Author: sectracker Date: 2017-11-10 21:10:14 +0000 (Fri, 10 Nov 2017) New Revision: 57535
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-11-10 20:59:55 UTC (rev 57534) +++ data/CVE/list 2017-11-10 21:10:14 UTC (rev 57535) @@ -1,13 +1,43 @@ -CVE-2017-16764 +CVE-2017-16779 RESERVED -CVE-2017-16763 +CVE-2017-16778 RESERVED -CVE-2017-16762 +CVE-2017-16777 RESERVED -CVE-2017-16761 +CVE-2017-16776 RESERVED -CVE-2017-16760 +CVE-2017-16775 RESERVED +CVE-2017-16774 + RESERVED +CVE-2017-16773 + RESERVED +CVE-2017-16772 + RESERVED +CVE-2017-16771 + RESERVED +CVE-2017-16770 + RESERVED +CVE-2017-16769 + RESERVED +CVE-2017-16768 + RESERVED +CVE-2017-16767 + RESERVED +CVE-2017-16766 + RESERVED +CVE-2017-16765 (XSS exists on D-Link DWR-933 1.00(WW)B17 devices via cgi-bin/gui.cgi. ...) + TODO: check +CVE-2017-16764 (An exploitable vulnerability exists in the YAML parsing functionality ...) + TODO: check +CVE-2017-16763 (An exploitable vulnerability exists in the YAML parsing functionality ...) + TODO: check +CVE-2017-16762 (Sanic before 0.5.1 allows reading arbitrary files with directory ...) + TODO: check +CVE-2017-16761 (An Open Redirect vulnerability in Inedo BuildMaster before 5.8.2 allows ...) + TODO: check +CVE-2017-16760 (Inedo BuildMaster before 5.8.2 has XSS. ...) + TODO: check CVE-2017-16759 (The installation process in LibreNMS before 2017-08-18 allows remote ...) NOT-FOR-US: LibreNMS CVE-2017-16758 (Cross-site scripting (XSS) vulnerability in ...) @@ -195,6 +225,7 @@ CVE-2017-16670 RESERVED CVE-2017-16669 (coders/wpg.c in GraphicsMagick 1.3.26 allows remote attackers to cause ...) + {DLA-1168-1} - graphicsmagick <unfixed> NOTE: https://sourceforge.net/p/graphicsmagick/bugs/450/ NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/135bdcb88b8d @@ -557,8 +588,8 @@ NOT-FOR-US: MitraStar CVE-2017-16522 (MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ...) NOT-FOR-US: MitraStar -CVE-2017-16521 - RESERVED +CVE-2017-16521 (In Inedo BuildMaster before 5.8.2, XslTransform was used where ...) + TODO: check CVE-2017-16520 RESERVED CVE-2017-16519 @@ -3137,7 +3168,7 @@ CVE-2017-15539 (SQL Injection exists in zorovavi/blog through 2017-10-17 via the id ...) NOT-FOR-US: zorovavi/blog CVE-2017-15587 (An integer overflow was discovered in pdf_read_new_xref_section in ...) - {DSA-4006-1 DLA-1164-1} + {DSA-4006-2 DSA-4006-1 DLA-1164-1} - mupdf 1.11+ds1-2 (bug #879055) NOTE: http://git.ghostscript.com/?p=mupdf.git;h=82df2631d7d0446b206ea6b434ea609b6c28b0e8 NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698605 (not public) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits