Author: sectracker
Date: 2017-03-08 09:10:12 +0000 (Wed, 08 Mar 2017)
New Revision: 49508
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-03-08 09:09:17 UTC (rev 49507)
+++ data/CVE/list 2017-03-08 09:10:12 UTC (rev 49508)
@@ -1,3 +1,67 @@
+CVE-2017-6542
+ RESERVED
+CVE-2017-6541
+ RESERVED
+CVE-2017-6540
+ RESERVED
+CVE-2017-6539
+ RESERVED
+CVE-2017-6538
+ RESERVED
+CVE-2017-6537
+ RESERVED
+CVE-2017-6536
+ RESERVED
+CVE-2017-6535
+ RESERVED
+CVE-2017-6534
+ RESERVED
+CVE-2017-6533
+ RESERVED
+CVE-2017-6532
+ RESERVED
+CVE-2017-6531
+ RESERVED
+CVE-2017-6530
+ RESERVED
+CVE-2017-6529
+ RESERVED
+CVE-2017-6528
+ RESERVED
+CVE-2017-6527
+ RESERVED
+CVE-2017-6526
+ RESERVED
+CVE-2017-6525
+ RESERVED
+CVE-2017-6524
+ RESERVED
+CVE-2017-6523
+ RESERVED
+CVE-2017-6522
+ RESERVED
+CVE-2017-6521
+ RESERVED
+CVE-2017-6520
+ RESERVED
+CVE-2017-6519
+ RESERVED
+CVE-2017-6518 (Cross-site scripting (XSS) vulnerability in
/sanadata/seo/index.asp in ...)
+ TODO: check
+CVE-2017-6517
+ RESERVED
+CVE-2017-6516
+ RESERVED
+CVE-2017-6515
+ RESERVED
+CVE-2017-6514
+ RESERVED
+CVE-2017-6513
+ RESERVED
+CVE-2017-6512
+ RESERVED
+CVE-2016-10245
+ RESERVED
CVE-2017-6511 (andrzuk/FineCMS before 2017-03-06 is vulnerable to a reflected
XSS in ...)
NOT-FOR-US: FineCMS
CVE-2017-6510
@@ -128,7 +192,7 @@
NOTE: Fixed by:
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=a660e3de422731b94d4a134d27555430cbb6fb39
(VER-2-7)
CVE-2016-10243 [arbitrary code execution]
RESERVED
- {DLA-847-1}
+ {DSA-3803-1 DLA-847-1}
- texlive-bin <unfixed> (unimportant)
- texlive-base 2016.20161130-1
NOTE:
https://scumjr.github.io/2016/11/28/pwning-coworkers-thanks-to-latex/
@@ -1840,8 +1904,8 @@
- tigervnc 1.7.0-1
NOTE:
https://github.com/TigerVNC/tigervnc/commit/8aa4bc53206c2430bbf0c8f4b642f59a379ee649
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1023012
-CVE-2016-10200
- RESERVED
+CVE-2016-10200 (Race condition in the L2TPv3 IP Encapsulation feature in the
Linux ...)
+ TODO: check
CVE-2017-5938 [viewc Cross-Site Scripting (XSS) vulnerability]
RESERVED
{DSA-3784-1 DLA-820-1}
@@ -10851,8 +10915,7 @@
RESERVED
CVE-2017-2637
RESERVED
-CVE-2017-2636 [local privilege escalation flaw in n_hdlc]
- RESERVED
+CVE-2017-2636 (Race condition in drivers/tty/n_hdlc.c in the Linux kernel
through ...)
- linux <unfixed>
NOTE: http://www.openwall.com/lists/oss-security/2017/03/07/6
CVE-2017-2635 [Null pointer dereference when updating storage size on empty
drives]
@@ -15342,50 +15405,50 @@
RESERVED
CVE-2017-0538
RESERVED
-CVE-2017-0537
- RESERVED
-CVE-2017-0536
- RESERVED
-CVE-2017-0535
- RESERVED
-CVE-2017-0534
- RESERVED
-CVE-2017-0533
- RESERVED
-CVE-2017-0532
- RESERVED
-CVE-2017-0531
- RESERVED
+CVE-2017-0537 (An information disclosure vulnerability in the kernel USB
gadget ...)
+ TODO: check
+CVE-2017-0536 (An information disclosure vulnerability in the Synaptics
touchscreen ...)
+ TODO: check
+CVE-2017-0535 (An information disclosure vulnerability in the HTC sound codec
driver ...)
+ TODO: check
+CVE-2017-0534 (An information disclosure vulnerability in the Qualcomm video
driver ...)
+ TODO: check
+CVE-2017-0533 (An information disclosure vulnerability in the Qualcomm video
driver ...)
+ TODO: check
+CVE-2017-0532 (An information disclosure vulnerability in the MediaTek video
codec ...)
+ TODO: check
+CVE-2017-0531 (An information disclosure vulnerability in the Qualcomm Wi-Fi
driver ...)
+ TODO: check
CVE-2017-0530
RESERVED
-CVE-2017-0529
- RESERVED
-CVE-2017-0528
- RESERVED
-CVE-2017-0527
- RESERVED
-CVE-2017-0526
- RESERVED
-CVE-2017-0525
- RESERVED
-CVE-2017-0524
- RESERVED
-CVE-2017-0523
- RESERVED
-CVE-2017-0522
- RESERVED
-CVE-2017-0521
- RESERVED
-CVE-2017-0520
- RESERVED
-CVE-2017-0519
- RESERVED
-CVE-2017-0518
- RESERVED
-CVE-2017-0517
- RESERVED
-CVE-2017-0516
- RESERVED
+CVE-2017-0529 (An information disclosure vulnerability in the MediaTek driver
could ...)
+ TODO: check
+CVE-2017-0528 (An elevation of privilege vulnerability in the kernel security
...)
+ TODO: check
+CVE-2017-0527 (An elevation of privilege vulnerability in the HTC Sensor Hub
Driver ...)
+ TODO: check
+CVE-2017-0526 (An elevation of privilege vulnerability in the HTC Sensor Hub
Driver ...)
+ TODO: check
+CVE-2017-0525 (An elevation of privilege vulnerability in the Qualcomm IPA
driver ...)
+ TODO: check
+CVE-2017-0524 (An elevation of privilege vulnerability in the Synaptics
touchscreen ...)
+ TODO: check
+CVE-2017-0523 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi
driver ...)
+ TODO: check
+CVE-2017-0522 (An elevation of privilege vulnerability in a MediaTek APK could
enable ...)
+ TODO: check
+CVE-2017-0521 (An elevation of privilege vulnerability in the Qualcomm camera
driver ...)
+ TODO: check
+CVE-2017-0520 (An elevation of privilege vulnerability in the Qualcomm crypto
engine ...)
+ TODO: check
+CVE-2017-0519 (An elevation of privilege vulnerability in the Qualcomm
fingerprint ...)
+ TODO: check
+CVE-2017-0518 (An elevation of privilege vulnerability in the Qualcomm
fingerprint ...)
+ TODO: check
+CVE-2017-0517 (An elevation of privilege vulnerability in the MediaTek
hardware ...)
+ TODO: check
+CVE-2017-0516 (An elevation of privilege vulnerability in the Qualcomm input
hardware ...)
+ TODO: check
CVE-2017-0515
RESERVED
CVE-2017-0514
@@ -15396,124 +15459,124 @@
RESERVED
CVE-2017-0511
RESERVED
-CVE-2017-0510
- RESERVED
-CVE-2017-0509
- RESERVED
-CVE-2017-0508
- RESERVED
-CVE-2017-0507
- RESERVED
-CVE-2017-0506
- RESERVED
-CVE-2017-0505
- RESERVED
-CVE-2017-0504
- RESERVED
-CVE-2017-0503
- RESERVED
-CVE-2017-0502
- RESERVED
-CVE-2017-0501
- RESERVED
-CVE-2017-0500
- RESERVED
-CVE-2017-0499
- RESERVED
-CVE-2017-0498
- RESERVED
-CVE-2017-0497
- RESERVED
-CVE-2017-0496
- RESERVED
-CVE-2017-0495
- RESERVED
-CVE-2017-0494
- RESERVED
+CVE-2017-0510 (An elevation of privilege vulnerability in the kernel FIQ
debugger ...)
+ TODO: check
+CVE-2017-0509 (An elevation of privilege vulnerability in the Broadcom Wi-Fi
driver ...)
+ TODO: check
+CVE-2017-0508 (An elevation of privilege vulnerability in the kernel ION
subsystem ...)
+ TODO: check
+CVE-2017-0507 (An elevation of privilege vulnerability in the kernel ION
subsystem ...)
+ TODO: check
+CVE-2017-0506 (An elevation of privilege vulnerability in MediaTek components,
...)
+ TODO: check
+CVE-2017-0505 (An elevation of privilege vulnerability in MediaTek components,
...)
+ TODO: check
+CVE-2017-0504 (An elevation of privilege vulnerability in MediaTek components,
...)
+ TODO: check
+CVE-2017-0503 (An elevation of privilege vulnerability in MediaTek components,
...)
+ TODO: check
+CVE-2017-0502 (An elevation of privilege vulnerability in MediaTek components,
...)
+ TODO: check
+CVE-2017-0501 (An elevation of privilege vulnerability in MediaTek components,
...)
+ TODO: check
+CVE-2017-0500 (An elevation of privilege vulnerability in MediaTek components,
...)
+ TODO: check
+CVE-2017-0499 (A denial of service vulnerability in Audioserver could enable a
local ...)
+ TODO: check
+CVE-2017-0498 (A denial of service vulnerability in Setup Wizard could allow a
local ...)
+ TODO: check
+CVE-2017-0497 (A denial of service vulnerability in Mediaserver could enable
an ...)
+ TODO: check
+CVE-2017-0496 (A denial of service vulnerability in Setup Wizard could allow a
local ...)
+ TODO: check
+CVE-2017-0495 (An information disclosure vulnerability in Mediaserver could
enable a ...)
+ TODO: check
+CVE-2017-0494 (An information disclosure vulnerability in AOSP Messaging could
enable ...)
+ TODO: check
CVE-2017-0493
RESERVED
-CVE-2017-0492
- RESERVED
-CVE-2017-0491
- RESERVED
-CVE-2017-0490
- RESERVED
-CVE-2017-0489
- RESERVED
-CVE-2017-0488
- RESERVED
-CVE-2017-0487
- RESERVED
-CVE-2017-0486
- RESERVED
-CVE-2017-0485
- RESERVED
-CVE-2017-0484
- RESERVED
-CVE-2017-0483
- RESERVED
-CVE-2017-0482
- RESERVED
-CVE-2017-0481
- RESERVED
-CVE-2017-0480
- RESERVED
-CVE-2017-0479
- RESERVED
-CVE-2017-0478
- RESERVED
-CVE-2017-0477
- RESERVED
-CVE-2017-0476
- RESERVED
-CVE-2017-0475
- RESERVED
-CVE-2017-0474
- RESERVED
-CVE-2017-0473
- RESERVED
-CVE-2017-0472
- RESERVED
-CVE-2017-0471
- RESERVED
-CVE-2017-0470
- RESERVED
-CVE-2017-0469
- RESERVED
-CVE-2017-0468
- RESERVED
-CVE-2017-0467
- RESERVED
-CVE-2017-0466
- RESERVED
+CVE-2017-0492 (An elevation of privilege vulnerability in the System UI could
enable ...)
+ TODO: check
+CVE-2017-0491 (An elevation of privilege vulnerability in Package Manager
could ...)
+ TODO: check
+CVE-2017-0490 (An elevation of privilege vulnerability in Wi-Fi could enable a
local ...)
+ TODO: check
+CVE-2017-0489 (An elevation of privilege vulnerability in Location Manager
could ...)
+ TODO: check
+CVE-2017-0488 (A denial of service vulnerability in Mediaserver could enable
an ...)
+ TODO: check
+CVE-2017-0487 (A denial of service vulnerability in Mediaserver could enable
an ...)
+ TODO: check
+CVE-2017-0486 (A denial of service vulnerability in Mediaserver could enable
an ...)
+ TODO: check
+CVE-2017-0485 (A denial of service vulnerability in Mediaserver could enable
an ...)
+ TODO: check
+CVE-2017-0484 (A denial of service vulnerability in Mediaserver could enable
an ...)
+ TODO: check
+CVE-2017-0483 (A denial of service vulnerability in Mediaserver could enable
an ...)
+ TODO: check
+CVE-2017-0482 (A denial of service vulnerability in Mediaserver could enable
an ...)
+ TODO: check
+CVE-2017-0481 (An elevation of privilege vulnerability in NFC could enable a
...)
+ TODO: check
+CVE-2017-0480 (An elevation of privilege vulnerability in Audioserver could
enable a ...)
+ TODO: check
+CVE-2017-0479 (An elevation of privilege vulnerability in Audioserver could
enable a ...)
+ TODO: check
+CVE-2017-0478 (A remote code execution vulnerability in the Framesequence
library ...)
+ TODO: check
+CVE-2017-0477 (A remote code execution vulnerability in libgdx could enable an
...)
+ TODO: check
+CVE-2017-0476 (A remote code execution vulnerability in AOSP Messaging could
enable ...)
+ TODO: check
+CVE-2017-0475 (An elevation of privilege vulnerability in the recovery
verifier could ...)
+ TODO: check
+CVE-2017-0474 (A remote code execution vulnerability in Mediaserver could
enable an ...)
+ TODO: check
+CVE-2017-0473 (A remote code execution vulnerability in Mediaserver could
enable an ...)
+ TODO: check
+CVE-2017-0472 (A remote code execution vulnerability in Mediaserver could
enable an ...)
+ TODO: check
+CVE-2017-0471 (A remote code execution vulnerability in Mediaserver could
enable an ...)
+ TODO: check
+CVE-2017-0470 (A remote code execution vulnerability in Mediaserver could
enable an ...)
+ TODO: check
+CVE-2017-0469 (A remote code execution vulnerability in Mediaserver could
enable an ...)
+ TODO: check
+CVE-2017-0468 (A remote code execution vulnerability in Mediaserver could
enable an ...)
+ TODO: check
+CVE-2017-0467 (A remote code execution vulnerability in Mediaserver could
enable an ...)
+ TODO: check
+CVE-2017-0466 (A remote code execution vulnerability in Mediaserver could
enable an ...)
+ TODO: check
CVE-2017-0465
RESERVED
-CVE-2017-0464
- RESERVED
-CVE-2017-0463
- RESERVED
+CVE-2017-0464 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi
driver ...)
+ TODO: check
+CVE-2017-0463 (An elevation of privilege vulnerability in the Qualcomm
networking ...)
+ TODO: check
CVE-2017-0462
RESERVED
-CVE-2017-0461
- RESERVED
-CVE-2017-0460
- RESERVED
-CVE-2017-0459
- RESERVED
-CVE-2017-0458
- RESERVED
-CVE-2017-0457
- RESERVED
-CVE-2017-0456
- RESERVED
-CVE-2017-0455
- RESERVED
+CVE-2017-0461 (An information disclosure vulnerability in the Qualcomm Wi-Fi
driver ...)
+ TODO: check
+CVE-2017-0460 (An elevation of privilege vulnerability in the Qualcomm
networking ...)
+ TODO: check
+CVE-2017-0459 (An information disclosure vulnerability in the Qualcomm Wi-Fi
driver ...)
+ TODO: check
+CVE-2017-0458 (An elevation of privilege vulnerability in the Qualcomm camera
driver ...)
+ TODO: check
+CVE-2017-0457 (An elevation of privilege vulnerability in the Qualcomm ADSPRPC
driver ...)
+ TODO: check
+CVE-2017-0456 (An elevation of privilege vulnerability in the Qualcomm IPA
driver ...)
+ TODO: check
+CVE-2017-0455 (An information disclosure vulnerability in the Qualcomm
bootloader ...)
+ TODO: check
CVE-2017-0454
RESERVED
-CVE-2017-0453
- RESERVED
-CVE-2017-0452
- RESERVED
+CVE-2017-0453 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi
driver ...)
+ TODO: check
+CVE-2017-0452 (An information disclosure vulnerability in the Qualcomm camera
driver ...)
+ TODO: check
CVE-2017-0451 (An information disclosure vulnerability in the Qualcomm sound
driver ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2017-0450 (An elevation of privilege vulnerability in Audioserver could
enable a ...)
@@ -15968,18 +16031,18 @@
RESERVED
CVE-2017-0339
RESERVED
-CVE-2017-0338
- RESERVED
-CVE-2017-0337
- RESERVED
-CVE-2017-0336
- RESERVED
-CVE-2017-0335
- RESERVED
-CVE-2017-0334
- RESERVED
-CVE-2017-0333
- RESERVED
+CVE-2017-0338 (An elevation of privilege vulnerability in the NVIDIA GPU
driver could ...)
+ TODO: check
+CVE-2017-0337 (An elevation of privilege vulnerability in the NVIDIA GPU
driver could ...)
+ TODO: check
+CVE-2017-0336 (An information disclosure vulnerability in the NVIDIA GPU
driver could ...)
+ TODO: check
+CVE-2017-0335 (An elevation of privilege vulnerability in the NVIDIA GPU
driver could ...)
+ TODO: check
+CVE-2017-0334 (An information disclosure vulnerability in the NVIDIA GPU
driver could ...)
+ TODO: check
+CVE-2017-0333 (An elevation of privilege vulnerability in the NVIDIA GPU
driver could ...)
+ TODO: check
CVE-2017-0332
RESERVED
CVE-2017-0331
@@ -16055,10 +16118,10 @@
[jessie] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not
supported)
CVE-2017-0308 (All versions of NVIDIA Windows GPU Display Driver contain a ...)
NOT-FOR-US: NVIDIA drivers for Windows
-CVE-2017-0307
- RESERVED
-CVE-2017-0306
- RESERVED
+CVE-2017-0307 (An elevation of privilege vulnerability in the NVIDIA GPU
driver could ...)
+ TODO: check
+CVE-2017-0306 (An elevation of privilege vulnerability in the NVIDIA GPU
driver could ...)
+ TODO: check
CVE-2016-9638 (In BMC Patrol before 9.13.10.02, the binary
"listguests64" is ...)
NOT-FOR-US: BMC Patrol
CVE-2016-9637 (The (1) ioport_read and (2) ioport_write functions in Xen, when
qemu ...)
@@ -17694,8 +17757,8 @@
NOT-FOR-US: F5
CVE-2016-9246
RESERVED
-CVE-2016-9245
- RESERVED
+CVE-2016-9245 (In F5 BIG-IP systems 12.1.0 - 12.1.2, malicious requests made
to ...)
+ TODO: check
CVE-2016-9244 (A BIG-IP virtual server configured with a Client SSL profile
that has ...)
NOT-FOR-US: F5 TLS stack
NOTE: https://ticketbleed.com/
@@ -20081,20 +20144,20 @@
RESERVED
CVE-2016-8484
RESERVED
-CVE-2016-8483
- RESERVED
+CVE-2016-8483 (An information disclosure vulnerability in the Qualcomm power
driver ...)
+ TODO: check
CVE-2016-8482
RESERVED
CVE-2016-8481 (An elevation of privilege vulnerability in the Qualcomm sound
driver ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2016-8480 (An elevation of privilege vulnerability in the Qualcomm Secure
...)
NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8479
- RESERVED
-CVE-2016-8478
- RESERVED
-CVE-2016-8477
- RESERVED
+CVE-2016-8479 (An elevation of privilege vulnerability in the Qualcomm GPU
driver ...)
+ TODO: check
+CVE-2016-8478 (An information disclosure vulnerability in the Qualcomm video
driver ...)
+ TODO: check
+CVE-2016-8477 (An information disclosure vulnerability in the Qualcomm camera
driver ...)
+ TODO: check
CVE-2016-8476 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi
driver ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2016-8475 (An information disclosure vulnerability in the HTC input driver
could ...)
@@ -20213,16 +20276,16 @@
NOT-FOR-US: Qualcomm driver for Android
CVE-2016-8418 (A remote code execution vulnerability in the Qualcomm crypto
driver ...)
NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8417
- RESERVED
-CVE-2016-8416
- RESERVED
+CVE-2016-8417 (An elevation of privilege vulnerability in the Qualcomm camera
driver ...)
+ TODO: check
+CVE-2016-8416 (An information disclosure vulnerability in the Qualcomm video
driver ...)
+ TODO: check
CVE-2016-8415 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi
driver ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2016-8414 (An information disclosure vulnerability in the Qualcomm Secure
...)
NOT-FOR-US: Qualcomm Secure Execution Environment Communicator
-CVE-2016-8413
- RESERVED
+CVE-2016-8413 (An information disclosure vulnerability in the Qualcomm camera
driver ...)
+ TODO: check
CVE-2016-8412 (An elevation of privilege vulnerability in the Qualcomm camera
could ...)
NOT-FOR-US: Qualcomm component for Android
CVE-2016-8411 (Buffer overflow vulnerability while processing QMI QOS TLVs.
Product: ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
