[Secure-testing-commits] r57437 - data/CVE

security tracker role Wed, 08 Nov 2017 01:10:55 -0800

Author: sectracker
Date: 2017-11-08 09:10:21 +0000 (Wed, 08 Nov 2017)
New Revision: 57437


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-11-08 08:28:25 UTC (rev 57436)
+++ data/CVE/list       2017-11-08 09:10:21 UTC (rev 57437)
@@ -1,7 +1,47 @@
-CVE-2017-16661 [Local File Read]
+CVE-2017-16663 (In sam2p 0.49.4, there are integer overflows (with resultant 
heap-based ...)
+       TODO: check
+CVE-2017-16662
+       RESERVED
+CVE-2017-16659 (The Gentoo mail-filter/assp package 1.9.8.13030 and earlier 
allows ...)
+       TODO: check
+CVE-2017-16658
+       RESERVED
+CVE-2017-16657
+       RESERVED
+CVE-2017-16656
+       RESERVED
+CVE-2017-16655
+       RESERVED
+CVE-2017-16654
+       RESERVED
+CVE-2017-16653
+       RESERVED
+CVE-2017-16652
+       RESERVED
+CVE-2017-16651
+       RESERVED
+CVE-2017-16650 (The qmi_wwan_bind function in drivers/net/usb/qmi_wwan.c in 
the Linux ...)
+       TODO: check
+CVE-2017-16649 (The usbnet_generic_cdc_bind function in 
drivers/net/usb/cdc_ether.c in ...)
+       TODO: check
+CVE-2017-16648 (The dvb_frontend_free function in 
drivers/media/dvb-core/dvb_frontend.c ...)
+       TODO: check
+CVE-2017-16647 (drivers/net/usb/asix_devices.c in the Linux kernel through 
4.13.11 ...)
+       TODO: check
+CVE-2017-16646 (drivers/media/usb/dvb-usb/dib0700_devices.c in the Linux 
kernel through ...)
+       TODO: check
+CVE-2017-16645 (The ims_pcu_get_cdc_union_desc function in 
drivers/input/misc/ims-pcu.c ...)
+       TODO: check
+CVE-2017-16644 (The hdpvr_probe function in 
drivers/media/usb/hdpvr/hdpvr-core.c in the ...)
+       TODO: check
+CVE-2017-16643 (The parse_hid_report_descriptor function in 
drivers/input/tablet/gtco.c ...)
+       TODO: check
+CVE-2017-16642 (In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 
7.1.11, an ...)
+       TODO: check
+CVE-2017-16661 (Cacti 1.1.27 allows remote authenticated administrators to 
read ...)
        - cacti <unfixed>
        NOTE: https://github.com/Cacti/cacti/issues/1066
-CVE-2017-16660 [RCE]
+CVE-2017-16660 (Cacti 1.1.27 allows remote authenticated administrators to 
conduct ...)
        - cacti <unfixed>
        NOTE: https://github.com/Cacti/cacti/issues/1066
 CVE-2017-16641 (lib/rrd.php in Cacti 1.1.27 allows remote authenticated 
administrators ...)
@@ -12,7 +52,7 @@
        RESERVED
 CVE-2017-16639
        RESERVED
-CVE-2008-7319 [command injection via crafted arguments]
+CVE-2008-7319 (The Net::Ping::External extension through 0.15 for Perl does 
not ...)
        - libnet-ping-external-perl <unfixed> (bug #881097)
        [stretch] - libnet-ping-external-perl <no-dsa> (Remove in next point 
update)
        [jessie] - libnet-ping-external-perl <no-dsa> (Remove in next point 
update)
@@ -58,14 +98,14 @@
        RESERVED
 CVE-2017-16619
        RESERVED
-CVE-2017-16618
-       RESERVED
+CVE-2017-16618 (An exploitable vulnerability exists in the YAML loading 
functionality ...)
+       TODO: check
 CVE-2017-16617
        RESERVED
-CVE-2017-16616
-       RESERVED
-CVE-2017-16615
-       RESERVED
+CVE-2017-16616 (An exploitable vulnerability exists in the YAML parsing 
functionality ...)
+       TODO: check
+CVE-2017-16615 (An exploitable vulnerability exists in the YAML parsing 
functionality ...)
+       TODO: check
 CVE-2017-16614
        RESERVED
 CVE-2017-16613
@@ -172,8 +212,8 @@
        NOT-FOR-US: Vonage
 CVE-2017-16562
        RESERVED
-CVE-2017-16561
-       RESERVED
+CVE-2017-16561 (/view/friend_profile.php in Ingenious School Management System 
2.3.0 is ...)
+       TODO: check
 CVE-2017-16560
        RESERVED
 CVE-2017-16559
@@ -2803,6 +2843,7 @@
 CVE-2017-15567 (The certificate import component in IDEMIA (formerly Morpho) 
...)
        NOT-FOR-US: IDEMIA
 CVE-2017-15566 (Insecure SPANK environment variable handling exists in SchedMD 
Slurm ...)
+       {DSA-4023-1}
        - slurm-llnl 17.02.9-1 (bug #880530)
        [jessie] - slurm-llnl <not-affected> (Vulnerable code introduced later)
        [wheezy] - slurm-llnl <not-affected> (Vulnerable code introduced later)
@@ -76693,8 +76734,8 @@
        RESERVED
 CVE-2016-0873
        RESERVED
-CVE-2016-0872
-       RESERVED
+CVE-2016-0872 (A Plaintext Storage of a Password issue was discovered in 
Kabona AB ...)
+       TODO: check
 CVE-2016-0871 (Eaton Lighting EG2 Web Control 4.04P and earlier allows remote 
...)
        NOT-FOR-US: Eaton Lighting EG2 Web Control
 CVE-2016-0870 (The web server in Trane Tracer SC 4.2.1134 and earlier allows 
remote ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r57437 - data/CVE

Reply via email to