Author: sectracker Date: 2017-03-21 21:10:12 +0000 (Tue, 21 Mar 2017) New Revision: 49911
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-03-21 20:46:52 UTC (rev 49910) +++ data/CVE/list 2017-03-21 21:10:12 UTC (rev 49911) @@ -1,3 +1,7 @@ +CVE-2017-7215 (Cross site scripting in some view elements in the index filter tool in ...) + TODO: check +CVE-2017-7214 (An issue was discovered in exception_wrapper.py in OpenStack Nova 13.x ...) + TODO: check CVE-2017-7213 RESERVED CVE-2017-7212 @@ -1981,8 +1985,8 @@ RESERVED CVE-2017-6418 RESERVED -CVE-2017-6417 - RESERVED +CVE-2017-6417 (Code injection vulnerability in Avira Total Security Suite 15.0 (and ...) + TODO: check CVE-2017-6416 (An issue was discovered in SysGauge 1.5.18. A buffer overflow ...) NOT-FOR-US: SysGauge CVE-2017-6415 (The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 ...) @@ -2591,8 +2595,8 @@ NOT-FOR-US: Amazon Kindle CVE-2017-6187 (Buffer overflow in the built-in web server in DiskSavvy Enterprise ...) NOT-FOR-US: DiskSavvy Enterprise -CVE-2017-6186 - RESERVED +CVE-2017-6186 (Code injection vulnerability in Bitdefender Total Security 12.0 (and ...) + TODO: check CVE-2017-6185 RESERVED CVE-2017-6184 @@ -4503,12 +4507,12 @@ NOT-FOR-US: eClinicalWorks CVE-2017-5568 RESERVED -CVE-2017-5567 - RESERVED -CVE-2017-5566 - RESERVED -CVE-2017-5565 - RESERVED +CVE-2017-5567 (Code injection vulnerability in Avast Premier 12.3 (and earlier), ...) + TODO: check +CVE-2017-5566 (Code injection vulnerability in AVG Ultimate 17.1 (and earlier), AVG ...) + TODO: check +CVE-2017-5565 (Code injection vulnerability in Trend Micro Maximum Security 11.0 (and ...) + TODO: check CVE-2017-5564 RESERVED CVE-2017-5563 (LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in ...) @@ -8944,10 +8948,10 @@ RESERVED CVE-2017-3851 RESERVED -CVE-2017-3850 - RESERVED -CVE-2017-3849 - RESERVED +CVE-2017-3850 (A vulnerability in the Autonomic Networking Infrastructure (ANI) ...) + TODO: check +CVE-2017-3849 (A vulnerability in the Autonomic Networking Infrastructure (ANI) ...) + TODO: check CVE-2017-3848 RESERVED CVE-2017-3847 (A vulnerability in the web framework of Cisco Firepower Management ...) @@ -27410,8 +27414,8 @@ NOT-FOR-US: Pivotal Spring Data CVE-2016-6651 (The UAA /oauth/token endpoint in Pivotal Cloud Foundry (PCF) before ...) NOT-FOR-US: Pivotal -CVE-2016-6650 - RESERVED +CVE-2016-6650 (EMC RecoverPoint versions prior to 5.0 and EMC RecoverPoint for Virtual ...) + TODO: check CVE-2016-6649 (EMC RecoverPoint versions before 4.4.1.1 and EMC RecoverPoint for ...) NOT-FOR-US: EMC CVE-2016-6648 (EMC RecoverPoint versions before 4.4.1.1 and EMC RecoverPoint for ...) @@ -35229,8 +35233,8 @@ NOT-FOR-US: Resource Data Management CVE-2016-4505 (Resource Data Management (RDM) Intuitive 650 TDB Controller devices ...) NOT-FOR-US: Resource Data Management -CVE-2016-4504 - RESERVED +CVE-2016-4504 (A Cross-Site Request Forgery issue was discovered in Meteocontrol ...) + TODO: check CVE-2016-4503 (Moxa Device Server Web Console 5232-N allows remote attackers to ...) NOT-FOR-US: Moxa CVE-2016-4502 (Environmental Systems Corporation (ESC) 8832 Data Controller 3.02 and ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits