Author: sectracker
Date: 2015-12-30 21:10:11 +0000 (Wed, 30 Dec 2015)
New Revision: 38610
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-12-30 20:43:26 UTC (rev 38609)
+++ data/CVE/list 2015-12-30 21:10:11 UTC (rev 38610)
@@ -1,4 +1,63 @@
+CVE-2016-1280
+ RESERVED
+CVE-2016-1279
+ RESERVED
+CVE-2016-1278
+ RESERVED
+CVE-2016-1277
+ RESERVED
+CVE-2016-1276
+ RESERVED
+CVE-2016-1275
+ RESERVED
+CVE-2016-1274
+ RESERVED
+CVE-2016-1273
+ RESERVED
+CVE-2016-1272
+ RESERVED
+CVE-2016-1271
+ RESERVED
+CVE-2016-1270
+ RESERVED
+CVE-2016-1269
+ RESERVED
+CVE-2016-1268
+ RESERVED
+CVE-2016-1267
+ RESERVED
+CVE-2016-1266
+ RESERVED
+CVE-2016-1265
+ RESERVED
+CVE-2016-1264
+ RESERVED
+CVE-2016-1263
+ RESERVED
+CVE-2016-1262
+ RESERVED
+CVE-2016-1261
+ RESERVED
+CVE-2016-1260
+ RESERVED
+CVE-2016-1259
+ RESERVED
+CVE-2016-1258
+ RESERVED
+CVE-2016-1257
+ RESERVED
+CVE-2016-1256
+ RESERVED
+CVE-2015-8706
+ RESERVED
+CVE-2015-8705
+ RESERVED
+CVE-2015-8704
+ RESERVED
+CVE-2015-8703 (ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE and
ZXV10 ...)
+ TODO: check
CVE-2015-8702 [DoS]
+ RESERVED
- inspircd 2.0.20-1
NOTE:
https://github.com/inspircd/inspircd/commit/6058483d9fbc1b904d5ae7cfea47bfcde5c5b559
NOTE: http://www.inspircd.org/2015/04/16/v2019-released.html
@@ -3270,8 +3329,7 @@
RESERVED
CVE-2015-8468
RESERVED
-CVE-2015-8467
- RESERVED
+CVE-2015-8467 (The samldb_check_user_account_control_acl function in ...)
- samba 2:4.1.22+dfsg-1
[wheezy] - samba <not-affected> (Only affects 4.0.0 to 4.3.2)
[squeeze] - samba <not-affected> (Only affects 4.0.0 to 4.3.2)
@@ -5273,32 +5331,32 @@
RESERVED
CVE-2015-7795
RESERVED
-CVE-2015-7794
- RESERVED
-CVE-2015-7793
- RESERVED
-CVE-2015-7792
- RESERVED
-CVE-2015-7791
- RESERVED
-CVE-2015-7790
- RESERVED
-CVE-2015-7789
- RESERVED
-CVE-2015-7788
- RESERVED
-CVE-2015-7787
- RESERVED
-CVE-2015-7786
- RESERVED
+CVE-2015-7794 (Corega CG-WLNCM4G devices provide an open DNS resolver, which
allows ...)
+ TODO: check
+CVE-2015-7793 (Corega CG-WLBARAGM devices provide an open proxy service, which
allows ...)
+ TODO: check
+CVE-2015-7792 (Corega CG-WLBARGS devices allow remote attackers to perform ...)
+ TODO: check
+CVE-2015-7791 (Multiple SQL injection vulnerabilities in admin.php in the
Collne ...)
+ TODO: check
+CVE-2015-7790 (Cross-site scripting (XSS) vulnerability on ASUS Japan
WL-330NUL ...)
+ TODO: check
+CVE-2015-7789 (ASUS Japan WL-330NUL devices with firmware before 3.0.0.42
allow ...)
+ TODO: check
+CVE-2015-7788 (ASUS Japan WL-330NUL devices with firmware before 3.0.0.42
allow ...)
+ TODO: check
+CVE-2015-7787 (ASUS Japan WL-330NUL devices with firmware before 3.0.0.42
allow ...)
+ TODO: check
+CVE-2015-7786 (Cross-site scripting (XSS) vulnerability in the NTT DATA Smart
...)
+ TODO: check
CVE-2015-7785
RESERVED
-CVE-2015-7784
- RESERVED
+CVE-2015-7784 (SQL injection vulnerability in the BOKUBLOCK (1) ...)
+ TODO: check
CVE-2015-7783 (Cross-site scripting (XSS) vulnerability in Let's PHP! p++BBS
before ...)
TODO: check
-CVE-2015-7782
- RESERVED
+CVE-2015-7782 (Cross-site scripting (XSS) vulnerability in Let's PHP! Frame
...)
+ TODO: check
CVE-2015-7781
RESERVED
CVE-2015-7780
@@ -6007,8 +6065,7 @@
RESERVED
CVE-2015-7541
RESERVED
-CVE-2015-7540
- RESERVED
+CVE-2015-7540 (The LDAP server in the AD domain controller in Samba 4.x before
4.1.22 ...)
- samba 2:4.1.22+dfsg-1
[wheezy] - samba <not-affected> (Only affects 4.0.0 to 4.1.21)
[squeeze] - samba <not-affected> (Only affects 4.0.0 to 4.1.21)
@@ -6684,16 +6741,16 @@
TODO: check
CVE-2015-7253 (The Web Console in Commvault Edge Server 10 R2 allows remote
attackers ...)
TODO: check
-CVE-2015-7252
- RESERVED
-CVE-2015-7251
- RESERVED
-CVE-2015-7250
- RESERVED
-CVE-2015-7249
- RESERVED
-CVE-2015-7248
- RESERVED
+CVE-2015-7252 (Cross-site scripting (XSS) vulnerability in cgi-bin/webproc on
ZTE ...)
+ TODO: check
+CVE-2015-7251 (ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE
have a ...)
+ TODO: check
+CVE-2015-7250 (Absolute path traversal vulnerability in cgi-bin/webproc on ZTE
ZXHN ...)
+ TODO: check
+CVE-2015-7249 (ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE
allow ...)
+ TODO: check
+CVE-2015-7248 (ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE
allow ...)
+ TODO: check
CVE-2015-7247
RESERVED
CVE-2015-7246
@@ -7675,7 +7732,7 @@
NOT-FOR-US: EMC Secure Remote Services Virtual Edition
CVE-2015-6851 (EMC RSA SecurID Web Agent before 8.0 allows physically
proximate ...)
NOT-FOR-US: RSA SecurID
-CVE-2015-6850 (EMC VPLEX GeoSynchrony 5.4 SP1 before P3 and 5,5 before Patch 1
has a ...)
+CVE-2015-6850 (EMC VPLEX GeoSynchrony 5.4 SP1 before P3 and 5.5 before Patch 1
has a ...)
NOT-FOR-US: EMC VPLEX
CVE-2015-6849 (EMC NetWorker before 8.0.4.5, 8.1.x before 8.1.3.6, 8.2.x
before ...)
NOT-FOR-US: EMC
@@ -10892,8 +10949,8 @@
TODO: check
CVE-2015-5664
RESERVED
-CVE-2015-5663
- RESERVED
+CVE-2015-5663 (The file-execution functionality in WinRAR before 5.30 beta 5
allows ...)
+ TODO: check
CVE-2015-5662 (Directory traversal vulnerability in Avast before 150918-0
allows ...)
TODO: check
CVE-2015-5661 (The SAND STUDIO AirDroid application 1.1.0 and earlier for
Android ...)
@@ -11809,8 +11866,7 @@
CVE-2015-5331
RESERVED
- moodle <not-affected> (Only affects 2.9 and later)
-CVE-2015-5330
- RESERVED
+CVE-2015-5330 (ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x
before ...)
- samba 2:4.1.22+dfsg-1
[wheezy] - samba <not-affected> (Only affects 4.0.0 to 4.3.2)
[squeeze] - samba <not-affected> (Only affects 4.0.0 to 4.3.2)
@@ -11958,8 +12014,7 @@
- ntp 1:4.2.8p4+dfsg-2
NOTE: https://www.cs.bu.edu/~goldbe/NTPattack.html
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1271076
-CVE-2015-5299
- RESERVED
+CVE-2015-5299 (The shadow_copy2_get_shadow_copy_data function in ...)
- samba 2:4.1.22+dfsg-1
NOTE: https://www.samba.org/samba/security/CVE-2015-5299.html
CVE-2015-5298 [Google Login Plugin for Jenkins authentication bypass]
@@ -11968,8 +12023,7 @@
NOTE:
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-10-12
CVE-2015-5297
RESERVED
-CVE-2015-5296
- RESERVED
+CVE-2015-5296 (Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x
before ...)
- samba 2:4.1.22+dfsg-1
NOTE: https://www.samba.org/samba/security/CVE-2015-5296.html
CVE-2015-5295
@@ -12171,8 +12225,7 @@
TODO: check
CVE-2015-5253 (The SAML Web SSO module in Apache CXF before 2.7.18, 3.0.x
before ...)
NOT-FOR-US: Apache CXF
-CVE-2015-5252
- RESERVED
+CVE-2015-5252 (vfs.c in smbd in Samba 3.x and 4.x before 4.1.22, 4.2.x before
4.2.7, ...)
- samba 2:4.1.22+dfsg-1
NOTE: https://www.samba.org/samba/security/CVE-2015-5252.html
CVE-2015-5251 (OpenStack Image Service (Glance) before 2014.2.4 (juno) and
2015.1.x ...)
@@ -17986,8 +18039,7 @@
NOTE: http://seclists.org/oss-sec/2015/q2/729 has patches for 1.5 and
1.6
CVE-2015-3224 (request.rb in Web Console before 2.1.3, as used with Ruby on
Rails 3.x ...)
NOT-FOR-US: Web Console Ruby Gem
-CVE-2015-3223
- RESERVED
+CVE-2015-3223 (The ldb_wildcard_compare function in ldb_match.c in ldb before
1.1.24, ...)
- samba 2:4.1.22+dfsg-1
[wheezy] - samba <not-affected> (Only affects 4.0.0 to 4.3.2)
[squeeze] - samba <not-affected> (Only affects 4.0.0 to 4.3.2)
@@ -131435,7 +131487,7 @@
CVE-2009-0690 (The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for
Foxit ...)
NOT-FOR-US: Foxit JPEG2000/JBIG2 Decoder add-on
CVE-2009-0689 (Array index error in the (1) dtoa implementation in dtoa.c (aka
...)
- {DSA-1998-1 DSA-1931-1}
+ {DSA-1998-1 DSA-1931-1 DLA-376-1}
- nspr 4.8-2
[etch] - nspr <end-of-life> (Mozilla packages from oldstable no longer
covered by security support)
- kdelibs 4:3.5.10.dfsg.1-3 (medium; bug #559265)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
