Author: sectracker
Date: 2017-11-16 21:10:13 +0000 (Thu, 16 Nov 2017)
New Revision: 57687
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-16 21:05:33 UTC (rev 57686)
+++ data/CVE/list 2017-11-16 21:10:13 UTC (rev 57687)
@@ -1,3 +1,215 @@
+CVE-2018-0085
+ RESERVED
+CVE-2018-0084
+ RESERVED
+CVE-2018-0083
+ RESERVED
+CVE-2018-0082
+ RESERVED
+CVE-2018-0081
+ RESERVED
+CVE-2018-0080
+ RESERVED
+CVE-2018-0079
+ RESERVED
+CVE-2018-0078
+ RESERVED
+CVE-2018-0077
+ RESERVED
+CVE-2018-0076
+ RESERVED
+CVE-2018-0075
+ RESERVED
+CVE-2018-0074
+ RESERVED
+CVE-2018-0073
+ RESERVED
+CVE-2018-0072
+ RESERVED
+CVE-2018-0071
+ RESERVED
+CVE-2018-0070
+ RESERVED
+CVE-2018-0069
+ RESERVED
+CVE-2018-0068
+ RESERVED
+CVE-2018-0067
+ RESERVED
+CVE-2018-0066
+ RESERVED
+CVE-2018-0065
+ RESERVED
+CVE-2018-0064
+ RESERVED
+CVE-2018-0063
+ RESERVED
+CVE-2018-0062
+ RESERVED
+CVE-2018-0061
+ RESERVED
+CVE-2018-0060
+ RESERVED
+CVE-2018-0059
+ RESERVED
+CVE-2018-0058
+ RESERVED
+CVE-2018-0057
+ RESERVED
+CVE-2018-0056
+ RESERVED
+CVE-2018-0055
+ RESERVED
+CVE-2018-0054
+ RESERVED
+CVE-2018-0053
+ RESERVED
+CVE-2018-0052
+ RESERVED
+CVE-2018-0051
+ RESERVED
+CVE-2018-0050
+ RESERVED
+CVE-2018-0049
+ RESERVED
+CVE-2018-0048
+ RESERVED
+CVE-2018-0047
+ RESERVED
+CVE-2018-0046
+ RESERVED
+CVE-2018-0045
+ RESERVED
+CVE-2018-0044
+ RESERVED
+CVE-2018-0043
+ RESERVED
+CVE-2018-0042
+ RESERVED
+CVE-2018-0041
+ RESERVED
+CVE-2018-0040
+ RESERVED
+CVE-2018-0039
+ RESERVED
+CVE-2018-0038
+ RESERVED
+CVE-2018-0037
+ RESERVED
+CVE-2018-0036
+ RESERVED
+CVE-2018-0035
+ RESERVED
+CVE-2018-0034
+ RESERVED
+CVE-2018-0033
+ RESERVED
+CVE-2018-0032
+ RESERVED
+CVE-2018-0031
+ RESERVED
+CVE-2018-0030
+ RESERVED
+CVE-2018-0029
+ RESERVED
+CVE-2018-0028
+ RESERVED
+CVE-2018-0027
+ RESERVED
+CVE-2018-0026
+ RESERVED
+CVE-2018-0025
+ RESERVED
+CVE-2018-0024
+ RESERVED
+CVE-2018-0023
+ RESERVED
+CVE-2018-0022
+ RESERVED
+CVE-2018-0021
+ RESERVED
+CVE-2018-0020
+ RESERVED
+CVE-2018-0019
+ RESERVED
+CVE-2018-0018
+ RESERVED
+CVE-2018-0017
+ RESERVED
+CVE-2018-0016
+ RESERVED
+CVE-2018-0015
+ RESERVED
+CVE-2018-0014
+ RESERVED
+CVE-2018-0013
+ RESERVED
+CVE-2018-0012
+ RESERVED
+CVE-2018-0011
+ RESERVED
+CVE-2018-0010
+ RESERVED
+CVE-2018-0009
+ RESERVED
+CVE-2018-0008
+ RESERVED
+CVE-2018-0007
+ RESERVED
+CVE-2018-0006
+ RESERVED
+CVE-2018-0005
+ RESERVED
+CVE-2018-0004
+ RESERVED
+CVE-2018-0003
+ RESERVED
+CVE-2018-0002
+ RESERVED
+CVE-2018-0001
+ RESERVED
+CVE-2017-16866
+ RESERVED
+CVE-2017-16865
+ RESERVED
+CVE-2017-16864
+ RESERVED
+CVE-2017-16863
+ RESERVED
+CVE-2017-16862
+ RESERVED
+CVE-2017-16861
+ RESERVED
+CVE-2017-16860
+ RESERVED
+CVE-2017-16859
+ RESERVED
+CVE-2017-16858
+ RESERVED
+CVE-2017-16857
+ RESERVED
+CVE-2017-16856
+ RESERVED
+CVE-2017-16855 (Ipsilon before 2.1.0 has a "SAML2 multi-session
vulnerability." ...)
+ TODO: check
+CVE-2017-16854
+ RESERVED
+CVE-2017-16851 (Zoho ManageEngine Applications Manager 13 allows SQL injection
via the ...)
+ TODO: check
+CVE-2017-16850 (Zoho ManageEngine Applications Manager 13 allows SQL injection
via the ...)
+ TODO: check
+CVE-2017-16849 (Zoho ManageEngine Applications Manager 13 allows SQL injection
via the ...)
+ TODO: check
+CVE-2017-16848 (Zoho ManageEngine Applications Manager 13 allows SQL injection
via the ...)
+ TODO: check
+CVE-2017-16847 (Zoho ManageEngine Applications Manager 13 allows SQL injection
via the ...)
+ TODO: check
+CVE-2017-16846 (Zoho ManageEngine Applications Manager 13 allows SQL injection
via the ...)
+ TODO: check
+CVE-2017-16845
+ RESERVED
+CVE-2017-16844 (Heap-based buffer overflow in the loadbuf function in
formisc.c in ...)
+ TODO: check
CVE-2017-16843
RESERVED
CVE-2017-16842 (Cross-site scripting (XSS) vulnerability in ...)
@@ -21,11 +233,12 @@
NOTE: https://github.com/lingej/pnp4nagios/issues/140
CVE-2017-16833 (Stored cross-site scripting (XSS) vulnerability in Gemirro
before ...)
NOT-FOR-US: Gemirro
-CVE-2017-16853 [CPPOST-105]
+CVE-2017-16853 (The DynamicMetadataProvider class in ...)
- opensaml2 <unfixed> (bug #881856)
NOTE:
https://git.shibboleth.net/view/?p=cpp-opensaml.git;a=commit;h=6182b0acf2df670e75423c2ed7afe6950ef11c9d
NOTE: https://shibboleth.net/community/advisories/secadv_20171115.txt
-CVE-2017-16852 [SSPCPP-763]
+CVE-2017-16852 (shibsp/metadata/DynamicMetadataProvider.cpp in the Dynamic ...)
+ {DSA-4038-1}
- shibboleth-sp2 <unfixed> (bug #881857)
NOTE:
https://git.shibboleth.net/view/?p=cpp-sp.git;a=commit;h=b66cceb0e992c351ad5e2c665229ede82f261b16
NOTE: https://shibboleth.net/community/advisories/secadv_20171115.txt
@@ -191,8 +404,8 @@
RESERVED
CVE-2017-16778
RESERVED
-CVE-2017-16777
- RESERVED
+CVE-2017-16777 (If HashiCorp Vagrant VMware Fusion plugin (aka
vagrant-vmware-fusion) ...)
+ TODO: check
CVE-2017-16776
RESERVED
CVE-2017-16775
@@ -689,8 +902,8 @@
NOT-FOR-US: WordPress plugin userpro
CVE-2017-16561 (/view/friend_profile.php in Ingenious School Management System
2.3.0 is ...)
NOT-FOR-US: Ingenious School Management System
-CVE-2017-16560
- RESERVED
+CVE-2017-16560 (SanDisk Secure Access 3.01 vault decrypts and copies encrypted
files ...)
+ TODO: check
CVE-2017-16559
RESERVED
CVE-2017-16558
@@ -2703,8 +2916,8 @@
RESERVED
CVE-2017-15865 (bgpd in FRRouting (FRR) before 2.0.2 and 3.x before 3.0.2, as
used in ...)
- frr <itp> (bug #863249)
-CVE-2017-15864
- RESERVED
+CVE-2017-15864 (In the Agent Frontend in Open Ticket Request System (OTRS)
3.3.x ...)
+ TODO: check
CVE-2016-10517 (networking.c in Redis before 3.2.7 allows "Cross Protocol
Scripting" ...)
{DLA-1161-1}
- redis 3:3.2.7-1
@@ -4619,6 +4832,7 @@
NOTE: Fixed by:
http://git.gluster.org/cgit/glusterfs.git/commit/?id=1f48d17fee0cac95648ec34d13f038b27ef5c6ac
CVE-2017-15095 [Incomplete fixes for CVE-2017-7525]
RESERVED
+ {DSA-4037-1}
- jackson-databind 2.9.1-1
NOTE: The Debian upload for stretch (2.8.6-1+deb9u1) and jessie
(2.4.2-2+deb8u1)
NOTE: misses the further sets of blacklists, in particular as well
@@ -32827,8 +33041,8 @@
RESERVED
CVE-2017-5739
RESERVED
-CVE-2017-5738
- RESERVED
+CVE-2017-5738 (Escalation of privilege vulnerability in admin portal for Intel
Unite ...)
+ TODO: check
CVE-2017-5737
RESERVED
CVE-2017-5736
@@ -45780,12 +45994,12 @@
RESERVED
CVE-2017-1089
RESERVED
-CVE-2017-1088
- RESERVED
-CVE-2017-1087
- RESERVED
-CVE-2017-1086
- RESERVED
+CVE-2017-1088 (In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p4,
11.0-RELEASE-p15, ...)
+ TODO: check
+CVE-2017-1087 (In FreeBSD 10.x before 10.4-STABLE, 10.4-RELEASE-p3, and ...)
+ TODO: check
+CVE-2017-1086 (In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p4,
11.0-RELEASE-p15, ...)
+ TODO: check
CVE-2017-1085
RESERVED
CVE-2017-1084
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
