[Secure-testing-commits] r51250 - data/CVE

security tracker role Mon, 01 May 2017 14:10:33 -0700

Author: sectracker
Date: 2017-05-01 21:10:12 +0000 (Mon, 01 May 2017)
New Revision: 51250


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-05-01 20:10:47 UTC (rev 51249)
+++ data/CVE/list       2017-05-01 21:10:12 UTC (rev 51250)
@@ -1,3 +1,39 @@
+CVE-2017-8403 (360fly 4K cameras allow unauthenticated Wi-Fi password changes 
and ...)
+       TODO: check
+CVE-2017-8402
+       RESERVED
+CVE-2017-8401 (In SWFTools 0.9.2, an out-of-bounds read of heap data can occur 
in the ...)
+       TODO: check
+CVE-2017-8400 (In SWFTools 0.9.2, an out-of-bounds write of heap data can 
occur in the ...)
+       TODO: check
+CVE-2017-8399 (PCRE2 before 2017-03-10 has an out-of-bounds write caused by a 
...)
+       TODO: check
+CVE-2017-8398 (dwarf.c in GNU Binutils 2.28 is vulnerable to an invalid read 
of size 1 ...)
+       TODO: check
+CVE-2017-8397 (The Binary File Descriptor (BFD) library (aka libbfd), as 
distributed ...)
+       TODO: check
+CVE-2017-8396 (The Binary File Descriptor (BFD) library (aka libbfd), as 
distributed ...)
+       TODO: check
+CVE-2017-8395 (The Binary File Descriptor (BFD) library (aka libbfd), as 
distributed ...)
+       TODO: check
+CVE-2017-8394 (The Binary File Descriptor (BFD) library (aka libbfd), as 
distributed ...)
+       TODO: check
+CVE-2017-8393 (The Binary File Descriptor (BFD) library (aka libbfd), as 
distributed ...)
+       TODO: check
+CVE-2017-8392 (The Binary File Descriptor (BFD) library (aka libbfd), as 
distributed ...)
+       TODO: check
+CVE-2017-8391
+       RESERVED
+CVE-2017-8390
+       RESERVED
+CVE-2017-8389
+       RESERVED
+CVE-2017-8388 (GeniXCMS 1.0.2 allows remote attackers to bypass the 
alertDanger ...)
+       TODO: check
+CVE-2017-8387
+       RESERVED
+CVE-2017-8386
+       RESERVED
 CVE-2017-8385 (Craft CMS before 2.6.2976 does not prevent modification of the 
URL in a ...)
        NOT-FOR-US: Craft CMS
 CVE-2017-8384 (Craft CMS before 2.6.2976 allows XSS attacks because an array 
returned ...)
@@ -15,10 +51,10 @@
 CVE-2017-8378 (Heap-based buffer overflow in the PdfParser::ReadObjects 
function in ...)
        - libpodofo <unfixed> (bug #861597)
        NOTE: 
https://github.com/xiangxiaobo/poc_and_report/tree/master/podofo_heapoverflow_PdfParser.ReadObjects
-CVE-2017-8377
-       RESERVED
-CVE-2017-8376
-       RESERVED
+CVE-2017-8377 (GeniXCMS 1.0.2 has SQL Injection in ...)
+       TODO: check
+CVE-2017-8376 (GeniXCMS 1.0.2 has XSS triggered by an authenticated comment 
that is ...)
+       TODO: check
 CVE-2017-8375
        RESERVED
 CVE-2017-8374 (The mad_bit_skip function in bit.c in Underbit MAD libmad 
0.15.1b ...)
@@ -43,7 +79,7 @@
        - ettercap <unfixed> (bug #861604)
        NOTE: https://github.com/Ettercap/ettercap/issues/792
 CVE-2017-8365 (The i2les_array function in pcm.c in libsndfile 1.0.28 allows 
remote ...)
-        - libsndfile <unfixed>
+       - libsndfile <unfixed>
        NOTE: 
https://blogs.gentoo.org/ago/2017/04/29/libsndfile-global-buffer-overflow-in-i2les_array-pcm-c/
        NOTE: https://github.com/erikd/libsndfile/issues/230
        NOTE: Fixed by: 
https://github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3
@@ -4937,10 +4973,10 @@
        RESERVED
 CVE-2017-6566
        RESERVED
-CVE-2017-6565
-       RESERVED
-CVE-2017-6564
-       RESERVED
+CVE-2017-6565 (On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the 
roleDiag ...)
+       TODO: check
+CVE-2017-6564 (On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the 
Guest ...)
+       TODO: check
 CVE-2017-6563
        RESERVED
 CVE-2017-6562 (XSS in Agora-Project 3.2.2 exists with an ...)
@@ -6355,8 +6391,8 @@
        NOT-FOR-US: F5
 CVE-2017-6129
        RESERVED
-CVE-2017-6128
-       RESERVED
+CVE-2017-6128 (An attacker may be able to cause a denial-of-service (DoS) 
attack ...)
+       TODO: check
 CVE-2017-6188 (Munin before 2.999.6 has a local file write vulnerability when 
CGI ...)
        {DSA-3794-1 DLA-836-1}
        - munin 2.0.31-1 (bug #855705)
@@ -7893,8 +7929,8 @@
        NOT-FOR-US: D-Link
 CVE-2017-5632 (An issue was discovered on the ASUS RT-N56U Wireless Router 
with ...)
        NOT-FOR-US: Asus router
-CVE-2017-5631
-       RESERVED
+CVE-2017-5631 (An issue was discovered in KMCIS CaseAware. Reflected cross 
site ...)
+       TODO: check
 CVE-2017-5630 (PECL in the download utility class in the Installer in PEAR 
Base System ...)
        - php5 <unfixed> (unimportant)
        - php-pear <unfixed> (unimportant)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r51250 - data/CVE

Reply via email to