[Secure-testing-commits] r57056 - data/CVE

security tracker role Sat, 28 Oct 2017 02:10:53 -0700

Author: sectracker
Date: 2017-10-28 09:10:13 +0000 (Sat, 28 Oct 2017)
New Revision: 57056


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-10-28 09:01:55 UTC (rev 57055)
+++ data/CVE/list       2017-10-28 09:10:13 UTC (rev 57056)
@@ -1,7 +1,31 @@
-CVE-2017-15939
+CVE-2017-15951 (The KEYS subsystem in the Linux kernel before 4.13.10 does not 
...)
+       TODO: check
+CVE-2017-15950
        RESERVED
-CVE-2017-15938
+CVE-2017-15949 (Xavier PHP Management Panel 2.4 allows SQL injection via the 
usertoedit ...)
+       TODO: check
+CVE-2017-15948 (Perch Content Management System 3.0.3 allows unrestricted file 
upload ...)
+       TODO: check
+CVE-2017-15947 (Simple ASC Content Management System v1.2 has XSS in the 
location field ...)
+       TODO: check
+CVE-2017-15946 (In the com_tag component 1.7.6 for Joomla!, a SQL injection 
...)
+       TODO: check
+CVE-2017-15945 (The installation scripts in the Gentoo dev-db/mysql, 
dev-db/mariadb, ...)
+       TODO: check
+CVE-2017-15944
        RESERVED
+CVE-2017-15943
+       RESERVED
+CVE-2017-15942
+       RESERVED
+CVE-2017-15941
+       RESERVED
+CVE-2017-15940
+       RESERVED
+CVE-2017-15939 (dwarf2.c in the Binary File Descriptor (BFD) library (aka 
libbfd), as ...)
+       TODO: check
+CVE-2017-15938 (dwarf2.c in the Binary File Descriptor (BFD) library (aka 
libbfd), as ...)
+       TODO: check
 CVE-2017-15937 (Artica Pandora FMS version 7.0 leaks a full installation 
pathname via ...)
        TODO: check
 CVE-2017-15936 (In Artica Pandora FMS version 7.0, an Attacker with write 
Permission ...)
@@ -7353,9 +7377,11 @@
 CVE-2017-13091
        RESERVED
 CVE-2017-13090 (The retr.c:fd_read_body() function is called when processing 
OK ...)
+       {DLA-1149-1}
        - wget <unfixed> (bug #879957)
        NOTE: 
http://git.savannah.gnu.org/cgit/wget.git/commit/?id=ba6b44f6745b14dce414761a8e4b35d31b176bba
 CVE-2017-13089 (The http.c:skip_short_body() function is called in some 
circumstances, ...)
+       {DLA-1149-1}
        - wget <unfixed> (bug #879957)
        NOTE: 
http://git.savannah.gnu.org/cgit/wget.git/commit/?id=d892291fb8ace4c3b734ea5125770989c215df3f
 CVE-2017-13088 (Wi-Fi Protected Access (WPA and WPA2) that support 802.11v 
allows ...)
@@ -10366,7 +10392,7 @@
        RESERVED
 CVE-2017-12193
        RESERVED
-CVE-2017-12192 (A vulnerability was found in the Key Management sub component 
of the ...)
+CVE-2017-12192 (The keyctl_read_key function in security/keys/keyctl.c in the 
Key ...)
        - linux 4.13.4-2
        [wheezy] - linux <not-affected> (Vulnerable code introduced later)
        NOTE: Fixed by: 
https://git.kernel.org/linus/37863c43b2c6464f252862bf2e9768264e961678 (4.14-rc3)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r57056 - data/CVE

Reply via email to