[Secure-testing-commits] r52226 - data/CVE

security tracker role Fri, 02 Jun 2017 02:11:20 -0700

Author: sectracker
Date: 2017-06-02 09:10:13 +0000 (Fri, 02 Jun 2017)
New Revision: 52226


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-06-02 08:45:36 UTC (rev 52225)
+++ data/CVE/list       2017-06-02 09:10:13 UTC (rev 52226)
@@ -1,36 +1,54 @@
-CVE-2017-9358 [AST-2017-004: Memory exhaustion on short SCCP packets]
+CVE-2017-9366 (Telaxus EPESI 1.8.2 and earlier has a Stored Cross-site 
Scripting (XSS) ...)
+       TODO: check
+CVE-2017-9365 (CSRF exists in BigTree CMS through 4.2.18 with the force 
parameter to ...)
+       TODO: check
+CVE-2017-9364 (Unrestricted File Upload exists in BigTree CMS through 4.2.18: 
if an ...)
+       TODO: check
+CVE-2017-9363 (Untrusted Java serialization in Soffid IAM console before 1.7.5 
allows ...)
+       TODO: check
+CVE-2017-9362
+       RESERVED
+CVE-2017-9361 (WebsiteBaker v2.10.0 has a stored XSS vulnerability in ...)
+       TODO: check
+CVE-2017-9360 (WebsiteBaker v2.10.0 has a SQL injection vulnerability in ...)
+       TODO: check
+CVE-2017-9357
+       RESERVED
+CVE-2017-9356
+       RESERVED
+CVE-2017-9358 (A memory exhaustion vulnerability exists in Asterisk Open 
Source 13.x ...)
        - asterisk <unfixed> (bug #863906)
        NOTE: http://downloads.asterisk.org/pub/security/AST-2017-004.txt
-CVE-2017-9359 [AST-2017-003: Crash in PJSIP multi-part body parser]
+CVE-2017-9359 (The multi-part body parser in PJSIP, as used in Asterisk Open 
Source ...)
        - pjproject <unfixed> (bug #863902)
        NOTE: http://downloads.asterisk.org/pub/security/AST-2017-003.txt
        NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-26939
 CVE-2017-9355
        RESERVED
-CVE-2017-9354
-       RESERVED
-CVE-2017-9353
-       RESERVED
-CVE-2017-9352
-       RESERVED
-CVE-2017-9351
-       RESERVED
-CVE-2017-9350
-       RESERVED
-CVE-2017-9349
-       RESERVED
-CVE-2017-9348
-       RESERVED
-CVE-2017-9347
-       RESERVED
-CVE-2017-9346
-       RESERVED
-CVE-2017-9345
-       RESERVED
-CVE-2017-9344
-       RESERVED
-CVE-2017-9343
-       RESERVED
+CVE-2017-9354 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the RGMP 
dissector ...)
+       TODO: check
+CVE-2017-9353 (In Wireshark 2.2.0 to 2.2.6, the IPv6 dissector could crash. 
This was ...)
+       TODO: check
+CVE-2017-9352 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bazaar 
dissector ...)
+       TODO: check
+CVE-2017-9351 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP 
dissector ...)
+       TODO: check
+CVE-2017-9350 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the openSAFETY 
...)
+       TODO: check
+CVE-2017-9349 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DICOM 
dissector ...)
+       TODO: check
+CVE-2017-9348 (In Wireshark 2.2.0 to 2.2.6, the DOF dissector could read past 
the end ...)
+       TODO: check
+CVE-2017-9347 (In Wireshark 2.2.0 to 2.2.6, the ROS dissector could crash with 
a NULL ...)
+       TODO: check
+CVE-2017-9346 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the SoulSeek 
dissector ...)
+       TODO: check
+CVE-2017-9345 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DNS 
dissector ...)
+       TODO: check
+CVE-2017-9344 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bluetooth 
L2CAP ...)
+       TODO: check
+CVE-2017-9343 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the MSNIP 
dissector ...)
+       TODO: check
 CVE-2017-9342
        RESERVED
 CVE-2017-9341
@@ -408,6 +426,7 @@
 CVE-2017-9243 (Aries QWR-1104 Wireless-N Router with Firmware Version 
WRC.253.2.0913 ...)
        NOT-FOR-US: Aries QWR-1104 Wireless-N Router
 CVE-2015-9059 (picocom before 2.0 has a command injection vulnerability in the 
'send ...)
+       {DLA-974-1}
        - picocom <unfixed> (bug #863671)
        NOTE: 
https://github.com/npat-efault/picocom/commit/1ebc60b20fbe9a02436d5cbbf8951714e749ddb1
 CVE-2017-9242 (The __ip6_append_data function in net/ipv6/ip6_output.c in the 
Linux ...)
@@ -46308,7 +46327,7 @@
        NOTE: PHP bug: https://bugs.php.net/bug.php?id=71912
        NOTE: HHVM fix: 
https://github.com/facebook/hhvm/commit/29a6487d648d1593e1e2fa615d9b3a844756ddc3
 CVE-2016-3073
-       RESERVED
+       REJECTED
 CVE-2016-3072 (Multiple SQL injection vulnerabilities in the scoped_search 
function ...)
        NOT-FOR-US: Katello
 CVE-2016-3071 (Libreswan 3.16 might allow remote attackers to cause a denial 
of ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r52226 - data/CVE

Reply via email to