[Secure-testing-commits] r51405 - data/CVE

Mon, 08 May 2017 02:11:03 -0700 

Author: sectracker
Date: 2017-05-08 09:10:24 +0000 (Mon, 08 May 2017)
New Revision: 51405

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-05-08 07:29:50 UTC (rev 51404)
+++ data/CVE/list       2017-05-08 09:10:24 UTC (rev 51405)
@@ -1,3 +1,61 @@
+CVE-2017-8834
+       RESERVED
+CVE-2017-8833 (Zen Cart 1.6.0 has XSS in the main_page parameter to index.php. 
NOTE: ...)
+       TODO: check
+CVE-2017-8832 (Allen Disk 1.6 has XSS in the id parameter to downfile.php. ...)
+       TODO: check
+CVE-2017-8831 (The saa7164_bus_get function in 
drivers/media/pci/saa7164/saa7164-bus.c ...)
+       TODO: check
+CVE-2017-8830 (In ImageMagick 7.0.5-6, the ReadBMPImage function in bmp.c:1379 
allows ...)
+       TODO: check
+CVE-2017-8828
+       RESERVED
+CVE-2017-8827 (forgotpassword.php in GeniXCMS 1.0.2 lacks a rate limit, which 
might ...)
+       TODO: check
+CVE-2017-8826
+       RESERVED
+CVE-2017-8825
+       RESERVED
+CVE-2017-8824
+       RESERVED
+CVE-2017-8823
+       RESERVED
+CVE-2017-8822
+       RESERVED
+CVE-2017-8821
+       RESERVED
+CVE-2017-8820
+       RESERVED
+CVE-2017-8819
+       RESERVED
+CVE-2017-8818
+       RESERVED
+CVE-2017-8817
+       RESERVED
+CVE-2017-8816
+       RESERVED
+CVE-2017-8815
+       RESERVED
+CVE-2017-8814
+       RESERVED
+CVE-2017-8813
+       RESERVED
+CVE-2017-8812
+       RESERVED
+CVE-2017-8811
+       RESERVED
+CVE-2017-8810
+       RESERVED
+CVE-2017-8809
+       RESERVED
+CVE-2017-8808
+       RESERVED
+CVE-2017-8807
+       RESERVED
+CVE-2017-8806
+       RESERVED
+CVE-2017-8805
+       RESERVED
 CVE-2017-1000041
        REJECTED
 CVE-2017-1000040
@@ -34,7 +92,7 @@
        REJECTED
 CVE-2016-1000360
        REJECTED
-CVE-2017-8829 [insecure YAML validation]
+CVE-2017-8829 (Deserialization vulnerability in lintian through 2.5.50.3 
allows ...)
        - lintian <unfixed> (bug #861958)
 CVE-2017-8804 (The xdr_bytes and xdr_string functions in the GNU C Library 
(aka glibc ...)
        - glibc <unfixed>
@@ -1612,6 +1670,7 @@
 CVE-2017-8115 (Directory traversal in setup/processors/url_search.php (aka the 
search ...)
        NOT-FOR-US: MODX
 CVE-2017-8114 (Roundcube Webmail allows arbitrary password resets by 
authenticated ...)
+       {DLA-933-1}
        - roundcube 1.2.3+dfsg.1-4 (bug #861388)
        NOTE: https://github.com/roundcube/roundcubemail/releases/tag/1.2.5
        NOTE: 
https://github.com/roundcube/roundcubemail/commit/6e054a37d13dc3772d0aa454a32d5dc3bdcc7003
 (1.2.x)
@@ -2463,7 +2522,7 @@
        RESERVED
 CVE-2017-7854 (The consume_init_expr function in wasm.c in radare2 1.3.0 
allows remote ...)
        - radare2 <not-affected> (Vulnerable code introduced later)
-CVE-2017-7853 (In libosip2 in GNU oSIP 5.0.0, a malformed SIP message can lead 
to a ...)
+CVE-2017-7853 (In libosip2 in GNU oSIP 4.1.0 and 5.0.0, a malformed SIP 
message can ...)
        {DLA-898-1}
        - libosip2 4.1.0-2.1 (bug #860287)
        NOTE: https://savannah.gnu.org/support/index.php?109265


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to