[Secure-testing-commits] r57535 - data/CVE

Fri, 10 Nov 2017 13:10:38 -0800 

Author: sectracker
Date: 2017-11-10 21:10:14 +0000 (Fri, 10 Nov 2017)
New Revision: 57535

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-11-10 20:59:55 UTC (rev 57534)
+++ data/CVE/list       2017-11-10 21:10:14 UTC (rev 57535)
@@ -1,13 +1,43 @@
-CVE-2017-16764
+CVE-2017-16779
        RESERVED
-CVE-2017-16763
+CVE-2017-16778
        RESERVED
-CVE-2017-16762
+CVE-2017-16777
        RESERVED
-CVE-2017-16761
+CVE-2017-16776
        RESERVED
-CVE-2017-16760
+CVE-2017-16775
        RESERVED
+CVE-2017-16774
+       RESERVED
+CVE-2017-16773
+       RESERVED
+CVE-2017-16772
+       RESERVED
+CVE-2017-16771
+       RESERVED
+CVE-2017-16770
+       RESERVED
+CVE-2017-16769
+       RESERVED
+CVE-2017-16768
+       RESERVED
+CVE-2017-16767
+       RESERVED
+CVE-2017-16766
+       RESERVED
+CVE-2017-16765 (XSS exists on D-Link DWR-933 1.00(WW)B17 devices via 
cgi-bin/gui.cgi. ...)
+       TODO: check
+CVE-2017-16764 (An exploitable vulnerability exists in the YAML parsing 
functionality ...)
+       TODO: check
+CVE-2017-16763 (An exploitable vulnerability exists in the YAML parsing 
functionality ...)
+       TODO: check
+CVE-2017-16762 (Sanic before 0.5.1 allows reading arbitrary files with 
directory ...)
+       TODO: check
+CVE-2017-16761 (An Open Redirect vulnerability in Inedo BuildMaster before 
5.8.2 allows ...)
+       TODO: check
+CVE-2017-16760 (Inedo BuildMaster before 5.8.2 has XSS. ...)
+       TODO: check
 CVE-2017-16759 (The installation process in LibreNMS before 2017-08-18 allows 
remote ...)
        NOT-FOR-US: LibreNMS
 CVE-2017-16758 (Cross-site scripting (XSS) vulnerability in ...)
@@ -195,6 +225,7 @@
 CVE-2017-16670
        RESERVED
 CVE-2017-16669 (coders/wpg.c in GraphicsMagick 1.3.26 allows remote attackers 
to cause ...)
+       {DLA-1168-1}
        - graphicsmagick <unfixed>
        NOTE: https://sourceforge.net/p/graphicsmagick/bugs/450/
        NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/135bdcb88b8d
@@ -557,8 +588,8 @@
        NOT-FOR-US: MitraStar
 CVE-2017-16522 (MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ...)
        NOT-FOR-US: MitraStar
-CVE-2017-16521
-       RESERVED
+CVE-2017-16521 (In Inedo BuildMaster before 5.8.2, XslTransform was used where 
...)
+       TODO: check
 CVE-2017-16520
        RESERVED
 CVE-2017-16519
@@ -3137,7 +3168,7 @@
 CVE-2017-15539 (SQL Injection exists in zorovavi/blog through 2017-10-17 via 
the id ...)
        NOT-FOR-US: zorovavi/blog
 CVE-2017-15587 (An integer overflow was discovered in 
pdf_read_new_xref_section in ...)
-       {DSA-4006-1 DLA-1164-1}
+       {DSA-4006-2 DSA-4006-1 DLA-1164-1}
        - mupdf 1.11+ds1-2 (bug #879055)
        NOTE: 
http://git.ghostscript.com/?p=mupdf.git;h=82df2631d7d0446b206ea6b434ea609b6c28b0e8
        NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698605 (not public)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to