Author: sectracker
Date: 2017-07-20 21:10:14 +0000 (Thu, 20 Jul 2017)
New Revision: 53724
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-20 20:13:04 UTC (rev 53723)
+++ data/CVE/list 2017-07-20 21:10:14 UTC (rev 53724)
@@ -1,3 +1,33 @@
+CVE-2017-11493
+ RESERVED
+CVE-2017-11492
+ RESERVED
+CVE-2017-11491
+ RESERVED
+CVE-2017-11490
+ RESERVED
+CVE-2017-11489
+ RESERVED
+CVE-2017-11488
+ RESERVED
+CVE-2017-11487
+ RESERVED
+CVE-2017-11486
+ RESERVED
+CVE-2017-11485
+ RESERVED
+CVE-2017-11484
+ RESERVED
+CVE-2017-11483
+ RESERVED
+CVE-2017-11482
+ RESERVED
+CVE-2017-11481
+ RESERVED
+CVE-2017-11480
+ RESERVED
+CVE-2017-11479
+ RESERVED
CVE-2017-11477
RESERVED
CVE-2017-11476
@@ -380,7 +410,8 @@
[stretch] - imagemagick 8:6.9.7.4+dfsg-11+deb9u1
[jessie] - imagemagick 8:6.8.9.9-5+deb8u10
NOTE: https://github.com/ImageMagick/ImageMagick/issues/525
-CVE-2017-11478 [CPU exhaustion in ReadOneDJVUImage]
+CVE-2017-11478 (The ReadOneDJVUImage function in coders/djvu.c in ImageMagick
through ...)
+ {DSA-3914-1}
- imagemagick 8:6.9.7.4+dfsg-12 (bug #867826)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/528
CVE-2017-XXXX [CPU exhaustion in ReadOneMNGImage]
@@ -989,6 +1020,7 @@
CVE-2017-1000027 (Koozali Foundation SME Server versions 8.x, 9.x, 10.x are
vulnerable ...)
NOT-FOR-US: Koozali Foundation SME Server
CVE-2017-1000026 (Chef Software's mixlib-archive versions 0.3.0 and older are
vulnerable ...)
+ {DSA-3915-1}
- ruby-mixlib-archive <unfixed> (bug #868572)
NOTE: https://github.com/chef/mixlib-archive/pull/6
NOTE:
https://github.com/chef/mixlib-archive/pull/6/commits/3a874a24aed6ee93fbccf97efe0ecc999bafe87d
@@ -2859,8 +2891,8 @@
RESERVED
CVE-2017-9823
RESERVED
-CVE-2017-9822
- RESERVED
+CVE-2017-9822 (DNN (aka DotNetNuke) before 9.1.1 has Remote Code Execution via
a ...)
+ TODO: check
CVE-2017-9821
RESERVED
CVE-2017-9820
@@ -2954,8 +2986,8 @@
NOTE: Issue is specific to Struts 2.x.
CVE-2017-9786
RESERVED
-CVE-2017-9785
- RESERVED
+CVE-2017-9785 (Csrf.cs in NancyFX Nancy before 1.4.4 and 2.x before
2.0-dangermouse ...)
+ TODO: check
CVE-2017-9784
RESERVED
CVE-2017-9783
@@ -12752,134 +12784,134 @@
RESERVED
CVE-2017-7070
RESERVED
-CVE-2017-7069
- RESERVED
-CVE-2017-7068
- RESERVED
-CVE-2017-7067
- RESERVED
+CVE-2017-7069 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7068 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7067 (An issue was discovered in certain Apple products. macOS before
...)
+ TODO: check
CVE-2017-7066
RESERVED
CVE-2017-7065
RESERVED
-CVE-2017-7064
- RESERVED
-CVE-2017-7063
- RESERVED
-CVE-2017-7062
- RESERVED
-CVE-2017-7061
- RESERVED
-CVE-2017-7060
- RESERVED
-CVE-2017-7059
- RESERVED
-CVE-2017-7058
- RESERVED
+CVE-2017-7064 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7063 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7062 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7061 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7060 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7059 (A DOMParser XSS issue was discovered in certain Apple products.
iOS ...)
+ TODO: check
+CVE-2017-7058 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
CVE-2017-7057
RESERVED
-CVE-2017-7056
- RESERVED
-CVE-2017-7055
- RESERVED
-CVE-2017-7054
- RESERVED
-CVE-2017-7053
- RESERVED
-CVE-2017-7052
- RESERVED
-CVE-2017-7051
- RESERVED
-CVE-2017-7050
- RESERVED
-CVE-2017-7049
- RESERVED
-CVE-2017-7048
- RESERVED
-CVE-2017-7047
- RESERVED
-CVE-2017-7046
- RESERVED
-CVE-2017-7045
- RESERVED
-CVE-2017-7044
- RESERVED
-CVE-2017-7043
- RESERVED
-CVE-2017-7042
- RESERVED
-CVE-2017-7041
- RESERVED
-CVE-2017-7040
- RESERVED
-CVE-2017-7039
- RESERVED
-CVE-2017-7038
- RESERVED
-CVE-2017-7037
- RESERVED
-CVE-2017-7036
- RESERVED
-CVE-2017-7035
- RESERVED
-CVE-2017-7034
- RESERVED
-CVE-2017-7033
- RESERVED
-CVE-2017-7032
- RESERVED
-CVE-2017-7031
- RESERVED
-CVE-2017-7030
- RESERVED
-CVE-2017-7029
- RESERVED
-CVE-2017-7028
- RESERVED
-CVE-2017-7027
- RESERVED
-CVE-2017-7026
- RESERVED
-CVE-2017-7025
- RESERVED
-CVE-2017-7024
- RESERVED
-CVE-2017-7023
- RESERVED
-CVE-2017-7022
- RESERVED
-CVE-2017-7021
- RESERVED
-CVE-2017-7020
- RESERVED
-CVE-2017-7019
- RESERVED
-CVE-2017-7018
- RESERVED
-CVE-2017-7017
- RESERVED
-CVE-2017-7016
- RESERVED
-CVE-2017-7015
- RESERVED
-CVE-2017-7014
- RESERVED
-CVE-2017-7013
- RESERVED
-CVE-2017-7012
- RESERVED
-CVE-2017-7011
- RESERVED
-CVE-2017-7010
- RESERVED
-CVE-2017-7009
- RESERVED
-CVE-2017-7008
- RESERVED
-CVE-2017-7007
- RESERVED
-CVE-2017-7006
- RESERVED
+CVE-2017-7056 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7055 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7054 (An issue was discovered in certain Apple products. macOS before
...)
+ TODO: check
+CVE-2017-7053 (An issue was discovered in certain Apple products. iTunes
before ...)
+ TODO: check
+CVE-2017-7052 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7051 (An issue was discovered in certain Apple products. macOS before
...)
+ TODO: check
+CVE-2017-7050 (An issue was discovered in certain Apple products. macOS before
...)
+ TODO: check
+CVE-2017-7049 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7048 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7047 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7046 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7045 (An issue was discovered in certain Apple products. macOS before
...)
+ TODO: check
+CVE-2017-7044 (An issue was discovered in certain Apple products. macOS before
...)
+ TODO: check
+CVE-2017-7043 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7042 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7041 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7040 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7039 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7038 (A DOMParser XSS issue was discovered in certain Apple products.
iOS ...)
+ TODO: check
+CVE-2017-7037 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7036 (An issue was discovered in certain Apple products. macOS before
...)
+ TODO: check
+CVE-2017-7035 (An issue was discovered in certain Apple products. macOS before
...)
+ TODO: check
+CVE-2017-7034 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7033 (An issue was discovered in certain Apple products. macOS before
...)
+ TODO: check
+CVE-2017-7032 (An issue was discovered in certain Apple products. macOS before
...)
+ TODO: check
+CVE-2017-7031 (An issue was discovered in certain Apple products. macOS before
...)
+ TODO: check
+CVE-2017-7030 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7029 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7028 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7027 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7026 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7025 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7024 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7023 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7022 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7021 (An issue was discovered in certain Apple products. macOS before
...)
+ TODO: check
+CVE-2017-7020 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7019 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7018 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7017 (An issue was discovered in certain Apple products. macOS before
...)
+ TODO: check
+CVE-2017-7016 (An issue was discovered in certain Apple products. macOS before
...)
+ TODO: check
+CVE-2017-7015 (An issue was discovered in certain Apple products. macOS before
...)
+ TODO: check
+CVE-2017-7014 (An issue was discovered in certain Apple products. macOS before
...)
+ TODO: check
+CVE-2017-7013 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7012 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7011 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7010 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7009 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7008 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7007 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
+CVE-2017-7006 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
CVE-2017-7005
RESERVED
CVE-2017-7004
@@ -13993,12 +14025,12 @@
NOT-FOR-US: webpagetest
CVE-2017-6533 (A Cross-Site Scripting (XSS) issue was discovered in
webpagetest 3.0. ...)
NOT-FOR-US: webpagetest
-CVE-2017-6532
- RESERVED
-CVE-2017-6531
- RESERVED
-CVE-2017-6530
- RESERVED
+CVE-2017-6532 (Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgw_v1.02.0014
4.20 ...)
+ TODO: check
+CVE-2017-6531 (On Televes COAXDATA GATEWAY 1Gbps devices
doc-wifi-hgw_v1.02.0014 4.20, ...)
+ TODO: check
+CVE-2017-6530 (Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgw_v1.02.0014
4.20 do ...)
+ TODO: check
CVE-2017-6529 (An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS
is ...)
NOT-FOR-US: dnaLIMS
CVE-2017-6528 (An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS
is ...)
@@ -26194,8 +26226,8 @@
- sqlite3 <undetermined>
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=199
NOTE:
https://clusterfuzz-external.appspot.com/testcase?key=4603622180519936
-CVE-2017-2517
- RESERVED
+CVE-2017-2517 (An issue was discovered in certain Apple products. iOS before
10.3.3 ...)
+ TODO: check
CVE-2017-2516 (An issue was discovered in certain Apple products. macOS before
...)
NOT-FOR-US: Apple
CVE-2017-2515 (An issue was discovered in certain Apple products. iOS before
10.3.2 ...)
@@ -30891,8 +30923,7 @@
RESERVED
CVE-2017-0379
RESERVED
-CVE-2017-0378 [reflected XSS]
- RESERVED
+CVE-2017-0378 (XSS exists in the login_form function in views/helpers.php in
Phamm ...)
- phamm <unfixed> (bug #868988)
[stretch] - phamm <no-dsa> (Minor issue)
[jessie] - phamm <no-dsa> (Minor issue)
@@ -92876,7 +92907,7 @@
[squeeze] - subversion <not-affected> (Introduced in 1.7.0)
NOTE: http://subversion.apache.org/security/CVE-2014-8108-advisory.txt
CVE-2014-8107
- RESERVED
+ REJECTED
CVE-2014-8106 (Heap-based buffer overflow in the Cirrus VGA emulator ...)
{DSA-3088-1 DSA-3087-1}
- qemu 2.1+dfsg-9 (bug #772025)
@@ -114558,7 +114589,7 @@
CVE-2014-0053 (The default configuration of the Resources plugin 1.0.0 before
1.2.6 ...)
- grails <itp> (bug #473213)
CVE-2014-0052
- RESERVED
+ REJECTED
CVE-2014-0051
REJECTED
CVE-2014-0050 (MultipartStream.java in Apache Commons FileUpload before 1.3.1,
as ...)
@@ -230332,7 +230363,7 @@
NOT-FOR-US: Eazy Cart
CVE-2006-5245 (Eazy Cart allows remote attackers to bypass authentication and
gain ...)
NOT-FOR-US: Eazy Cart
-CVE-2006-5244 (Multilple PHP remote file inclusion vulnerabilities in OpenDock
Easy ...)
+CVE-2006-5244 (Multiple PHP remote file inclusion vulnerabilities in OpenDock
Easy ...)
NOT-FOR-US: Easy Blog
CVE-2006-5243 (Multiple PHP remote file inclusion vulnerabilities in OpenDock
Easy ...)
NOT-FOR-US: Easy Blog
@@ -239589,7 +239620,7 @@
- gnome-screensaver 2.14.1-1 (bug #357885)
CVE-2006-1334 (Multiple SQL injection vulnerabilities in Maian Weblog 2.0
allow ...)
NOT-FOR-US: Maian Weblog
-CVE-2006-1333 (Multpile SQL injection vulnerabilities in BetaParticle Blog 6.0
and ...)
+CVE-2006-1333 (Multiple SQL injection vulnerabilities in BetaParticle Blog 6.0
and ...)
NOT-FOR-US: BetaParticle Blog
CVE-2006-1332 (Noah's Classifieds 1.3 and earlier allows remote attackers to
obtain ...)
NOT-FOR-US: Noah's Classifieds
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
