Author: sectracker Date: 2017-07-20 21:10:14 +0000 (Thu, 20 Jul 2017) New Revision: 53724
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-07-20 20:13:04 UTC (rev 53723) +++ data/CVE/list 2017-07-20 21:10:14 UTC (rev 53724) @@ -1,3 +1,33 @@ +CVE-2017-11493 + RESERVED +CVE-2017-11492 + RESERVED +CVE-2017-11491 + RESERVED +CVE-2017-11490 + RESERVED +CVE-2017-11489 + RESERVED +CVE-2017-11488 + RESERVED +CVE-2017-11487 + RESERVED +CVE-2017-11486 + RESERVED +CVE-2017-11485 + RESERVED +CVE-2017-11484 + RESERVED +CVE-2017-11483 + RESERVED +CVE-2017-11482 + RESERVED +CVE-2017-11481 + RESERVED +CVE-2017-11480 + RESERVED +CVE-2017-11479 + RESERVED CVE-2017-11477 RESERVED CVE-2017-11476 @@ -380,7 +410,8 @@ [stretch] - imagemagick 8:6.9.7.4+dfsg-11+deb9u1 [jessie] - imagemagick 8:6.8.9.9-5+deb8u10 NOTE: https://github.com/ImageMagick/ImageMagick/issues/525 -CVE-2017-11478 [CPU exhaustion in ReadOneDJVUImage] +CVE-2017-11478 (The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through ...) + {DSA-3914-1} - imagemagick 8:6.9.7.4+dfsg-12 (bug #867826) NOTE: https://github.com/ImageMagick/ImageMagick/issues/528 CVE-2017-XXXX [CPU exhaustion in ReadOneMNGImage] @@ -989,6 +1020,7 @@ CVE-2017-1000027 (Koozali Foundation SME Server versions 8.x, 9.x, 10.x are vulnerable ...) NOT-FOR-US: Koozali Foundation SME Server CVE-2017-1000026 (Chef Software's mixlib-archive versions 0.3.0 and older are vulnerable ...) + {DSA-3915-1} - ruby-mixlib-archive <unfixed> (bug #868572) NOTE: https://github.com/chef/mixlib-archive/pull/6 NOTE: https://github.com/chef/mixlib-archive/pull/6/commits/3a874a24aed6ee93fbccf97efe0ecc999bafe87d @@ -2859,8 +2891,8 @@ RESERVED CVE-2017-9823 RESERVED -CVE-2017-9822 - RESERVED +CVE-2017-9822 (DNN (aka DotNetNuke) before 9.1.1 has Remote Code Execution via a ...) + TODO: check CVE-2017-9821 RESERVED CVE-2017-9820 @@ -2954,8 +2986,8 @@ NOTE: Issue is specific to Struts 2.x. CVE-2017-9786 RESERVED -CVE-2017-9785 - RESERVED +CVE-2017-9785 (Csrf.cs in NancyFX Nancy before 1.4.4 and 2.x before 2.0-dangermouse ...) + TODO: check CVE-2017-9784 RESERVED CVE-2017-9783 @@ -12752,134 +12784,134 @@ RESERVED CVE-2017-7070 RESERVED -CVE-2017-7069 - RESERVED -CVE-2017-7068 - RESERVED -CVE-2017-7067 - RESERVED +CVE-2017-7069 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7068 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7067 (An issue was discovered in certain Apple products. macOS before ...) + TODO: check CVE-2017-7066 RESERVED CVE-2017-7065 RESERVED -CVE-2017-7064 - RESERVED -CVE-2017-7063 - RESERVED -CVE-2017-7062 - RESERVED -CVE-2017-7061 - RESERVED -CVE-2017-7060 - RESERVED -CVE-2017-7059 - RESERVED -CVE-2017-7058 - RESERVED +CVE-2017-7064 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7063 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7062 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7061 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7060 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7059 (A DOMParser XSS issue was discovered in certain Apple products. iOS ...) + TODO: check +CVE-2017-7058 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check CVE-2017-7057 RESERVED -CVE-2017-7056 - RESERVED -CVE-2017-7055 - RESERVED -CVE-2017-7054 - RESERVED -CVE-2017-7053 - RESERVED -CVE-2017-7052 - RESERVED -CVE-2017-7051 - RESERVED -CVE-2017-7050 - RESERVED -CVE-2017-7049 - RESERVED -CVE-2017-7048 - RESERVED -CVE-2017-7047 - RESERVED -CVE-2017-7046 - RESERVED -CVE-2017-7045 - RESERVED -CVE-2017-7044 - RESERVED -CVE-2017-7043 - RESERVED -CVE-2017-7042 - RESERVED -CVE-2017-7041 - RESERVED -CVE-2017-7040 - RESERVED -CVE-2017-7039 - RESERVED -CVE-2017-7038 - RESERVED -CVE-2017-7037 - RESERVED -CVE-2017-7036 - RESERVED -CVE-2017-7035 - RESERVED -CVE-2017-7034 - RESERVED -CVE-2017-7033 - RESERVED -CVE-2017-7032 - RESERVED -CVE-2017-7031 - RESERVED -CVE-2017-7030 - RESERVED -CVE-2017-7029 - RESERVED -CVE-2017-7028 - RESERVED -CVE-2017-7027 - RESERVED -CVE-2017-7026 - RESERVED -CVE-2017-7025 - RESERVED -CVE-2017-7024 - RESERVED -CVE-2017-7023 - RESERVED -CVE-2017-7022 - RESERVED -CVE-2017-7021 - RESERVED -CVE-2017-7020 - RESERVED -CVE-2017-7019 - RESERVED -CVE-2017-7018 - RESERVED -CVE-2017-7017 - RESERVED -CVE-2017-7016 - RESERVED -CVE-2017-7015 - RESERVED -CVE-2017-7014 - RESERVED -CVE-2017-7013 - RESERVED -CVE-2017-7012 - RESERVED -CVE-2017-7011 - RESERVED -CVE-2017-7010 - RESERVED -CVE-2017-7009 - RESERVED -CVE-2017-7008 - RESERVED -CVE-2017-7007 - RESERVED -CVE-2017-7006 - RESERVED +CVE-2017-7056 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7055 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7054 (An issue was discovered in certain Apple products. macOS before ...) + TODO: check +CVE-2017-7053 (An issue was discovered in certain Apple products. iTunes before ...) + TODO: check +CVE-2017-7052 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7051 (An issue was discovered in certain Apple products. macOS before ...) + TODO: check +CVE-2017-7050 (An issue was discovered in certain Apple products. macOS before ...) + TODO: check +CVE-2017-7049 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7048 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7047 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7046 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7045 (An issue was discovered in certain Apple products. macOS before ...) + TODO: check +CVE-2017-7044 (An issue was discovered in certain Apple products. macOS before ...) + TODO: check +CVE-2017-7043 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7042 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7041 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7040 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7039 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7038 (A DOMParser XSS issue was discovered in certain Apple products. iOS ...) + TODO: check +CVE-2017-7037 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7036 (An issue was discovered in certain Apple products. macOS before ...) + TODO: check +CVE-2017-7035 (An issue was discovered in certain Apple products. macOS before ...) + TODO: check +CVE-2017-7034 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7033 (An issue was discovered in certain Apple products. macOS before ...) + TODO: check +CVE-2017-7032 (An issue was discovered in certain Apple products. macOS before ...) + TODO: check +CVE-2017-7031 (An issue was discovered in certain Apple products. macOS before ...) + TODO: check +CVE-2017-7030 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7029 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7028 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7027 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7026 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7025 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7024 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7023 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7022 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7021 (An issue was discovered in certain Apple products. macOS before ...) + TODO: check +CVE-2017-7020 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7019 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7018 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7017 (An issue was discovered in certain Apple products. macOS before ...) + TODO: check +CVE-2017-7016 (An issue was discovered in certain Apple products. macOS before ...) + TODO: check +CVE-2017-7015 (An issue was discovered in certain Apple products. macOS before ...) + TODO: check +CVE-2017-7014 (An issue was discovered in certain Apple products. macOS before ...) + TODO: check +CVE-2017-7013 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7012 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7011 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7010 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7009 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7008 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7007 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check +CVE-2017-7006 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check CVE-2017-7005 RESERVED CVE-2017-7004 @@ -13993,12 +14025,12 @@ NOT-FOR-US: webpagetest CVE-2017-6533 (A Cross-Site Scripting (XSS) issue was discovered in webpagetest 3.0. ...) NOT-FOR-US: webpagetest -CVE-2017-6532 - RESERVED -CVE-2017-6531 - RESERVED -CVE-2017-6530 - RESERVED +CVE-2017-6532 (Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgw_v1.02.0014 4.20 ...) + TODO: check +CVE-2017-6531 (On Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgw_v1.02.0014 4.20, ...) + TODO: check +CVE-2017-6530 (Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgw_v1.02.0014 4.20 do ...) + TODO: check CVE-2017-6529 (An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is ...) NOT-FOR-US: dnaLIMS CVE-2017-6528 (An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is ...) @@ -26194,8 +26226,8 @@ - sqlite3 <undetermined> NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=199 NOTE: https://clusterfuzz-external.appspot.com/testcase?key=4603622180519936 -CVE-2017-2517 - RESERVED +CVE-2017-2517 (An issue was discovered in certain Apple products. iOS before 10.3.3 ...) + TODO: check CVE-2017-2516 (An issue was discovered in certain Apple products. macOS before ...) NOT-FOR-US: Apple CVE-2017-2515 (An issue was discovered in certain Apple products. iOS before 10.3.2 ...) @@ -30891,8 +30923,7 @@ RESERVED CVE-2017-0379 RESERVED -CVE-2017-0378 [reflected XSS] - RESERVED +CVE-2017-0378 (XSS exists in the login_form function in views/helpers.php in Phamm ...) - phamm <unfixed> (bug #868988) [stretch] - phamm <no-dsa> (Minor issue) [jessie] - phamm <no-dsa> (Minor issue) @@ -92876,7 +92907,7 @@ [squeeze] - subversion <not-affected> (Introduced in 1.7.0) NOTE: http://subversion.apache.org/security/CVE-2014-8108-advisory.txt CVE-2014-8107 - RESERVED + REJECTED CVE-2014-8106 (Heap-based buffer overflow in the Cirrus VGA emulator ...) {DSA-3088-1 DSA-3087-1} - qemu 2.1+dfsg-9 (bug #772025) @@ -114558,7 +114589,7 @@ CVE-2014-0053 (The default configuration of the Resources plugin 1.0.0 before 1.2.6 ...) - grails <itp> (bug #473213) CVE-2014-0052 - RESERVED + REJECTED CVE-2014-0051 REJECTED CVE-2014-0050 (MultipartStream.java in Apache Commons FileUpload before 1.3.1, as ...) @@ -230332,7 +230363,7 @@ NOT-FOR-US: Eazy Cart CVE-2006-5245 (Eazy Cart allows remote attackers to bypass authentication and gain ...) NOT-FOR-US: Eazy Cart -CVE-2006-5244 (Multilple PHP remote file inclusion vulnerabilities in OpenDock Easy ...) +CVE-2006-5244 (Multiple PHP remote file inclusion vulnerabilities in OpenDock Easy ...) NOT-FOR-US: Easy Blog CVE-2006-5243 (Multiple PHP remote file inclusion vulnerabilities in OpenDock Easy ...) NOT-FOR-US: Easy Blog @@ -239589,7 +239620,7 @@ - gnome-screensaver 2.14.1-1 (bug #357885) CVE-2006-1334 (Multiple SQL injection vulnerabilities in Maian Weblog 2.0 allow ...) NOT-FOR-US: Maian Weblog -CVE-2006-1333 (Multpile SQL injection vulnerabilities in BetaParticle Blog 6.0 and ...) +CVE-2006-1333 (Multiple SQL injection vulnerabilities in BetaParticle Blog 6.0 and ...) NOT-FOR-US: BetaParticle Blog CVE-2006-1332 (Noah's Classifieds 1.3 and earlier allows remote attackers to obtain ...) NOT-FOR-US: Noah's Classifieds _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits