2.1.1 before IF22, ...)
+ TODO: check
CVE-2015-7434
RESERVED
CVE-2015-7433
RESERVED
CVE-2015-7432
RESERVED
-CVE-2015-7431
- RESERVED
-CVE-2015-7430
- RESERVED
-CVE-2015-7429
- RESERVED
+CVE-2015-7431 (Cross-site scripting (XSS) vulnerability in Queue Watcher in IBM ...)
+ TODO: check
+CVE-2015-7430 (The Hadoop connector 1.1.1, 2.4, 2.5, and 2.7.0-0 before 2.7.0-3 for ...)
+ TODO: check
+CVE-2015-7429 (The Data Protection extension in the VMware GUI in IBM Tivoli Storage ...)
+ TODO: check
CVE-2015-7428
RESERVED
CVE-2015-7427 (IBM DataPower Gateway appliances with firmware 6.x before 6.0.0.17, ...)
NOT-FOR-US: IBM
-CVE-2015-7426
- RESERVED
+CVE-2015-7426 (The Data Protection extension in the VMware GUI in IBM Tivoli Storage ...)
+ TODO: check
CVE-2015-7425
RESERVED
CVE-2015-7424
RESERVED
CVE-2015-7423
RESERVED
-CVE-2015-7422
- RESERVED
-CVE-2015-7421
- RESERVED
-CVE-2015-7420
- RESERVED
+CVE-2015-7422 (Buffer overflow in IBM i Access 7.1 on Windows allows local users to ...)
+ TODO: check
+CVE-2015-7421 (Unspecified vulnerability in GSKit on IBM MQ M2000 appliances before ...)
+ TODO: check
+CVE-2015-7420 (Unspecified vulnerability in GSKit on IBM MQ M2000 appliances before ...)
+ TODO: check
CVE-2015-7419 (IBM WebSphere Portal 8.0.0.1 before CF19 and 8.5.0 before CF09 allows ...)
NOT-FOR-US: IBM
CVE-2015-7418
RESERVED
CVE-2015-7417
RESERVED
-CVE-2015-7416
- RESERVED
-CVE-2015-7415
- RESERVED
+CVE-2015-7416 (AFP Workbench Viewer in IBM i Access 7.1 on Windows allows remote ...)
+ TODO: check
+CVE-2015-7415 (Multiple cross-site scripting (XSS) vulnerabilities in IBM UrbanCode ...)
+ TODO: check
CVE-2015-7414
RESERVED
CVE-2015-7413 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 ...)
@@ -6467,36 +6537,36 @@
NOT-FOR-US: IBM
CVE-2015-7411
RESERVED
-CVE-2015-7410
- RESERVED
-CVE-2015-7409
- RESERVED
+CVE-2015-7410 (The Health Check tool in IBM Sterling B2B Integrator 5.2 does not ...)
+ TODO: check
+CVE-2015-7409 (Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM ...)
+ TODO: check
CVE-2015-7408
RESERVED
-CVE-2015-7407
- RESERVED
+CVE-2015-7407 (Cross-site request forgery (CSRF) vulnerability in Lotus Mashups in ...)
+ TODO: check
CVE-2015-7406
RESERVED
CVE-2015-7405
RESERVED
CVE-2015-7404 (IBM Tivoli Storage Manager for Databases: Data Protection for ...)
NOT-FOR-US: IBM
-CVE-2015-7403
- RESERVED
-CVE-2015-7402
- RESERVED
+CVE-2015-7403 (IBM Spectrum Scale 4.1.1.x before 4.1.1.3 and General Parallel File ...)
+ TODO: check
+CVE-2015-7402 (Cross-site scripting (XSS) vulnerability in IBM Curam Social Program ...)
+ TODO: check
CVE-2015-7401
RESERVED
-CVE-2015-7400
- RESERVED
+CVE-2015-7400 (The Lotus Mashups component in IBM Mashup Center 3.0.0.1 allows remote ...)
+ TODO: check
CVE-2015-7399
RESERVED
CVE-2015-7398
RESERVED
CVE-2015-7397
RESERVED
-CVE-2015-7396
- RESERVED
+CVE-2015-7396 (The Scheduler in IBM Maximo Asset Management 7.5 before 7.5.0.8 IF6 ...)
+ TODO: check
CVE-2015-7395 (IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 ...)
NOT-FOR-US: IBM
CVE-2015-7394 (The datastor kernel module in F5 BIG-IP Analytics, APM, ASM, Link ...)
@@ -9929,14 +9999,14 @@
NOT-FOR-US: SpeedSurf
CVE-2015-5991 (Cross-site request forgery (CSRF) vulnerability in form2WlanSetup.cgi ...)
NOT-FOR-US: SpeedSurf
-CVE-2015-5990
- RESERVED
-CVE-2015-5989
- RESERVED
-CVE-2015-5988
- RESERVED
-CVE-2015-5987
- RESERVED
+CVE-2015-5990 (Cross-site request forgery (CSRF) vulnerability on Belkin F9K1102 2 ...)
+ TODO: check
+CVE-2015-5989 (Belkin F9K1102 2 devices with firmware 2.10.17 rely on client-side ...)
+ TODO: check
+CVE-2015-5988 (The web management interface on Belkin F9K1102 2 devices with firmware ...)
+ TODO: check
+CVE-2015-5987 (Belkin F9K1102 2 devices with firmware 2.10.17 use an improper ...)
+ TODO: check
CVE-2015-6241 (The proto_tree_add_bytes_item function in epan/proto.c in the ...)
{DSA-3367-1}
- wireshark 1.12.7+g7fc8978-1
@@ -12970,12 +13040,12 @@
TODO: check
CVE-2015-5052
RESERVED
-CVE-2015-5051
- RESERVED
+CVE-2015-5051 (IBM Maximo Asset Management 7.5 before 7.5.0.8 IF6 and 7.6 before ...)
+ TODO: check
CVE-2015-5050
RESERVED
-CVE-2015-5049
- RESERVED
+CVE-2015-5049 (SQL injection vulnerability in the API in IBM OpenPages GRC Platform ...)
+ TODO: check
CVE-2015-5048
RESERVED
CVE-2015-5047
@@ -12996,14 +13066,14 @@
NOT-FOR-US: IBM Domino
CVE-2015-5039
RESERVED
-CVE-2015-5038
- RESERVED
-CVE-2015-5037
- RESERVED
-CVE-2015-5036
- RESERVED
-CVE-2015-5035
- RESERVED
+CVE-2015-5038 (IBM Connections 3.x before 3.0.1.1 CR3, 4.0 before CR4, 4.5 before ...)
+ TODO: check
+CVE-2015-5037 (Cross-site request forgery (CSRF) vulnerability in IBM Connections 3.x ...)
+ TODO: check
+CVE-2015-5036 (Cross-site scripting (XSS) vulnerability in IBM Connections 3.x before ...)
+ TODO: check
+CVE-2015-5035 (Cross-site scripting (XSS) vulnerability in IBM Connections 3.x before ...)
+ TODO: check
CVE-2015-5034
RESERVED
CVE-2015-5033
@@ -13026,20 +13096,20 @@
RESERVED
CVE-2015-5024 (IBM Emptoris Sourcing 10.0.2.0 before iFix6, 10.0.2.2 before iFix11, ...)
NOT-FOR-US: IBM
-CVE-2015-5023
- RESERVED
+CVE-2015-5023 (SQL injection vulnerability in IBM Curam Social Program Management 6.1 ...)
+ TODO: check
CVE-2015-5022 (IBM Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B ...)
NOT-FOR-US: IBM
CVE-2015-5021 (IBM InfoSphere Information Server 11.3 and 11.5 allows remote ...)
NOT-FOR-US: IBM
-CVE-2015-5020
- RESERVED
+CVE-2015-5020 (The Big SQL component in IBM InfoSphere BigInsights 3.0, 3.0.0.1, ...)
+ TODO: check
CVE-2015-5019 (IBM Sterling Integrator 5.1 before 5010004_8 and Sterling B2B ...)
NOT-FOR-US: IBM
-CVE-2015-5018
- RESERVED
-CVE-2015-5017
- RESERVED
+CVE-2015-5018 (IBM Security Access Manager for Web 7.0.0 before FP19 and 8.0 before ...)
+ TODO: check
+CVE-2015-5017 (IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 ...)
+ TODO: check
CVE-2015-5016
RESERVED
CVE-2015-5015 (IBM WebSphere Commerce Enterprise 7.0.0.9 and 8.x before Feature Pack ...)
@@ -13066,8 +13136,8 @@
NOT-FOR-US: IBM
CVE-2015-5004 (The Edge Component Caching Proxy in IBM WebSphere Application Server ...)
TODO: check
-CVE-2015-5003
- RESERVED
+CVE-2015-5003 (The portal in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, 6.2.3 ...)
+ TODO: check
CVE-2015-5002
RESERVED
CVE-2015-5001 (IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 ...)
@@ -13080,8 +13150,8 @@
TODO: check
CVE-2015-4997 (IBM WebSphere Portal 8.5.0 before CF08 allows remote attackers to ...)
NOT-FOR-US: IBM
-CVE-2015-4996
- RESERVED
+CVE-2015-4996 (IBM Rational ClearQuest 7.1.x and 8.0.0.x before 8.0.0.17 and 8.0.1.x ...)
+ TODO: check
CVE-2015-4995
RESERVED
CVE-2015-4994 (Buffer overflow in IBM Domino 8.5.1 through 8.5.3 before 8.5.3 FP6 ...)
@@ -13092,10 +13162,10 @@
NOT-FOR-US: IBM
CVE-2015-4991
RESERVED
-CVE-2015-4990
- RESERVED
-CVE-2015-4989
- RESERVED
+CVE-2015-4990 (The portal in IBM Tealeaf Customer Experience before 8.7.1.8818, 8.8 ...)
+ TODO: check
+CVE-2015-4989 (The portal in IBM Tealeaf Customer Experience before 8.7.1.8814, 8.8 ...)
+ TODO: check
CVE-2015-4988
RESERVED
CVE-2015-4987
@@ -13148,8 +13218,8 @@
NOT-FOR-US: IBM
CVE-2015-4963 (IBM Security Access Manager for Web 7.x before 7.0.0.16 and 8.x before ...)
NOT-FOR-US: IBM
-CVE-2015-4962
- RESERVED
+CVE-2015-4962 (Jazz Team Server in Jazz Foundation in IBM Rational Collaborative ...)
+ TODO: check
CVE-2015-4961
RESERVED
CVE-2015-4960
@@ -13180,18 +13250,18 @@
NOT-FOR-US: IBM
CVE-2015-4947 (Stack-based buffer overflow in the Administration Server in IBM HTTP ...)
NOT-FOR-US: IBM WebSphere
-CVE-2015-4946
- RESERVED
+CVE-2015-4946 (Rational LifeCycle Project Administration in Jazz Team Server in IBM ...)
+ TODO: check
CVE-2015-4945 (Unspecified vulnerability in the IBM Maximo Anywhere application 7.5.1 ...)
NOT-FOR-US: IBM
CVE-2015-4944 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
NOT-FOR-US: IBM
-CVE-2015-4943
- RESERVED
+CVE-2015-4943 (IBM WebSphere MQ Light 1.x before 1.0.2 allows remote attackers to ...)
+ TODO: check
CVE-2015-4942
RESERVED
-CVE-2015-4941
- RESERVED
+CVE-2015-4941 (IBM WebSphere MQ Light 1.x before 1.0.2 mishandles abbreviated TLS ...)
+ TODO: check
CVE-2015-4940 (Apache Ambari before 2.1, as used in IBM Infosphere BigInsights 4.x ...)
NOT-FOR-US: IBM
CVE-2015-4939 (Cross-site scripting (XSS) vulnerability in IBM Emptoris Supplier ...)
@@ -17740,6 +17810,7 @@
NOTE: https://git.gnome.org/browse/libxml2/commit/?id=a7dfab7411cbf545f359dd3157e5df1eb0e7ce31 (v2.9.3)
NOTE: https://git.gnome.org/browse/libxml2/commit/?id=9b8512337d14c8ddf662fcb98b0135f225a1c489 (v2.9.3)
CVE-2015-8710 [out-of-bounds memory access when parsing an unclosed HTML comment]
+ RESERVED
{DSA-3430-1 DLA-266-1}
- libxml2 2.9.2+really2.9.1+dfsg1-0.1 (bug #782985)
NOTE: Added workaround item to reflect entry fixed status, remove once CVE assigned
@@ -18352,8 +18423,7 @@
NOTE: http://svn.apache.org/viewvc?view=revision&revision=1684515
NOTE: http://svn.apache.org/viewvc?view=revision&revision=1687338 (2.2.x)
NOTE: http://svn.apache.org/viewvc?view=revision&revision=1687339 (2.2.x)
-CVE-2015-3182 [crash on a sample capture file genbroad.snoop]
- RESERVED
+CVE-2015-3182 (epan/dissectors/packet-dec-dnart.c in the DECnet NSP/RT dissector in ...)
- wireshark 1.12.0~rc1-1
[squeeze] - wireshark <not-affected> (Only affected 1.10.x)
[wheezy] - wireshark <not-affected> (Only affected 1.10.x)
@@ -21975,8 +22045,8 @@
NOT-FOR-US: IBM
CVE-2015-2024
RESERVED
-CVE-2015-2023
- RESERVED
+CVE-2015-2023 (Buffer overflow in IBM i Access 7.1 on Windows allows local users to ...)
+ TODO: check
CVE-2015-2022
RESERVED
CVE-2015-2021
@@ -22007,8 +22077,8 @@
RESERVED
CVE-2015-2008
RESERVED
-CVE-2015-2007
- RESERVED
+CVE-2015-2007 (Directory traversal vulnerability in IBM Security QRadar SIEM 7.2.x ...)
+ TODO: check
CVE-2015-2006
RESERVED
CVE-2015-2005
@@ -22051,8 +22121,8 @@
NOT-FOR-US: IBM
CVE-2015-1986 (The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 ...)
NOT-FOR-US: IBM
-CVE-2015-1985
- RESERVED
+CVE-2015-1985 (The queue manager on IBM MQ M2000 appliances before 8.0.0.4 allows ...)
+ TODO: check
CVE-2015-1984 (IBM InfoSphere Master Data Management Collaborative Edition 9.1, 10.1, ...)
NOT-FOR-US: IBM
CVE-2015-1983 (Cross-site scripting (XSS) vulnerability in the Projects page in IBM ...)
@@ -22079,8 +22149,8 @@
RESERVED
CVE-2015-1972 (IBM Tivoli Security Directory Server 6.0 before iFix 75, 6.1 before ...)
NOT-FOR-US: IBM
-CVE-2015-1971
- RESERVED
+CVE-2015-1971 (Unspecified vulnerability in Jazz Team Server in Jazz Foundation in ...)
+ TODO: check
CVE-2015-1970 (The IBM WebSphere DataPower XC10 appliance 2.1 through 2.1.0.3 and 2.5 ...)
NOT-FOR-US: IBM
CVE-2015-1969 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Common ...)
@@ -22127,8 +22197,8 @@
NOT-FOR-US: IBM
CVE-2015-1948 (Stack-based buffer overflow in the server in IBM Tivoli Storage ...)
NOT-FOR-US: IBM
-CVE-2015-1947
- RESERVED
+CVE-2015-1947 (Untrusted search path vulnerability in IBM InfoSphere BigInsights 3.0, ...)
+ TODO: check
CVE-2015-1946 (IBM WebSphere Application Server (WAS) 8.5 before 8.5.5.6, and ...)
NOT-FOR-US: IBM WebSphere
CVE-2015-1945 (Unspecified vulnerability in the Reference Data Management component ...)
@@ -22166,8 +22236,8 @@
NOT-FOR-US: IBM
CVE-2015-1929 (Stack-based buffer overflow in the server in IBM Tivoli Storage ...)
NOT-FOR-US: IBM
-CVE-2015-1928
- RESERVED
+CVE-2015-1928 (Jazz Team Server in Jazz Foundation in IBM Rational Collaborative ...)
+ TODO: check
CVE-2015-1927 (The default configuration of IBM WebSphere Application Server (WAS) ...)
NOT-FOR-US: IBM WAS
CVE-2015-1926 (Unspecified vulnerability in the Oracle WebCenter Portal component in ...)
More information about the Secure-testing-commits
mailing list