Author: sectracker Date: 2017-11-11 09:10:16 +0000 (Sat, 11 Nov 2017) New Revision: 57546
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-11-11 09:08:20 UTC (rev 57545) +++ data/CVE/list 2017-11-11 09:10:16 UTC (rev 57546) @@ -1,4 +1,24 @@ -CVE-2017-16785 [reflected XSS via the PATH_INFO to host.php] +CVE-2017-16790 + RESERVED +CVE-2017-16789 + RESERVED +CVE-2017-16788 + RESERVED +CVE-2017-16787 + RESERVED +CVE-2017-16786 + RESERVED +CVE-2017-16784 (In CMS Made Simple 2.2.2, there is Reflected XSS via the ...) + TODO: check +CVE-2017-16783 (In CMS Made Simple 2.1.6, there is Server-Side Template Injection via ...) + TODO: check +CVE-2017-16782 (In Home Assistant before 0.57, it is possible to inject JavaScript code ...) + TODO: check +CVE-2017-16781 (The installer in MyBB before 1.8.13 has XSS. ...) + TODO: check +CVE-2017-16780 (The installer in MyBB before 1.8.13 allows remote attackers to execute ...) + TODO: check +CVE-2017-16785 (Cacti 1.1.27 has reflected XSS via the PATH_INFO to host.php. ...) - cacti <unfixed> NOTE: https://github.com/Cacti/cacti/issues/1071 CVE-2017-16779 @@ -594,8 +614,8 @@ NOT-FOR-US: MitraStar CVE-2017-16521 (In Inedo BuildMaster before 5.8.2, XslTransform was used where ...) NOT-FOR-US: Inedo BuildMaster -CVE-2017-16520 - RESERVED +CVE-2017-16520 (Inedo BuildMaster before 5.8.2 does not properly restrict creation of ...) + TODO: check CVE-2017-16519 RESERVED CVE-2017-16518 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits