Author: sectracker
Date: 2016-03-16 21:10:12 +0000 (Wed, 16 Mar 2016)
New Revision: 40420
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-03-16 20:53:37 UTC (rev 40419)
+++ data/CVE/list 2016-03-16 21:10:12 UTC (rev 40420)
@@ -1,3 +1,457 @@
+CVE-2016-3397
+ RESERVED
+CVE-2016-3396
+ RESERVED
+CVE-2016-3395
+ RESERVED
+CVE-2016-3394
+ RESERVED
+CVE-2016-3393
+ RESERVED
+CVE-2016-3392
+ RESERVED
+CVE-2016-3391
+ RESERVED
+CVE-2016-3390
+ RESERVED
+CVE-2016-3389
+ RESERVED
+CVE-2016-3388
+ RESERVED
+CVE-2016-3387
+ RESERVED
+CVE-2016-3386
+ RESERVED
+CVE-2016-3385
+ RESERVED
+CVE-2016-3384
+ RESERVED
+CVE-2016-3383
+ RESERVED
+CVE-2016-3382
+ RESERVED
+CVE-2016-3381
+ RESERVED
+CVE-2016-3380
+ RESERVED
+CVE-2016-3379
+ RESERVED
+CVE-2016-3378
+ RESERVED
+CVE-2016-3377
+ RESERVED
+CVE-2016-3376
+ RESERVED
+CVE-2016-3375
+ RESERVED
+CVE-2016-3374
+ RESERVED
+CVE-2016-3373
+ RESERVED
+CVE-2016-3372
+ RESERVED
+CVE-2016-3371
+ RESERVED
+CVE-2016-3370
+ RESERVED
+CVE-2016-3369
+ RESERVED
+CVE-2016-3368
+ RESERVED
+CVE-2016-3367
+ RESERVED
+CVE-2016-3366
+ RESERVED
+CVE-2016-3365
+ RESERVED
+CVE-2016-3364
+ RESERVED
+CVE-2016-3363
+ RESERVED
+CVE-2016-3362
+ RESERVED
+CVE-2016-3361
+ RESERVED
+CVE-2016-3360
+ RESERVED
+CVE-2016-3359
+ RESERVED
+CVE-2016-3358
+ RESERVED
+CVE-2016-3357
+ RESERVED
+CVE-2016-3356
+ RESERVED
+CVE-2016-3355
+ RESERVED
+CVE-2016-3354
+ RESERVED
+CVE-2016-3353
+ RESERVED
+CVE-2016-3352
+ RESERVED
+CVE-2016-3351
+ RESERVED
+CVE-2016-3350
+ RESERVED
+CVE-2016-3349
+ RESERVED
+CVE-2016-3348
+ RESERVED
+CVE-2016-3347
+ RESERVED
+CVE-2016-3346
+ RESERVED
+CVE-2016-3345
+ RESERVED
+CVE-2016-3344
+ RESERVED
+CVE-2016-3343
+ RESERVED
+CVE-2016-3342
+ RESERVED
+CVE-2016-3341
+ RESERVED
+CVE-2016-3340
+ RESERVED
+CVE-2016-3339
+ RESERVED
+CVE-2016-3338
+ RESERVED
+CVE-2016-3337
+ RESERVED
+CVE-2016-3336
+ RESERVED
+CVE-2016-3335
+ RESERVED
+CVE-2016-3334
+ RESERVED
+CVE-2016-3333
+ RESERVED
+CVE-2016-3332
+ RESERVED
+CVE-2016-3331
+ RESERVED
+CVE-2016-3330
+ RESERVED
+CVE-2016-3329
+ RESERVED
+CVE-2016-3328
+ RESERVED
+CVE-2016-3327
+ RESERVED
+CVE-2016-3326
+ RESERVED
+CVE-2016-3325
+ RESERVED
+CVE-2016-3324
+ RESERVED
+CVE-2016-3323
+ RESERVED
+CVE-2016-3322
+ RESERVED
+CVE-2016-3321
+ RESERVED
+CVE-2016-3320
+ RESERVED
+CVE-2016-3319
+ RESERVED
+CVE-2016-3318
+ RESERVED
+CVE-2016-3317
+ RESERVED
+CVE-2016-3316
+ RESERVED
+CVE-2016-3315
+ RESERVED
+CVE-2016-3314
+ RESERVED
+CVE-2016-3313
+ RESERVED
+CVE-2016-3312
+ RESERVED
+CVE-2016-3311
+ RESERVED
+CVE-2016-3310
+ RESERVED
+CVE-2016-3309
+ RESERVED
+CVE-2016-3308
+ RESERVED
+CVE-2016-3307
+ RESERVED
+CVE-2016-3306
+ RESERVED
+CVE-2016-3305
+ RESERVED
+CVE-2016-3304
+ RESERVED
+CVE-2016-3303
+ RESERVED
+CVE-2016-3302
+ RESERVED
+CVE-2016-3301
+ RESERVED
+CVE-2016-3300
+ RESERVED
+CVE-2016-3299
+ RESERVED
+CVE-2016-3298
+ RESERVED
+CVE-2016-3297
+ RESERVED
+CVE-2016-3296
+ RESERVED
+CVE-2016-3295
+ RESERVED
+CVE-2016-3294
+ RESERVED
+CVE-2016-3293
+ RESERVED
+CVE-2016-3292
+ RESERVED
+CVE-2016-3291
+ RESERVED
+CVE-2016-3290
+ RESERVED
+CVE-2016-3289
+ RESERVED
+CVE-2016-3288
+ RESERVED
+CVE-2016-3287
+ RESERVED
+CVE-2016-3286
+ RESERVED
+CVE-2016-3285
+ RESERVED
+CVE-2016-3284
+ RESERVED
+CVE-2016-3283
+ RESERVED
+CVE-2016-3282
+ RESERVED
+CVE-2016-3281
+ RESERVED
+CVE-2016-3280
+ RESERVED
+CVE-2016-3279
+ RESERVED
+CVE-2016-3278
+ RESERVED
+CVE-2016-3277
+ RESERVED
+CVE-2016-3276
+ RESERVED
+CVE-2016-3275
+ RESERVED
+CVE-2016-3274
+ RESERVED
+CVE-2016-3273
+ RESERVED
+CVE-2016-3272
+ RESERVED
+CVE-2016-3271
+ RESERVED
+CVE-2016-3270
+ RESERVED
+CVE-2016-3269
+ RESERVED
+CVE-2016-3268
+ RESERVED
+CVE-2016-3267
+ RESERVED
+CVE-2016-3266
+ RESERVED
+CVE-2016-3265
+ RESERVED
+CVE-2016-3264
+ RESERVED
+CVE-2016-3263
+ RESERVED
+CVE-2016-3262
+ RESERVED
+CVE-2016-3261
+ RESERVED
+CVE-2016-3260
+ RESERVED
+CVE-2016-3259
+ RESERVED
+CVE-2016-3258
+ RESERVED
+CVE-2016-3257
+ RESERVED
+CVE-2016-3256
+ RESERVED
+CVE-2016-3255
+ RESERVED
+CVE-2016-3254
+ RESERVED
+CVE-2016-3253
+ RESERVED
+CVE-2016-3252
+ RESERVED
+CVE-2016-3251
+ RESERVED
+CVE-2016-3250
+ RESERVED
+CVE-2016-3249
+ RESERVED
+CVE-2016-3248
+ RESERVED
+CVE-2016-3247
+ RESERVED
+CVE-2016-3246
+ RESERVED
+CVE-2016-3245
+ RESERVED
+CVE-2016-3244
+ RESERVED
+CVE-2016-3243
+ RESERVED
+CVE-2016-3242
+ RESERVED
+CVE-2016-3241
+ RESERVED
+CVE-2016-3240
+ RESERVED
+CVE-2016-3239
+ RESERVED
+CVE-2016-3238
+ RESERVED
+CVE-2016-3237
+ RESERVED
+CVE-2016-3236
+ RESERVED
+CVE-2016-3235
+ RESERVED
+CVE-2016-3234
+ RESERVED
+CVE-2016-3233
+ RESERVED
+CVE-2016-3232
+ RESERVED
+CVE-2016-3231
+ RESERVED
+CVE-2016-3230
+ RESERVED
+CVE-2016-3229
+ RESERVED
+CVE-2016-3228
+ RESERVED
+CVE-2016-3227
+ RESERVED
+CVE-2016-3226
+ RESERVED
+CVE-2016-3225
+ RESERVED
+CVE-2016-3224
+ RESERVED
+CVE-2016-3223
+ RESERVED
+CVE-2016-3222
+ RESERVED
+CVE-2016-3221
+ RESERVED
+CVE-2016-3220
+ RESERVED
+CVE-2016-3219
+ RESERVED
+CVE-2016-3218
+ RESERVED
+CVE-2016-3217
+ RESERVED
+CVE-2016-3216
+ RESERVED
+CVE-2016-3215
+ RESERVED
+CVE-2016-3214
+ RESERVED
+CVE-2016-3213
+ RESERVED
+CVE-2016-3212
+ RESERVED
+CVE-2016-3211
+ RESERVED
+CVE-2016-3210
+ RESERVED
+CVE-2016-3209
+ RESERVED
+CVE-2016-3208
+ RESERVED
+CVE-2016-3207
+ RESERVED
+CVE-2016-3206
+ RESERVED
+CVE-2016-3205
+ RESERVED
+CVE-2016-3204
+ RESERVED
+CVE-2016-3203
+ RESERVED
+CVE-2016-3202
+ RESERVED
+CVE-2016-3201
+ RESERVED
+CVE-2016-3200
+ RESERVED
+CVE-2016-3199
+ RESERVED
+CVE-2016-3198
+ RESERVED
+CVE-2016-3196
+ RESERVED
+CVE-2016-3195
+ RESERVED
+CVE-2016-3194
+ RESERVED
+CVE-2016-3193
+ RESERVED
+CVE-2016-3192
+ RESERVED
+CVE-2016-3191
+ RESERVED
+CVE-2016-3190
+ RESERVED
+CVE-2016-3189
+ RESERVED
+CVE-2016-3188
+ RESERVED
+CVE-2016-3187
+ RESERVED
+CVE-2016-3186
+ RESERVED
+CVE-2016-3185
+ RESERVED
+CVE-2016-3184
+ RESERVED
+CVE-2016-3180
+ RESERVED
+CVE-2016-3179
+ RESERVED
+CVE-2016-3178
+ RESERVED
+CVE-2016-3177
+ RESERVED
+CVE-2016-3176
+ RESERVED
+CVE-2016-3175
+ RESERVED
+CVE-2016-3174
+ RESERVED
+CVE-2016-3173
+ RESERVED
+CVE-2016-3161
+ RESERVED
+CVE-2016-3160
+ RESERVED
+CVE-2016-3159
+ RESERVED
+CVE-2016-3158
+ RESERVED
+CVE-2016-3157
+ RESERVED
+CVE-2016-3155
+ RESERVED
CVE-2016-XXXX [use-after-free in unserialisation]
- hhvm <unfixed>
NOTE:
https://github.com/facebook/hhvm/commit/fd456ffad5d164c1563dc8bd97bcc2f200ff6f69
@@ -51,6 +505,7 @@
CVE-2016-3143
RESERVED
CVE-2016-3156 [ipv4: Don't do expensive useless work during inetdev destroy]
+ RESERVED
- linux <unfixed>
NOTE: http://www.openwall.com/lists/oss-security/2016/03/15/3
CVE-2016-XXXX [opam: does not verify certificate]
@@ -196,15 +651,18 @@
[wheezy] - flashrom <no-dsa> (Minor issue)
NOTE: https://www.flashrom.org/pipermail/flashrom/2016-March/014523.html
CVE-2016-3183 [Out-Of-Bounds Read in sycc422_to_rgb function]
+ RESERVED
- openjpeg2 <unfixed> (bug #818399)
NOTE: http://www.openwall.com/lists/oss-security/2016/03/14/14
NOTE: https://github.com/uclouvain/openjpeg/issues/726
CVE-2016-3182 [Heap Corruption in opj_free function]
+ RESERVED
- openjpeg2 <unfixed> (bug #818399)
NOTE: http://www.openwall.com/lists/oss-security/2016/03/14/13
NOTE: https://github.com/uclouvain/openjpeg/issues/725
TODO: check, possibly as well src:openjpeg
CVE-2016-3181 [Out-Of-Bounds Read in opj_tcd_free_tile function]
+ RESERVED
- openjpeg2 <unfixed> (bug #818399)
NOTE: http://www.openwall.com/lists/oss-security/2016/03/14/12
NOTE: https://github.com/uclouvain/openjpeg/issues/724
@@ -667,11 +1125,13 @@
CVE-2016-2860
RESERVED
CVE-2016-3154 [Objects injection via unserialize]
+ RESERVED
{DSA-3518-1}
- spip 3.0.22-1
NOTE: http://www.openwall.com/lists/oss-security/2016/03/15/2
NOTE: patch
https://core.spip.net/projects/spip/repository/revisions/22903
CVE-2016-3153 [PHP code injection]
+ RESERVED
{DSA-3518-1}
- spip 3.0.22-1
NOTE: http://www.openwall.com/lists/oss-security/2016/03/15/2
@@ -681,6 +1141,7 @@
NOTE:
https://git.zx2c4.com/cgit/commit/filters/html-converters/txt2html?id=13c2d3df0440ce04273de3149631a9bd97490c6e
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2016/03/05/8
CVE-2016-3172 [SQL Injection Vulnerability]
+ RESERVED
- cacti <unfixed>
NOTE: http://bugs.cacti.net/view.php?id=2667
NOTE: http://www.openwall.com/lists/oss-security/2016/03/10/13
@@ -749,8 +1210,8 @@
RESERVED
CVE-2016-2848
RESERVED
-CVE-2016-2846
- RESERVED
+CVE-2016-2846 (Siemens SIMATIC S7-1200 CPU devices before 4.0 allow remote
attackers ...)
+ TODO: check
CVE-2016-2845 (The Content Security Policy (CSP) implementation in Blink, as
used in ...)
{DSA-3507-1}
- chromium-browser 49.0.2623.75-1
@@ -1642,6 +2103,7 @@
NOTE: https://bugs.exim.org/show_bug.cgi?id=1791
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1311503
CVE-2016-3162 [File upload access bypass and denial of service]
+ RESERVED
{DSA-3498-1}
- drupal8 <itp> (bug #756305)
- drupal7 7.43-1
@@ -1649,6 +2111,7 @@
NOTE: https://www.drupal.org/SA-CORE-2016-001
NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19
CVE-2016-3163 [Brute force amplification attacks via XML-RPC]
+ RESERVED
{DSA-3498-1}
- drupal7 7.43-1
- drupal6 <removed>
@@ -1656,6 +2119,7 @@
NOTE: https://www.drupal.org/SA-CORE-2016-001
NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19
CVE-2016-3164 [Open redirect via path manipulation]
+ RESERVED
{DSA-3498-1}
- drupal8 <itp> (bug #756305)
- drupal7 7.43-1
@@ -1664,24 +2128,28 @@
NOTE: https://www.drupal.org/SA-CORE-2016-001
NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19
CVE-2016-3165 [Form API ignores access restrictions on submit buttons]
+ RESERVED
- drupal7 <not-affected> (Only affects Drupal 6)
- drupal6 <removed>
[squeeze] - drupal6 <end-of-life>
NOTE: https://www.drupal.org/SA-CORE-2016-001
NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19
CVE-2016-3166 [HTTP header injection using line breaks]
+ RESERVED
- drupal7 <not-affected> (Only affects Drupal 6)
- drupal6 <removed>
[squeeze] - drupal6 <end-of-life>
NOTE: https://www.drupal.org/SA-CORE-2016-001
NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19
CVE-2016-3167 [Open redirect via double-encoded 'destination' parameter]
+ RESERVED
- drupal7 <not-affected> (Only affects Drupal 6)
- drupal6 <removed>
[squeeze] - drupal6 <end-of-life>
NOTE: https://www.drupal.org/SA-CORE-2016-001
NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19
CVE-2016-3168 [Reflected file download vulnerability]
+ RESERVED
{DSA-3498-1}
- drupal7 7.43-1
- drupal6 <removed>
@@ -1689,6 +2157,7 @@
NOTE: https://www.drupal.org/SA-CORE-2016-001
NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19
CVE-2016-3169 [Saving user accounts can sometimes grant the user all roles]
+ RESERVED
{DSA-3498-1}
- drupal7 7.43-1
- drupal6 <removed>
@@ -1696,6 +2165,7 @@
NOTE: https://www.drupal.org/SA-CORE-2016-001
NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19
CVE-2016-3170 [Email address can be matched to an account]
+ RESERVED
{DSA-3498-1}
- drupal8 <itp> (bug #756305)
- drupal7 7.43-1
@@ -1703,6 +2173,7 @@
NOTE: https://www.drupal.org/SA-CORE-2016-001
NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19
CVE-2016-3171 [Session data truncation can lead to unserialization of user
provided data]
+ RESERVED
- drupal7 <not-affected> (Only affects Drupal 6)
- drupal6 <removed>
[squeeze] - drupal6 <end-of-life>
@@ -3421,8 +3892,8 @@
RESERVED
CVE-2016-2076
RESERVED
-CVE-2016-2075
- RESERVED
+CVE-2016-2075 (Cross-site scripting (XSS) vulnerability in VMware vRealize
Business ...)
+ TODO: check
CVE-2016-2074
RESERVED
CVE-2016-2072 (The Administrative Web Interface in Citrix NetScaler
Application ...)
@@ -3707,10 +4178,10 @@
RESERVED
CVE-2016-1992
RESERVED
-CVE-2016-1991
- RESERVED
-CVE-2016-1990
- RESERVED
+CVE-2016-1991 (HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1
Patch 2, ...)
+ TODO: check
+CVE-2016-1990 (HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1
Patch 2, ...)
+ TODO: check
CVE-2016-1989 (HPE Network Automation 9.22 through 9.22.02 and 10.x before
10.00.02 ...)
NOT-FOR-US: HPE Network Automation
CVE-2016-1988 (HPE Network Automation 9.22 through 9.22.02 and 10.x before
10.00.02 ...)
@@ -27656,8 +28127,8 @@
NOT-FOR-US: Huawei
CVE-2015-2345
RESERVED
-CVE-2015-2344
- RESERVED
+CVE-2015-2344 (Cross-site scripting (XSS) vulnerability in VMware vRealize
Automation ...)
+ TODO: check
CVE-2015-2343
RESERVED
CVE-2015-2342 (The JMX RMI service in VMware vCenter Server 5.0 before u3e,
5.1 ...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
