Author: sectracker Date: 2017-11-03 09:11:04 +0000 (Fri, 03 Nov 2017) New Revision: 57274
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-11-03 06:17:15 UTC (rev 57273) +++ data/CVE/list 2017-11-03 09:11:04 UTC (rev 57274) @@ -1,3 +1,5 @@ +CVE-2017-16511 + RESERVED CVE-2017-1000171 RESERVED CVE-2017-1000157 @@ -54,7 +56,7 @@ RESERVED CVE-2017-1000131 RESERVED -CVE-2017-16510 [Unsafe queries with wpdb->prepare] +CVE-2017-16510 (WordPress before 4.8.3 is affected by an issue where $wpdb->prepare() ...) - wordpress 4.8.3+dfsg-1 (bug #880528) NOTE: https://wpvulndb.com/vulnerabilities/8941 NOTE: https://github.com/WordPress/WordPress/commit/a2693fd8602e3263b5925b9d799ddd577202167d @@ -650,8 +652,8 @@ RESERVED CVE-2017-16238 RESERVED -CVE-2017-16237 - RESERVED +CVE-2017-16237 (In Vir.IT eXplorer Anti-Virus before 8.5.42, the driver file ...) + TODO: check CVE-2017-16236 RESERVED CVE-2017-16235 @@ -1631,12 +1633,15 @@ CVE-2017-15956 (ConverTo Video Downloader & Converter 1.4.1 allows Arbitrary File ...) NOT-FOR-US: ConverTo Video Downloader CVE-2017-15955 (bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to an ...) + {DLA-1158-1} - bchunk <unfixed> (bug #880116) NOTE: https://github.com/extramaster/bchunk/issues/4 CVE-2017-15954 (bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a ...) + {DLA-1158-1} - bchunk <unfixed> (bug #880116) NOTE: https://github.com/extramaster/bchunk/issues/3 CVE-2017-15953 (bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a ...) + {DLA-1158-1} - bchunk <unfixed> (bug #880116) NOTE: https://github.com/extramaster/bchunk/issues/2 CVE-2017-15952 @@ -2006,27 +2011,38 @@ NOT-FOR-US: XnView CVE-2017-15801 (XnView Classic for Windows Version 2.43 allows attackers to cause a ...) NOT-FOR-US: XnView -CVE-2017-15800 (IrfanView version 4.50 (64bit) allows attackers to execute arbitrary ...) +CVE-2017-15800 + REJECTED NOT-FOR-US: IrfanView -CVE-2017-15799 (IrfanView version 4.50 (64bit) allows attackers to cause a denial of ...) +CVE-2017-15799 + REJECTED NOT-FOR-US: IrfanView -CVE-2017-15798 (IrfanView version 4.50 (64bit) allows attackers to cause a denial of ...) +CVE-2017-15798 + REJECTED NOT-FOR-US: IrfanView -CVE-2017-15797 (IrfanView version 4.50 (64bit) allows attackers to execute arbitrary ...) +CVE-2017-15797 + REJECTED NOT-FOR-US: IrfanView -CVE-2017-15796 (IrfanView version 4.50 (64bit) allows attackers to cause a denial of ...) +CVE-2017-15796 + REJECTED NOT-FOR-US: IrfanView -CVE-2017-15795 (IrfanView version 4.50 (64bit) allows attackers to cause a denial of ...) +CVE-2017-15795 + REJECTED NOT-FOR-US: IrfanView -CVE-2017-15794 (IrfanView version 4.50 (64bit) allows attackers to cause a denial of ...) +CVE-2017-15794 + REJECTED NOT-FOR-US: IrfanView -CVE-2017-15793 (IrfanView version 4.50 (64bit) allows attackers to execute arbitrary ...) +CVE-2017-15793 + REJECTED NOT-FOR-US: IrfanView -CVE-2017-15792 (IrfanView version 4.50 (64bit) allows attackers to cause a denial of ...) +CVE-2017-15792 + REJECTED NOT-FOR-US: IrfanView -CVE-2017-15791 (IrfanView version 4.50 (64bit) allows attackers to cause a denial of ...) +CVE-2017-15791 + REJECTED NOT-FOR-US: IrfanView -CVE-2017-15790 (IrfanView version 4.50 (64bit) allows attackers to cause a denial of ...) +CVE-2017-15790 + REJECTED NOT-FOR-US: IrfanView CVE-2017-15789 (XnView Classic for Windows Version 2.43 allows attackers to execute ...) NOT-FOR-US: XnView @@ -17801,6 +17817,7 @@ CVE-2017-10389 (Vulnerability in the Oracle Hospitality Suite8 component of Oracle ...) NOT-FOR-US: Oracle CVE-2017-10388 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...) + {DSA-4015-1} - openjdk-9 9.0.1+11-1 - openjdk-8 8u151-b12-1 - openjdk-7 <removed> @@ -17880,18 +17897,21 @@ CVE-2017-10358 (Vulnerability in the Oracle Hyperion Financial Reporting component of ...) NOT-FOR-US: Oracle CVE-2017-10357 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...) + {DSA-4015-1} - openjdk-9 9.0.1+11-1 - openjdk-8 8u151-b12-1 - openjdk-7 <removed> - openjdk-6 <removed> [wheezy] - openjdk-6 <end-of-life> CVE-2017-10356 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...) + {DSA-4015-1} - openjdk-9 9.0.1+11-1 - openjdk-8 8u151-b12-1 - openjdk-7 <removed> - openjdk-6 <removed> [wheezy] - openjdk-6 <end-of-life> CVE-2017-10355 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...) + {DSA-4015-1} - openjdk-9 9.0.1+11-1 - openjdk-8 8u151-b12-1 - openjdk-7 <removed> @@ -17906,34 +17926,40 @@ CVE-2017-10351 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of ...) NOT-FOR-US: Oracle CVE-2017-10350 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...) + {DSA-4015-1} - openjdk-9 9.0.1+11-1 - openjdk-8 8u151-b12-1 - openjdk-7 <removed> CVE-2017-10349 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...) + {DSA-4015-1} - openjdk-9 9.0.1+11-1 - openjdk-8 8u151-b12-1 - openjdk-7 <removed> - openjdk-6 <removed> [wheezy] - openjdk-6 <end-of-life> CVE-2017-10348 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...) + {DSA-4015-1} - openjdk-9 9.0.1+11-1 - openjdk-8 8u151-b12-1 - openjdk-7 <removed> - openjdk-6 <removed> [wheezy] - openjdk-6 <end-of-life> CVE-2017-10347 (Vulnerability in the Java SE, JRockit component of Oracle Java SE ...) + {DSA-4015-1} - openjdk-9 9.0.1+11-1 - openjdk-8 8u151-b12-1 - openjdk-7 <removed> - openjdk-6 <removed> [wheezy] - openjdk-6 <end-of-life> CVE-2017-10346 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...) + {DSA-4015-1} - openjdk-9 9.0.1+11-1 - openjdk-8 8u151-b12-1 - openjdk-7 <removed> - openjdk-6 <removed> [wheezy] - openjdk-6 <end-of-life> CVE-2017-10345 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...) + {DSA-4015-1} - openjdk-9 9.0.1+11-1 - openjdk-8 8u151-b12-1 - openjdk-7 <removed> @@ -18049,6 +18075,7 @@ - mysql-5.5 <not-affected> (Only affects MySQL 5.7) NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL CVE-2017-10295 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...) + {DSA-4015-1} - openjdk-9 9.0.1+11-1 - openjdk-8 8u151-b12-1 - openjdk-7 <removed> @@ -18080,6 +18107,7 @@ - mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7) NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL CVE-2017-10285 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...) + {DSA-4015-1} - openjdk-9 9.0.1+11-1 - openjdk-8 8u151-b12-1 - openjdk-7 <removed> @@ -18096,6 +18124,7 @@ CVE-2017-10282 RESERVED CVE-2017-10281 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...) + {DSA-4015-1} - openjdk-9 9.0.1+11-1 - openjdk-8 8u151-b12-1 - openjdk-7 <removed> @@ -18118,6 +18147,7 @@ CVE-2017-10275 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...) NOT-FOR-US: Oracle CVE-2017-10274 (Vulnerability in the Java SE component of Oracle Java SE ...) + {DSA-4015-1} - openjdk-9 9.0.1+11-1 - openjdk-8 8u151-b12-1 - openjdk-7 <removed> _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits