Author: sectracker
Date: 2017-11-02 21:10:12 +0000 (Thu, 02 Nov 2017)
New Revision: 57261
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-02 21:07:55 UTC (rev 57260)
+++ data/CVE/list 2017-11-02 21:10:12 UTC (rev 57261)
@@ -1,3 +1,61 @@
+CVE-2017-16510 (WordPress before 4.8.3 is affected by an issue where
$wpdb->prepare() ...)
+ TODO: check
+CVE-2017-1000171
+ RESERVED
+CVE-2017-1000157
+ RESERVED
+CVE-2017-1000156
+ RESERVED
+CVE-2017-1000155
+ RESERVED
+CVE-2017-1000154
+ RESERVED
+CVE-2017-1000153
+ RESERVED
+CVE-2017-1000152
+ RESERVED
+CVE-2017-1000151
+ RESERVED
+CVE-2017-1000150
+ RESERVED
+CVE-2017-1000149
+ RESERVED
+CVE-2017-1000148
+ RESERVED
+CVE-2017-1000147
+ RESERVED
+CVE-2017-1000146
+ RESERVED
+CVE-2017-1000145
+ RESERVED
+CVE-2017-1000144
+ RESERVED
+CVE-2017-1000143
+ RESERVED
+CVE-2017-1000142
+ RESERVED
+CVE-2017-1000141
+ RESERVED
+CVE-2017-1000140
+ RESERVED
+CVE-2017-1000139
+ RESERVED
+CVE-2017-1000138
+ RESERVED
+CVE-2017-1000137
+ RESERVED
+CVE-2017-1000136
+ RESERVED
+CVE-2017-1000135
+ RESERVED
+CVE-2017-1000134
+ RESERVED
+CVE-2017-1000133
+ RESERVED
+CVE-2017-1000132
+ RESERVED
+CVE-2017-1000131
+ RESERVED
CVE-2017-XXXX [Unsafe queries with wpdb->prepare]
- wordpress 4.8.3+dfsg-1 (bug #880528)
NOTE: https://wpvulndb.com/vulnerabilities/8941
@@ -2008,9 +2066,11 @@
NOT-FOR-US: XnView
CVE-2017-15772 (XnView Classic for Windows Version 2.43 allows attackers to
cause a ...)
NOT-FOR-US: XnView
-CVE-2017-15771 (Foxit Reader 8.3.2.25013 allows attackers to execute arbitrary
code or ...)
+CVE-2017-15771
+ REJECTED
NOT-FOR-US: Foxit Reader
-CVE-2017-15770 (Foxit Reader 8.3.2.25013 allows attackers to execute arbitrary
code or ...)
+CVE-2017-15770
+ REJECTED
NOT-FOR-US: Foxit Reader
CVE-2017-15769 (IrfanView 4.50 - 64bit allows attackers to cause a denial of
service or ...)
NOT-FOR-US: IrfanView
@@ -11862,10 +11922,10 @@
RESERVED
CVE-2017-12296 (A vulnerability in Cisco WebEx Meetings Server could allow an
...)
NOT-FOR-US: Cisco
-CVE-2017-12295
- RESERVED
-CVE-2017-12294
- RESERVED
+CVE-2017-12295 (A vulnerability in Cisco WebEx Meetings Server could allow an
...)
+ TODO: check
+CVE-2017-12294 (A vulnerability in Cisco WebEx Meetings Server could allow an
...)
+ TODO: check
CVE-2017-12293 (A vulnerability in Cisco WebEx Meetings Server could allow an
...)
NOT-FOR-US: Cisco
CVE-2017-12292
@@ -11886,28 +11946,28 @@
NOT-FOR-US: Cisco
CVE-2017-12284 (A vulnerability in the web interface of Cisco Jabber for
Windows Client ...)
NOT-FOR-US: Cisco
-CVE-2017-12283
- RESERVED
-CVE-2017-12282
- RESERVED
-CVE-2017-12281
- RESERVED
-CVE-2017-12280
- RESERVED
-CVE-2017-12279
- RESERVED
-CVE-2017-12278
- RESERVED
-CVE-2017-12277
- RESERVED
-CVE-2017-12276
- RESERVED
-CVE-2017-12275
- RESERVED
-CVE-2017-12274
- RESERVED
-CVE-2017-12273
- RESERVED
+CVE-2017-12283 (A vulnerability in the handling of 802.11w Protected
Management Frames ...)
+ TODO: check
+CVE-2017-12282 (A vulnerability in the Access Network Query Protocol (ANQP)
ingress ...)
+ TODO: check
+CVE-2017-12281 (A vulnerability in the implementation of Protected Extensible
...)
+ TODO: check
+CVE-2017-12280 (A vulnerability in the Control and Provisioning of Wireless
Access ...)
+ TODO: check
+CVE-2017-12279 (A vulnerability in the packet processing code of Cisco IOS
Software for ...)
+ TODO: check
+CVE-2017-12278 (A vulnerability in the Simple Network Management Protocol
(SNMP) ...)
+ TODO: check
+CVE-2017-12277 (A vulnerability in the Smart Licensing Manager service of the
Cisco ...)
+ TODO: check
+CVE-2017-12276 (A vulnerability in the web framework code for the SQL database
...)
+ TODO: check
+CVE-2017-12275 (A vulnerability in the implementation of 802.11v Basic Service
Set ...)
+ TODO: check
+CVE-2017-12274 (A vulnerability in Extensible Authentication Protocol (EAP)
ingress ...)
+ TODO: check
+CVE-2017-12273 (A vulnerability in 802.11 association request frame processing
for the ...)
+ TODO: check
CVE-2017-12272 (A vulnerability in the web framework code of Cisco IOS XE
Software ...)
NOT-FOR-US: Cisco
CVE-2017-12271 (A vulnerability in Cisco SPA300 and SPA500 Series IP Phones
could allow ...)
@@ -11928,10 +11988,10 @@
NOT-FOR-US: Cisco
CVE-2017-12263 (A vulnerability in the web interface of Cisco License Manager
software ...)
NOT-FOR-US: Cisco
-CVE-2017-12262
- RESERVED
-CVE-2017-12261
- RESERVED
+CVE-2017-12262 (A vulnerability within the firewall configuration of the Cisco
...)
+ TODO: check
+CVE-2017-12261 (A vulnerability in the restricted shell of the Cisco Identity
Services ...)
+ TODO: check
CVE-2017-12260 (A vulnerability in the implementation of Session Initiation
Protocol ...)
NOT-FOR-US: Cisco
CVE-2017-12259 (A vulnerability in the implementation of Session Initiation
Protocol ...)
@@ -11966,8 +12026,8 @@
NOT-FOR-US: Cisco
CVE-2017-12244 (A vulnerability in the detection engine parsing of IPv6
packets for ...)
NOT-FOR-US: Cisco
-CVE-2017-12243
- RESERVED
+CVE-2017-12243 (A vulnerability in the Cisco Unified Computing System (UCS)
Manager, ...)
+ TODO: check
CVE-2017-12242
RESERVED
CVE-2017-12241
@@ -13088,8 +13148,8 @@
NOT-FOR-US: Microsoft
CVE-2017-11768
RESERVED
-CVE-2017-11767
- RESERVED
+CVE-2017-11767 (ChakraCore allows an attacker to gain the same user rights as
the ...)
+ TODO: check
CVE-2017-11766 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703,
and ...)
NOT-FOR-US: Microsoft
CVE-2017-11765 (The Microsoft Windows Kernel component on Microsoft Windows
Server ...)
@@ -14043,8 +14103,8 @@
RESERVED
CVE-2017-11509
RESERVED
-CVE-2017-11508
- RESERVED
+CVE-2017-11508 (SecurityCenter versions 5.5.0, 5.5.1 and 5.5.2 contain a SQL
Injection ...)
+ TODO: check
CVE-2017-11507
RESERVED
CVE-2017-11506 (When linking a Nessus scanner or agent to Tenable.io or other
manager, ...)
@@ -16017,14 +16077,14 @@
RESERVED
CVE-2017-10874
RESERVED
-CVE-2017-10873
- RESERVED
+CVE-2017-10873 (OpenAM (Open Source Edition) allows an attacker to bypass ...)
+ TODO: check
CVE-2017-10872
RESERVED
CVE-2017-10871
RESERVED
-CVE-2017-10870
- RESERVED
+CVE-2017-10870 (Memory corruption vulnerability in Rakuraku Hagaki (Rakuraku
Hagaki ...)
+ TODO: check
CVE-2017-10869
RESERVED
CVE-2017-10868
@@ -16113,8 +16173,8 @@
NOT-FOR-US: Flets Azukeru for Windows Auto Backup Tool
CVE-2017-10826 (Untrusted search path vulnerability in Security Kinou
Mihariban ...)
NOT-FOR-US: Security Kinou Mihariban
-CVE-2017-10825
- RESERVED
+CVE-2017-10825 (Untrusted search path vulnerability in Installer of Flets Easy
Setup ...)
+ TODO: check
CVE-2017-10824 (Untrusted search path vulnerability in TDB CA TypeA use
software ...)
NOT-FOR-US: TDB CA TypeA use software
CVE-2017-10823 (Untrusted search path vulnerability in Installer for Shin
Kinkyuji ...)
@@ -37470,7 +37530,7 @@
RESERVED
CVE-2017-3737
RESERVED
-CVE-2017-3736 [bn_sqrx8x_internal carry bug on x86_64]
+CVE-2017-3736 (There is a carry propagating bug in the x86_64 Montgomery
squaring ...)
- openssl 1.1.0g-1
[jessie] - openssl <not-affected> (Vulnerable code not present)
[wheezy] - openssl <not-affected> (Vulnerable code not present)
@@ -37479,6 +37539,7 @@
NOTE: Fix for 1.0.2:
https://git.openssl.org/?p=openssl.git;a=commit;h=38d600147331d36e74174ebbd4008b63188b321b
NOTE: Fix for 1.1.0:
https://git.openssl.org/?p=openssl.git;a=commit;h=4443cf7aa0099e5ce615c18cee249fff77fb0871
CVE-2017-3735 (While parsing an IPAddressFamily extension in an X.509
certificate, it ...)
+ {DLA-1157-1}
- openssl 1.1.0g-1
- openssl1.0 1.0.2m-1
NOTE: Fix for 1.0.2:
https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=31c8b265591a0aaa462a1f3eb5770661aaac67db
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
