[Secure-testing-commits] r42207 - data/CVE
Michael Gilbert
mgilbert at moszumanska.debian.org
Wed Jun 1 03:59:54 UTC 2016
Author: mgilbert
Date: 2016-06-01 03:59:54 +0000 (Wed, 01 Jun 2016)
New Revision: 42207
Modified:
data/CVE/list
Log:
nfus
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-06-01 02:57:12 UTC (rev 42206)
+++ data/CVE/list 2016-06-01 03:59:54 UTC (rev 42207)
@@ -989,9 +989,9 @@
CVE-2010-5326 (The Invoker Servlet on SAP NetWeaver Application Server Java ...)
NOT-FOR-US: SAP
CVE-2016-4785 (The integrated web server in the EN100 Ethernet module before 4.27 on ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2016-4784 (The integrated web server in the EN100 Ethernet module before 4.27 on ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2016-4783 (Cross-site scripting (XSS) vulnerability in Lenovo SHAREit before ...)
NOT-FOR-US: Lenovo
CVE-2016-4782 (Lenovo SHAREit before 3.5.98_ww on Android before 4.2 allows remote ...)
@@ -1590,7 +1590,7 @@
CVE-2016-4522
RESERVED
CVE-2016-4521 (Sixnet BT-5xxx and BT-6xxx M2M devices before 3.8.21 and 3.9.x before ...)
- TODO: check
+ NOT-FOR-US: Sixnet
CVE-2016-4520
RESERVED
CVE-2016-4519
@@ -1620,17 +1620,17 @@
CVE-2016-4507
RESERVED
CVE-2016-4506 (Cross-site request forgery (CSRF) vulnerability on Resource Data ...)
- TODO: check
+ NOT-FOR-US: Resource Data Management
CVE-2016-4505 (Resource Data Management (RDM) Intuitive 650 TDB Controller devices ...)
- TODO: check
+ NOT-FOR-US: Resource Data Management
CVE-2016-4504
RESERVED
CVE-2016-4503
RESERVED
CVE-2016-4502 (Environmental Systems Corporation (ESC) 8832 Data Controller 3.02 and ...)
- TODO: check
+ NOT-FOR-US: Environmental Systems Corporation
CVE-2016-4501 (Environmental Systems Corporation (ESC) 8832 Data Controller 3.02 and ...)
- TODO: check
+ NOT-FOR-US: Environmental Systems Corporation
CVE-2016-4500
RESERVED
CVE-2016-4499 (Heap-based buffer overflow in Panasonic FPWIN Pro 5.x through 7.x ...)
@@ -2673,7 +2673,7 @@
CVE-2016-4119
RESERVED
CVE-2016-4118 (Untrusted search path vulnerability in the add-in installer in Adobe ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2016-4117 (Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to ...)
NOT-FOR-US: Adobe Flash Player
CVE-2016-4116 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
@@ -2739,7 +2739,7 @@
- gitlab <unfixed> (bug #823290)
NOTE: https://about.gitlab.com/2016/05/02/cve-2016-4340-patches/
CVE-2016-4087 (Huawei S12700 switches with software before V200R008C00SPC500 and ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2016-4086
RESERVED
CVE-2016-4075
@@ -4050,9 +4050,9 @@
CVE-2016-3682
RESERVED
CVE-2016-3681 (Buffer overflow in the Wi-Fi driver in Huawei Mate 8 NXT-AL before ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2016-3680 (Buffer overflow in the Wi-Fi driver in Huawei Mate 8 NXT-AL before ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2016-3679 (Multiple unspecified vulnerabilities in Google V8 before 4.9.385.33, ...)
- libv8 <unfixed> (unimportant)
NOTE: libv8 not covered by security support
@@ -4096,7 +4096,7 @@
CVE-2016-3665
RESERVED
CVE-2016-3664 (Trend Micro Mobile Security for iOS before 3.2.1188 does not verify ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2016-3663
RESERVED
CVE-2016-3662
@@ -4219,7 +4219,7 @@
CVE-2016-3629
RESERVED
CVE-2016-3628 (Buffer overflow in tibemsd in the server in TIBCO Enterprise Message ...)
- TODO: check
+ NOT-FOR-US: TIBCO
CVE-2016-3626
RESERVED
CVE-2016-3625 [Out-of-bounds Read occurred in tif_read.c:545 or tif_read.c:402 or tif_read.c:560 in tiff2bw]
@@ -4669,7 +4669,7 @@
CVE-2016-3429 (Unspecified vulnerability in the Oracle Retail Xstore Point of Service ...)
NOT-FOR-US: Oracle Retail
CVE-2016-3428 (Unspecified vulnerability in the Oracle Agile Engineering Data ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2016-3427 (Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; ...)
{DSA-3558-1 DLA-451-1}
- openjdk-8 8u91-b14-1
@@ -5166,9 +5166,9 @@
CVE-2016-3189
RESERVED
CVE-2016-3188 (The _prepopulate_request_walk function in the Prepopulate module ...)
- TODO: check
+ NOT-FOR-US: Prepopulate module for Drupal
CVE-2016-3187 (The Prepopulate module 7.x-2.x before 7.x-2.1 for Drupal allows remote ...)
- TODO: check
+ NOT-FOR-US: Prepopulate module for Drupal
CVE-2016-3186 (Buffer overflow in the readextension function in gif2tiff.c in LibTIFF ...)
- tiff <unfixed> (bug #819972)
[jessie] - tiff <no-dsa> (Minor issue)
@@ -5299,7 +5299,7 @@
CVE-2016-3127
RESERVED
CVE-2016-3126 (Cross-site scripting (XSS) vulnerability in the Management Console in ...)
- TODO: check
+ NOT-FOR-US: BlackBerry
CVE-2016-3123
RESERVED
CVE-2016-3122
@@ -6063,7 +6063,7 @@
NOTE: https://github.com/simplesamlphp/simplesamlphp/commit/952027dd7f794ff4b2d4f5eddf549c5b5070fa38
NOTE: http://www.openwall.com/lists/oss-security/2016/03/08/4
CVE-2016-2855 (The Huawei Mobile Broadband HL Service 22.001.25.00.03 and earlier ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2016-2852
RESERVED
CVE-2016-2851 (Integer overflow in proto.c in libotr before 4.1.1 on 64-bit platforms ...)
@@ -6460,7 +6460,7 @@
NOTE: https://puppet.com/security/cve/cve-2016-2785
NOTE: https://github.com/puppetlabs/puppet/pull/4921/commits/8d2ce797db265720f0a20d1d46ee2757b4e4f6b2
CVE-2016-2784 (CMS Made Simple 2.x before 2.1.3 and 1.x before 1.12.2, when Smarty ...)
- TODO: check
+ NOT-FOR-US: CMS Made Simple
CVE-2015-8818
RESERVED
- qemu 1:2.4+dfsg-1a
@@ -7467,113 +7467,113 @@
CVE-2016-2463
RESERVED
CVE-2016-2462 (OpenSSLCipher.java in Conscrypt in Android 6.x before 2016-05-01 ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2461 (OpenSSLCipher.java in Conscrypt in Android 6.x before 2016-05-01 ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2460 (mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2459 (mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2458 (The compose functionality in AOSP Mail in Android 5.0.x before 5.0.2, ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2457 (server/pm/UserManagerService.java in Wi-Fi in Android 5.0.x before ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2456 (The MediaTek Wi-Fi driver in Android before 2016-05-01 on Android One ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2455
RESERVED
CVE-2016-2454 (The Qualcomm hardware video codec in Android before 2016-05-01 on ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2453 (The MediaTek Wi-Fi driver in Android before 2016-05-01 on Android One ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2452 (codecs/amrnb/dec/SoftAMR.cpp in libstagefright in mediaserver in ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2451 (codecs/on2/dec/SoftVPX.cpp in libstagefright in mediaserver in Android ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2450 (codecs/on2/enc/SoftVPXEncoder.cpp in libstagefright in mediaserver in ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2449 (services/camera/libcameraservice/device3/Camera3Device.cpp in ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2448 (media/libmediaplayerservice/nuplayer/NuPlayerStreamListener.cpp in ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2447
REJECTED
CVE-2016-2446 (The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2445 (The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2444 (The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2443 (The Qualcomm MDP driver in Android before 2016-05-01 on Nexus 5 and ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2442 (The Qualcomm buspm driver in Android before 2016-05-01 on Nexus 5X, 6, ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2441 (The Qualcomm buspm driver in Android before 2016-05-01 on Nexus 5X, 6, ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2440 (libs/binder/IPCThreadState.cpp in Binder in Android 4.x before 4.4.4, ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2439 (Buffer overflow in btif/src/btif_dm.c in Bluetooth in Android 4.x ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2438
REJECTED
CVE-2016-2437 (The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2436 (The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2435 (The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2434 (The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2433
RESERVED
CVE-2016-2432 (The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2431 (The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2430 (libbacktrace/Backtrace.cpp in debuggerd in Android 4.x before 4.4.4, ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2429 (libFLAC/stream_decoder.c in mediaserver in Android 4.x before 4.4.4, ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2428 (libAACdec/src/aacdec_drc.cpp in mediaserver in Android 4.x before ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2427 (asn1/cms/GCMParameters.java in the Bouncy Castle Crypto APIs 1.54 for ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2426 (server/content/ContentService.java in the Framework component in ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2425 (mail/compose/ComposeActivity.java in AOSP Mail in Android 4.x before ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2424 (server/content/SyncStorageEngine.java in SyncStorageEngine in Android ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2423 (server/telecom/CallsManager.java in Telephony in Android 4.x before ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2422 (Wi-Fi in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2421 (Setup Wizard in Android 5.1.x before 5.1.1 and 6.x before 2016-04-01 ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2420 (rootdir/init.rc in Android 4.x before 4.4.4 does not ensure that the ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2419 (media/libmedia/IDrm.cpp in mediaserver in Android 6.x before ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2418 (media/libmedia/IOMX.cpp in mediaserver in Android 6.x before ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2417 (media/libmedia/IOMX.cpp in mediaserver in Android 4.x before 4.4.4, ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2416 (libs/gui/BufferQueueConsumer.cpp in mediaserver in Android 4.x before ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2415 (exchange/eas/EasAutoDiscover.java in the Autodiscover implementation ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2414 (The Minikin library in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2413 (media/libmedia/IOMX.cpp in mediaserver in Android 5.0.x before 5.0.2, ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2412 (include/core/SkPostConfig.h in Skia, as used in System_server in ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2411 (A Qualcomm Power Management kernel driver in Android 6.x before ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2410 (A Qualcomm video kernel driver in Android 6.x before 2016-04-01 allows ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2409 (A Texas Instruments (TI) haptic kernel driver in Android 6.x before ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2016-2408
RESERVED
CVE-2016-2407
@@ -7581,7 +7581,7 @@
CVE-2016-2406
RESERVED
CVE-2016-2405 (Huawei Policy Center with software before V100R003C10SPC020 allows ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2016-2404
RESERVED
CVE-2016-2403
@@ -7623,7 +7623,7 @@
CVE-2016-2394
RESERVED
CVE-2016-2393 (Lenovo Fingerprint Manager before 8.01.57 and Touch Fingerprint before ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2016-2389 (Directory traversal vulnerability in the GetFileList function in the ...)
NOT-FOR-US: SAP
CVE-2016-2388 (The Universal Worklist Configuration in SAP NetWeaver 7.4 allows ...)
More information about the Secure-testing-commits
mailing list