[Secure-testing-commits] r45112 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Thu Oct 6 21:10:50 UTC 2016
Author: sectracker
Date: 2016-10-06 21:10:41 +0000 (Thu, 06 Oct 2016)
New Revision: 45112
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-10-06 19:19:09 UTC (rev 45111)
+++ data/CVE/list 2016-10-06 21:10:41 UTC (rev 45112)
@@ -1,3 +1,205 @@
+CVE-2016-8490
+ RESERVED
+CVE-2016-8489
+ RESERVED
+CVE-2016-8488
+ RESERVED
+CVE-2016-8487
+ RESERVED
+CVE-2016-8486
+ RESERVED
+CVE-2016-8485
+ RESERVED
+CVE-2016-8484
+ RESERVED
+CVE-2016-8483
+ RESERVED
+CVE-2016-8482
+ RESERVED
+CVE-2016-8481
+ RESERVED
+CVE-2016-8480
+ RESERVED
+CVE-2016-8479
+ RESERVED
+CVE-2016-8478
+ RESERVED
+CVE-2016-8477
+ RESERVED
+CVE-2016-8476
+ RESERVED
+CVE-2016-8475
+ RESERVED
+CVE-2016-8474
+ RESERVED
+CVE-2016-8473
+ RESERVED
+CVE-2016-8472
+ RESERVED
+CVE-2016-8471
+ RESERVED
+CVE-2016-8470
+ RESERVED
+CVE-2016-8469
+ RESERVED
+CVE-2016-8468
+ RESERVED
+CVE-2016-8467
+ RESERVED
+CVE-2016-8466
+ RESERVED
+CVE-2016-8465
+ RESERVED
+CVE-2016-8464
+ RESERVED
+CVE-2016-8463
+ RESERVED
+CVE-2016-8462
+ RESERVED
+CVE-2016-8461
+ RESERVED
+CVE-2016-8460
+ RESERVED
+CVE-2016-8459
+ RESERVED
+CVE-2016-8458
+ RESERVED
+CVE-2016-8457
+ RESERVED
+CVE-2016-8456
+ RESERVED
+CVE-2016-8455
+ RESERVED
+CVE-2016-8454
+ RESERVED
+CVE-2016-8453
+ RESERVED
+CVE-2016-8452
+ RESERVED
+CVE-2016-8451
+ RESERVED
+CVE-2016-8450
+ RESERVED
+CVE-2016-8449
+ RESERVED
+CVE-2016-8448
+ RESERVED
+CVE-2016-8447
+ RESERVED
+CVE-2016-8446
+ RESERVED
+CVE-2016-8445
+ RESERVED
+CVE-2016-8444
+ RESERVED
+CVE-2016-8443
+ RESERVED
+CVE-2016-8442
+ RESERVED
+CVE-2016-8441
+ RESERVED
+CVE-2016-8440
+ RESERVED
+CVE-2016-8439
+ RESERVED
+CVE-2016-8438
+ RESERVED
+CVE-2016-8437
+ RESERVED
+CVE-2016-8436
+ RESERVED
+CVE-2016-8435
+ RESERVED
+CVE-2016-8434
+ RESERVED
+CVE-2016-8433
+ RESERVED
+CVE-2016-8432
+ RESERVED
+CVE-2016-8431
+ RESERVED
+CVE-2016-8430
+ RESERVED
+CVE-2016-8429
+ RESERVED
+CVE-2016-8428
+ RESERVED
+CVE-2016-8427
+ RESERVED
+CVE-2016-8426
+ RESERVED
+CVE-2016-8425
+ RESERVED
+CVE-2016-8424
+ RESERVED
+CVE-2016-8423
+ RESERVED
+CVE-2016-8422
+ RESERVED
+CVE-2016-8421
+ RESERVED
+CVE-2016-8420
+ RESERVED
+CVE-2016-8419
+ RESERVED
+CVE-2016-8418
+ RESERVED
+CVE-2016-8417
+ RESERVED
+CVE-2016-8416
+ RESERVED
+CVE-2016-8415
+ RESERVED
+CVE-2016-8414
+ RESERVED
+CVE-2016-8413
+ RESERVED
+CVE-2016-8412
+ RESERVED
+CVE-2016-8411
+ RESERVED
+CVE-2016-8410
+ RESERVED
+CVE-2016-8409
+ RESERVED
+CVE-2016-8408
+ RESERVED
+CVE-2016-8407
+ RESERVED
+CVE-2016-8406
+ RESERVED
+CVE-2016-8405
+ RESERVED
+CVE-2016-8404
+ RESERVED
+CVE-2016-8403
+ RESERVED
+CVE-2016-8402
+ RESERVED
+CVE-2016-8401
+ RESERVED
+CVE-2016-8400
+ RESERVED
+CVE-2016-8399
+ RESERVED
+CVE-2016-8398
+ RESERVED
+CVE-2016-8397
+ RESERVED
+CVE-2016-8396
+ RESERVED
+CVE-2016-8395
+ RESERVED
+CVE-2016-8394
+ RESERVED
+CVE-2016-8393
+ RESERVED
+CVE-2016-8392
+ RESERVED
+CVE-2016-8391
+ RESERVED
+CVE-2016-1000246
+ RESERVED
CVE-2016-1000245
RESERVED
CVE-2016-7979 [type confusion in .initialize_dsc_parser allows remote code execution]
@@ -1766,20 +1968,17 @@
RESERVED
CVE-2016-7910
RESERVED
-CVE-2016-7909 [net: pcnet: infinite loop in pcnet_rdra_addr]
- RESERVED
+CVE-2016-7909 (The pcnet_rdra_addr function in hw/net/pcnet.c in QEMU (aka Quick ...)
- qemu <unfixed> (bug #839834)
[jessie] - qemu <no-dsa> (Minor issue)
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg07942.html
-CVE-2016-7908 [net: Infinite loop in mcf_fec_do_tx]
- RESERVED
+CVE-2016-7908 (The mcf_fec_do_tx function in hw/net/mcf_fec.c in QEMU (aka Quick ...)
- qemu <unfixed> (bug #839835)
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg05557.html
NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=070c4b92b8cd5390889716677a0b92444d6e087a
-CVE-2016-7907 [net: inifinte loop in imx_fec_do_tx() function]
- RESERVED
+CVE-2016-7907 (The imx_fec_do_tx function in hw/net/imx_fec.c in QEMU (aka Quick ...)
- qemu <unfixed>
[jessie] - qemu <not-affected> (Vulnerable code introduced after v2.5.0-rc0)
[wheezy] - qemu <not-affected> (Vulnerable code introduced after v2.5.0-rc0)
@@ -2534,10 +2733,10 @@
NOT-FOR-US: MuJS
CVE-2016-7562
RESERVED
-CVE-2016-7561
- RESERVED
-CVE-2016-7560
- RESERVED
+CVE-2016-7561 (Fortinet FortiWLC 6.1-2-29 and earlier, 7.0-9-1, 7.0-10-0, 8.0-5-0, ...)
+ TODO: check
+CVE-2016-7560 (The rsyncd server in Fortinet FortiWLC 6.1-2-29 and earlier, 7.0-9-1, ...)
+ TODO: check
CVE-2016-7559
RESERVED
CVE-2016-7558
@@ -2788,8 +2987,8 @@
RESERVED
CVE-2016-7436
RESERVED
-CVE-2016-7435
- RESERVED
+CVE-2016-7435 (The (1) SCTC_REFRESH_EXPORT_TAB_COMP, (2) SCTC_REFRESH_CHECK_ENV, and ...)
+ TODO: check
CVE-2016-7434
RESERVED
CVE-2016-7433
@@ -3441,8 +3640,8 @@
CVE-2016-1000219
RESERVED
- kibana <itp> (bug #700337)
-CVE-2016-1000217
- RESERVED
+CVE-2016-1000217 (Zotpress plugin for WordPress SQLi in zp_get_account() ...)
+ TODO: check
CVE-2016-1000216
RESERVED
CVE-2016-1000215
@@ -3510,8 +3709,7 @@
NOTE: Upstream bug: https://bugzilla.gnome.org/show_bug.cgi?id=698554
NOTE: Introduced by: https://git.gnome.org/browse/file-roller/commit/?id=34b64f3a897c4b4e8e180c028f326bc921eb08ec (3.5.4)
NOTE: Fixed by: https://git.gnome.org/browse/file-roller/commit/?id=f70be1f41688859ec8dbe266df35a1839ceb96c5 (3.20.3)
-CVE-2016-7161 [hw: net: Fix a heap overflow in xlnx.xps-ethernetlite]
- RESERVED
+CVE-2016-7161 (Heap-based buffer overflow in the .receive callback of ...)
- qemu <unfixed> (bug #838850)
- qemu-kvm <removed>
NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=a0d1cbdacff5df4ded16b753b38fdd9da6092968
@@ -4033,8 +4231,7 @@
RESERVED
CVE-2016-7021
RESERVED
-CVE-2016-7020
- RESERVED
+CVE-2016-7020 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 ...)
NOT-FOR-US: Adobe Flash Player
CVE-2016-7019
RESERVED
@@ -4931,10 +5128,10 @@
RESERVED
CVE-2016-6654
RESERVED
-CVE-2016-6653
- RESERVED
-CVE-2016-6652
- RESERVED
+CVE-2016-6653 (The MariaDB audit_plugin component in Pivotal Cloud Foundry (PCF) ...)
+ TODO: check
+CVE-2016-6652 (SQL injection vulnerability in Pivotal Spring Data JPA before 1.9.6 ...)
+ TODO: check
CVE-2016-6651 (The UAA /oauth/token endpoint in Pivotal Cloud Foundry (PCF) before ...)
NOT-FOR-US: Pivotal
CVE-2016-6650
@@ -5933,14 +6130,14 @@
RESERVED
CVE-2016-6437
RESERVED
-CVE-2016-6436
- RESERVED
-CVE-2016-6435
- RESERVED
-CVE-2016-6434
- RESERVED
-CVE-2016-6433
- RESERVED
+CVE-2016-6436 (Cross-site scripting (XSS) vulnerability in HostScan Engine 3.0.08062 ...)
+ TODO: check
+CVE-2016-6435 (The web console in Cisco Firepower Management Center 6.0.1 allows ...)
+ TODO: check
+CVE-2016-6434 (Cisco Firepower Management Center 6.0.1 has hardcoded database ...)
+ TODO: check
+CVE-2016-6433 (The Threat Management Console in Cisco Firepower Management Center ...)
+ TODO: check
CVE-2016-6432
RESERVED
CVE-2016-6431
@@ -5949,32 +6146,32 @@
RESERVED
CVE-2016-6429
RESERVED
-CVE-2016-6428
- RESERVED
-CVE-2016-6427
- RESERVED
-CVE-2016-6426
- RESERVED
-CVE-2016-6425
- RESERVED
-CVE-2016-6424
- RESERVED
-CVE-2016-6423
- RESERVED
-CVE-2016-6422
- RESERVED
-CVE-2016-6421
- RESERVED
+CVE-2016-6428 (Cisco IOS XR 6.1.1 allows local users to execute arbitrary OS commands ...)
+ TODO: check
+CVE-2016-6427 (Cross-site request forgery (CSRF) vulnerability in Cisco Unified ...)
+ TODO: check
+CVE-2016-6426 (The j_spring_security_switch_user function in Cisco Unified ...)
+ TODO: check
+CVE-2016-6425 (Cross-site scripting (XSS) vulnerability in Cisco Unified Intelligence ...)
+ TODO: check
+CVE-2016-6424 (The DHCP Relay implementation in Cisco Adaptive Security Appliance ...)
+ TODO: check
+CVE-2016-6423 (The IKEv2 client and initiator implementations in Cisco IOS 15.5(3)M ...)
+ TODO: check
+CVE-2016-6422 (Cisco IOS 12.2(33)SXJ9 on Supervisor Engine 32 and 720 modules for ...)
+ TODO: check
+CVE-2016-6421 (Cisco IOS XR 5.2.2 allows remote attackers to cause a denial of ...)
+ TODO: check
CVE-2016-6420 (Cisco FireSIGHT System Software 4.10.3 through 5.4.0 in Firepower ...)
TODO: check
CVE-2016-6419 (SQL injection vulnerability in Cisco Firepower Management Center ...)
TODO: check
-CVE-2016-6418
- RESERVED
-CVE-2016-6417
- RESERVED
-CVE-2016-6416
- RESERVED
+CVE-2016-6418 (Cross-site scripting (XSS) vulnerability in Cisco Videoscape ...)
+ TODO: check
+CVE-2016-6417 (Cross-site request forgery (CSRF) vulnerability in Cisco FireSIGHT ...)
+ TODO: check
+CVE-2016-6416 (The FTP service in Cisco AsyncOS on Email Security Appliance (ESA) ...)
+ TODO: check
CVE-2016-6415 (The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and ...)
NOT-FOR-US: Cisco
CVE-2016-6414 (iox in Cisco IOS, possibly 15.6 and earlier, and IOS XE, possibly 3.18 ...)
@@ -6019,12 +6216,12 @@
NOT-FOR-US: Cisco
CVE-2016-6394 (Session fixation vulnerability in Cisco Firepower Management Center ...)
NOT-FOR-US: Cisco
-CVE-2016-6393
- RESERVED
-CVE-2016-6392
- RESERVED
-CVE-2016-6391
- RESERVED
+CVE-2016-6393 (The AAA service in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 ...)
+ TODO: check
+CVE-2016-6392 (Cisco IOS 12.2 and 15.0 through 15.3 and IOS XE 3.1 through 3.9 allow ...)
+ TODO: check
+CVE-2016-6391 (Cisco IOS 12.2 and 15.0 through 15.3 allows remote attackers to cause ...)
+ TODO: check
CVE-2016-6390
RESERVED
CVE-2016-6389
@@ -6033,24 +6230,24 @@
RESERVED
CVE-2016-6387
RESERVED
-CVE-2016-6386
- RESERVED
-CVE-2016-6385
- RESERVED
-CVE-2016-6384
- RESERVED
+CVE-2016-6386 (Cisco IOS XE 3.1 through 3.17 and 16.1 on 64-bit platforms allows ...)
+ TODO: check
+CVE-2016-6385 (Memory leak in the Smart Install client implementation in Cisco IOS ...)
+ TODO: check
+CVE-2016-6384 (Cisco IOS 12.2 through 12.4 and 15.0 through 15.6 and IOS XE 3.1 ...)
+ TODO: check
CVE-2016-6383
RESERVED
-CVE-2016-6382
- RESERVED
-CVE-2016-6381
- RESERVED
-CVE-2016-6380
- RESERVED
-CVE-2016-6379
- RESERVED
-CVE-2016-6378
- RESERVED
+CVE-2016-6382 (Cisco IOS 15.2 through 15.6 and IOS XE 3.6 through 3.17 and 16.1 allow ...)
+ TODO: check
+CVE-2016-6381 (Cisco IOS 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.18 and ...)
+ TODO: check
+CVE-2016-6380 (The DNS forwarder in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 ...)
+ TODO: check
+CVE-2016-6379 (Cisco IOS 12.2 and IOS XE 3.14 through 3.16 and 16.1 allow remote ...)
+ TODO: check
+CVE-2016-6378 (Cisco IOS XE 3.1 through 3.17 and 16.1 through 16.2 allows remote ...)
+ TODO: check
CVE-2016-6377 (Media Origination System Suite Software 2.6 and earlier in Cisco ...)
NOT-FOR-US: Cisco
CVE-2016-6376 (The Adaptive Wireless Intrusion Prevention System (wIPS) feature on ...)
@@ -6657,12 +6854,12 @@
RESERVED
CVE-2016-1000126
RESERVED
-CVE-2016-1000125
- RESERVED
-CVE-2016-1000124
- RESERVED
-CVE-2016-1000123
- RESERVED
+CVE-2016-1000125 (Unauthenticated SQL Injection in Huge-IT Catalog v1.0.7 for Joomla ...)
+ TODO: check
+CVE-2016-1000124 (Unauthenticated SQL Injection in Huge-IT Portfolio Gallery Plugin ...)
+ TODO: check
+CVE-2016-1000123 (Unauthenticated SQL Injection in Huge-IT Video Gallery v1.0.9 for ...)
+ TODO: check
CVE-2016-1000122
RESERVED
CVE-2016-1000121
@@ -6679,12 +6876,12 @@
RESERVED
CVE-2016-1000115
RESERVED
-CVE-2016-1000114
- RESERVED
-CVE-2016-1000113
- RESERVED
-CVE-2016-1000112
- RESERVED
+CVE-2016-1000114 (XSS in huge IT gallery v1.1.5 for Joomla ...)
+ TODO: check
+CVE-2016-1000113 (XSS and SQLi in huge IT gallery v1.1.5 for Joomla ...)
+ TODO: check
+CVE-2016-1000112 (Unauthenticated remote .jpg file upload in contus-video-comments v1.0 ...)
+ TODO: check
CVE-2016-6265 (Use-after-free vulnerability in the pdf_load_xref function in ...)
{DSA-3655-1}
- mupdf 1.9a+ds1-1.1 (bug #832031)
@@ -6867,14 +7064,14 @@
NOTE: https://bugs.erlang.org/browse/ERL-198
NOTE: No part of Erlang does set HTTP_PROXY based on a Proxy: header, just hardening
CVE-2016-1000106
- RESERVED
+ REJECTED
CVE-2016-1000105
RESERVED
CVE-2016-1000103
RESERVED
- nginx <not-affected> (nginx doesn't support CGI)
CVE-2016-1000102
- RESERVED
+ REJECTED
CVE-2016-1000027
RESERVED
- libspring-java 4.2.7-1 (unimportant)
@@ -7002,7 +7199,7 @@
CVE-2016-1000015
RESERVED
CVE-2016-1000014
- RESERVED
+ REJECTED
CVE-2016-1000013
RESERVED
- node-marked <unfixed> (unimportant)
@@ -7075,8 +7272,8 @@
{DSA-3622-1 DLA-555-1}
- python-django 1:1.9.8-1 (bug #831799)
NOTE: https://www.djangoproject.com/weblog/2016/jul/18/security-releases/
-CVE-2016-1000009
- RESERVED
+CVE-2016-1000009 (TP-LINK lost control of two domains, www.tplinklogin.net and ...)
+ TODO: check
CVE-2016-XXXX [Insecure use of /tmp]
- leptonlib <unfixed> (bug #830660)
[jessie] - leptonlib <no-dsa> (Minor issue)
@@ -7174,9 +7371,9 @@
CVE-2016-6164
RESERVED
CVE-2016-1000101
- RESERVED
+ REJECTED
CVE-2016-1000100
- RESERVED
+ REJECTED
CVE-2016-1000008
RESERVED
CVE-2016-1000006
@@ -7508,16 +7705,16 @@
RESERVED
CVE-2016-6028
RESERVED
-CVE-2016-6027
- RESERVED
-CVE-2016-6026
- RESERVED
-CVE-2016-6025
- RESERVED
+CVE-2016-6027 (The Configuration Manager in IBM Sterling Secure Proxy (SSP) 3.4.2 ...)
+ TODO: check
+CVE-2016-6026 (The Configuration Manager in IBM Sterling Secure Proxy (SSP) 3.4.2 ...)
+ TODO: check
+CVE-2016-6025 (The Configuration Manager in IBM Sterling Secure Proxy (SSP) 3.4.2 ...)
+ TODO: check
CVE-2016-6024
RESERVED
-CVE-2016-6023
- RESERVED
+CVE-2016-6023 (Directory traversal vulnerability in the Configuration Manager in IBM ...)
+ TODO: check
CVE-2016-6022
RESERVED
CVE-2016-6021
@@ -8080,8 +8277,8 @@
RESERVED
CVE-2016-5746 (libstorage, libstorage-ng, and yast-storage improperly store ...)
TODO: check
-CVE-2016-5745
- RESERVED
+CVE-2016-5745 (F5 BIG-IP LTM systems 11.x before 11.2.1 HF16, 11.3.x, 11.4.x before ...)
+ TODO: check
CVE-2015-8945 (openshift-node in OpenShift Origin 1.1.6 and earlier improperly stores ...)
NOT-FOR-US: OpenShift
CVE-2015-8944 (The ioresources_init function in kernel/resource.c in the Linux kernel ...)
@@ -8522,6 +8719,7 @@
RESERVED
CVE-2016-5684 [XMP Image Handling Code Execution Vulnerability]
RESERVED
+ {DLA-647-1}
- freeimage <unfixed> (bug #839827)
NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0189/
NOTE: http://freeimage.cvs.sourceforge.net/viewvc/freeimage/FreeImage/Source/FreeImage/PluginXPM.cpp?r1=1.17&r2=1.18
@@ -9786,34 +9984,34 @@
RESERVED
CVE-2015-8904
RESERVED
-CVE-2015-1000013
- RESERVED
-CVE-2015-1000012
- RESERVED
-CVE-2015-1000011
- RESERVED
-CVE-2015-1000010
- RESERVED
-CVE-2015-1000009
- RESERVED
-CVE-2015-1000008
- RESERVED
-CVE-2015-1000007
- RESERVED
-CVE-2015-1000006
- RESERVED
-CVE-2015-1000005
- RESERVED
-CVE-2015-1000004
- RESERVED
-CVE-2015-1000003
- RESERVED
-CVE-2015-1000002
- RESERVED
-CVE-2015-1000001
- RESERVED
-CVE-2015-1000000
- RESERVED
+CVE-2015-1000013 (Remote file upload vulnerability in wordpress plugin csv2wpec-coupon ...)
+ TODO: check
+CVE-2015-1000012 (Local File Inclusion Vulnerability in mypixs v0.3 wordpress plugin ...)
+ TODO: check
+CVE-2015-1000011 (Blind SQL Injection in wordpress plugin dukapress v2.5.9 ...)
+ TODO: check
+CVE-2015-1000010 (Remote file download in simple-image-manipulator v1.0 wordpress plugin ...)
+ TODO: check
+CVE-2015-1000009 (Open proxy in Wordpress plugin google-adsense-and-hotel-booking v1.05 ...)
+ TODO: check
+CVE-2015-1000008 (Path Disclosure Vulnerability in wordpress plugin MP3-jPlayer v2.3.2 ...)
+ TODO: check
+CVE-2015-1000007 (Remote file download vulnerability in wptf-image-gallery v1.03 ...)
+ TODO: check
+CVE-2015-1000006 (Remote file download vulnerability in recent-backups v0.7 wordpress ...)
+ TODO: check
+CVE-2015-1000005 (Remote file download vulnerability in candidate-application-form v1.0 ...)
+ TODO: check
+CVE-2015-1000004 (Open Proxy in filedownload v1.4 wordpress plugin ...)
+ TODO: check
+CVE-2015-1000003 (Open Proxy in filedownload v1.4 wordpress plugin ...)
+ TODO: check
+CVE-2015-1000002 (Open Proxy in filedownload v1.4 wordpress plugin ...)
+ TODO: check
+CVE-2015-1000001 (Remote file upload vulnerability in fast-image-adder v1.1 Wordpress ...)
+ TODO: check
+CVE-2015-1000000 (Remote file upload vulnerability in mailcwp v1.99 wordpress plugin ...)
+ TODO: check
CVE-2016-5299
RESERVED
CVE-2016-5298
@@ -10401,7 +10599,7 @@
CVE-2016-5181
RESERVED
CVE-2016-5180 (Heap-based buffer overflow in the ares_create_query function in c-ares ...)
- {DSA-3682-1}
+ {DSA-3682-1 DLA-648-1}
- c-ares 1.12.0-1 (medium; bug #839151)
NOTE: https://c-ares.haxx.se/adv_20160929.html
NOTE: https://c-ares.haxx.se/CVE-2016-5180.patch
@@ -11554,8 +11752,8 @@
RESERVED
CVE-2016-1000001
RESERVED
-CVE-2016-1000000
- RESERVED
+CVE-2016-1000000 (Ipswitch WhatsUp Gold 16.4.1 WrFreeFormText.asp sUniqueID Parameter ...)
+ TODO: check
CVE-2016-4910
RESERVED
CVE-2016-4909
@@ -12379,8 +12577,8 @@
{DSA-3607-1 DLA-516-1}
- linux 4.5.3-1
NOTE: Fixed by: https://git.kernel.org/linus/e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3 (v4.6-rc6)
-CVE-2016-4551
- RESERVED
+CVE-2016-4551 (The (1) SAP_BASIS and (2) SAP_ABA components 7.00 SP Level 0031 in SAP ...)
+ TODO: check
CVE-2016-4550
RESERVED
CVE-2016-4549
@@ -22612,12 +22810,12 @@
TODO: check
CVE-2016-1456 (The CLI in Cisco IOS XR 6.x through 6.0.1 allows local users to ...)
TODO: check
-CVE-2016-1455
- RESERVED
-CVE-2016-1454
- RESERVED
-CVE-2016-1453
- RESERVED
+CVE-2016-1455 (Cisco NX-OS before 7.0(3)I2(2e) and 7.0(3)I4 before 7.0(3)I4(1) has an ...)
+ TODO: check
+CVE-2016-1454 (Cisco NX-OS 4.0 through 7.3 and 11.0 through 11.2 on 1000v, 2000, ...)
+ TODO: check
+CVE-2016-1453 (Buffer overflow in the Overlay Transport Virtualization (OTV) GRE ...)
+ TODO: check
CVE-2016-1452 (Cisco ASR 5000 devices with software 18.3 through 20.0.0 allow remote ...)
TODO: check
CVE-2016-1451 (Cross-site scripting (XSS) vulnerability in the web-based management ...)
@@ -23464,8 +23662,7 @@
RESERVED
CVE-2016-1247
RESERVED
-CVE-2016-1246
- RESERVED
+CVE-2016-1246 (Buffer overflow in the DBD::mysql module before 4.037 for Perl allows ...)
{DSA-3684-1}
- libdbd-mysql-perl 4.037-1 (low)
NOTE: https://github.com/perl5-dbi/DBD-mysql/commit/7c164a0c86cec6ee95df1d141e67b0e85dfdefd2 (4.037)
@@ -33326,10 +33523,10 @@
TODO: check
CVE-2015-6394 (The kernel in Cisco NX-OS 5.2(9)N1(1) on Nexus 5000 devices allows ...)
TODO: check
-CVE-2015-6393
- RESERVED
-CVE-2015-6392
- RESERVED
+CVE-2015-6393 (Cisco NX-OS 4.1 through 7.3 and 11.0 through 11.2 on Nexus 2000, 3000, ...)
+ TODO: check
+CVE-2015-6392 (Cisco NX-OS 4.1 through 7.3 and 11.0 through 11.2 on Nexus 2000, 5000, ...)
+ TODO: check
CVE-2015-6391 (Cisco Unified SIP 3905 phones allow remote attackers to cause a denial ...)
TODO: check
CVE-2015-6390 (Cross-site scripting (XSS) vulnerability in the management interface ...)
@@ -50818,8 +51015,8 @@
NOT-FOR-US: Cisco
CVE-2015-0722 (The network drivers in Cisco TelePresence T, Cisco TelePresence TE, ...)
NOT-FOR-US: Cisco
-CVE-2015-0721
- RESERVED
+CVE-2015-0721 (Cisco NX-OS 4.0 through 7.3 on Multilayer Director and Nexus 1000V, ...)
+ TODO: check
CVE-2015-0720
RESERVED
CVE-2015-0719
More information about the Secure-testing-commits
mailing list