Author: sectracker Date: 2017-05-08 09:10:24 +0000 (Mon, 08 May 2017) New Revision: 51405
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-05-08 07:29:50 UTC (rev 51404) +++ data/CVE/list 2017-05-08 09:10:24 UTC (rev 51405) @@ -1,3 +1,61 @@ +CVE-2017-8834 + RESERVED +CVE-2017-8833 (Zen Cart 1.6.0 has XSS in the main_page parameter to index.php. NOTE: ...) + TODO: check +CVE-2017-8832 (Allen Disk 1.6 has XSS in the id parameter to downfile.php. ...) + TODO: check +CVE-2017-8831 (The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c ...) + TODO: check +CVE-2017-8830 (In ImageMagick 7.0.5-6, the ReadBMPImage function in bmp.c:1379 allows ...) + TODO: check +CVE-2017-8828 + RESERVED +CVE-2017-8827 (forgotpassword.php in GeniXCMS 1.0.2 lacks a rate limit, which might ...) + TODO: check +CVE-2017-8826 + RESERVED +CVE-2017-8825 + RESERVED +CVE-2017-8824 + RESERVED +CVE-2017-8823 + RESERVED +CVE-2017-8822 + RESERVED +CVE-2017-8821 + RESERVED +CVE-2017-8820 + RESERVED +CVE-2017-8819 + RESERVED +CVE-2017-8818 + RESERVED +CVE-2017-8817 + RESERVED +CVE-2017-8816 + RESERVED +CVE-2017-8815 + RESERVED +CVE-2017-8814 + RESERVED +CVE-2017-8813 + RESERVED +CVE-2017-8812 + RESERVED +CVE-2017-8811 + RESERVED +CVE-2017-8810 + RESERVED +CVE-2017-8809 + RESERVED +CVE-2017-8808 + RESERVED +CVE-2017-8807 + RESERVED +CVE-2017-8806 + RESERVED +CVE-2017-8805 + RESERVED CVE-2017-1000041 REJECTED CVE-2017-1000040 @@ -34,7 +92,7 @@ REJECTED CVE-2016-1000360 REJECTED -CVE-2017-8829 [insecure YAML validation] +CVE-2017-8829 (Deserialization vulnerability in lintian through 2.5.50.3 allows ...) - lintian <unfixed> (bug #861958) CVE-2017-8804 (The xdr_bytes and xdr_string functions in the GNU C Library (aka glibc ...) - glibc <unfixed> @@ -1612,6 +1670,7 @@ CVE-2017-8115 (Directory traversal in setup/processors/url_search.php (aka the search ...) NOT-FOR-US: MODX CVE-2017-8114 (Roundcube Webmail allows arbitrary password resets by authenticated ...) + {DLA-933-1} - roundcube 1.2.3+dfsg.1-4 (bug #861388) NOTE: https://github.com/roundcube/roundcubemail/releases/tag/1.2.5 NOTE: https://github.com/roundcube/roundcubemail/commit/6e054a37d13dc3772d0aa454a32d5dc3bdcc7003 (1.2.x) @@ -2463,7 +2522,7 @@ RESERVED CVE-2017-7854 (The consume_init_expr function in wasm.c in radare2 1.3.0 allows remote ...) - radare2 <not-affected> (Vulnerable code introduced later) -CVE-2017-7853 (In libosip2 in GNU oSIP 5.0.0, a malformed SIP message can lead to a ...) +CVE-2017-7853 (In libosip2 in GNU oSIP 4.1.0 and 5.0.0, a malformed SIP message can ...) {DLA-898-1} - libosip2 4.1.0-2.1 (bug #860287) NOTE: https://savannah.gnu.org/support/index.php?109265 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits