Author: sectracker
Date: 2017-12-24 09:10:14 +0000 (Sun, 24 Dec 2017)
New Revision: 58885
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-24 08:39:29 UTC (rev 58884)
+++ data/CVE/list 2017-12-24 09:10:14 UTC (rev 58885)
@@ -1,3 +1,45 @@
+CVE-2017-17887 (In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was
found in ...)
+ TODO: check
+CVE-2017-17886 (In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was
found in ...)
+ TODO: check
+CVE-2017-17885 (In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was
found in ...)
+ TODO: check
+CVE-2017-17884 (In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was
found in ...)
+ TODO: check
+CVE-2017-17883 (In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was
found in ...)
+ TODO: check
+CVE-2017-17882 (In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was
found in ...)
+ TODO: check
+CVE-2017-17881 (In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was
found in ...)
+ TODO: check
+CVE-2017-17880 (In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a
stack-based ...)
+ TODO: check
+CVE-2017-17879 (In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a
heap-based ...)
+ TODO: check
+CVE-2017-17878 (An issue was discovered in Valve Steam Link build 643. Root
passwords ...)
+ TODO: check
+CVE-2017-17877 (An issue was discovered in Valve Steam Link build 643. When
the SSH ...)
+ TODO: check
+CVE-2017-17876
+ RESERVED
+CVE-2017-17875
+ RESERVED
+CVE-2017-17874 (Vanguard Marketplace Digital Products PHP 1.4 allows arbitrary
file ...)
+ TODO: check
+CVE-2017-17873 (Vanguard Marketplace Digital Products PHP 1.4 has SQL
Injection via the ...)
+ TODO: check
+CVE-2017-17872 (The JEXTN Video Gallery extension 3.0.5 for Joomla! has SQL
Injection ...)
+ TODO: check
+CVE-2017-17871 (The "JEXTN Question And Answer" extension 3.1.0 for
Joomla! has SQL ...)
+ TODO: check
+CVE-2017-17870 (The JBuildozer extension 1.4.1 for Joomla! has SQL Injection
via the ...)
+ TODO: check
+CVE-2017-17869 (The mgl-instagram-gallery plugin for WordPress has XSS via the
...)
+ TODO: check
+CVE-2017-17868 (In Liferay Portal 6.1.0, the tags section has XSS via a Public
Render ...)
+ TODO: check
+CVE-2017-17867
+ RESERVED
CVE-2017-17866 (pdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles
certain ...)
- mupdf <unfixed> (bug #885120)
NOTE: Fixed by:
http://git.ghostscript.com/?p=mupdf.git;h=520cc26d18c9ee245b56e9e91f9d4fcae02be5f0
@@ -26,8 +68,8 @@
RESERVED
CVE-2017-17860
RESERVED
-CVE-2017-17859
- RESERVED
+CVE-2017-17859 (Samsung Internet Browser 6.2.01.12 allows remote attackers to
bypass ...)
+ TODO: check
CVE-2017-17858
RESERVED
CVE-2017-17851
@@ -9617,8 +9659,8 @@
CVE-2017-16898 (The printMP3Headers function in util/listmp3.c in libming
v0.4.8 or ...)
- ming <removed>
NOTE: https://github.com/libming/libming/issues/75
-CVE-2017-16897
- RESERVED
+CVE-2017-16897 (A vulnerability has been discovered in the Auth0
passport-wsfed-saml2 ...)
+ TODO: check
CVE-2017-16896 (A SQL injection in classes/handler/public.php in the
forgotpass ...)
- tt-rss <unfixed> (bug #882543)
NOTE:
https://discourse.tt-rss.org/t/sql-injection-in-forgotpass-fixed/669
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
