Author: sectracker Date: 2017-02-08 21:10:12 +0000 (Wed, 08 Feb 2017) New Revision: 48781
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-02-08 19:51:10 UTC (rev 48780) +++ data/CVE/list 2017-02-08 21:10:12 UTC (rev 48781) @@ -1,3 +1,13 @@ +CVE-2017-5935 + RESERVED +CVE-2017-5934 + RESERVED +CVE-2017-5933 (Citrix NetScaler ADC and NetScaler Gateway 10.5 before Build 65.11, ...) + TODO: check +CVE-2016-10213 (A10 AX1030 and possibly other devices with software before 2.7.2-P8 ...) + TODO: check +CVE-2016-10212 (Radware devices use the same value for the first two GCM nonces, which ...) + TODO: check CVE-2017-5932 [code execution in autocompletion] RESERVED - bash 4.4-3 @@ -7255,6 +7265,7 @@ [jessie] - virtualbox <end-of-life> (DSA-3699-1) [wheezy] - virtualbox <end-of-life> (DSA 3454) CVE-2017-3289 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...) + {DSA-3782-1} - openjdk-8 8u121-b13-1 [experimental] - openjdk-7 7u121-2.6.8-2 - openjdk-7 <removed> @@ -7293,6 +7304,7 @@ - mysql-5.6 5.6.35-1 (bug #851234) - mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7) CVE-2017-3272 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...) + {DSA-3782-1} - openjdk-8 8u121-b13-1 [experimental] - openjdk-7 7u121-2.6.8-2 - openjdk-7 <removed> @@ -7324,12 +7336,14 @@ CVE-2017-3262 (Vulnerability in the Java SE component of Oracle Java SE ...) - openjdk-8 <not-affected> (specific to Oracle Java) CVE-2017-3261 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...) + {DSA-3782-1} - openjdk-8 8u121-b13-1 [experimental] - openjdk-7 7u121-2.6.8-2 - openjdk-7 <removed> - openjdk-6 <removed> [wheezy] - openjdk-6 <end-of-life> CVE-2017-3260 (Vulnerability in the Java SE component of Oracle Java SE ...) + {DSA-3782-1} - openjdk-8 8u121-b13-1 [experimental] - openjdk-7 7u121-2.6.8-2 - openjdk-7 <removed> @@ -7360,12 +7374,14 @@ CVE-2017-3254 RESERVED CVE-2017-3253 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...) + {DSA-3782-1} - openjdk-8 8u121-b13-1 [experimental] - openjdk-7 7u121-2.6.8-2 - openjdk-7 <removed> - openjdk-6 <removed> [wheezy] - openjdk-6 <end-of-life> CVE-2017-3252 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...) + {DSA-3782-1} - openjdk-8 8u121-b13-1 [experimental] - openjdk-7 7u121-2.6.8-2 - openjdk-7 <removed> @@ -7404,6 +7420,7 @@ CVE-2017-3242 (Vulnerability in the Oracle VM Server for Sparc component of Oracle ...) NOT-FOR-US: Solaris CVE-2017-3241 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...) + {DSA-3782-1} - openjdk-8 8u121-b13-1 [experimental] - openjdk-7 7u121-2.6.8-2 - openjdk-7 <removed> @@ -7433,6 +7450,7 @@ CVE-2017-3232 RESERVED CVE-2017-3231 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...) + {DSA-3782-1} - openjdk-8 8u121-b13-1 [experimental] - openjdk-7 7u121-2.6.8-2 - openjdk-7 <removed> @@ -8809,8 +8827,7 @@ NOT-FOR-US: EMC Network Configuration Manager CVE-2017-2766 (EMC Documentum eRoom version 7.4.4, EMC Documentum eRoom version 7.4.4 ...) NOT-FOR-US: EMC Documentum eRoom -CVE-2017-2765 - RESERVED +CVE-2017-2765 (EMC Isilon InsightIQ 4.1.0, 4.0.1, 4.0.0, 3.2.2, 3.2.1, 3.2.0, 3.1.1, ...) NOT-FOR-US: EMC Isilon InsightIQ CVE-2017-2764 RESERVED @@ -12141,10 +12158,10 @@ RESERVED CVE-2017-1129 RESERVED -CVE-2017-1128 - RESERVED -CVE-2017-1127 - RESERVED +CVE-2017-1128 (IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to ...) + TODO: check +CVE-2017-1127 (IBM Rational DOORS Next Generation 4.0, 5.0 and 6.0 is vulnerable to ...) + TODO: check CVE-2017-1126 RESERVED CVE-2017-1125 @@ -12654,8 +12671,8 @@ RESERVED CVE-2016-9749 RESERVED -CVE-2016-9748 - RESERVED +CVE-2016-9748 (IBM Rational DOORS Next Generation 5.0 and 6.0 discloses sensitive ...) + TODO: check CVE-2016-9747 RESERVED CVE-2016-9746 @@ -13638,100 +13655,100 @@ RESERVED CVE-2017-0452 RESERVED -CVE-2017-0451 - RESERVED -CVE-2017-0450 - RESERVED -CVE-2017-0449 - RESERVED -CVE-2017-0448 - RESERVED -CVE-2017-0447 - RESERVED -CVE-2017-0446 - RESERVED -CVE-2017-0445 - RESERVED -CVE-2017-0444 - RESERVED -CVE-2017-0443 - RESERVED -CVE-2017-0442 - RESERVED -CVE-2017-0441 - RESERVED -CVE-2017-0440 - RESERVED -CVE-2017-0439 - RESERVED -CVE-2017-0438 - RESERVED -CVE-2017-0437 - RESERVED -CVE-2017-0436 - RESERVED -CVE-2017-0435 - RESERVED -CVE-2017-0434 - RESERVED -CVE-2017-0433 - RESERVED -CVE-2017-0432 - RESERVED +CVE-2017-0451 (An information disclosure vulnerability in the Qualcomm sound driver ...) + TODO: check +CVE-2017-0450 (An elevation of privilege vulnerability in Audioserver could enable a ...) + TODO: check +CVE-2017-0449 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...) + TODO: check +CVE-2017-0448 (An information disclosure vulnerability in the NVIDIA video driver ...) + TODO: check +CVE-2017-0447 (An elevation of privilege vulnerability in the HTC touchscreen driver ...) + TODO: check +CVE-2017-0446 (An elevation of privilege vulnerability in the HTC touchscreen driver ...) + TODO: check +CVE-2017-0445 (An elevation of privilege vulnerability in the HTC touchscreen driver ...) + TODO: check +CVE-2017-0444 (An elevation of privilege vulnerability in the Realtek sound driver ...) + TODO: check +CVE-2017-0443 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...) + TODO: check +CVE-2017-0442 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...) + TODO: check +CVE-2017-0441 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...) + TODO: check +CVE-2017-0440 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...) + TODO: check +CVE-2017-0439 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...) + TODO: check +CVE-2017-0438 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...) + TODO: check +CVE-2017-0437 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...) + TODO: check +CVE-2017-0436 (An elevation of privilege vulnerability in the Qualcomm sound driver ...) + TODO: check +CVE-2017-0435 (An elevation of privilege vulnerability in the Qualcomm sound driver ...) + TODO: check +CVE-2017-0434 (An elevation of privilege vulnerability in the Synaptics touchscreen ...) + TODO: check +CVE-2017-0433 (An elevation of privilege vulnerability in the Synaptics touchscreen ...) + TODO: check +CVE-2017-0432 (An elevation of privilege vulnerability in the MediaTek driver could ...) + TODO: check CVE-2017-0431 RESERVED -CVE-2017-0430 - RESERVED -CVE-2017-0429 - RESERVED -CVE-2017-0428 - RESERVED -CVE-2017-0427 - RESERVED -CVE-2017-0426 - RESERVED -CVE-2017-0425 - RESERVED -CVE-2017-0424 - RESERVED -CVE-2017-0423 - RESERVED -CVE-2017-0422 - RESERVED -CVE-2017-0421 - RESERVED -CVE-2017-0420 - RESERVED -CVE-2017-0419 - RESERVED -CVE-2017-0418 - RESERVED -CVE-2017-0417 - RESERVED -CVE-2017-0416 - RESERVED -CVE-2017-0415 - RESERVED -CVE-2017-0414 - RESERVED -CVE-2017-0413 - RESERVED -CVE-2017-0412 - RESERVED -CVE-2017-0411 - RESERVED -CVE-2017-0410 - RESERVED -CVE-2017-0409 - RESERVED -CVE-2017-0408 - RESERVED -CVE-2017-0407 - RESERVED -CVE-2017-0406 - RESERVED -CVE-2017-0405 - RESERVED +CVE-2017-0430 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...) + TODO: check +CVE-2017-0429 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...) + TODO: check +CVE-2017-0428 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...) + TODO: check +CVE-2017-0427 (An elevation of privilege vulnerability in the kernel file system ...) + TODO: check +CVE-2017-0426 (An information disclosure vulnerability in the Filesystem could enable ...) + TODO: check +CVE-2017-0425 (An information disclosure vulnerability in Audioserver could enable a ...) + TODO: check +CVE-2017-0424 (An information disclosure vulnerability in AOSP Messaging could enable ...) + TODO: check +CVE-2017-0423 (An elevation of privilege vulnerability in Bluetooth could enable a ...) + TODO: check +CVE-2017-0422 (A denial of service vulnerability in Bionic DNS could enable a remote ...) + TODO: check +CVE-2017-0421 (An information disclosure vulnerability in the Framework APIs could ...) + TODO: check +CVE-2017-0420 (An information disclosure vulnerability in AOSP Mail could enable a ...) + TODO: check +CVE-2017-0419 (An elevation of privilege vulnerability in Audioserver could enable a ...) + TODO: check +CVE-2017-0418 (An elevation of privilege vulnerability in Audioserver could enable a ...) + TODO: check +CVE-2017-0417 (An elevation of privilege vulnerability in Audioserver could enable a ...) + TODO: check +CVE-2017-0416 (An elevation of privilege vulnerability in Audioserver could enable a ...) + TODO: check +CVE-2017-0415 (An elevation of privilege vulnerability in Mediaserver could enable a ...) + TODO: check +CVE-2017-0414 (An information disclosure vulnerability in AOSP Messaging could enable ...) + TODO: check +CVE-2017-0413 (An information disclosure vulnerability in AOSP Messaging could enable ...) + TODO: check +CVE-2017-0412 (An elevation of privilege vulnerability in the Framework APIs could ...) + TODO: check +CVE-2017-0411 (An elevation of privilege vulnerability in the Framework APIs could ...) + TODO: check +CVE-2017-0410 (An elevation of privilege vulnerability in the Framework APIs could ...) + TODO: check +CVE-2017-0409 (A remote code execution vulnerability in libstagefright could enable ...) + TODO: check +CVE-2017-0408 (A remote code execution vulnerability in libgdx could enable an ...) + TODO: check +CVE-2017-0407 (A remote code execution vulnerability in Mediaserver could enable an ...) + TODO: check +CVE-2017-0406 (A remote code execution vulnerability in Mediaserver could enable an ...) + TODO: check +CVE-2017-0405 (A remote code execution vulnerability in Surfaceflinger could enable ...) + TODO: check CVE-2017-0404 (An elevation of privilege vulnerability in the kernel sound subsystem ...) - linux <not-affected> (Android-specific sound system) CVE-2017-0403 (An elevation of privilege vulnerability in the kernel performance ...) @@ -18082,8 +18099,8 @@ RESERVED CVE-2016-8493 RESERVED -CVE-2016-8492 - RESERVED +CVE-2016-8492 (The implementation of an ANSI X9.31 RNG in Fortinet FortiWLC allows ...) + TODO: check CVE-2016-8491 (The presence of a hardcoded account named 'core' in Fortinet FortiWLC ...) NOT-FOR-US: Fortinet FortiWLC CVE-2015-8965 @@ -18204,18 +18221,18 @@ RESERVED CVE-2016-8482 RESERVED -CVE-2016-8481 - RESERVED -CVE-2016-8480 - RESERVED +CVE-2016-8481 (An elevation of privilege vulnerability in the Qualcomm sound driver ...) + TODO: check +CVE-2016-8480 (An elevation of privilege vulnerability in the Qualcomm Secure ...) + TODO: check CVE-2016-8479 RESERVED CVE-2016-8478 RESERVED CVE-2016-8477 RESERVED -CVE-2016-8476 - RESERVED +CVE-2016-8476 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...) + TODO: check CVE-2016-8475 (An information disclosure vulnerability in the HTC input driver could ...) NOT-FOR-US: HTC driver for Android CVE-2016-8474 (An information disclosure vulnerability in the STMicroelectronics ...) @@ -18324,22 +18341,22 @@ NOT-FOR-US: Qualcomm bootloader for Android CVE-2016-8422 (An elevation of privilege vulnerability in the Qualcomm bootloader ...) NOT-FOR-US: Qualcomm bootloader for Android -CVE-2016-8421 - RESERVED -CVE-2016-8420 - RESERVED -CVE-2016-8419 - RESERVED -CVE-2016-8418 - RESERVED +CVE-2016-8421 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...) + TODO: check +CVE-2016-8420 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...) + TODO: check +CVE-2016-8419 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...) + TODO: check +CVE-2016-8418 (A remote code execution vulnerability in the Qualcomm crypto driver ...) + TODO: check CVE-2016-8417 RESERVED CVE-2016-8416 RESERVED CVE-2016-8415 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...) NOT-FOR-US: Qualcomm driver for Android -CVE-2016-8414 - RESERVED +CVE-2016-8414 (An information disclosure vulnerability in the Qualcomm Secure ...) + TODO: check CVE-2016-8413 RESERVED CVE-2016-8412 (An elevation of privilege vulnerability in the Qualcomm camera could ...) @@ -26398,8 +26415,8 @@ TODO: check CVE-2016-6033 RESERVED -CVE-2016-6032 - RESERVED +CVE-2016-6032 (IBM Rational Team Concert 4.0, 5.0 and 6.0 is vulnerable to cross-site ...) + TODO: check CVE-2016-6031 RESERVED CVE-2016-6030 (IBM Jazz Foundation is vulnerable to cross-site scripting. This ...) @@ -27810,6 +27827,7 @@ CVE-2016-5553 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows ...) NOT-FOR-US: Solaris CVE-2016-5552 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...) + {DSA-3782-1} - openjdk-8 8u121-b13-1 [experimental] - openjdk-7 7u121-2.6.8-2 - openjdk-7 <removed> @@ -27823,16 +27841,19 @@ - openjdk-8 8u121-b13-1 - openjdk-7 <not-affected> (In the Debian package, the code is removed during build time) CVE-2016-5548 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...) + {DSA-3782-1} - openjdk-8 8u121-b13-1 [experimental] - openjdk-7 7u121-2.6.8-2 - openjdk-7 <removed> - openjdk-6 <removed> [wheezy] - openjdk-6 <end-of-life> CVE-2016-5547 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...) + {DSA-3782-1} - openjdk-8 8u121-b13-1 [experimental] - openjdk-7 7u121-2.6.8-2 - openjdk-7 <removed> CVE-2016-5546 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...) + {DSA-3782-1} - openjdk-8 8u121-b13-1 [experimental] - openjdk-7 7u121-2.6.8-2 - openjdk-7 <removed> @@ -36311,8 +36332,8 @@ TODO: check CVE-2016-2867 (IBM InfoSphere Streams before 4.0.1.2 and IBM Streams before 4.1.1.1 ...) TODO: check -CVE-2016-2866 - RESERVED +CVE-2016-2866 (An specified vulnerability in IBM Jazz Team Server may disclose some ...) + TODO: check CVE-2016-2865 (The GIT Integration component in IBM Rational Team Concert (RTC) 5.x ...) TODO: check CVE-2016-2864 (Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative ...) @@ -45759,8 +45780,8 @@ RESERVED CVE-2016-0271 (The agents in IBM UrbanCode Deploy 6.x before 6.0.1.14, 6.1.x before ...) TODO: check -CVE-2016-0270 - RESERVED +CVE-2016-0270 (IBM Domino 9.0.1 Fix Pack 3 Interim Fix 2 through 9.0.1 Fix Pack 5 ...) + TODO: check CVE-2016-0269 (Cross-site scripting (XSS) vulnerability in IBM BigFix Platform 9.x ...) TODO: check CVE-2016-0268 @@ -56432,8 +56453,8 @@ NOT-FOR-US: IBM CVE-2015-5014 (IBM Cognos Disclosure Management (CDM) 10.1.x and 10.2.x before 10.2.4 ...) NOT-FOR-US: IBM -CVE-2015-5013 - RESERVED +CVE-2015-5013 (The IBM Security Access Manager appliance includes configuration files ...) + TODO: check CVE-2015-5012 (The SSH implementation on IBM Security Access Manager for Web ...) NOT-FOR-US: IBM CVE-2015-5011 (IBM WebSphere Message Broker 8 before 8.0.0.6 and Integration Bus 9 ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits