Author: sectracker Date: 2015-05-29 21:10:15 +0000 (Fri, 29 May 2015) New Revision: 34583
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2015-05-29 18:50:44 UTC (rev 34582) +++ data/CVE/list 2015-05-29 21:10:15 UTC (rev 34583) @@ -1,3 +1,21 @@ +CVE-2015-4135 (Cross-site scripting (XSS) vulnerability in goto.php in phpwind 8.7 ...) + TODO: check +CVE-2015-4134 (Open redirect vulnerability in goto.php in phpwind 8.7 allows remote ...) + TODO: check +CVE-2015-4133 (Unrestricted file upload vulnerability in ...) + TODO: check +CVE-2015-4132 (Multiple cross-site scripting (XSS) vulnerabilities in Aruba Networks ...) + TODO: check +CVE-2015-4131 + RESERVED +CVE-2015-4130 + RESERVED +CVE-2015-4129 + RESERVED +CVE-2015-4128 + RESERVED +CVE-2015-4127 (Cross-site scripting (XSS) vulnerability in the church_admin plugin ...) + TODO: check CVE-2015-XXXX [ns: user namespaces panic] - linux <not-affected> (Introduced and fixed in 4.1-rc1 upstream) - linux-2.6 <not-affected> (Introduced and fixed in 4.1-rc1 upstream) @@ -89,8 +107,8 @@ RESERVED CVE-2015-4086 RESERVED -CVE-2015-4084 - RESERVED +CVE-2015-4084 (Cross-site scripting (XSS) vulnerability in the Free Counter plugin ...) + TODO: check CVE-2015-4083 RESERVED CVE-2015-4082 @@ -2470,8 +2488,7 @@ - postgresql-9.1 <removed> - postgresql-8.4 <removed> [wheezy] - postgresql-8.4 <no-dsa> (postgresql-8.4 in wheezy only provides PL/Perl; EOL upstream) -CVE-2015-3165 - RESERVED +CVE-2015-3165 (Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before ...) {DSA-3270-1 DSA-3269-1 DLA-227-1} - postgresql-9.4 9.4.2-1 - postgresql-9.1 <removed> @@ -6997,10 +7014,10 @@ RESERVED CVE-2015-1552 RESERVED -CVE-2015-1551 - RESERVED -CVE-2015-1550 - RESERVED +CVE-2015-1551 (Directory traversal vulnerability in Aruba Networks ClearPass Policy ...) + TODO: check +CVE-2015-1550 (Directory traversal vulnerability in Aruba Networks ClearPass Policy ...) + TODO: check CVE-2015-1549 RESERVED CVE-2015-1548 (mini_httpd 1.21 and earlier allows remote attackers to obtain ...) @@ -7677,14 +7694,14 @@ NOT-FOR-US: WordPress plugin photo-gallery CVE-2015-1393 (SQL injection vulnerability in the Photo Gallery plugin before 1.2.11 ...) NOT-FOR-US: WordPress plugin photo-gallery -CVE-2015-1392 - RESERVED +CVE-2015-1392 (Multiple SQL injection vulnerabilities in Aruba Networks ClearPass ...) + TODO: check CVE-2015-1391 RESERVED CVE-2015-1390 RESERVED -CVE-2015-1389 - RESERVED +CVE-2015-1389 (Cross-site scripting (XSS) vulnerability in Aruba Networks ClearPass ...) + TODO: check CVE-2015-1388 (The "RAP console" feature in ArubaOS 5.x through 6.2.x, 6.3.x before ...) NOT-FOR-US: ArubaOS CVE-2015-1387 @@ -19577,8 +19594,8 @@ RESERVED CVE-2014-6629 RESERVED -CVE-2014-6628 - RESERVED +CVE-2014-6628 (Aruba Networks ClearPass Policy Manager (CPPM) before 6.5.0 allows ...) + TODO: check CVE-2014-6627 (Aruba Networks ClearPass before 6.3.5 and 6.4.x before 6.4.1 allows ...) NOT-FOR-US: Aruba Networks ClearPass CVE-2014-6626 (Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 does not ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits