Author: sectracker Date: 2017-06-30 09:10:13 +0000 (Fri, 30 Jun 2017) New Revision: 53031
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-06-30 09:01:02 UTC (rev 53030) +++ data/CVE/list 2017-06-30 09:10:13 UTC (rev 53031) @@ -1,3 +1,45 @@ +CVE-2017-10698 + RESERVED +CVE-2017-10697 + RESERVED +CVE-2017-10696 + RESERVED +CVE-2017-10695 + RESERVED +CVE-2017-10694 + RESERVED +CVE-2017-10693 + RESERVED +CVE-2017-10692 + RESERVED +CVE-2017-10691 + RESERVED +CVE-2017-10690 + RESERVED +CVE-2017-10689 + RESERVED +CVE-2017-10688 (In LibTIFF 4.0.8, there is a assertion abort in the ...) + TODO: check +CVE-2017-10687 (In LibSass 3.4.5, there is a heap-based buffer over-read in the ...) + TODO: check +CVE-2017-10686 (In Netwide Assembler (NASM) 2.14rc0, there are multiple heap use after ...) + TODO: check +CVE-2017-10685 (In ncurses 6.0, there is a format string vulnerability in the fmt_entry ...) + TODO: check +CVE-2017-10684 (In ncurses 6.0, there is a stack-based buffer overflow in the fmt_entry ...) + TODO: check +CVE-2017-10683 (In mpg123 1.25.0, there is a heap-based buffer over-read in the ...) + TODO: check +CVE-2017-10682 (SQL injection vulnerability in the administrative backend in Piwigo ...) + TODO: check +CVE-2017-10681 (Cross-site request forgery (CSRF) vulnerability in Piwigo through 2.9.1 ...) + TODO: check +CVE-2017-10680 (Cross-site request forgery (CSRF) vulnerability in Piwigo through 2.9.1 ...) + TODO: check +CVE-2017-10679 (Piwigo through 2.9.1 allows remote attackers to obtain sensitive ...) + TODO: check +CVE-2017-10678 (Cross-site request forgery (CSRF) vulnerability in Piwigo through 2.9.1 ...) + TODO: check CVE-2017-10677 RESERVED CVE-2017-10676 @@ -7208,22 +7250,22 @@ NOT-FOR-US: Schneider CVE-2017-7906 RESERVED -CVE-2017-7905 - RESERVED +CVE-2017-7905 (A Weak Cryptography for Passwords issue was discovered in General ...) + TODO: check CVE-2017-7904 RESERVED -CVE-2017-7903 - RESERVED -CVE-2017-7902 - RESERVED -CVE-2017-7901 - RESERVED +CVE-2017-7903 (A Weak Password Requirements issue was discovered in Rockwell ...) + TODO: check +CVE-2017-7902 (A "Reusing a Nonce, Key Pair in Encryption" issue was discovered in ...) + TODO: check +CVE-2017-7901 (A Predictable Value Range from Previous Values issue was discovered in ...) + TODO: check CVE-2017-7900 RESERVED -CVE-2017-7899 - RESERVED -CVE-2017-7898 - RESERVED +CVE-2017-7899 (An Information Exposure issue was discovered in Rockwell Automation ...) + TODO: check +CVE-2017-7898 (An Improper Restriction of Excessive Authentication Attempts issue was ...) + TODO: check CVE-2017-7897 (A cross-site scripting (XSS) vulnerability in the MantisBT (2.3.x ...) - mantis <removed> [wheezy] - mantis <end-of-life> (Unsupported in Wheezy LTS) @@ -12985,66 +13027,66 @@ NOT-FOR-US: Satel Iberia SenNet Data Logger and Electricity Meters CVE-2017-6047 RESERVED -CVE-2017-6046 - RESERVED +CVE-2017-6046 (An Insufficiently Protected Credentials issue was discovered in Sierra ...) + TODO: check CVE-2017-6045 (An Information Exposure issue was discovered in Trihedral VTScada ...) NOT-FOR-US: Trihedral VTScada -CVE-2017-6044 - RESERVED +CVE-2017-6044 (An Improper Authorization issue was discovered in Sierra Wireless ...) + TODO: check CVE-2017-6043 (A Resource Consumption issue was discovered in Trihedral VTScada ...) NOT-FOR-US: Trihedral VTScada -CVE-2017-6042 - RESERVED -CVE-2017-6041 - RESERVED -CVE-2017-6040 - RESERVED +CVE-2017-6042 (A Cross-Site Request Forgery issue was discovered in Sierra Wireless ...) + TODO: check +CVE-2017-6041 (An Unrestricted Upload issue was discovered in Marel Food Processing ...) + TODO: check +CVE-2017-6040 (An Information Exposure issue was discovered in Belden Hirschmann GECKO ...) + TODO: check CVE-2017-6039 (A Use of Hard-Coded Password issue was discovered in Phoenix Broadband ...) NOT-FOR-US: Phoenix -CVE-2017-6038 - RESERVED +CVE-2017-6038 (A Cross-Site Request Forgery issue was discovered in Belden Hirschmann ...) + TODO: check CVE-2017-6037 (A Heap-Based Buffer Overflow issue was discovered in Wecon Technologies ...) NOT-FOR-US: Wecon -CVE-2017-6036 - RESERVED +CVE-2017-6036 (A Server-Side Request Forgery issue was discovered in Belden Hirschmann ...) + TODO: check CVE-2017-6035 (A Stack-Based Buffer Overflow issue was discovered in Wecon ...) NOT-FOR-US: Wecon -CVE-2017-6034 - RESERVED +CVE-2017-6034 (An Authentication Bypass by Capture-Replay issue was discovered in ...) + TODO: check CVE-2017-6033 (A DLL Hijacking issue was discovered in Schneider Electric Interactive ...) NOT-FOR-US: Schneider Electric -CVE-2017-6032 - RESERVED +CVE-2017-6032 (A Violation of Secure Design Principles issue was discovered in ...) + TODO: check CVE-2017-6031 (A Header Injection issue was discovered in Certec EDV GmbH atvise scada ...) NOT-FOR-US: Certec EDV GmbH atvise scada -CVE-2017-6030 - RESERVED +CVE-2017-6030 (A Predictable Value Range from Previous Values issue was discovered in ...) + TODO: check CVE-2017-6029 (A Cross-Site Scripting issue was discovered in Certec EDV GmbH atvise ...) NOT-FOR-US: Certec EDV GmbH atvise scada -CVE-2017-6028 - RESERVED +CVE-2017-6028 (An Insufficiently Protected Credentials issue was discovered in ...) + TODO: check CVE-2017-6027 (An Arbitrary File Upload issue was discovered in 3S-Smart Software ...) NOT-FOR-US: 3S-Smart Software Solutions GmbH CODESYS Web Server -CVE-2017-6026 - RESERVED +CVE-2017-6026 (A Use of Insufficiently Random Values issue was discovered in Schneider ...) + TODO: check CVE-2017-6025 (A Stack Buffer Overflow issue was discovered in 3S-Smart Software ...) NOT-FOR-US: 3S-Smart Software Solutions GmbH CODESYS Web Server CVE-2017-6024 (A Resource Exhaustion issue was discovered in Rockwell Automation ...) NOT-FOR-US: Rockwell CVE-2017-6023 (An issue was discovered in Fatek Automation PLC Ethernet Module. The ...) NOT-FOR-US: Fatek -CVE-2017-6022 - RESERVED +CVE-2017-6022 (A hard-coded password issue was discovered in Becton, Dickinson and ...) + TODO: check CVE-2017-6021 RESERVED CVE-2017-6020 RESERVED CVE-2017-6019 (An issue was discovered in Schneider Electric Conext ComBox, model ...) NOT-FOR-US: Schneider Electric -CVE-2017-6018 - RESERVED -CVE-2017-6017 - RESERVED +CVE-2017-6018 (An open redirect issue was discovered in B. Braun Medical SpaceCom ...) + TODO: check +CVE-2017-6017 (A Resource Exhaustion issue was discovered in Schneider Electric ...) + TODO: check CVE-2017-6016 (An Improper Access Control issue was discovered in LCDS - Leao ...) NOT-FOR-US: LCDS (Leao Consultoria e Desenvolvimento de Sistemas LTDA ME LAquis SCADA) CVE-2017-6015 @@ -29543,8 +29585,8 @@ NOT-FOR-US: General Electric CVE-2016-9359 REJECTED -CVE-2016-9358 - RESERVED +CVE-2016-9358 (A Hard-Coded Passwords issue was discovered in Marel Food Processing ...) + TODO: check CVE-2016-9357 (An issue was discovered in certain legacy Eaton ePDUs -- the affected ...) NOT-FOR-US: legacy Eaton ePDUs CVE-2016-9356 (An issue was discovered in Moxa DACenter Versions 1.4 and older. The ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits