Author: sectracker
Date: 2017-02-08 21:10:12 +0000 (Wed, 08 Feb 2017)
New Revision: 48781
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-02-08 19:51:10 UTC (rev 48780)
+++ data/CVE/list 2017-02-08 21:10:12 UTC (rev 48781)
@@ -1,3 +1,13 @@
+CVE-2017-5935
+ RESERVED
+CVE-2017-5934
+ RESERVED
+CVE-2017-5933 (Citrix NetScaler ADC and NetScaler Gateway 10.5 before Build
65.11, ...)
+ TODO: check
+CVE-2016-10213 (A10 AX1030 and possibly other devices with software before
2.7.2-P8 ...)
+ TODO: check
+CVE-2016-10212 (Radware devices use the same value for the first two GCM
nonces, which ...)
+ TODO: check
CVE-2017-5932 [code execution in autocompletion]
RESERVED
- bash 4.4-3
@@ -7255,6 +7265,7 @@
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
[wheezy] - virtualbox <end-of-life> (DSA 3454)
CVE-2017-3289 (Vulnerability in the Java SE, Java SE Embedded component of
Oracle ...)
+ {DSA-3782-1}
- openjdk-8 8u121-b13-1
[experimental] - openjdk-7 7u121-2.6.8-2
- openjdk-7 <removed>
@@ -7293,6 +7304,7 @@
- mysql-5.6 5.6.35-1 (bug #851234)
- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
CVE-2017-3272 (Vulnerability in the Java SE, Java SE Embedded component of
Oracle ...)
+ {DSA-3782-1}
- openjdk-8 8u121-b13-1
[experimental] - openjdk-7 7u121-2.6.8-2
- openjdk-7 <removed>
@@ -7324,12 +7336,14 @@
CVE-2017-3262 (Vulnerability in the Java SE component of Oracle Java SE ...)
- openjdk-8 <not-affected> (specific to Oracle Java)
CVE-2017-3261 (Vulnerability in the Java SE, Java SE Embedded component of
Oracle ...)
+ {DSA-3782-1}
- openjdk-8 8u121-b13-1
[experimental] - openjdk-7 7u121-2.6.8-2
- openjdk-7 <removed>
- openjdk-6 <removed>
[wheezy] - openjdk-6 <end-of-life>
CVE-2017-3260 (Vulnerability in the Java SE component of Oracle Java SE ...)
+ {DSA-3782-1}
- openjdk-8 8u121-b13-1
[experimental] - openjdk-7 7u121-2.6.8-2
- openjdk-7 <removed>
@@ -7360,12 +7374,14 @@
CVE-2017-3254
RESERVED
CVE-2017-3253 (Vulnerability in the Java SE, Java SE Embedded, JRockit
component of ...)
+ {DSA-3782-1}
- openjdk-8 8u121-b13-1
[experimental] - openjdk-7 7u121-2.6.8-2
- openjdk-7 <removed>
- openjdk-6 <removed>
[wheezy] - openjdk-6 <end-of-life>
CVE-2017-3252 (Vulnerability in the Java SE, Java SE Embedded, JRockit
component of ...)
+ {DSA-3782-1}
- openjdk-8 8u121-b13-1
[experimental] - openjdk-7 7u121-2.6.8-2
- openjdk-7 <removed>
@@ -7404,6 +7420,7 @@
CVE-2017-3242 (Vulnerability in the Oracle VM Server for Sparc component of
Oracle ...)
NOT-FOR-US: Solaris
CVE-2017-3241 (Vulnerability in the Java SE, Java SE Embedded, JRockit
component of ...)
+ {DSA-3782-1}
- openjdk-8 8u121-b13-1
[experimental] - openjdk-7 7u121-2.6.8-2
- openjdk-7 <removed>
@@ -7433,6 +7450,7 @@
CVE-2017-3232
RESERVED
CVE-2017-3231 (Vulnerability in the Java SE, Java SE Embedded component of
Oracle ...)
+ {DSA-3782-1}
- openjdk-8 8u121-b13-1
[experimental] - openjdk-7 7u121-2.6.8-2
- openjdk-7 <removed>
@@ -8809,8 +8827,7 @@
NOT-FOR-US: EMC Network Configuration Manager
CVE-2017-2766 (EMC Documentum eRoom version 7.4.4, EMC Documentum eRoom
version 7.4.4 ...)
NOT-FOR-US: EMC Documentum eRoom
-CVE-2017-2765
- RESERVED
+CVE-2017-2765 (EMC Isilon InsightIQ 4.1.0, 4.0.1, 4.0.0, 3.2.2, 3.2.1, 3.2.0,
3.1.1, ...)
NOT-FOR-US: EMC Isilon InsightIQ
CVE-2017-2764
RESERVED
@@ -12141,10 +12158,10 @@
RESERVED
CVE-2017-1129
RESERVED
-CVE-2017-1128
- RESERVED
-CVE-2017-1127
- RESERVED
+CVE-2017-1128 (IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is
vulnerable to ...)
+ TODO: check
+CVE-2017-1127 (IBM Rational DOORS Next Generation 4.0, 5.0 and 6.0 is
vulnerable to ...)
+ TODO: check
CVE-2017-1126
RESERVED
CVE-2017-1125
@@ -12654,8 +12671,8 @@
RESERVED
CVE-2016-9749
RESERVED
-CVE-2016-9748
- RESERVED
+CVE-2016-9748 (IBM Rational DOORS Next Generation 5.0 and 6.0 discloses
sensitive ...)
+ TODO: check
CVE-2016-9747
RESERVED
CVE-2016-9746
@@ -13638,100 +13655,100 @@
RESERVED
CVE-2017-0452
RESERVED
-CVE-2017-0451
- RESERVED
-CVE-2017-0450
- RESERVED
-CVE-2017-0449
- RESERVED
-CVE-2017-0448
- RESERVED
-CVE-2017-0447
- RESERVED
-CVE-2017-0446
- RESERVED
-CVE-2017-0445
- RESERVED
-CVE-2017-0444
- RESERVED
-CVE-2017-0443
- RESERVED
-CVE-2017-0442
- RESERVED
-CVE-2017-0441
- RESERVED
-CVE-2017-0440
- RESERVED
-CVE-2017-0439
- RESERVED
-CVE-2017-0438
- RESERVED
-CVE-2017-0437
- RESERVED
-CVE-2017-0436
- RESERVED
-CVE-2017-0435
- RESERVED
-CVE-2017-0434
- RESERVED
-CVE-2017-0433
- RESERVED
-CVE-2017-0432
- RESERVED
+CVE-2017-0451 (An information disclosure vulnerability in the Qualcomm sound
driver ...)
+ TODO: check
+CVE-2017-0450 (An elevation of privilege vulnerability in Audioserver could
enable a ...)
+ TODO: check
+CVE-2017-0449 (An elevation of privilege vulnerability in the Broadcom Wi-Fi
driver ...)
+ TODO: check
+CVE-2017-0448 (An information disclosure vulnerability in the NVIDIA video
driver ...)
+ TODO: check
+CVE-2017-0447 (An elevation of privilege vulnerability in the HTC touchscreen
driver ...)
+ TODO: check
+CVE-2017-0446 (An elevation of privilege vulnerability in the HTC touchscreen
driver ...)
+ TODO: check
+CVE-2017-0445 (An elevation of privilege vulnerability in the HTC touchscreen
driver ...)
+ TODO: check
+CVE-2017-0444 (An elevation of privilege vulnerability in the Realtek sound
driver ...)
+ TODO: check
+CVE-2017-0443 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi
driver ...)
+ TODO: check
+CVE-2017-0442 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi
driver ...)
+ TODO: check
+CVE-2017-0441 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi
driver ...)
+ TODO: check
+CVE-2017-0440 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi
driver ...)
+ TODO: check
+CVE-2017-0439 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi
driver ...)
+ TODO: check
+CVE-2017-0438 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi
driver ...)
+ TODO: check
+CVE-2017-0437 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi
driver ...)
+ TODO: check
+CVE-2017-0436 (An elevation of privilege vulnerability in the Qualcomm sound
driver ...)
+ TODO: check
+CVE-2017-0435 (An elevation of privilege vulnerability in the Qualcomm sound
driver ...)
+ TODO: check
+CVE-2017-0434 (An elevation of privilege vulnerability in the Synaptics
touchscreen ...)
+ TODO: check
+CVE-2017-0433 (An elevation of privilege vulnerability in the Synaptics
touchscreen ...)
+ TODO: check
+CVE-2017-0432 (An elevation of privilege vulnerability in the MediaTek driver
could ...)
+ TODO: check
CVE-2017-0431
RESERVED
-CVE-2017-0430
- RESERVED
-CVE-2017-0429
- RESERVED
-CVE-2017-0428
- RESERVED
-CVE-2017-0427
- RESERVED
-CVE-2017-0426
- RESERVED
-CVE-2017-0425
- RESERVED
-CVE-2017-0424
- RESERVED
-CVE-2017-0423
- RESERVED
-CVE-2017-0422
- RESERVED
-CVE-2017-0421
- RESERVED
-CVE-2017-0420
- RESERVED
-CVE-2017-0419
- RESERVED
-CVE-2017-0418
- RESERVED
-CVE-2017-0417
- RESERVED
-CVE-2017-0416
- RESERVED
-CVE-2017-0415
- RESERVED
-CVE-2017-0414
- RESERVED
-CVE-2017-0413
- RESERVED
-CVE-2017-0412
- RESERVED
-CVE-2017-0411
- RESERVED
-CVE-2017-0410
- RESERVED
-CVE-2017-0409
- RESERVED
-CVE-2017-0408
- RESERVED
-CVE-2017-0407
- RESERVED
-CVE-2017-0406
- RESERVED
-CVE-2017-0405
- RESERVED
+CVE-2017-0430 (An elevation of privilege vulnerability in the Broadcom Wi-Fi
driver ...)
+ TODO: check
+CVE-2017-0429 (An elevation of privilege vulnerability in the NVIDIA GPU
driver could ...)
+ TODO: check
+CVE-2017-0428 (An elevation of privilege vulnerability in the NVIDIA GPU
driver could ...)
+ TODO: check
+CVE-2017-0427 (An elevation of privilege vulnerability in the kernel file
system ...)
+ TODO: check
+CVE-2017-0426 (An information disclosure vulnerability in the Filesystem could
enable ...)
+ TODO: check
+CVE-2017-0425 (An information disclosure vulnerability in Audioserver could
enable a ...)
+ TODO: check
+CVE-2017-0424 (An information disclosure vulnerability in AOSP Messaging could
enable ...)
+ TODO: check
+CVE-2017-0423 (An elevation of privilege vulnerability in Bluetooth could
enable a ...)
+ TODO: check
+CVE-2017-0422 (A denial of service vulnerability in Bionic DNS could enable a
remote ...)
+ TODO: check
+CVE-2017-0421 (An information disclosure vulnerability in the Framework APIs
could ...)
+ TODO: check
+CVE-2017-0420 (An information disclosure vulnerability in AOSP Mail could
enable a ...)
+ TODO: check
+CVE-2017-0419 (An elevation of privilege vulnerability in Audioserver could
enable a ...)
+ TODO: check
+CVE-2017-0418 (An elevation of privilege vulnerability in Audioserver could
enable a ...)
+ TODO: check
+CVE-2017-0417 (An elevation of privilege vulnerability in Audioserver could
enable a ...)
+ TODO: check
+CVE-2017-0416 (An elevation of privilege vulnerability in Audioserver could
enable a ...)
+ TODO: check
+CVE-2017-0415 (An elevation of privilege vulnerability in Mediaserver could
enable a ...)
+ TODO: check
+CVE-2017-0414 (An information disclosure vulnerability in AOSP Messaging could
enable ...)
+ TODO: check
+CVE-2017-0413 (An information disclosure vulnerability in AOSP Messaging could
enable ...)
+ TODO: check
+CVE-2017-0412 (An elevation of privilege vulnerability in the Framework APIs
could ...)
+ TODO: check
+CVE-2017-0411 (An elevation of privilege vulnerability in the Framework APIs
could ...)
+ TODO: check
+CVE-2017-0410 (An elevation of privilege vulnerability in the Framework APIs
could ...)
+ TODO: check
+CVE-2017-0409 (A remote code execution vulnerability in libstagefright could
enable ...)
+ TODO: check
+CVE-2017-0408 (A remote code execution vulnerability in libgdx could enable an
...)
+ TODO: check
+CVE-2017-0407 (A remote code execution vulnerability in Mediaserver could
enable an ...)
+ TODO: check
+CVE-2017-0406 (A remote code execution vulnerability in Mediaserver could
enable an ...)
+ TODO: check
+CVE-2017-0405 (A remote code execution vulnerability in Surfaceflinger could
enable ...)
+ TODO: check
CVE-2017-0404 (An elevation of privilege vulnerability in the kernel sound
subsystem ...)
- linux <not-affected> (Android-specific sound system)
CVE-2017-0403 (An elevation of privilege vulnerability in the kernel
performance ...)
@@ -18082,8 +18099,8 @@
RESERVED
CVE-2016-8493
RESERVED
-CVE-2016-8492
- RESERVED
+CVE-2016-8492 (The implementation of an ANSI X9.31 RNG in Fortinet FortiWLC
allows ...)
+ TODO: check
CVE-2016-8491 (The presence of a hardcoded account named 'core' in Fortinet
FortiWLC ...)
NOT-FOR-US: Fortinet FortiWLC
CVE-2015-8965
@@ -18204,18 +18221,18 @@
RESERVED
CVE-2016-8482
RESERVED
-CVE-2016-8481
- RESERVED
-CVE-2016-8480
- RESERVED
+CVE-2016-8481 (An elevation of privilege vulnerability in the Qualcomm sound
driver ...)
+ TODO: check
+CVE-2016-8480 (An elevation of privilege vulnerability in the Qualcomm Secure
...)
+ TODO: check
CVE-2016-8479
RESERVED
CVE-2016-8478
RESERVED
CVE-2016-8477
RESERVED
-CVE-2016-8476
- RESERVED
+CVE-2016-8476 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi
driver ...)
+ TODO: check
CVE-2016-8475 (An information disclosure vulnerability in the HTC input driver
could ...)
NOT-FOR-US: HTC driver for Android
CVE-2016-8474 (An information disclosure vulnerability in the
STMicroelectronics ...)
@@ -18324,22 +18341,22 @@
NOT-FOR-US: Qualcomm bootloader for Android
CVE-2016-8422 (An elevation of privilege vulnerability in the Qualcomm
bootloader ...)
NOT-FOR-US: Qualcomm bootloader for Android
-CVE-2016-8421
- RESERVED
-CVE-2016-8420
- RESERVED
-CVE-2016-8419
- RESERVED
-CVE-2016-8418
- RESERVED
+CVE-2016-8421 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi
driver ...)
+ TODO: check
+CVE-2016-8420 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi
driver ...)
+ TODO: check
+CVE-2016-8419 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi
driver ...)
+ TODO: check
+CVE-2016-8418 (A remote code execution vulnerability in the Qualcomm crypto
driver ...)
+ TODO: check
CVE-2016-8417
RESERVED
CVE-2016-8416
RESERVED
CVE-2016-8415 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi
driver ...)
NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8414
- RESERVED
+CVE-2016-8414 (An information disclosure vulnerability in the Qualcomm Secure
...)
+ TODO: check
CVE-2016-8413
RESERVED
CVE-2016-8412 (An elevation of privilege vulnerability in the Qualcomm camera
could ...)
@@ -26398,8 +26415,8 @@
TODO: check
CVE-2016-6033
RESERVED
-CVE-2016-6032
- RESERVED
+CVE-2016-6032 (IBM Rational Team Concert 4.0, 5.0 and 6.0 is vulnerable to
cross-site ...)
+ TODO: check
CVE-2016-6031
RESERVED
CVE-2016-6030 (IBM Jazz Foundation is vulnerable to cross-site scripting. This
...)
@@ -27810,6 +27827,7 @@
CVE-2016-5553 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3
allows ...)
NOT-FOR-US: Solaris
CVE-2016-5552 (Vulnerability in the Java SE, Java SE Embedded, JRockit
component of ...)
+ {DSA-3782-1}
- openjdk-8 8u121-b13-1
[experimental] - openjdk-7 7u121-2.6.8-2
- openjdk-7 <removed>
@@ -27823,16 +27841,19 @@
- openjdk-8 8u121-b13-1
- openjdk-7 <not-affected> (In the Debian package, the code is removed
during build time)
CVE-2016-5548 (Vulnerability in the Java SE, Java SE Embedded component of
Oracle ...)
+ {DSA-3782-1}
- openjdk-8 8u121-b13-1
[experimental] - openjdk-7 7u121-2.6.8-2
- openjdk-7 <removed>
- openjdk-6 <removed>
[wheezy] - openjdk-6 <end-of-life>
CVE-2016-5547 (Vulnerability in the Java SE, Java SE Embedded, JRockit
component of ...)
+ {DSA-3782-1}
- openjdk-8 8u121-b13-1
[experimental] - openjdk-7 7u121-2.6.8-2
- openjdk-7 <removed>
CVE-2016-5546 (Vulnerability in the Java SE, Java SE Embedded, JRockit
component of ...)
+ {DSA-3782-1}
- openjdk-8 8u121-b13-1
[experimental] - openjdk-7 7u121-2.6.8-2
- openjdk-7 <removed>
@@ -36311,8 +36332,8 @@
TODO: check
CVE-2016-2867 (IBM InfoSphere Streams before 4.0.1.2 and IBM Streams before
4.1.1.1 ...)
TODO: check
-CVE-2016-2866
- RESERVED
+CVE-2016-2866 (An specified vulnerability in IBM Jazz Team Server may disclose
some ...)
+ TODO: check
CVE-2016-2865 (The GIT Integration component in IBM Rational Team Concert
(RTC) 5.x ...)
TODO: check
CVE-2016-2864 (Cross-site scripting (XSS) vulnerability in IBM Rational
Collaborative ...)
@@ -45759,8 +45780,8 @@
RESERVED
CVE-2016-0271 (The agents in IBM UrbanCode Deploy 6.x before 6.0.1.14, 6.1.x
before ...)
TODO: check
-CVE-2016-0270
- RESERVED
+CVE-2016-0270 (IBM Domino 9.0.1 Fix Pack 3 Interim Fix 2 through 9.0.1 Fix
Pack 5 ...)
+ TODO: check
CVE-2016-0269 (Cross-site scripting (XSS) vulnerability in IBM BigFix Platform
9.x ...)
TODO: check
CVE-2016-0268
@@ -56432,8 +56453,8 @@
NOT-FOR-US: IBM
CVE-2015-5014 (IBM Cognos Disclosure Management (CDM) 10.1.x and 10.2.x before
10.2.4 ...)
NOT-FOR-US: IBM
-CVE-2015-5013
- RESERVED
+CVE-2015-5013 (The IBM Security Access Manager appliance includes
configuration files ...)
+ TODO: check
CVE-2015-5012 (The SSH implementation on IBM Security Access Manager for Web
...)
NOT-FOR-US: IBM
CVE-2015-5011 (IBM WebSphere Message Broker 8 before 8.0.0.6 and Integration
Bus 9 ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
