[Secure-testing-commits] r45723 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Fri Oct 28 21:10:11 UTC 2016
Author: sectracker
Date: 2016-10-28 21:10:11 +0000 (Fri, 28 Oct 2016)
New Revision: 45723
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-10-28 20:54:41 UTC (rev 45722)
+++ data/CVE/list 2016-10-28 21:10:11 UTC (rev 45723)
@@ -1,3 +1,7 @@
+CVE-2014-9910
+ RESERVED
+CVE-2014-9909
+ RESERVED
CVE-2016-XXXX [9pfs: memory leakage in v9fs_write]
- qemu <unfixed>
- qemu-kvm <removed>
@@ -161,6 +165,7 @@
NOTE: https://patchwork.kernel.org/patch/9373631/
CVE-2016-9082 [Out of bounds read in read_png/write_png in cairo-png.c]
RESERVED
+ {DLA-688-1}
- cairo <unfixed> (bug #842289)
NOTE: Upstream bug: https://bugs.freedesktop.org/show_bug.cgi?id=98165
NOTE: Proposed patch upstream: https://bugs.freedesktop.org/attachment.cgi?id=127421
@@ -7924,26 +7929,26 @@
RESERVED
CVE-2016-6447
RESERVED
-CVE-2016-6446
- RESERVED
-CVE-2016-6445
- RESERVED
-CVE-2016-6444
- RESERVED
-CVE-2016-6443
- RESERVED
-CVE-2016-6442
- RESERVED
+CVE-2016-6446 (A vulnerability in Web Bridge for Cisco Meeting Server could allow an ...)
+ TODO: check
+CVE-2016-6445 (A vulnerability in the Extensible Messaging and Presence Protocol ...)
+ TODO: check
+CVE-2016-6444 (A vulnerability in Cisco Meeting Server could allow an unauthenticated, ...)
+ TODO: check
+CVE-2016-6443 (A vulnerability in the Cisco Prime Infrastructure and Evolved ...)
+ TODO: check
+CVE-2016-6442 (A vulnerability in Cisco Finesse Agent and Supervisor Desktop Software ...)
+ TODO: check
CVE-2016-6441
RESERVED
-CVE-2016-6440
- RESERVED
-CVE-2016-6439
- RESERVED
-CVE-2016-6438
- RESERVED
-CVE-2016-6437
- RESERVED
+CVE-2016-6440 (The Cisco Unified Communications Manager (CUCM) may be vulnerable to ...)
+ TODO: check
+CVE-2016-6439 (A vulnerability in the detection engine reassembly of HTTP packets for ...)
+ TODO: check
+CVE-2016-6438 (A vulnerability in Cisco IOS XE Software running on Cisco cBR-8 ...)
+ TODO: check
+CVE-2016-6437 (A vulnerability in the SSL session cache management of Cisco Wide Area ...)
+ TODO: check
CVE-2016-6436 (Cross-site scripting (XSS) vulnerability in HostScan Engine 3.0.08062 ...)
NOT-FOR-US: Cisco
CVE-2016-6435 (The web console in Cisco Firepower Management Center 6.0.1 allows ...)
@@ -7952,10 +7957,10 @@
NOT-FOR-US: Cisco
CVE-2016-6433 (The Threat Management Console in Cisco Firepower Management Center ...)
NOT-FOR-US: Cisco
-CVE-2016-6432
- RESERVED
-CVE-2016-6431
- RESERVED
+CVE-2016-6432 (A vulnerability in the Identity Firewall feature of Cisco ASA Software ...)
+ TODO: check
+CVE-2016-6431 (A vulnerability in the local Certificate Authority (CA) feature of ...)
+ TODO: check
CVE-2016-6430
RESERVED
CVE-2016-6429
@@ -8022,8 +8027,8 @@
NOT-FOR-US: Cisco
CVE-2016-6398 (The PPTP server in Cisco IOS 15.5(3)M does not properly initialize ...)
NOT-FOR-US: Cisco
-CVE-2016-6397
- RESERVED
+CVE-2016-6397 (A vulnerability in the interdevice communications interface of the ...)
+ TODO: check
CVE-2016-6396 (Cisco Firepower Management Center before 6.1 and FireSIGHT System ...)
NOT-FOR-US: Cisco
CVE-2016-6395 (Cross-site scripting (XSS) vulnerability in the web-based management ...)
@@ -8072,8 +8077,8 @@
NOT-FOR-US: Cisco Cloud Services Platform 2100
CVE-2016-6373 (The web-based GUI in Cisco Cloud Services Platform (CSP) 2100 2.0 ...)
NOT-FOR-US: Cisco Cloud Services Platform 2100
-CVE-2016-6372
- RESERVED
+CVE-2016-6372 (A vulnerability in the email message and content filtering for ...)
+ TODO: check
CVE-2016-6371 (Directory traversal vulnerability in the web interface in Cisco Hosted ...)
NOT-FOR-US: Cisco
CVE-2016-6370 (Directory traversal vulnerability in the web interface in Cisco Hosted ...)
@@ -8096,16 +8101,16 @@
NOT-FOR-US: Cisco
CVE-2016-6361 (The Aggregated MAC Protocol Data Unit (AMPDU) implementation on Cisco ...)
NOT-FOR-US: Cisco
-CVE-2016-6360
- RESERVED
+CVE-2016-6360 (A vulnerability in Advanced Malware Protection (AMP) for Cisco Email ...)
+ TODO: check
CVE-2016-6359 (Cross-site scripting (XSS) vulnerability in Cisco Transport Gateway ...)
NOT-FOR-US: Cisco
-CVE-2016-6358
- RESERVED
-CVE-2016-6357
- RESERVED
-CVE-2016-6356
- RESERVED
+CVE-2016-6358 (A vulnerability in local FTP to the Cisco Email Security Appliance ...)
+ TODO: check
+CVE-2016-6357 (A vulnerability in the configured security policies, including drop ...)
+ TODO: check
+CVE-2016-6356 (A vulnerability in the email message filtering feature of Cisco AsyncOS ...)
+ TODO: check
CVE-2016-6355 (Memory leak in Cisco IOS XR 5.1.x through 5.1.3, 5.2.x through 5.2.5, ...)
NOT-FOR-US: Cisco
CVE-2016-6353
@@ -8680,12 +8685,12 @@
TODO: check
CVE-2016-1000123 (Unauthenticated SQL Injection in Huge-IT Video Gallery v1.0.9 for ...)
TODO: check
-CVE-2016-1000122
- RESERVED
-CVE-2016-1000121
- RESERVED
-CVE-2016-1000120
- RESERVED
+CVE-2016-1000122 (XSS and SQLi in Huge IT Joomla Slider v1.0.9 extension ...)
+ TODO: check
+CVE-2016-1000121 (XSS and SQLi in Huge IT Joomla Slider v1.0.9 extension ...)
+ TODO: check
+CVE-2016-1000120 (SQLi and XSS in Huge IT catalog extension v1.0.4 for Joomla ...)
+ TODO: check
CVE-2016-1000119 (SQLi and XSS in Huge IT catalog extension v1.0.4 for Joomla ...)
TODO: check
CVE-2016-1000118 (XSS & SQLi in HugeIT slideshow v1.0.4 ...)
@@ -10054,8 +10059,8 @@
NOT-FOR-US: Blue Coat
CVE-2016-5765
RESERVED
-CVE-2016-5764
- RESERVED
+CVE-2016-5764 (Micro Focus Rumba FTP 4.X client buffer overflow makes it possible to ...)
+ TODO: check
CVE-2016-5763
RESERVED
CVE-2016-5762
@@ -11919,7 +11924,7 @@
TODO: check
CVE-2015-1000005 (Remote file download vulnerability in candidate-application-form v1.0 ...)
TODO: check
-CVE-2015-1000004 (Open Proxy in filedownload v1.4 wordpress plugin ...)
+CVE-2015-1000004 (XSS in filedownload v1.4 wordpress plugin ...)
TODO: check
CVE-2015-1000003 (Blind SQL Injection in filedownload v1.4 wordpress plugin ...)
TODO: check
@@ -24199,8 +24204,8 @@
RESERVED
CVE-2016-1599 (Cross-site scripting (XSS) vulnerability in NetIQ Self Service ...)
TODO: check
-CVE-2016-1598
- RESERVED
+CVE-2016-1598 (XSS in NetIQ IDM 4.5 Identity Applications before 4.5.4 allows ...)
+ TODO: check
CVE-2016-1597
RESERVED
CVE-2016-1596 (Multiple cross-site scripting (XSS) vulnerabilities in Micro Focus ...)
@@ -24211,8 +24216,8 @@
TODO: check
CVE-2016-1593 (Directory traversal vulnerability in the import users feature in Micro ...)
TODO: check
-CVE-2016-1592
- RESERVED
+CVE-2016-1592 (XSS in NetIQ Designer for Identity Manager before 4.5.3 allows remote ...)
+ TODO: check
CVE-2016-1591
RESERVED
CVE-2016-1590
@@ -24624,8 +24629,8 @@
NOT-FOR-US: Siemens
CVE-2016-1487
RESERVED
-CVE-2016-1486
- RESERVED
+CVE-2016-1486 (A vulnerability in the email attachment scanning functionality of the ...)
+ TODO: check
CVE-2016-1485 (Cross-site scripting (XSS) vulnerability in Cisco Identity Services ...)
TODO: check
CVE-2016-1484 (Cisco WebEx Meetings Server 2.6 allows remote attackers to bypass ...)
@@ -24634,10 +24639,10 @@
TODO: check
CVE-2016-1482 (Cisco WebEx Meetings Server 2.6 allows remote attackers to execute ...)
TODO: check
-CVE-2016-1481
- RESERVED
-CVE-2016-1480
- RESERVED
+CVE-2016-1481 (A vulnerability in the email message filtering feature of Cisco AsyncOS ...)
+ TODO: check
+CVE-2016-1480 (A vulnerability in the Multipurpose Internet Mail Extensions (MIME) ...)
+ TODO: check
CVE-2016-1479 (Cisco IP Phone 8800 devices with software 11.0(1) allow remote ...)
TODO: check
CVE-2016-1478 (Cisco IOS 15.5(3)S3, 15.6(1)S2, 15.6(2)S1, and 15.6(2)T1 does not ...)
@@ -24750,8 +24755,8 @@
TODO: check
CVE-2016-1424 (Cisco IOS 15.2(1)T1.11 and 15.2(2)TST allows remote attackers to cause ...)
TODO: check
-CVE-2016-1423
- RESERVED
+CVE-2016-1423 (A vulnerability in the display of email messages in the Messages in ...)
+ TODO: check
CVE-2016-1422
RESERVED
CVE-2016-1421 (The web application on Cisco IP 8800 devices allows remote attackers ...)
@@ -52761,8 +52766,8 @@
RESERVED
CVE-2015-0788
RESERVED
-CVE-2015-0787
- RESERVED
+CVE-2015-0787 (XSS in NetIQ Designer for Identity Manager before 4.5.3 allows remote ...)
+ TODO: check
CVE-2015-0786
RESERVED
CVE-2015-0785
More information about the Secure-testing-commits
mailing list