Author: sectracker Date: 2017-03-08 09:10:12 +0000 (Wed, 08 Mar 2017) New Revision: 49508
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-03-08 09:09:17 UTC (rev 49507) +++ data/CVE/list 2017-03-08 09:10:12 UTC (rev 49508) @@ -1,3 +1,67 @@ +CVE-2017-6542 + RESERVED +CVE-2017-6541 + RESERVED +CVE-2017-6540 + RESERVED +CVE-2017-6539 + RESERVED +CVE-2017-6538 + RESERVED +CVE-2017-6537 + RESERVED +CVE-2017-6536 + RESERVED +CVE-2017-6535 + RESERVED +CVE-2017-6534 + RESERVED +CVE-2017-6533 + RESERVED +CVE-2017-6532 + RESERVED +CVE-2017-6531 + RESERVED +CVE-2017-6530 + RESERVED +CVE-2017-6529 + RESERVED +CVE-2017-6528 + RESERVED +CVE-2017-6527 + RESERVED +CVE-2017-6526 + RESERVED +CVE-2017-6525 + RESERVED +CVE-2017-6524 + RESERVED +CVE-2017-6523 + RESERVED +CVE-2017-6522 + RESERVED +CVE-2017-6521 + RESERVED +CVE-2017-6520 + RESERVED +CVE-2017-6519 + RESERVED +CVE-2017-6518 (Cross-site scripting (XSS) vulnerability in /sanadata/seo/index.asp in ...) + TODO: check +CVE-2017-6517 + RESERVED +CVE-2017-6516 + RESERVED +CVE-2017-6515 + RESERVED +CVE-2017-6514 + RESERVED +CVE-2017-6513 + RESERVED +CVE-2017-6512 + RESERVED +CVE-2016-10245 + RESERVED CVE-2017-6511 (andrzuk/FineCMS before 2017-03-06 is vulnerable to a reflected XSS in ...) NOT-FOR-US: FineCMS CVE-2017-6510 @@ -128,7 +192,7 @@ NOTE: Fixed by: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=a660e3de422731b94d4a134d27555430cbb6fb39 (VER-2-7) CVE-2016-10243 [arbitrary code execution] RESERVED - {DLA-847-1} + {DSA-3803-1 DLA-847-1} - texlive-bin <unfixed> (unimportant) - texlive-base 2016.20161130-1 NOTE: https://scumjr.github.io/2016/11/28/pwning-coworkers-thanks-to-latex/ @@ -1840,8 +1904,8 @@ - tigervnc 1.7.0-1 NOTE: https://github.com/TigerVNC/tigervnc/commit/8aa4bc53206c2430bbf0c8f4b642f59a379ee649 NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1023012 -CVE-2016-10200 - RESERVED +CVE-2016-10200 (Race condition in the L2TPv3 IP Encapsulation feature in the Linux ...) + TODO: check CVE-2017-5938 [viewc Cross-Site Scripting (XSS) vulnerability] RESERVED {DSA-3784-1 DLA-820-1} @@ -10851,8 +10915,7 @@ RESERVED CVE-2017-2637 RESERVED -CVE-2017-2636 [local privilege escalation flaw in n_hdlc] - RESERVED +CVE-2017-2636 (Race condition in drivers/tty/n_hdlc.c in the Linux kernel through ...) - linux <unfixed> NOTE: http://www.openwall.com/lists/oss-security/2017/03/07/6 CVE-2017-2635 [Null pointer dereference when updating storage size on empty drives] @@ -15342,50 +15405,50 @@ RESERVED CVE-2017-0538 RESERVED -CVE-2017-0537 - RESERVED -CVE-2017-0536 - RESERVED -CVE-2017-0535 - RESERVED -CVE-2017-0534 - RESERVED -CVE-2017-0533 - RESERVED -CVE-2017-0532 - RESERVED -CVE-2017-0531 - RESERVED +CVE-2017-0537 (An information disclosure vulnerability in the kernel USB gadget ...) + TODO: check +CVE-2017-0536 (An information disclosure vulnerability in the Synaptics touchscreen ...) + TODO: check +CVE-2017-0535 (An information disclosure vulnerability in the HTC sound codec driver ...) + TODO: check +CVE-2017-0534 (An information disclosure vulnerability in the Qualcomm video driver ...) + TODO: check +CVE-2017-0533 (An information disclosure vulnerability in the Qualcomm video driver ...) + TODO: check +CVE-2017-0532 (An information disclosure vulnerability in the MediaTek video codec ...) + TODO: check +CVE-2017-0531 (An information disclosure vulnerability in the Qualcomm Wi-Fi driver ...) + TODO: check CVE-2017-0530 RESERVED -CVE-2017-0529 - RESERVED -CVE-2017-0528 - RESERVED -CVE-2017-0527 - RESERVED -CVE-2017-0526 - RESERVED -CVE-2017-0525 - RESERVED -CVE-2017-0524 - RESERVED -CVE-2017-0523 - RESERVED -CVE-2017-0522 - RESERVED -CVE-2017-0521 - RESERVED -CVE-2017-0520 - RESERVED -CVE-2017-0519 - RESERVED -CVE-2017-0518 - RESERVED -CVE-2017-0517 - RESERVED -CVE-2017-0516 - RESERVED +CVE-2017-0529 (An information disclosure vulnerability in the MediaTek driver could ...) + TODO: check +CVE-2017-0528 (An elevation of privilege vulnerability in the kernel security ...) + TODO: check +CVE-2017-0527 (An elevation of privilege vulnerability in the HTC Sensor Hub Driver ...) + TODO: check +CVE-2017-0526 (An elevation of privilege vulnerability in the HTC Sensor Hub Driver ...) + TODO: check +CVE-2017-0525 (An elevation of privilege vulnerability in the Qualcomm IPA driver ...) + TODO: check +CVE-2017-0524 (An elevation of privilege vulnerability in the Synaptics touchscreen ...) + TODO: check +CVE-2017-0523 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...) + TODO: check +CVE-2017-0522 (An elevation of privilege vulnerability in a MediaTek APK could enable ...) + TODO: check +CVE-2017-0521 (An elevation of privilege vulnerability in the Qualcomm camera driver ...) + TODO: check +CVE-2017-0520 (An elevation of privilege vulnerability in the Qualcomm crypto engine ...) + TODO: check +CVE-2017-0519 (An elevation of privilege vulnerability in the Qualcomm fingerprint ...) + TODO: check +CVE-2017-0518 (An elevation of privilege vulnerability in the Qualcomm fingerprint ...) + TODO: check +CVE-2017-0517 (An elevation of privilege vulnerability in the MediaTek hardware ...) + TODO: check +CVE-2017-0516 (An elevation of privilege vulnerability in the Qualcomm input hardware ...) + TODO: check CVE-2017-0515 RESERVED CVE-2017-0514 @@ -15396,124 +15459,124 @@ RESERVED CVE-2017-0511 RESERVED -CVE-2017-0510 - RESERVED -CVE-2017-0509 - RESERVED -CVE-2017-0508 - RESERVED -CVE-2017-0507 - RESERVED -CVE-2017-0506 - RESERVED -CVE-2017-0505 - RESERVED -CVE-2017-0504 - RESERVED -CVE-2017-0503 - RESERVED -CVE-2017-0502 - RESERVED -CVE-2017-0501 - RESERVED -CVE-2017-0500 - RESERVED -CVE-2017-0499 - RESERVED -CVE-2017-0498 - RESERVED -CVE-2017-0497 - RESERVED -CVE-2017-0496 - RESERVED -CVE-2017-0495 - RESERVED -CVE-2017-0494 - RESERVED +CVE-2017-0510 (An elevation of privilege vulnerability in the kernel FIQ debugger ...) + TODO: check +CVE-2017-0509 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...) + TODO: check +CVE-2017-0508 (An elevation of privilege vulnerability in the kernel ION subsystem ...) + TODO: check +CVE-2017-0507 (An elevation of privilege vulnerability in the kernel ION subsystem ...) + TODO: check +CVE-2017-0506 (An elevation of privilege vulnerability in MediaTek components, ...) + TODO: check +CVE-2017-0505 (An elevation of privilege vulnerability in MediaTek components, ...) + TODO: check +CVE-2017-0504 (An elevation of privilege vulnerability in MediaTek components, ...) + TODO: check +CVE-2017-0503 (An elevation of privilege vulnerability in MediaTek components, ...) + TODO: check +CVE-2017-0502 (An elevation of privilege vulnerability in MediaTek components, ...) + TODO: check +CVE-2017-0501 (An elevation of privilege vulnerability in MediaTek components, ...) + TODO: check +CVE-2017-0500 (An elevation of privilege vulnerability in MediaTek components, ...) + TODO: check +CVE-2017-0499 (A denial of service vulnerability in Audioserver could enable a local ...) + TODO: check +CVE-2017-0498 (A denial of service vulnerability in Setup Wizard could allow a local ...) + TODO: check +CVE-2017-0497 (A denial of service vulnerability in Mediaserver could enable an ...) + TODO: check +CVE-2017-0496 (A denial of service vulnerability in Setup Wizard could allow a local ...) + TODO: check +CVE-2017-0495 (An information disclosure vulnerability in Mediaserver could enable a ...) + TODO: check +CVE-2017-0494 (An information disclosure vulnerability in AOSP Messaging could enable ...) + TODO: check CVE-2017-0493 RESERVED -CVE-2017-0492 - RESERVED -CVE-2017-0491 - RESERVED -CVE-2017-0490 - RESERVED -CVE-2017-0489 - RESERVED -CVE-2017-0488 - RESERVED -CVE-2017-0487 - RESERVED -CVE-2017-0486 - RESERVED -CVE-2017-0485 - RESERVED -CVE-2017-0484 - RESERVED -CVE-2017-0483 - RESERVED -CVE-2017-0482 - RESERVED -CVE-2017-0481 - RESERVED -CVE-2017-0480 - RESERVED -CVE-2017-0479 - RESERVED -CVE-2017-0478 - RESERVED -CVE-2017-0477 - RESERVED -CVE-2017-0476 - RESERVED -CVE-2017-0475 - RESERVED -CVE-2017-0474 - RESERVED -CVE-2017-0473 - RESERVED -CVE-2017-0472 - RESERVED -CVE-2017-0471 - RESERVED -CVE-2017-0470 - RESERVED -CVE-2017-0469 - RESERVED -CVE-2017-0468 - RESERVED -CVE-2017-0467 - RESERVED -CVE-2017-0466 - RESERVED +CVE-2017-0492 (An elevation of privilege vulnerability in the System UI could enable ...) + TODO: check +CVE-2017-0491 (An elevation of privilege vulnerability in Package Manager could ...) + TODO: check +CVE-2017-0490 (An elevation of privilege vulnerability in Wi-Fi could enable a local ...) + TODO: check +CVE-2017-0489 (An elevation of privilege vulnerability in Location Manager could ...) + TODO: check +CVE-2017-0488 (A denial of service vulnerability in Mediaserver could enable an ...) + TODO: check +CVE-2017-0487 (A denial of service vulnerability in Mediaserver could enable an ...) + TODO: check +CVE-2017-0486 (A denial of service vulnerability in Mediaserver could enable an ...) + TODO: check +CVE-2017-0485 (A denial of service vulnerability in Mediaserver could enable an ...) + TODO: check +CVE-2017-0484 (A denial of service vulnerability in Mediaserver could enable an ...) + TODO: check +CVE-2017-0483 (A denial of service vulnerability in Mediaserver could enable an ...) + TODO: check +CVE-2017-0482 (A denial of service vulnerability in Mediaserver could enable an ...) + TODO: check +CVE-2017-0481 (An elevation of privilege vulnerability in NFC could enable a ...) + TODO: check +CVE-2017-0480 (An elevation of privilege vulnerability in Audioserver could enable a ...) + TODO: check +CVE-2017-0479 (An elevation of privilege vulnerability in Audioserver could enable a ...) + TODO: check +CVE-2017-0478 (A remote code execution vulnerability in the Framesequence library ...) + TODO: check +CVE-2017-0477 (A remote code execution vulnerability in libgdx could enable an ...) + TODO: check +CVE-2017-0476 (A remote code execution vulnerability in AOSP Messaging could enable ...) + TODO: check +CVE-2017-0475 (An elevation of privilege vulnerability in the recovery verifier could ...) + TODO: check +CVE-2017-0474 (A remote code execution vulnerability in Mediaserver could enable an ...) + TODO: check +CVE-2017-0473 (A remote code execution vulnerability in Mediaserver could enable an ...) + TODO: check +CVE-2017-0472 (A remote code execution vulnerability in Mediaserver could enable an ...) + TODO: check +CVE-2017-0471 (A remote code execution vulnerability in Mediaserver could enable an ...) + TODO: check +CVE-2017-0470 (A remote code execution vulnerability in Mediaserver could enable an ...) + TODO: check +CVE-2017-0469 (A remote code execution vulnerability in Mediaserver could enable an ...) + TODO: check +CVE-2017-0468 (A remote code execution vulnerability in Mediaserver could enable an ...) + TODO: check +CVE-2017-0467 (A remote code execution vulnerability in Mediaserver could enable an ...) + TODO: check +CVE-2017-0466 (A remote code execution vulnerability in Mediaserver could enable an ...) + TODO: check CVE-2017-0465 RESERVED -CVE-2017-0464 - RESERVED -CVE-2017-0463 - RESERVED +CVE-2017-0464 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...) + TODO: check +CVE-2017-0463 (An elevation of privilege vulnerability in the Qualcomm networking ...) + TODO: check CVE-2017-0462 RESERVED -CVE-2017-0461 - RESERVED -CVE-2017-0460 - RESERVED -CVE-2017-0459 - RESERVED -CVE-2017-0458 - RESERVED -CVE-2017-0457 - RESERVED -CVE-2017-0456 - RESERVED -CVE-2017-0455 - RESERVED +CVE-2017-0461 (An information disclosure vulnerability in the Qualcomm Wi-Fi driver ...) + TODO: check +CVE-2017-0460 (An elevation of privilege vulnerability in the Qualcomm networking ...) + TODO: check +CVE-2017-0459 (An information disclosure vulnerability in the Qualcomm Wi-Fi driver ...) + TODO: check +CVE-2017-0458 (An elevation of privilege vulnerability in the Qualcomm camera driver ...) + TODO: check +CVE-2017-0457 (An elevation of privilege vulnerability in the Qualcomm ADSPRPC driver ...) + TODO: check +CVE-2017-0456 (An elevation of privilege vulnerability in the Qualcomm IPA driver ...) + TODO: check +CVE-2017-0455 (An information disclosure vulnerability in the Qualcomm bootloader ...) + TODO: check CVE-2017-0454 RESERVED -CVE-2017-0453 - RESERVED -CVE-2017-0452 - RESERVED +CVE-2017-0453 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...) + TODO: check +CVE-2017-0452 (An information disclosure vulnerability in the Qualcomm camera driver ...) + TODO: check CVE-2017-0451 (An information disclosure vulnerability in the Qualcomm sound driver ...) NOT-FOR-US: Qualcomm driver for Android CVE-2017-0450 (An elevation of privilege vulnerability in Audioserver could enable a ...) @@ -15968,18 +16031,18 @@ RESERVED CVE-2017-0339 RESERVED -CVE-2017-0338 - RESERVED -CVE-2017-0337 - RESERVED -CVE-2017-0336 - RESERVED -CVE-2017-0335 - RESERVED -CVE-2017-0334 - RESERVED -CVE-2017-0333 - RESERVED +CVE-2017-0338 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...) + TODO: check +CVE-2017-0337 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...) + TODO: check +CVE-2017-0336 (An information disclosure vulnerability in the NVIDIA GPU driver could ...) + TODO: check +CVE-2017-0335 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...) + TODO: check +CVE-2017-0334 (An information disclosure vulnerability in the NVIDIA GPU driver could ...) + TODO: check +CVE-2017-0333 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...) + TODO: check CVE-2017-0332 RESERVED CVE-2017-0331 @@ -16055,10 +16118,10 @@ [jessie] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not supported) CVE-2017-0308 (All versions of NVIDIA Windows GPU Display Driver contain a ...) NOT-FOR-US: NVIDIA drivers for Windows -CVE-2017-0307 - RESERVED -CVE-2017-0306 - RESERVED +CVE-2017-0307 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...) + TODO: check +CVE-2017-0306 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...) + TODO: check CVE-2016-9638 (In BMC Patrol before 9.13.10.02, the binary "listguests64" is ...) NOT-FOR-US: BMC Patrol CVE-2016-9637 (The (1) ioport_read and (2) ioport_write functions in Xen, when qemu ...) @@ -17694,8 +17757,8 @@ NOT-FOR-US: F5 CVE-2016-9246 RESERVED -CVE-2016-9245 - RESERVED +CVE-2016-9245 (In F5 BIG-IP systems 12.1.0 - 12.1.2, malicious requests made to ...) + TODO: check CVE-2016-9244 (A BIG-IP virtual server configured with a Client SSL profile that has ...) NOT-FOR-US: F5 TLS stack NOTE: https://ticketbleed.com/ @@ -20081,20 +20144,20 @@ RESERVED CVE-2016-8484 RESERVED -CVE-2016-8483 - RESERVED +CVE-2016-8483 (An information disclosure vulnerability in the Qualcomm power driver ...) + TODO: check CVE-2016-8482 RESERVED CVE-2016-8481 (An elevation of privilege vulnerability in the Qualcomm sound driver ...) NOT-FOR-US: Qualcomm driver for Android CVE-2016-8480 (An elevation of privilege vulnerability in the Qualcomm Secure ...) NOT-FOR-US: Qualcomm driver for Android -CVE-2016-8479 - RESERVED -CVE-2016-8478 - RESERVED -CVE-2016-8477 - RESERVED +CVE-2016-8479 (An elevation of privilege vulnerability in the Qualcomm GPU driver ...) + TODO: check +CVE-2016-8478 (An information disclosure vulnerability in the Qualcomm video driver ...) + TODO: check +CVE-2016-8477 (An information disclosure vulnerability in the Qualcomm camera driver ...) + TODO: check CVE-2016-8476 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...) NOT-FOR-US: Qualcomm driver for Android CVE-2016-8475 (An information disclosure vulnerability in the HTC input driver could ...) @@ -20213,16 +20276,16 @@ NOT-FOR-US: Qualcomm driver for Android CVE-2016-8418 (A remote code execution vulnerability in the Qualcomm crypto driver ...) NOT-FOR-US: Qualcomm driver for Android -CVE-2016-8417 - RESERVED -CVE-2016-8416 - RESERVED +CVE-2016-8417 (An elevation of privilege vulnerability in the Qualcomm camera driver ...) + TODO: check +CVE-2016-8416 (An information disclosure vulnerability in the Qualcomm video driver ...) + TODO: check CVE-2016-8415 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...) NOT-FOR-US: Qualcomm driver for Android CVE-2016-8414 (An information disclosure vulnerability in the Qualcomm Secure ...) NOT-FOR-US: Qualcomm Secure Execution Environment Communicator -CVE-2016-8413 - RESERVED +CVE-2016-8413 (An information disclosure vulnerability in the Qualcomm camera driver ...) + TODO: check CVE-2016-8412 (An elevation of privilege vulnerability in the Qualcomm camera could ...) NOT-FOR-US: Qualcomm component for Android CVE-2016-8411 (Buffer overflow vulnerability while processing QMI QOS TLVs. Product: ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits