Author: sectracker
Date: 2017-07-24 09:10:24 +0000 (Mon, 24 Jul 2017)
New Revision: 53852
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-24 08:45:20 UTC (rev 53851)
+++ data/CVE/list 2017-07-24 09:10:24 UTC (rev 53852)
@@ -1,3 +1,85 @@
+CVE-2017-11607
+ RESERVED
+CVE-2017-11606
+ RESERVED
+CVE-2017-11605 (There is a heap based buffer over-read in LibSass 3.4.5,
related to ...)
+ TODO: check
+CVE-2017-11604
+ RESERVED
+CVE-2017-11603
+ RESERVED
+CVE-2017-11602
+ RESERVED
+CVE-2017-11601
+ RESERVED
+CVE-2017-11600 (net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3,
when ...)
+ TODO: check
+CVE-2017-11599
+ RESERVED
+CVE-2017-11598
+ RESERVED
+CVE-2017-11597
+ RESERVED
+CVE-2017-11596
+ RESERVED
+CVE-2017-11595
+ RESERVED
+CVE-2017-11594 (Cross-site scripting (XSS) vulnerability in the Markdown
parser in ...)
+ TODO: check
+CVE-2017-11593 (Cross-site scripting (XSS) vulnerability in the Markdown
Preview Plus ...)
+ TODO: check
+CVE-2017-11592 (There is a Mismatched Memory Management Routines vulnerability
in the ...)
+ TODO: check
+CVE-2017-11591 (There is a Floating point exception in the Exiv2::ValueType
function in ...)
+ TODO: check
+CVE-2017-11590 (There is a NULL pointer dereference in the caseless_hash
function in ...)
+ TODO: check
+CVE-2017-11589 (On Cisco DDR2200 ADSL2+ Residential Gateway ...)
+ TODO: check
+CVE-2017-11588 (On Cisco DDR2200 ADSL2+ Residential Gateway ...)
+ TODO: check
+CVE-2017-11587 (On Cisco DDR2200 ADSL2+ Residential Gateway ...)
+ TODO: check
+CVE-2017-11586 (dayrui FineCms 5.0.9 has URL Redirector Abuse via the url
parameter in ...)
+ TODO: check
+CVE-2017-11585 (dayrui FineCms 5.0.9 has remote PHP code execution via the
param ...)
+ TODO: check
+CVE-2017-11584 (dayrui FineCms 5.0.9 has SQL Injection via the field parameter
in an ...)
+ TODO: check
+CVE-2017-11583 (dayrui FineCms 5.0.9 has SQL Injection via the catid parameter
in an ...)
+ TODO: check
+CVE-2017-11582 (dayrui FineCms 5.0.9 has SQL Injection via the num parameter
in an ...)
+ TODO: check
+CVE-2017-11581 (dayrui FineCms 5.0.9 has Cross Site Scripting (XSS) in
admin/Login.php ...)
+ TODO: check
+CVE-2017-11580
+ RESERVED
+CVE-2017-11579
+ RESERVED
+CVE-2017-11578
+ RESERVED
+CVE-2017-11577 (FontForge 20161012 is vulnerable to a buffer over-read in
getsid ...)
+ TODO: check
+CVE-2017-11576 (FontForge 20161012 does not ensure a positive size in a weight
vector ...)
+ TODO: check
+CVE-2017-11575 (FontForge 20161012 is vulnerable to a buffer over-read in
strnmatch ...)
+ TODO: check
+CVE-2017-11574 (FontForge 20161012 is vulnerable to a heap-based buffer
overflow in ...)
+ TODO: check
+CVE-2017-11573 (FontForge 20161012 is vulnerable to a buffer over-read in ...)
+ TODO: check
+CVE-2017-11572 (FontForge 20161012 is vulnerable to a heap-based buffer
over-read in ...)
+ TODO: check
+CVE-2017-11571 (FontForge 20161012 is vulnerable to a stack-based buffer
overflow in ...)
+ TODO: check
+CVE-2017-11570 (FontForge 20161012 is vulnerable to a buffer over-read in
umodenc ...)
+ TODO: check
+CVE-2017-11569 (FontForge 20161012 is vulnerable to a heap-based buffer
over-read in ...)
+ TODO: check
+CVE-2017-11568 (FontForge 20161012 is vulnerable to a heap-based buffer
over-read in ...)
+ TODO: check
+CVE-2017-11567
+ RESERVED
CVE-2017-11566
RESERVED
CVE-2017-1002151 [pagure: private repositories accessible through ssh]
@@ -143,7 +225,7 @@
RESERVED
CVE-2017-11506
RESERVED
-CVE-2017-11565 [Tor in stretch silently scraps apparmor]
+CVE-2017-11565 (debian/tor.init in the Debian tor_0.2.9.11-1~deb9u1 package
for Tor was ...)
- tor <unfixed> (bug #869153)
[stretch] - tor <no-dsa> (Minor issue)
[jessie] - tor <not-affected> (aa-exec in jessie is located in
/usr/sbin/)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
