Author: sectracker
Date: 2016-03-21 21:10:11 +0000 (Mon, 21 Mar 2016)
New Revision: 40507
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-03-21 21:08:56 UTC (rev 40506)
+++ data/CVE/list 2016-03-21 21:10:11 UTC (rev 40507)
@@ -1,3 +1,9 @@
+CVE-2016-3618
+ RESERVED
+CVE-2016-3617
+ RESERVED
+CVE-2016-3616
+ RESERVED
CVE-2016-3627 [stack exhaustion in libxml2 parsing xml files in recover mode]
- libxml2 <unfixed>
NOTE: http://www.openwall.com/lists/oss-security/2016/03/21/3
@@ -437,8 +443,8 @@
RESERVED
CVE-2016-3398
RESERVED
-CVE-2014-9768
- RESERVED
+CVE-2014-9768 (** DISPUTED ** IBM Tivoli NetView Access Services (NVAS) allows
remote ...)
+ TODO: check
CVE-2016-3397
RESERVED
CVE-2016-3396
@@ -901,8 +907,8 @@
RESERVED
- linux <unfixed>
NOTE: http://xenbits.xen.org/xsa/advisory-171.html
-CVE-2016-3155
- RESERVED
+CVE-2016-3155 (Siemens APOGEE Insight uses weak permissions for the
application ...)
+ TODO: check
CVE-2016-XXXX [use-after-free in unserialisation]
- hhvm <unfixed>
NOTE:
https://github.com/facebook/hhvm/commit/fd456ffad5d164c1563dc8bd97bcc2f200ff6f69
@@ -3554,8 +3560,8 @@
RESERVED
CVE-2016-2288
RESERVED
-CVE-2016-2287
- RESERVED
+CVE-2016-2287 (Cross-site scripting (XSS) vulnerability in XZERES 442SR OS on
442SR ...)
+ TODO: check
CVE-2016-2286
RESERVED
CVE-2016-2285
@@ -3566,8 +3572,8 @@
NOT-FOR-US: Moxa ioLogik E2200 devices
CVE-2016-2282 (Moxa ioLogik E2200 devices before 3.12 and ioAdmin
Configuration ...)
NOT-FOR-US: Moxa ioLogik E2200 devices
-CVE-2016-2281
- RESERVED
+CVE-2016-2281 (Untrusted search path vulnerability in ABB Panel Builder 800
5.1 ...)
+ TODO: check
CVE-2016-2280
RESERVED
CVE-2016-2279 (Cross-site scripting (XSS) vulnerability in the web server in
Rockwell ...)
@@ -3644,8 +3650,7 @@
RESERVED
CVE-2016-2246
RESERVED
-CVE-2016-2245
- RESERVED
+CVE-2016-2245 (HP Support Assistant before 8.1.52.1 allows remote attackers to
bypass ...)
NOT-FOR-US: HP Support Assistant
CVE-2016-2244 (HP LaserJet printers and MFPs and OfficeJet Enterprise printers
with ...)
NOT-FOR-US: HP LaserJet Printers
@@ -4709,7 +4714,7 @@
- iceweasel <not-affected> (Windows-specific)
CVE-2016-1975 (Multiple race conditions in
dom/media/systemservices/CamerasChild.cpp ...)
- iceweasel <not-affected> (Windows-specific)
-CVE-2016-1974 (The nsScannerString::AppendUnicodeTo fynction in Mozilla
Firefox ...)
+CVE-2016-1974 (The nsScannerString::AppendUnicodeTo function in Mozilla
Firefox ...)
{DSA-3520-1 DSA-3510-1}
- iceweasel <unfixed>
- firefox-esr 45.0esr-1
@@ -10107,8 +10112,8 @@
RESERVED
CVE-2016-0284
RESERVED
-CVE-2016-0283
- RESERVED
+CVE-2016-0283 (Cross-site scripting (XSS) vulnerability in the OpenID Connect
(OIDC) ...)
+ TODO: check
CVE-2016-0282
RESERVED
CVE-2016-0281
@@ -11764,12 +11769,12 @@
RESERVED
CVE-2015-8155
RESERVED
-CVE-2015-8154
- RESERVED
-CVE-2015-8153
- RESERVED
-CVE-2015-8152
- RESERVED
+CVE-2015-8154 (The SysPlant.sys driver in the Application and Device Control
(ADC) ...)
+ TODO: check
+CVE-2015-8153 (SQL injection vulnerability in Symantec Endpoint Protection
Manager ...)
+ TODO: check
+CVE-2015-8152 (Cross-site request forgery (CSRF) vulnerability in Symantec
Endpoint ...)
+ TODO: check
CVE-2015-8151 (Symantec Encryption Management Server (SEMS) 3.3.2 before MP12
allows ...)
NOT-FOR-US: Symantec
CVE-2015-8150 (Symantec Encryption Management Server (SEMS) 3.3.2 before MP12
allows ...)
@@ -28967,8 +28972,8 @@
NOT-FOR-US: Serendipity
CVE-2015-2287
RESERVED
-CVE-2015-2286
- RESERVED
+CVE-2015-2286 (lms/templates/footer-edx-new.html in Open edX edx-platform
before ...)
+ TODO: check
CVE-2015-2285 (The logrotation script (/etc/cron.daily/upstart) in the Ubuntu
Upstart ...)
- upstart <not-affected> (Vulnerable cron.daily script not present)
CVE-2014-9701 [XSS issue in MantisBT permalink_page.php]
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
