Author: sectracker
Date: 2017-11-06 21:10:16 +0000 (Mon, 06 Nov 2017)
New Revision: 57382
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-06 20:53:43 UTC (rev 57381)
+++ data/CVE/list 2017-11-06 21:10:16 UTC (rev 57382)
@@ -1,3 +1,127 @@
+CVE-2017-16632
+ RESERVED
+CVE-2017-16631
+ RESERVED
+CVE-2017-16630
+ RESERVED
+CVE-2017-16629
+ RESERVED
+CVE-2017-16628
+ RESERVED
+CVE-2017-16627
+ RESERVED
+CVE-2017-16626
+ RESERVED
+CVE-2017-16625
+ RESERVED
+CVE-2017-16624
+ RESERVED
+CVE-2017-16623
+ RESERVED
+CVE-2017-16622
+ RESERVED
+CVE-2017-16621
+ RESERVED
+CVE-2017-16620
+ RESERVED
+CVE-2017-16619
+ RESERVED
+CVE-2017-16618
+ RESERVED
+CVE-2017-16617
+ RESERVED
+CVE-2017-16616
+ RESERVED
+CVE-2017-16615
+ RESERVED
+CVE-2017-16614
+ RESERVED
+CVE-2017-16613
+ RESERVED
+CVE-2017-16612
+ RESERVED
+CVE-2017-16611
+ RESERVED
+CVE-2017-16610
+ RESERVED
+CVE-2017-16609
+ RESERVED
+CVE-2017-16608
+ RESERVED
+CVE-2017-16607
+ RESERVED
+CVE-2017-16606
+ RESERVED
+CVE-2017-16605
+ RESERVED
+CVE-2017-16604
+ RESERVED
+CVE-2017-16603
+ RESERVED
+CVE-2017-16602
+ RESERVED
+CVE-2017-16601
+ RESERVED
+CVE-2017-16600
+ RESERVED
+CVE-2017-16599
+ RESERVED
+CVE-2017-16598
+ RESERVED
+CVE-2017-16597
+ RESERVED
+CVE-2017-16596
+ RESERVED
+CVE-2017-16595
+ RESERVED
+CVE-2017-16594
+ RESERVED
+CVE-2017-16593
+ RESERVED
+CVE-2017-16592
+ RESERVED
+CVE-2017-16591
+ RESERVED
+CVE-2017-16590
+ RESERVED
+CVE-2017-16589
+ RESERVED
+CVE-2017-16588
+ RESERVED
+CVE-2017-16587
+ RESERVED
+CVE-2017-16586
+ RESERVED
+CVE-2017-16585
+ RESERVED
+CVE-2017-16584
+ RESERVED
+CVE-2017-16583
+ RESERVED
+CVE-2017-16582
+ RESERVED
+CVE-2017-16581
+ RESERVED
+CVE-2017-16580
+ RESERVED
+CVE-2017-16579
+ RESERVED
+CVE-2017-16578
+ RESERVED
+CVE-2017-16577
+ RESERVED
+CVE-2017-16576
+ RESERVED
+CVE-2017-16575
+ RESERVED
+CVE-2017-16574
+ RESERVED
+CVE-2017-16573
+ RESERVED
+CVE-2017-16572
+ RESERVED
+CVE-2017-16571
+ RESERVED
CVE-2017-16570 (KeystoneJS before 4.0.0-beta.7 allows application-wide CSRF
bypass by ...)
NOT-FOR-US: KeystoneJS
CVE-2017-16569 (An Open URL Redirect issue exists in Zurmo 3.2.1.57987acc3018
via an ...)
@@ -1292,8 +1416,8 @@
RESERVED
CVE-2017-16002
RESERVED
-CVE-2017-16001
- RESERVED
+CVE-2017-16001 (In HashiCorp Vagrant VMware Fusion plugin (aka
vagrant-vmware-fusion) ...)
+ TODO: check
CVE-2017-16000 (SQL injection vulnerability in the EyesOfNetwork web interface
(aka ...)
NOT-FOR-US: EyesOfNetwork (EON)
CVE-2017-15999 (In the "NQ Contacts Backup & Restore"
application 1.1 for Android, no ...)
@@ -2436,8 +2560,7 @@
RESERVED
CVE-2017-15673
RESERVED
-CVE-2017-15672
- RESERVED
+CVE-2017-15672 (The read_header function in libavcodec/ffv1dec.c in FFmpeg
3.3.4 and ...)
- ffmpeg <unfixed>
[stretch] - ffmpeg <postponed> (Wait until next round of security
releases)
- libav <undetermined>
@@ -3303,8 +3426,7 @@
RESERVED
CVE-2017-15307
RESERVED
-CVE-2017-15306 [KVM: PPC: Fix oops when checking KVM_CAP_PPC_HTM]
- RESERVED
+CVE-2017-15306 (The kvm_vm_ioctl_check_extension function in
arch/powerpc/kvm/powerpc.c ...)
- linux <unfixed>
[jessie] - linux <not-affected> (Vulnerable code introduced later)
[wheezy] - linux <not-affected> (Vulnerable code introduced later)
@@ -11307,6 +11429,7 @@
CVE-2017-12614
RESERVED
CVE-2017-12613 (When apr_exp_time*() or apr_os_exp_time*() functions are
invoked with ...)
+ {DLA-1162-1}
- apr 1.6.3-1 (low; bug #879708)
[stretch] - apr <no-dsa> (Minor issue)
[jessie] - apr <no-dsa> (Minor issue)
@@ -15205,8 +15328,8 @@
NOT-FOR-US: FineCMS
CVE-2017-11178 (In FineCMS through 2017-07-11,
application/core/controller/style.php ...)
NOT-FOR-US: FineCMS
-CVE-2017-11177
- RESERVED
+CVE-2017-11177 (TRITON AP-EMAIL 8.2 before 8.2 IB does not properly restrict
file ...)
+ TODO: check
CVE-2017-11176 (The mq_notify function in the Linux kernel through 4.11.9 does
not set ...)
{DSA-3945-1 DSA-3927-1 DLA-1099-1}
- linux 4.11.11-1
@@ -26723,8 +26846,8 @@
RESERVED
CVE-2017-7426
RESERVED
-CVE-2017-7425
- RESERVED
+CVE-2017-7425 (Multiple potential reflected XSS issues exist in NetIQ iManager
...)
+ TODO: check
CVE-2017-7424 (A Path Traversal (CWE-22) vulnerability in esfadmingui in Micro
Focus ...)
NOT-FOR-US: Micro Focus
CVE-2017-7423 (A Cross-Site Request Forgery (CWE-352) vulnerability in
esfadmingui in ...)
@@ -80803,8 +80926,7 @@
NOT-FOR-US: Entity Registration module for Drupal
CVE-2015-7879 (Cross-site scripting (XSS) vulnerability in the Stickynote
module 7.x ...)
NOT-FOR-US: Stickynote module for Drupal
-CVE-2015-7878
- RESERVED
+CVE-2015-7878 (Cross-site scripting (XSS) vulnerability in the Taxonomy Find
module ...)
NOT-FOR-US: Taxonomy Find module for Drupal
CVE-2015-7877 (Multiple SQL injection vulnerabilities in the User Dashboard
module ...)
NOT-FOR-US: User Dashboard module for Drupal
@@ -81980,8 +82102,7 @@
REJECTED
CVE-2015-7530
REJECTED
-CVE-2015-7529 [Usage of predictable temporary files allows privilege
escalation]
- RESERVED
+CVE-2015-7529 (sosreport in SoS 3.x allows local users to obtain sensitive ...)
- sosreport 3.2+git276-g7da50d6-3 (unimportant)
NOTE: Neutralised by kernel hardening
CVE-2015-7528 (Kubernetes before 1.2.0-alpha.5 allows remote attackers to read
...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
