[Secure-testing-commits] r57287 - data/CVE

security tracker role Fri, 03 Nov 2017 14:10:40 -0700

Author: sectracker
Date: 2017-11-03 21:10:17 +0000 (Fri, 03 Nov 2017)
New Revision: 57287


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-11-03 20:48:57 UTC (rev 57286)
+++ data/CVE/list       2017-11-03 21:10:17 UTC (rev 57287)
@@ -1,61 +1,87 @@
-CVE-2017-16511
+CVE-2017-16524
        RESERVED
-CVE-2017-1000171
+CVE-2017-16523 (MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ...)
+       TODO: check
+CVE-2017-16522 (MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ...)
+       TODO: check
+CVE-2017-16521
        RESERVED
-CVE-2017-1000157
+CVE-2017-16520
        RESERVED
-CVE-2017-1000156
+CVE-2017-16519
        RESERVED
-CVE-2017-1000155
+CVE-2017-16518
        RESERVED
-CVE-2017-1000154
+CVE-2017-16517
        RESERVED
-CVE-2017-1000153
+CVE-2017-16516 (In the yajl-ruby gem 1.3.0 for Ruby, when a crafted JSON file 
is ...)
+       TODO: check
+CVE-2017-16515
        RESERVED
-CVE-2017-1000152
+CVE-2017-16514
        RESERVED
-CVE-2017-1000151
+CVE-2017-16513 (Ipswitch WS_FTP Professional before 12.6.0.3 has buffer 
overflows in ...)
+       TODO: check
+CVE-2017-16512
        RESERVED
-CVE-2017-1000150
+CVE-2017-16511
        RESERVED
-CVE-2017-1000149
-       RESERVED
-CVE-2017-1000148
-       RESERVED
-CVE-2017-1000147
-       RESERVED
-CVE-2017-1000146
-       RESERVED
-CVE-2017-1000145
-       RESERVED
-CVE-2017-1000144
-       RESERVED
-CVE-2017-1000143
-       RESERVED
-CVE-2017-1000142
-       RESERVED
+CVE-2017-1000171 (Mahara Mobile before 1.2.1 is vulnerable to passwords being 
sent to ...)
+       TODO: check
+CVE-2017-1000157 (Mahara 15.04 before 15.04.13 and 16.04 before 16.04.7 and 
16.10 before ...)
+       TODO: check
+CVE-2017-1000156 (Mahara 15.04 before 15.04.9 and 15.10 before 15.10.5 and 
16.04 before ...)
+       TODO: check
+CVE-2017-1000155 (Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 
16.04 before ...)
+       TODO: check
+CVE-2017-1000154 (Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 
16.04 before ...)
+       TODO: check
+CVE-2017-1000153 (Mahara 15.04 before 15.04.10 and 15.10 before 15.10.6 and 
16.04 before ...)
+       TODO: check
+CVE-2017-1000152 (Mahara 15.04 before 15.04.7 and 15.10 before 15.10.3 running 
PHP 5.3 ...)
+       TODO: check
+CVE-2017-1000151 (Mahara 15.04 before 15.04.9 and 15.10 before 15.10.5 and 
16.04 before ...)
+       TODO: check
+CVE-2017-1000150 (Mahara 15.04 before 15.04.7 and 15.10 before 15.10.3 are 
vulnerable to ...)
+       TODO: check
+CVE-2017-1000149 (Mahara 1.10 before 1.10.9 and 15.04 before 15.04.6 and 15.10 
before ...)
+       TODO: check
+CVE-2017-1000148 (Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 
16.04 before ...)
+       TODO: check
+CVE-2017-1000147 (Mahara 1.9 before 1.9.8 and 1.10 before 1.10.6 and 15.04 
before ...)
+       TODO: check
+CVE-2017-1000146 (Mahara 1.9 before 1.9.7 and 1.10 before 1.10.5 and 15.04 
before ...)
+       TODO: check
+CVE-2017-1000145 (Mahara 1.9 before 1.9.7 and 1.10 before 1.10.5 and 15.04 
before ...)
+       TODO: check
+CVE-2017-1000144 (Mahara 1.9 before 1.9.6 and 1.10 before 1.10.4 and 15.04 
before ...)
+       TODO: check
+CVE-2017-1000143 (Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 
1.10.3 ...)
+       TODO: check
+CVE-2017-1000142 (Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 
1.10.3 ...)
+       TODO: check
 CVE-2017-1000141
        RESERVED
-CVE-2017-1000140
-       RESERVED
-CVE-2017-1000139
-       RESERVED
-CVE-2017-1000138
-       RESERVED
-CVE-2017-1000137
-       RESERVED
-CVE-2017-1000136
-       RESERVED
-CVE-2017-1000135
-       RESERVED
-CVE-2017-1000134
-       RESERVED
-CVE-2017-1000133
-       RESERVED
-CVE-2017-1000132
-       RESERVED
-CVE-2017-1000131
-       RESERVED
+CVE-2017-1000140 (Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 
1.10.3 ...)
+       TODO: check
+CVE-2017-1000139 (Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 
1.10.3 ...)
+       TODO: check
+CVE-2017-1000138 (Mahara 1.10 before 1.10.0 and 15.04 before 15.04.0 are 
vulnerable to ...)
+       TODO: check
+CVE-2017-1000137 (Mahara 1.10 before 1.10.0 and 15.04 before 15.04.0 are 
vulnerable to ...)
+       TODO: check
+CVE-2017-1000136 (Mahara 1.8 before 1.8.6 and 1.9 before 1.9.4 and 1.10 before 
1.10.1 ...)
+       TODO: check
+CVE-2017-1000135 (Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 
1.10.3 ...)
+       TODO: check
+CVE-2017-1000134 (Mahara 1.8 before 1.8.6 and 1.9 before 1.9.4 and 1.10 before 
1.10.1 ...)
+       TODO: check
+CVE-2017-1000133 (Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 
16.04 before ...)
+       TODO: check
+CVE-2017-1000132 (Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 
1.10.3 ...)
+       TODO: check
+CVE-2017-1000131 (Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 
16.04 before ...)
+       TODO: check
 CVE-2017-16510 (WordPress before 4.8.3 is affected by an issue where 
$wpdb-&gt;prepare() ...)
        - wordpress 4.8.3+dfsg-1 (bug #880528)
        NOTE: https://wpvulndb.com/vulnerabilities/8941
@@ -391,10 +417,12 @@
 CVE-2017-16354
        RESERVED
 CVE-2017-16353 (GraphicsMagick 1.3.26 is vulnerable to a memory information 
disclosure ...)
+       {DLA-1159-1}
        - graphicsmagick 1.3.26-17
        NOTE: 
http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=e4e1c2a581d8
        NOTE: https://blogs.securiteam.com/index.php/archives/3494
 CVE-2017-16352 (GraphicsMagick 1.3.26 is vulnerable to a heap-based buffer 
overflow ...)
+       {DLA-1159-1}
        - graphicsmagick 1.3.26-17
        NOTE: 
http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=7292230dd185
        NOTE: https://blogs.securiteam.com/index.php/archives/3494
@@ -2167,14 +2195,17 @@
 CVE-2017-15724
        RESERVED
 CVE-2017-15723 (In Irssi before 1.0.5, overlong nicks or targets may result in 
a NULL ...)
+       {DSA-4016-1}
        - irssi <unfixed> (bug #879521)
        NOTE: https://irssi.org/security/irssi_sa_2017_10.txt
        NOTE: 
https://github.com/irssi/irssi/commit/43e44d553d44e313003cee87e6ea5e24d68b84a1
 CVE-2017-15722 (In certain cases, Irssi before 1.0.5 may fail to verify that a 
Safe ...)
+       {DSA-4016-1}
        - irssi <unfixed> (bug #879521)
        NOTE: https://irssi.org/security/irssi_sa_2017_10.txt
        NOTE: 
https://github.com/irssi/irssi/commit/43e44d553d44e313003cee87e6ea5e24d68b84a1
 CVE-2017-15721 (In Irssi before 1.0.5, certain incorrectly formatted DCC CTCP 
messages ...)
+       {DSA-4016-1}
        - irssi <unfixed> (bug #879521)
        NOTE: https://irssi.org/security/irssi_sa_2017_10.txt
        NOTE: 
https://github.com/irssi/irssi/commit/43e44d553d44e313003cee87e6ea5e24d68b84a1
@@ -3376,10 +3407,12 @@
 CVE-2017-15229
        RESERVED
 CVE-2017-15228 (Irssi before 1.0.5, when installing themes with unterminated 
colour ...)
+       {DSA-4016-1}
        - irssi <unfixed> (bug #879521)
        NOTE: https://irssi.org/security/irssi_sa_2017_10.txt
        NOTE: 
https://github.com/irssi/irssi/commit/43e44d553d44e313003cee87e6ea5e24d68b84a1
 CVE-2017-15227 (Irssi before 1.0.5, while waiting for the channel 
synchronisation, may ...)
+       {DSA-4016-1}
        - irssi <unfixed> (bug #879521)
        NOTE: https://irssi.org/security/irssi_sa_2017_10.txt
        NOTE: 
https://github.com/irssi/irssi/commit/43e44d553d44e313003cee87e6ea5e24d68b84a1
@@ -4963,7 +4996,7 @@
        - salt <unfixed> (bug #879089)
        NOTE: Fixed by: 
https://github.com/saltstack/salt/commit/80d90307b07b3703428ecbb7c8bb468e28a9ae6d
        NOTE: Fixed by: 
https://github.com/saltstack/salt/commit/206ae23f15cb7ec95a07dee4cbe9802da84f9c42
 (2016.11)
-CVE-2017-14694 (Foxit Reader 8.3.2.25013 allows attackers to execute arbitrary 
code or ...)
+CVE-2017-14694 (Foxit Reader 8.3.2.25013 and earlier and Foxit PhantomPDF 
8.3.2.25013 ...)
        NOT-FOR-US: Foxit Reader
 CVE-2017-14693 (IrfanView 4.44 - 32bit allows attackers to cause a denial of 
service or ...)
        NOT-FOR-US: IrfanView
@@ -5908,8 +5941,8 @@
        RESERVED
 CVE-2017-14360
        RESERVED
-CVE-2017-14359
-       RESERVED
+CVE-2017-14359 (A potential security vulnerability has been identified in HPE 
...)
+       TODO: check
 CVE-2017-14358 (A URL redirection to untrusted site vulnerability in HP 
ArcSight ESM ...)
        NOT-FOR-US: HP ArcSight
 CVE-2017-14357 (A Reflected and Stored Cross-Site Scripting (XSS) 
vulnerability in HP ...)
@@ -24637,7 +24670,7 @@
        NOT-FOR-US: Qualcomm component for Android
 CVE-2014-9960 (In all Android releases from CAF using the Linux kernel, a 
buffer ...)
        NOT-FOR-US: Qualcomm component for Android
-CVE-2017-7894 (WinDjView 2.1 might allow user-assisted attackers to execute 
code via a ...)
+CVE-2017-7894 (WinDjView 2.1 might allow user-assisted attackers to execute 
code via ...)
        NOT-FOR-US: WinDjView
 CVE-2017-7893
        RESERVED


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r57287 - data/CVE

Reply via email to