[Secure-testing-commits] r42667 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Mon Jun 20 21:10:06 UTC 2016
Author: sectracker
Date: 2016-06-20 21:10:06 +0000 (Mon, 20 Jun 2016)
New Revision: 42667
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-06-20 21:01:53 UTC (rev 42666)
+++ data/CVE/list 2016-06-20 21:10:06 UTC (rev 42667)
@@ -1,25 +1,201 @@
+CVE-2016-5725
+ RESERVED
+CVE-2016-5724
+ RESERVED
+CVE-2016-5723
+ RESERVED
+CVE-2016-5722
+ RESERVED
+CVE-2016-5721
+ RESERVED
+CVE-2016-5720
+ RESERVED
+CVE-2016-5719
+ RESERVED
+CVE-2016-5718
+ RESERVED
+CVE-2016-5717
+ RESERVED
+CVE-2016-5716
+ RESERVED
+CVE-2016-5715
+ RESERVED
+CVE-2016-5714
+ RESERVED
+CVE-2016-5713
+ RESERVED
+CVE-2016-5712
+ RESERVED
+CVE-2016-5711
+ RESERVED
+CVE-2016-5710
+ RESERVED
+CVE-2016-5709
+ RESERVED
+CVE-2016-5708
+ RESERVED
+CVE-2016-5707
+ RESERVED
+CVE-2016-5706
+ RESERVED
+CVE-2016-5705
+ RESERVED
+CVE-2016-5704
+ RESERVED
+CVE-2016-5703
+ RESERVED
+CVE-2016-5702
+ RESERVED
+CVE-2016-5701
+ RESERVED
+CVE-2016-5700
+ RESERVED
+CVE-2016-5698
+ RESERVED
+CVE-2016-5697
+ RESERVED
+CVE-2016-5696
+ RESERVED
+CVE-2016-5695
+ RESERVED
+CVE-2016-5694
+ RESERVED
+CVE-2016-5693
+ RESERVED
+CVE-2016-5692
+ RESERVED
+CVE-2016-5686
+ RESERVED
+CVE-2016-5685
+ RESERVED
+CVE-2016-5684
+ RESERVED
+CVE-2016-5683
+ RESERVED
+CVE-2016-5682
+ RESERVED
+CVE-2016-5681
+ RESERVED
+CVE-2016-5680
+ RESERVED
+CVE-2016-5679
+ RESERVED
+CVE-2016-5678
+ RESERVED
+CVE-2016-5677
+ RESERVED
+CVE-2016-5676
+ RESERVED
+CVE-2016-5675
+ RESERVED
+CVE-2016-5674
+ RESERVED
+CVE-2016-5673
+ RESERVED
+CVE-2016-5672
+ RESERVED
+CVE-2016-5671
+ RESERVED
+CVE-2016-5670
+ RESERVED
+CVE-2016-5669
+ RESERVED
+CVE-2016-5668
+ RESERVED
+CVE-2016-5667
+ RESERVED
+CVE-2016-5666
+ RESERVED
+CVE-2016-5665
+ RESERVED
+CVE-2016-5664
+ RESERVED
+CVE-2016-5663
+ RESERVED
+CVE-2016-5662
+ RESERVED
+CVE-2016-5661
+ RESERVED
+CVE-2016-5660
+ RESERVED
+CVE-2016-5659
+ RESERVED
+CVE-2016-5658
+ RESERVED
+CVE-2016-5657
+ RESERVED
+CVE-2016-5656
+ RESERVED
+CVE-2016-5655
+ RESERVED
+CVE-2016-5654
+ RESERVED
+CVE-2016-5653
+ RESERVED
+CVE-2016-5652
+ RESERVED
+CVE-2016-5651
+ RESERVED
+CVE-2016-5650
+ RESERVED
+CVE-2016-5649
+ RESERVED
+CVE-2016-5648
+ RESERVED
+CVE-2016-5647
+ RESERVED
+CVE-2016-5646
+ RESERVED
+CVE-2016-5645
+ RESERVED
+CVE-2016-5644
+ RESERVED
+CVE-2016-5643
+ RESERVED
+CVE-2016-5642
+ RESERVED
+CVE-2016-5641
+ RESERVED
+CVE-2016-5640
+ RESERVED
+CVE-2016-5639
+ RESERVED
+CVE-2016-5638
+ RESERVED
+CVE-2016-5637
+ RESERVED
+CVE-2016-1000003
+ RESERVED
CVE-2016-5727
+ RESERVED
NOT-FOR-US: Simple Machines Forum
CVE-2016-5726
+ RESERVED
NOT-FOR-US: Simple Machines Forum
CVE-2016-5691 [lack of validation of pixel.red, pixel.green, and pixel.blue]
+ RESERVED
- imagemagick <unfixed>
NOTE: https://github.com/ImageMagick/ImageMagick/commit/5511ef530576ed18fd636baa3bb4eda3d667665d
CVE-2016-5690 [error in the for statement in the "Compute pixel scaling table" part of the ReadDCMImage function]
+ RESERVED
- imagemagick <unfixed>
NOTE: https://github.com/ImageMagick/ImageMagick/commit/5511ef530576ed18fd636baa3bb4eda3d667665d
CVE-2016-5689 [lack of required NULL pointer checks]
+ RESERVED
- imagemagick <unfixed>
NOTE: https://github.com/ImageMagick/ImageMagick/commit/5511ef530576ed18fd636baa3bb4eda3d667665d
CVE-2016-5688 [issues in WPG parser]
+ RESERVED
- imagemagick <unfixed>
NOTE: https://github.com/ImageMagick/ImageMagick/commit/fc43974d34318c834fbf78570ca1a3764ed8c7d7
NOTE: https://github.com/ImageMagick/ImageMagick/commit/aecd0ada163a4d6c769cec178955d5f3e9316f2f
CVE-2016-5687 [out of bounds memory read]
+ RESERVED
- imagemagick <unfixed>
NOTE: https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG,-DDS,-DCM.html
TODO: check, referenced fix does not seem the one fixing the issue
CVE-2016-5699
+ RESERVED
- python3.5 <not-affected> (Fixed with initial upload to Debian)
- python3.4 3.4.4~rc1-1
- python2.7 2.7.10~rc1-1
@@ -439,8 +615,8 @@
- python3.4 <removed>
- python2.7 2.7.12~rc1-1
NOTE: https://bugs.python.org/issue26171
-CVE-2016-5433
- RESERVED
+CVE-2016-5433 (Citrix iOS Receiver before 7.0 allows attackers to cause TLS ...)
+ TODO: check
CVE-2016-5434
RESERVED
NOT-FOR-US: libalpm (Arch Linux Package Management (ALPM) library)
@@ -586,13 +762,11 @@
- mantis <removed>
NOTE: http://github.com/mantisbt/mantisbt/commit/5068df2d (1.2.x)
NOTE: https://mantisbt.org/bugs/view.php?id=20956
-CVE-2016-5363
- RESERVED
+CVE-2016-5363 (The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 ...)
- neutron <unfixed>
[jessie] - neutron <no-dsa> (Minor issue)
NOTE: https://bugs.launchpad.net/bugs/1558658
-CVE-2016-5362
- RESERVED
+CVE-2016-5362 (The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 ...)
- neutron <unfixed>
[jessie] - neutron <no-dsa> (Minor issue)
NOTE: https://bugs.launchpad.net/bugs/1558658
@@ -811,67 +985,86 @@
CVE-2016-5302 (Citrix XenServer 7.0 before Hotfix XS70E003, when a deployment has ...)
TODO: check
CVE-2015-8934
+ RESERVED
- libarchive <unfixed>
NOTE: https://github.com/libarchive/libarchive/issues/521
CVE-2015-8933
+ RESERVED
- libarchive 3.2.0-2
NOTE: https://github.com/libarchive/libarchive/issues/548
CVE-2015-8932
+ RESERVED
- libarchive 3.2.0-2
NOTE: https://github.com/libarchive/libarchive/issues/547
CVE-2015-8931
+ RESERVED
- libarchive 3.2.0-2
NOTE: https://github.com/libarchive/libarchive/issues/539
CVE-2015-8930
+ RESERVED
- libarchive 3.2.0-2
NOTE: https://github.com/libarchive/libarchive/issues/522
CVE-2015-8929
+ RESERVED
- libarchive 3.2.0-2
NOTE: https://github.com/libarchive/libarchive/issues/517
CVE-2015-8928
+ RESERVED
- libarchive 3.2.0-2
NOTE: https://github.com/libarchive/libarchive/issues/550
CVE-2015-8927
+ RESERVED
- libarchive 3.2.0-2
NOTE: https://github.com/libarchive/libarchive/issues/523
CVE-2015-8926
+ RESERVED
- libarchive 3.2.0-2
NOTE: https://github.com/libarchive/libarchive/issues/518
CVE-2015-8925
+ RESERVED
- libarchive 3.2.0-2
NOTE: https://github.com/libarchive/libarchive/issues/516
CVE-2015-8924
+ RESERVED
- libarchive 3.2.0-2
NOTE: https://github.com/libarchive/libarchive/issues/515
CVE-2015-8923
+ RESERVED
- libarchive 3.2.0-2
NOTE: https://github.com/libarchive/libarchive/issues/514
CVE-2015-8922
+ RESERVED
- libarchive 3.2.0-2
NOTE: https://github.com/libarchive/libarchive/issues/513
CVE-2015-8921
+ RESERVED
- libarchive 3.2.0-2
NOTE: https://github.com/libarchive/libarchive/issues/512
CVE-2015-8920
+ RESERVED
- libarchive 3.2.0-2
NOTE: https://github.com/libarchive/libarchive/issues/511
CVE-2015-8919
+ RESERVED
- libarchive 3.2.0-2
NOTE: https://github.com/libarchive/libarchive/issues/510
CVE-2015-8918
+ RESERVED
- libarchive 3.2.0-2
NOTE: https://github.com/libarchive/libarchive/issues/506
CVE-2015-8917
+ RESERVED
- libarchive 3.2.0-2
NOTE: https://github.com/libarchive/libarchive/issues/505
CVE-2015-8916
+ RESERVED
- libarchive 3.2.0-2
NOTE: https://github.com/libarchive/libarchive/issues/504
CVE-2015-8915
+ RESERVED
- libarchive 3.2.0-2
NOTE: https://github.com/libarchive/libarchive/issues/503
-CVE-2015-8914
- RESERVED
+CVE-2015-8914 (The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 ...)
- neutron <unfixed>
[jessie] - neutron <no-dsa> (Minor issue)
NOTE: https://bugs.launchpad.net/bugs/1502933
@@ -1070,8 +1263,7 @@
- libtorrent-rasterbar <unfixed> (bug #826380)
NOTE: https://github.com/arvidn/libtorrent/issues/780
NOTE: https://github.com/arvidn/libtorrent/pull/782
-CVE-2016-5300 [use of too little entropy]
- RESERVED
+CVE-2016-5300 (The XML parser in Expat does not use sufficient entropy for hash ...)
{DSA-3597-1 DLA-508-1}
- expat 2.1.1-3
CVE-2016-5244 [rds: fix an infoleak in rds_inc_info_copy]
@@ -2545,28 +2737,28 @@
RESERVED
CVE-2016-4822
RESERVED
-CVE-2016-4821
- RESERVED
-CVE-2016-4820
- RESERVED
-CVE-2016-4819
- RESERVED
+CVE-2016-4821 (I-O DATA DEVICE ETX-R devices allow remote attackers to cause a denial ...)
+ TODO: check
+CVE-2016-4820 (Cross-site request forgery (CSRF) vulnerability on I-O DATA DEVICE ...)
+ TODO: check
+CVE-2016-4819 (The printfDx function in Takumi Yamada DX Library for Borland C++ ...)
+ TODO: check
CVE-2016-4818
RESERVED
-CVE-2016-4817
- RESERVED
-CVE-2016-4816
- RESERVED
-CVE-2016-4815
- RESERVED
-CVE-2016-4814
- RESERVED
-CVE-2016-4813
- RESERVED
+CVE-2016-4817 (lib/http2/connection.c in H2O before 1.7.3 and 2.x before 2.0.0-beta5 ...)
+ TODO: check
+CVE-2016-4816 (BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and ...)
+ TODO: check
+CVE-2016-4815 (Directory traversal vulnerability on BUFFALO WZR-600DHP3 devices with ...)
+ TODO: check
+CVE-2016-4814 (Directory traversal vulnerability in kml2jsonp.php in Geospatial ...)
+ TODO: check
+CVE-2016-4813 (NetCommons 2.4.2.1 and earlier allows remote authenticated secretariat ...)
+ TODO: check
CVE-2016-4812 (Cross-site scripting (XSS) vulnerability in the Markdown on Save ...)
TODO: check
-CVE-2016-4811
- RESERVED
+CVE-2016-4811 (The NTT Broadband Platform Japan Connected-free Wi-Fi application ...)
+ TODO: check
CVE-2016-4810 (Citrix Studio before 7.6.1000, Citrix XenDesktop 7.x before 7.6 LTSR ...)
NOT-FOR-US: Citrix
CVE-2016-4913 (The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux ...)
@@ -3260,8 +3452,8 @@
TODO: check
CVE-2016-4531
RESERVED
-CVE-2016-4530
- RESERVED
+CVE-2016-4530 (OSIsoft PI SQL Data Access Server (aka OLE DB) 2016 1.5 allows remote ...)
+ TODO: check
CVE-2016-4529
RESERVED
CVE-2016-4528
@@ -3284,16 +3476,16 @@
RESERVED
CVE-2016-4519
RESERVED
-CVE-2016-4518
- RESERVED
+CVE-2016-4518 (OSIsoft PI AF Server before 2016 2.8.0 allows remote authenticated ...)
+ TODO: check
CVE-2016-4517
RESERVED
CVE-2016-4516 (ABB PCM600 before 2.7 improperly stores the main application password ...)
NOT-FOR-US: ABB PCM600
CVE-2016-4515
RESERVED
-CVE-2016-4514
- RESERVED
+CVE-2016-4514 (Moxa PT-7728 devices with software 3.4 build 15081113 allow remote ...)
+ TODO: check
CVE-2016-4513
RESERVED
CVE-2016-4512
@@ -3884,8 +4076,8 @@
RESERVED
CVE-2016-4372
RESERVED
-CVE-2016-4371
- RESERVED
+CVE-2016-4371 (HPE Service Manager Software 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, ...)
+ TODO: check
CVE-2016-4370 (HPE Project and Portfolio Management Center (PPM) 9.2x and 9.3x before ...)
NOT-FOR-US: HPE Project and Portfolio Management Center
CVE-2016-4369 (HPE Discovery and Dependency Mapping Inventory (DDMi) 9.30, 9.31, ...)
@@ -5783,8 +5975,8 @@
NOTE: It is unclear when this was fixed exactly, marking the version in jessie as fixed for now
CVE-2016-3688 (SQL injection vulnerability in dotCMS before 3.5 allows remote ...)
NOT-FOR-US: dotCMS
-CVE-2016-3687
- RESERVED
+CVE-2016-3687 (Open redirect vulnerability in F5 BIG-IP APM 11.2.1, 11.4.x, 11.5.x, ...)
+ TODO: check
CVE-2016-3686 (The Single Sign-On (SSO) feature in F5 BIG-IP APM 11.x before 11.6.0 ...)
NOT-FOR-US: F5 BIG-IP APM
CVE-2016-3685
@@ -5915,10 +6107,10 @@
RESERVED
CVE-2016-3644
RESERVED
-CVE-2016-3643
- RESERVED
-CVE-2016-3642
- RESERVED
+CVE-2016-3643 (SolarWinds Virtualization Manager 6.3.1 and earlier allow local users ...)
+ TODO: check
+CVE-2016-3642 (The RMI service in SolarWinds Virtualization Manager 6.3.1 and earlier ...)
+ TODO: check
CVE-2016-3641
RESERVED
CVE-2016-3640
@@ -7346,8 +7538,7 @@
RESERVED
CVE-2016-3063
RESERVED
-CVE-2016-3062
- RESERVED
+CVE-2016-3062 (The mov_read_dref function in libavformat/mov.c in Libav before 11.7 ...)
{DSA-3603-1 DLA-515-1}
- libav <removed>
NOTE: https://git.libav.org/?p=libav.git;a=commit;h=7e01d48cfd168c3dfc663f03a3b6a98e0ecba328
@@ -8251,8 +8442,7 @@
NOT-FOR-US: Adobe Flash Player
CVE-2015-8819
RESERVED
-CVE-2016-2841 [net: ne2000: infinite loop in ne2000_receive]
- RESERVED
+CVE-2016-2841 (The ne2000_receive function in the NE2000 NIC emulation support ...)
- qemu 1:2.6+dfsg-1 (bug #817181)
[jessie] - qemu <no-dsa> (Minor issue)
[wheezy] - qemu <no-dsa> (Minor issue)
@@ -9164,8 +9354,7 @@
{DSA-3544-1}
- python-django 1.9.4-1 (bug #816434)
NOTE: https://www.djangoproject.com/weblog/2016/mar/01/security-releases/
-CVE-2016-2538 [usb: integer overflow in remote NDIS control message handling]
- RESERVED
+CVE-2016-2538 (Multiple integer overflows in the USB Net device emulator ...)
- qemu 1:2.6+dfsg-1 (bug #815680)
[jessie] - qemu <no-dsa> (Minor issue)
[wheezy] - qemu <no-dsa> (Minor issue)
@@ -9496,8 +9685,7 @@
RESERVED
CVE-2015-8814
RESERVED
-CVE-2016-2392 [usb: null pointer dereference in remote NDIS control message handling]
- RESERVED
+CVE-2016-2392 (The is_rndis function in the USB Net device emulator ...)
- qemu 1:2.6+dfsg-1 (bug #815008)
[jessie] - qemu <no-dsa> (Minor issue)
[wheezy] - qemu <no-dsa> (Minor issue)
@@ -9507,8 +9695,7 @@
[squeeze] - qemu-kvm <end-of-life> (Not supported in Squeeze LTS)
NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=80eecda8e5d09c442c24307f340840a5b70ea3b9 (v2.6.0-rc0)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1302299
-CVE-2016-2391 [usb: multiple eof_timers in ohci leads to null pointer dereference]
- RESERVED
+CVE-2016-2391 (The ohci_bus_start function in the USB OHCI emulation support ...)
- qemu 1:2.6+dfsg-1 (bug #815009)
[jessie] - qemu <no-dsa> (Minor issue)
[wheezy] - qemu <no-dsa> (Minor issue)
@@ -9562,12 +9749,12 @@
RESERVED
CVE-2016-2365
RESERVED
-CVE-2016-2364
- RESERVED
-CVE-2016-2363
- RESERVED
-CVE-2016-2362
- RESERVED
+CVE-2016-2364 (The Chrome HUDweb plugin before 2016-05-05 for Fonality (previously ...)
+ TODO: check
+CVE-2016-2363 (Fonality (previously trixbox Pro) 12.6 through 14.1i before 2016-06-01 ...)
+ TODO: check
+CVE-2016-2362 (Fonality (previously trixbox Pro) 12.6 through 14.1i before 2016-06-01 ...)
+ TODO: check
CVE-2016-2361
RESERVED
CVE-2016-2360
@@ -10300,12 +10487,10 @@
RESERVED
CVE-2016-2179
RESERVED
-CVE-2016-2178
- RESERVED
+CVE-2016-2178 (The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL ...)
- openssl <unfixed>
NOTE: Fixed in master branch in https://git.openssl.org/?p=openssl.git;a=commit;h=399944622df7bd81af62e67ea967c470534090e2
-CVE-2016-2177
- RESERVED
+CVE-2016-2177 (OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for ...)
- openssl <unfixed>
NOTE: Fixed in 1.0.2 branch in https://git.openssl.org/?p=openssl.git;a=commit;h=a004e72b95835136d3f1ea90517f706c24c03da7
CVE-2016-2176 (The X509_NAME_oneline function in crypto/x509/x509_obj.c in OpenSSL ...)
@@ -11651,16 +11836,16 @@
NOTE: https://docs.saltstack.com/en/latest/topics/releases/2015.8.5.html
CVE-2016-1865
RESERVED
-CVE-2016-1864
- RESERVED
+CVE-2016-1864 (The XSS auditor in WebKit, as used in Apple iOS before 9.3 and Safari ...)
+ TODO: check
CVE-2016-1863
RESERVED
-CVE-2016-1862
- RESERVED
-CVE-2016-1861
- RESERVED
-CVE-2016-1860
- RESERVED
+CVE-2016-1862 (Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to ...)
+ TODO: check
+CVE-2016-1861 (The NVIDIA Graphics Drivers subsystem in Apple OS X before 10.11.5 ...)
+ TODO: check
+CVE-2016-1860 (Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to ...)
+ TODO: check
CVE-2016-1859 (The WebKit Canvas implementation in Apple iOS before 9.3.2, Safari ...)
TODO: check
CVE-2016-1858 (WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and ...)
@@ -11689,7 +11874,7 @@
TODO: check
CVE-2016-1847 (OpenGL, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS ...)
TODO: check
-CVE-2016-1846 (The NVIDIA Graphics Drivers subsystem in Apple OS X before 10.11.5 ...)
+CVE-2016-1846 (The nvCommandQueue::GetHandleIndex method in the NVIDIA Graphics ...)
TODO: check
CVE-2016-1845
RESERVED
@@ -11765,7 +11950,7 @@
TODO: check
CVE-2016-1824 (IOHIDFamily in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS ...)
TODO: check
-CVE-2016-1823 (IOHIDFamily in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS ...)
+CVE-2016-1823 (The IOHIDDevice::handleReportWithTime function in Apple iOS before ...)
TODO: check
CVE-2016-1822 (IOFireWireFamily in Apple OS X before 10.11.5 allows attackers to ...)
TODO: check
@@ -11773,7 +11958,7 @@
TODO: check
CVE-2016-1820 (Buffer overflow in IOAudioFamily in Apple OS X before 10.11.5 allows ...)
TODO: check
-CVE-2016-1819 (IOAcceleratorFamily in Apple iOS before 9.3.2, OS X before 10.11.5, ...)
+CVE-2016-1819 (Use-after-free vulnerability in the ...)
TODO: check
CVE-2016-1818 (IOAcceleratorFamily in Apple iOS before 9.3.2, OS X before 10.11.5, ...)
TODO: check
@@ -11785,7 +11970,7 @@
TODO: check
CVE-2016-1814 (IOAcceleratorFamily in Apple iOS before 9.3.2, OS X before 10.11.5, ...)
TODO: check
-CVE-2016-1813 (IOAcceleratorFamily in Apple iOS before 9.3.2, OS X before 10.11.5, ...)
+CVE-2016-1813 (The IOAccelSharedUserClient2::page_off_resource method in Apple iOS ...)
TODO: check
CVE-2016-1812 (Buffer overflow in Intel Graphics Driver in Apple OS X before 10.11.5 ...)
TODO: check
@@ -13052,24 +13237,24 @@
RESERVED
CVE-2016-1433
RESERVED
-CVE-2016-1432
- RESERVED
-CVE-2016-1431
- RESERVED
+CVE-2016-1432 (Cisco IOS XE 3.15S and 3.16S on cBR-8 Converged Broadband Router ...)
+ TODO: check
+CVE-2016-1431 (Cross-site scripting (XSS) vulnerability in Cisco Firepower Management ...)
+ TODO: check
CVE-2016-1430
RESERVED
CVE-2016-1429
RESERVED
CVE-2016-1428
RESERVED
-CVE-2016-1427
- RESERVED
+CVE-2016-1427 (The System Configuration Protocol (SCP) core messaging interface in ...)
+ TODO: check
CVE-2016-1426
RESERVED
CVE-2016-1425
RESERVED
-CVE-2016-1424
- RESERVED
+CVE-2016-1424 (Cisco IOS 15.2(1)T1.11 and 15.2(2)TST allows remote attackers to cause ...)
+ TODO: check
CVE-2016-1423
RESERVED
CVE-2016-1422
@@ -13122,12 +13307,12 @@
NOT-FOR-US: Cisco
CVE-2016-1398
RESERVED
-CVE-2016-1397
- RESERVED
-CVE-2016-1396
- RESERVED
-CVE-2016-1395
- RESERVED
+CVE-2016-1397 (Buffer overflow in the web-based management interface on Cisco RV110W ...)
+ TODO: check
+CVE-2016-1396 (Cross-site scripting (XSS) vulnerability in the web-based management ...)
+ TODO: check
+CVE-2016-1395 (The web-based management interface on Cisco RV110W devices with ...)
+ TODO: check
CVE-2016-1394
RESERVED
CVE-2016-1393 (SQL injection vulnerability in Cisco Cloud Network Automation ...)
@@ -13915,14 +14100,14 @@
RESERVED
CVE-2016-1227
RESERVED
-CVE-2016-1226
- RESERVED
-CVE-2016-1225
- RESERVED
-CVE-2016-1224
- RESERVED
-CVE-2016-1223
- RESERVED
+CVE-2016-1226 (Cross-site scripting (XSS) vulnerability in Trend Micro Internet ...)
+ TODO: check
+CVE-2016-1225 (Trend Micro Internet Security 8 and 10 allows remote attackers to read ...)
+ TODO: check
+CVE-2016-1224 (CRLF injection vulnerability in Trend Micro Worry-Free Business ...)
+ TODO: check
+CVE-2016-1223 (Directory traversal vulnerability in Trend Micro Office Scan 11.0, ...)
+ TODO: check
CVE-2016-1222 (Cross-site scripting (XSS) vulnerability in Kobe Beauty ...)
TODO: check
CVE-2016-1221
@@ -13973,20 +14158,20 @@
TODO: check
CVE-2016-1198
RESERVED
-CVE-2016-1197
- RESERVED
-CVE-2016-1196
- RESERVED
-CVE-2016-1195
- RESERVED
+CVE-2016-1197 (Cross-site scripting (XSS) vulnerability in Cybozu Garoon 4.x before ...)
+ TODO: check
+CVE-2016-1196 (Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated ...)
+ TODO: check
+CVE-2016-1195 (Open redirect vulnerability in Cybozu Garoon 3.x and 4.x before 4.2.1 ...)
+ TODO: check
CVE-2016-1194
RESERVED
CVE-2016-1193
RESERVED
-CVE-2016-1192
- RESERVED
-CVE-2016-1191
- RESERVED
+CVE-2016-1192 (Directory traversal vulnerability in the logging implementation in ...)
+ TODO: check
+CVE-2016-1191 (Directory traversal vulnerability in the Files function in Cybozu ...)
+ TODO: check
CVE-2016-1190
RESERVED
CVE-2016-1189
@@ -14001,8 +14186,8 @@
TODO: check
CVE-2016-1184
RESERVED
-CVE-2016-1183
- RESERVED
+CVE-2016-1183 (NTT Data TERASOLUNA Server Framework for Java(WEB) 2.0.0.1 through ...)
+ TODO: check
CVE-2016-1182 [Improper input validation in Validator]
RESERVED
- libstruts1.2-java <removed>
@@ -14889,11 +15074,9 @@
RESERVED
CVE-2016-0913
RESERVED
-CVE-2016-0912
- RESERVED
+CVE-2016-0912 (EMC Data Domain OS 5.4 through 5.7 before 5.7.2.0 allows remote ...)
NOT-FOR-US: EMC Data Domain OS
-CVE-2016-0911
- RESERVED
+CVE-2016-0911 (EMC Data Domain OS 5.4 through 5.7 before 5.7.2.0 has a default ...)
NOT-FOR-US: EMC Data Domain OS
CVE-2016-0910 (EMC Data Domain OS 5.5 before 5.5.4.0, 5.6 before 5.6.1.004, and 5.7 ...)
NOT-FOR-US: EMC Data Domain OS
@@ -16693,8 +16876,8 @@
RESERVED
CVE-2016-0393
RESERVED
-CVE-2016-0392
- RESERVED
+CVE-2016-0392 (IBM General Parallel File System (GPFS) in GPFS Storage Server 2.0.0 ...)
+ TODO: check
CVE-2016-0391
RESERVED
CVE-2016-0390 (Cross-site scripting (XSS) vulnerability in IBM Algorithmics Algo One ...)
@@ -17832,8 +18015,7 @@
NOTE: http://sourceforge.net/p/gdcm/gdcm/ci/92cd6d7fe0d01c61cf68ac4ef65ef388ee252415/
NOTE: http://sourceforge.net/p/gdcm/gdcm/ci/9cbca25ff7f20c432b61eb9f4cae43a946502b66/
NOTE: http://sourceforge.net/p/gdcm/gdcm/ci/e0dd1114c82d372dd905c029ddbee4e81ed01a89/
-CVE-2012-6702 [unanticipated internal calls to srand]
- RESERVED
+CVE-2012-6702 (Expat, when used in a parser that has not called XML_SetHashSalt or ...)
{DSA-3597-1 DLA-508-1}
- expat 2.1.1-3
CVE-2012-6701 (Integer overflow in fs/aio.c in the Linux kernel before 3.4.1 allows ...)
@@ -18245,11 +18427,9 @@
RESERVED
CVE-2015-8290
RESERVED
-CVE-2015-8289
- RESERVED
+CVE-2015-8289 (The password-recovery feature on NETGEAR D3600 devices with firmware ...)
NOT-FOR-US: Netgear routers
-CVE-2015-8288
- RESERVED
+CVE-2015-8288 (NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with ...)
NOT-FOR-US: Netgear routers
CVE-2015-8287 (Swann SRNVW-470LCD devices with firmware through 0114 and SWNVW-470CAM ...)
NOT-FOR-US: Swann
@@ -19855,10 +20035,10 @@
RESERVED
CVE-2015-7777 (Cross-site scripting (XSS) vulnerability in index.php in JosephErnest ...)
NOT-FOR-US: JosephErnest Void
-CVE-2015-7776
- RESERVED
-CVE-2015-7775
- RESERVED
+CVE-2015-7776 (Cybozu Garoon 3.x and 4.x before 4.2.0 does not properly restrict ...)
+ TODO: check
+CVE-2015-7775 (Cross-site scripting (XSS) vulnerability in Cybozu Garoon 4.0.3 allows ...)
+ TODO: check
CVE-2015-7774 (PC-EGG pWebManager before 3.3.10, and before 2.2.2 for PHP 4.x, allows ...)
NOT-FOR-US: PC-EGG
CVE-2015-7773 (Unrestricted file upload vulnerability in the Panel component in ...)
@@ -20899,8 +21079,8 @@
NOT-FOR-US: IBM
CVE-2015-7463
RESERVED
-CVE-2015-7462
- RESERVED
+CVE-2015-7462 (IBM WebSphere MQ 8.0.0.4 on IBM i platforms allows local users to ...)
+ TODO: check
CVE-2015-7461
RESERVED
CVE-2015-7460
More information about the Secure-testing-commits
mailing list