Author: sectracker Date: 2016-03-21 21:10:11 +0000 (Mon, 21 Mar 2016) New Revision: 40507
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2016-03-21 21:08:56 UTC (rev 40506) +++ data/CVE/list 2016-03-21 21:10:11 UTC (rev 40507) @@ -1,3 +1,9 @@ +CVE-2016-3618 + RESERVED +CVE-2016-3617 + RESERVED +CVE-2016-3616 + RESERVED CVE-2016-3627 [stack exhaustion in libxml2 parsing xml files in recover mode] - libxml2 <unfixed> NOTE: http://www.openwall.com/lists/oss-security/2016/03/21/3 @@ -437,8 +443,8 @@ RESERVED CVE-2016-3398 RESERVED -CVE-2014-9768 - RESERVED +CVE-2014-9768 (** DISPUTED ** IBM Tivoli NetView Access Services (NVAS) allows remote ...) + TODO: check CVE-2016-3397 RESERVED CVE-2016-3396 @@ -901,8 +907,8 @@ RESERVED - linux <unfixed> NOTE: http://xenbits.xen.org/xsa/advisory-171.html -CVE-2016-3155 - RESERVED +CVE-2016-3155 (Siemens APOGEE Insight uses weak permissions for the application ...) + TODO: check CVE-2016-XXXX [use-after-free in unserialisation] - hhvm <unfixed> NOTE: https://github.com/facebook/hhvm/commit/fd456ffad5d164c1563dc8bd97bcc2f200ff6f69 @@ -3554,8 +3560,8 @@ RESERVED CVE-2016-2288 RESERVED -CVE-2016-2287 - RESERVED +CVE-2016-2287 (Cross-site scripting (XSS) vulnerability in XZERES 442SR OS on 442SR ...) + TODO: check CVE-2016-2286 RESERVED CVE-2016-2285 @@ -3566,8 +3572,8 @@ NOT-FOR-US: Moxa ioLogik E2200 devices CVE-2016-2282 (Moxa ioLogik E2200 devices before 3.12 and ioAdmin Configuration ...) NOT-FOR-US: Moxa ioLogik E2200 devices -CVE-2016-2281 - RESERVED +CVE-2016-2281 (Untrusted search path vulnerability in ABB Panel Builder 800 5.1 ...) + TODO: check CVE-2016-2280 RESERVED CVE-2016-2279 (Cross-site scripting (XSS) vulnerability in the web server in Rockwell ...) @@ -3644,8 +3650,7 @@ RESERVED CVE-2016-2246 RESERVED -CVE-2016-2245 - RESERVED +CVE-2016-2245 (HP Support Assistant before 8.1.52.1 allows remote attackers to bypass ...) NOT-FOR-US: HP Support Assistant CVE-2016-2244 (HP LaserJet printers and MFPs and OfficeJet Enterprise printers with ...) NOT-FOR-US: HP LaserJet Printers @@ -4709,7 +4714,7 @@ - iceweasel <not-affected> (Windows-specific) CVE-2016-1975 (Multiple race conditions in dom/media/systemservices/CamerasChild.cpp ...) - iceweasel <not-affected> (Windows-specific) -CVE-2016-1974 (The nsScannerString::AppendUnicodeTo fynction in Mozilla Firefox ...) +CVE-2016-1974 (The nsScannerString::AppendUnicodeTo function in Mozilla Firefox ...) {DSA-3520-1 DSA-3510-1} - iceweasel <unfixed> - firefox-esr 45.0esr-1 @@ -10107,8 +10112,8 @@ RESERVED CVE-2016-0284 RESERVED -CVE-2016-0283 - RESERVED +CVE-2016-0283 (Cross-site scripting (XSS) vulnerability in the OpenID Connect (OIDC) ...) + TODO: check CVE-2016-0282 RESERVED CVE-2016-0281 @@ -11764,12 +11769,12 @@ RESERVED CVE-2015-8155 RESERVED -CVE-2015-8154 - RESERVED -CVE-2015-8153 - RESERVED -CVE-2015-8152 - RESERVED +CVE-2015-8154 (The SysPlant.sys driver in the Application and Device Control (ADC) ...) + TODO: check +CVE-2015-8153 (SQL injection vulnerability in Symantec Endpoint Protection Manager ...) + TODO: check +CVE-2015-8152 (Cross-site request forgery (CSRF) vulnerability in Symantec Endpoint ...) + TODO: check CVE-2015-8151 (Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows ...) NOT-FOR-US: Symantec CVE-2015-8150 (Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows ...) @@ -28967,8 +28972,8 @@ NOT-FOR-US: Serendipity CVE-2015-2287 RESERVED -CVE-2015-2286 - RESERVED +CVE-2015-2286 (lms/templates/footer-edx-new.html in Open edX edx-platform before ...) + TODO: check CVE-2015-2285 (The logrotation script (/etc/cron.daily/upstart) in the Ubuntu Upstart ...) - upstart <not-affected> (Vulnerable cron.daily script not present) CVE-2014-9701 [XSS issue in MantisBT permalink_page.php] _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits