Author: sectracker Date: 2017-03-10 09:12:20 +0000 (Fri, 10 Mar 2017) New Revision: 49553
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-03-10 07:53:51 UTC (rev 49552) +++ data/CVE/list 2017-03-10 09:12:20 UTC (rev 49553) @@ -1,3 +1,459 @@ +CVE-2017-6797 (A cross-site scripting (XSS) vulnerability in ...) + TODO: check +CVE-2017-6796 + RESERVED +CVE-2017-6795 + RESERVED +CVE-2017-6794 + RESERVED +CVE-2017-6793 + RESERVED +CVE-2017-6792 + RESERVED +CVE-2017-6791 + RESERVED +CVE-2017-6790 + RESERVED +CVE-2017-6789 + RESERVED +CVE-2017-6788 + RESERVED +CVE-2017-6787 + RESERVED +CVE-2017-6786 + RESERVED +CVE-2017-6785 + RESERVED +CVE-2017-6784 + RESERVED +CVE-2017-6783 + RESERVED +CVE-2017-6782 + RESERVED +CVE-2017-6781 + RESERVED +CVE-2017-6780 + RESERVED +CVE-2017-6779 + RESERVED +CVE-2017-6778 + RESERVED +CVE-2017-6777 + RESERVED +CVE-2017-6776 + RESERVED +CVE-2017-6775 + RESERVED +CVE-2017-6774 + RESERVED +CVE-2017-6773 + RESERVED +CVE-2017-6772 + RESERVED +CVE-2017-6771 + RESERVED +CVE-2017-6770 + RESERVED +CVE-2017-6769 + RESERVED +CVE-2017-6768 + RESERVED +CVE-2017-6767 + RESERVED +CVE-2017-6766 + RESERVED +CVE-2017-6765 + RESERVED +CVE-2017-6764 + RESERVED +CVE-2017-6763 + RESERVED +CVE-2017-6762 + RESERVED +CVE-2017-6761 + RESERVED +CVE-2017-6760 + RESERVED +CVE-2017-6759 + RESERVED +CVE-2017-6758 + RESERVED +CVE-2017-6757 + RESERVED +CVE-2017-6756 + RESERVED +CVE-2017-6755 + RESERVED +CVE-2017-6754 + RESERVED +CVE-2017-6753 + RESERVED +CVE-2017-6752 + RESERVED +CVE-2017-6751 + RESERVED +CVE-2017-6750 + RESERVED +CVE-2017-6749 + RESERVED +CVE-2017-6748 + RESERVED +CVE-2017-6747 + RESERVED +CVE-2017-6746 + RESERVED +CVE-2017-6745 + RESERVED +CVE-2017-6744 + RESERVED +CVE-2017-6743 + RESERVED +CVE-2017-6742 + RESERVED +CVE-2017-6741 + RESERVED +CVE-2017-6740 + RESERVED +CVE-2017-6739 + RESERVED +CVE-2017-6738 + RESERVED +CVE-2017-6737 + RESERVED +CVE-2017-6736 + RESERVED +CVE-2017-6735 + RESERVED +CVE-2017-6734 + RESERVED +CVE-2017-6733 + RESERVED +CVE-2017-6732 + RESERVED +CVE-2017-6731 + RESERVED +CVE-2017-6730 + RESERVED +CVE-2017-6729 + RESERVED +CVE-2017-6728 + RESERVED +CVE-2017-6727 + RESERVED +CVE-2017-6726 + RESERVED +CVE-2017-6725 + RESERVED +CVE-2017-6724 + RESERVED +CVE-2017-6723 + RESERVED +CVE-2017-6722 + RESERVED +CVE-2017-6721 + RESERVED +CVE-2017-6720 + RESERVED +CVE-2017-6719 + RESERVED +CVE-2017-6718 + RESERVED +CVE-2017-6717 + RESERVED +CVE-2017-6716 + RESERVED +CVE-2017-6715 + RESERVED +CVE-2017-6714 + RESERVED +CVE-2017-6713 + RESERVED +CVE-2017-6712 + RESERVED +CVE-2017-6711 + RESERVED +CVE-2017-6710 + RESERVED +CVE-2017-6709 + RESERVED +CVE-2017-6708 + RESERVED +CVE-2017-6707 + RESERVED +CVE-2017-6706 + RESERVED +CVE-2017-6705 + RESERVED +CVE-2017-6704 + RESERVED +CVE-2017-6703 + RESERVED +CVE-2017-6702 + RESERVED +CVE-2017-6701 + RESERVED +CVE-2017-6700 + RESERVED +CVE-2017-6699 + RESERVED +CVE-2017-6698 + RESERVED +CVE-2017-6697 + RESERVED +CVE-2017-6696 + RESERVED +CVE-2017-6695 + RESERVED +CVE-2017-6694 + RESERVED +CVE-2017-6693 + RESERVED +CVE-2017-6692 + RESERVED +CVE-2017-6691 + RESERVED +CVE-2017-6690 + RESERVED +CVE-2017-6689 + RESERVED +CVE-2017-6688 + RESERVED +CVE-2017-6687 + RESERVED +CVE-2017-6686 + RESERVED +CVE-2017-6685 + RESERVED +CVE-2017-6684 + RESERVED +CVE-2017-6683 + RESERVED +CVE-2017-6682 + RESERVED +CVE-2017-6681 + RESERVED +CVE-2017-6680 + RESERVED +CVE-2017-6679 + RESERVED +CVE-2017-6678 + RESERVED +CVE-2017-6677 + RESERVED +CVE-2017-6676 + RESERVED +CVE-2017-6675 + RESERVED +CVE-2017-6674 + RESERVED +CVE-2017-6673 + RESERVED +CVE-2017-6672 + RESERVED +CVE-2017-6671 + RESERVED +CVE-2017-6670 + RESERVED +CVE-2017-6669 + RESERVED +CVE-2017-6668 + RESERVED +CVE-2017-6667 + RESERVED +CVE-2017-6666 + RESERVED +CVE-2017-6665 + RESERVED +CVE-2017-6664 + RESERVED +CVE-2017-6663 + RESERVED +CVE-2017-6662 + RESERVED +CVE-2017-6661 + RESERVED +CVE-2017-6660 + RESERVED +CVE-2017-6659 + RESERVED +CVE-2017-6658 + RESERVED +CVE-2017-6657 + RESERVED +CVE-2017-6656 + RESERVED +CVE-2017-6655 + RESERVED +CVE-2017-6654 + RESERVED +CVE-2017-6653 + RESERVED +CVE-2017-6652 + RESERVED +CVE-2017-6651 + RESERVED +CVE-2017-6650 + RESERVED +CVE-2017-6649 + RESERVED +CVE-2017-6648 + RESERVED +CVE-2017-6647 + RESERVED +CVE-2017-6646 + RESERVED +CVE-2017-6645 + RESERVED +CVE-2017-6644 + RESERVED +CVE-2017-6643 + RESERVED +CVE-2017-6642 + RESERVED +CVE-2017-6641 + RESERVED +CVE-2017-6640 + RESERVED +CVE-2017-6639 + RESERVED +CVE-2017-6638 + RESERVED +CVE-2017-6637 + RESERVED +CVE-2017-6636 + RESERVED +CVE-2017-6635 + RESERVED +CVE-2017-6634 + RESERVED +CVE-2017-6633 + RESERVED +CVE-2017-6632 + RESERVED +CVE-2017-6631 + RESERVED +CVE-2017-6630 + RESERVED +CVE-2017-6629 + RESERVED +CVE-2017-6628 + RESERVED +CVE-2017-6627 + RESERVED +CVE-2017-6626 + RESERVED +CVE-2017-6625 + RESERVED +CVE-2017-6624 + RESERVED +CVE-2017-6623 + RESERVED +CVE-2017-6622 + RESERVED +CVE-2017-6621 + RESERVED +CVE-2017-6620 + RESERVED +CVE-2017-6619 + RESERVED +CVE-2017-6618 + RESERVED +CVE-2017-6617 + RESERVED +CVE-2017-6616 + RESERVED +CVE-2017-6615 + RESERVED +CVE-2017-6614 + RESERVED +CVE-2017-6613 + RESERVED +CVE-2017-6612 + RESERVED +CVE-2017-6611 + RESERVED +CVE-2017-6610 + RESERVED +CVE-2017-6609 + RESERVED +CVE-2017-6608 + RESERVED +CVE-2017-6607 + RESERVED +CVE-2017-6606 + RESERVED +CVE-2017-6605 + RESERVED +CVE-2017-6604 + RESERVED +CVE-2017-6603 + RESERVED +CVE-2017-6602 + RESERVED +CVE-2017-6601 + RESERVED +CVE-2017-6600 + RESERVED +CVE-2017-6599 + RESERVED +CVE-2017-6598 + RESERVED +CVE-2017-6597 + RESERVED +CVE-2017-6596 + RESERVED +CVE-2017-6595 + RESERVED +CVE-2017-6594 + RESERVED +CVE-2017-6593 + RESERVED +CVE-2017-6592 + RESERVED +CVE-2017-6591 (There is a cross-site scripting vulnerability in django-epiceditor ...) + TODO: check +CVE-2017-6590 (An issue was discovered in network-manager-applet (aka ...) + TODO: check +CVE-2017-6589 (EpicEditor through 0.2.3 has Cross-Site Scripting because of an ...) + TODO: check +CVE-2017-6588 + RESERVED +CVE-2017-6587 + RESERVED +CVE-2017-6586 + RESERVED +CVE-2017-6585 + RESERVED +CVE-2017-6584 + RESERVED +CVE-2017-6583 + RESERVED +CVE-2017-6582 + RESERVED +CVE-2017-6581 + RESERVED +CVE-2017-6580 + RESERVED +CVE-2017-6579 + RESERVED +CVE-2017-6578 (A SQL injection issue is exploitable, with WordPress admin access, in ...) + TODO: check +CVE-2017-6577 (A SQL injection issue is exploitable, with WordPress admin access, in ...) + TODO: check +CVE-2017-6576 (A SQL injection issue is exploitable, with WordPress admin access, in ...) + TODO: check +CVE-2017-6575 (A SQL injection issue is exploitable, with WordPress admin access, in ...) + TODO: check +CVE-2017-6574 (A SQL injection issue is exploitable, with WordPress admin access, in ...) + TODO: check +CVE-2017-6573 (A SQL injection issue is exploitable, with WordPress admin access, in ...) + TODO: check +CVE-2017-6572 (A SQL injection issue is exploitable, with WordPress admin access, in ...) + TODO: check +CVE-2017-6571 (A SQL injection issue is exploitable, with WordPress admin access, in ...) + TODO: check +CVE-2017-6570 (A SQL injection issue is exploitable, with WordPress admin access, in ...) + TODO: check CVE-2017-6569 RESERVED CVE-2017-6568 @@ -12,38 +468,38 @@ RESERVED CVE-2017-6563 RESERVED -CVE-2017-6562 - RESERVED -CVE-2017-6561 - RESERVED -CVE-2017-6560 - RESERVED -CVE-2017-6559 - RESERVED -CVE-2017-6558 - RESERVED +CVE-2017-6562 (XSS in Agora-Project 3.2.2 exists with an ...) + TODO: check +CVE-2017-6561 (XSS in Agora-Project 3.2.2 exists with an ...) + TODO: check +CVE-2017-6560 (XSS in Agora-Project 3.2.2 exists with an ...) + TODO: check +CVE-2017-6559 (XSS in Agora-Project 3.2.2 exists with an ...) + TODO: check +CVE-2017-6558 (iball Baton 150M iB-WRA150N v1 00000001 1.2.6 build 110401 Rel.47776n ...) + TODO: check CVE-2017-6557 RESERVED -CVE-2017-6556 - RESERVED -CVE-2017-6555 - RESERVED +CVE-2017-6556 (Cross-site scripting (XSS) vulnerability in CMS Made Simple (CMSMS) ...) + TODO: check +CVE-2017-6555 (Cross-site scripting (XSS) vulnerability in /admin/moduleinterface.php ...) + TODO: check CVE-2017-6554 RESERVED CVE-2017-6553 RESERVED -CVE-2017-6552 - RESERVED +CVE-2017-6552 (Livebox 3 Sagemcom SG30_sip-fr-5.15.8.1 devices have an insufficiently ...) + TODO: check CVE-2017-6551 RESERVED CVE-2017-6550 RESERVED -CVE-2017-6549 - RESERVED -CVE-2017-6548 - RESERVED -CVE-2017-6547 - RESERVED +CVE-2017-6549 (Session hijack vulnerability in httpd in ASUS ASUSWRT on RT-AC53 ...) + TODO: check +CVE-2017-6548 (Buffer overflows in networkmap in ASUS ASUSWRT on RT-AC53 ...) + TODO: check +CVE-2017-6547 (Cross-site scripting (XSS) vulnerability in httpd in ASUS ASUSWRT on ...) + TODO: check CVE-2017-6546 RESERVED CVE-2017-6545 @@ -78,14 +534,14 @@ RESERVED CVE-2017-6530 RESERVED -CVE-2017-6529 - RESERVED -CVE-2017-6528 - RESERVED -CVE-2017-6527 - RESERVED -CVE-2017-6526 - RESERVED +CVE-2017-6529 (An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is ...) + TODO: check +CVE-2017-6528 (An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is ...) + TODO: check +CVE-2017-6527 (An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is ...) + TODO: check +CVE-2017-6526 (An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is ...) + TODO: check CVE-2017-6525 RESERVED CVE-2017-6524 @@ -154,6 +610,7 @@ NOTE: https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/ NOTE: https://github.com/WordPress/WordPress/commit/263831a72d08556bc2f3a328673d95301a152829 CVE-2017-6508 (CRLF injection vulnerability in the url_parse function in url.c in Wget ...) + {DLA-851-1} - wget <unfixed> (bug #857073) [jessie] - wget <no-dsa> (Minor issue) NOTE: http://lists.gnu.org/archive/html/bug-wget/2017-03/msg00018.html @@ -301,8 +758,8 @@ NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12083 CVE-2017-6466 RESERVED -CVE-2017-6465 - RESERVED +CVE-2017-6465 (Remote Code Execution was discovered in FTPShell Client 6.53. By ...) + TODO: check CVE-2017-6464 RESERVED CVE-2017-6463 @@ -380,8 +837,8 @@ RESERVED CVE-2017-6433 RESERVED -CVE-2017-6432 - RESERVED +CVE-2017-6432 (An issue was discovered on Dahua DHI-HCVR7216A-S3 3.210.0001.10 build ...) + TODO: check CVE-2017-6431 RESERVED CVE-2017-6430 [Out-of-bounds read in etterfilter utility] @@ -704,8 +1161,7 @@ RESERVED CVE-2013-7460 RESERVED -CVE-2017-6355 [integer overflow while creating shader object] - RESERVED +CVE-2017-6355 (Integer overflow in the vrend_create_shader function in ...) - virglrenderer <unfixed> NOTE: Fixed by: https://cgit.freedesktop.org/virglrenderer/commit/?id=93761787b29f37fa627dea9082cdfc1a1ec608d6 (0.6.0) CVE-2017-6354 @@ -817,26 +1273,22 @@ RESERVED - virglrenderer <unfixed> NOTE: https://cgit.freedesktop.org/virglrenderer/commit/?id=a2f12a1b0f95b13b6f8dc3d05d7b74b4386394e4 (0.6.0) -CVE-2017-6314 [Infinite loop in io-tiff.c] - RESERVED +CVE-2017-6314 (The make_available_at_least function in io-tiff.c in gdk-pixbuf allows ...) - gdk-pixbuf <unfixed> (bug #856448) [jessie] - gdk-pixbuf <no-dsa> (Minor issue, can be fixed via point release) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=779020 NOTE: http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html -CVE-2017-6313 [An dangerous integer underflow in io-icns.c] - RESERVED +CVE-2017-6313 (Integer underflow in the load_resources function in io-icns.c in ...) - gdk-pixbuf <unfixed> (bug #856445) [jessie] - gdk-pixbuf <no-dsa> (Minor issue, can be fixed via point release) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=779016 NOTE: http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html -CVE-2017-6312 [Out-of-bounds read on io-ico.c] - RESERVED +CVE-2017-6312 (Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent ...) - gdk-pixbuf <unfixed> (bug #856444) [jessie] - gdk-pixbuf <no-dsa> (Minor issue, can be fixed via point release) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=779012 NOTE: http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html -CVE-2017-6311 [NULL dereference on gdk-pixbuf-thumbnailer] - RESERVED +CVE-2017-6311 (gdk-pixbuf-thumbnailer.c in gdk-pixbuf allows context-dependent ...) - gdk-pixbuf <unfixed> (unimportant) [jessie] - gdk-pixbuf <not-affected> (Code introduced in 2.36.1) [wheezy] - gdk-pixbuf <not-affected> (Code introduced in 2.36.1) @@ -2046,8 +2498,8 @@ RESERVED CVE-2017-5873 RESERVED -CVE-2017-5872 - RESERVED +CVE-2017-5872 (The TCP/IP networking module in Unisys ClearPath MCP systems with ...) + TODO: check CVE-2017-5871 RESERVED CVE-2017-5870 @@ -5143,8 +5595,8 @@ RESERVED CVE-2017-4961 RESERVED -CVE-2017-4960 - RESERVED +CVE-2017-4960 (An issue was discovered in Cloud Foundry release v247 through v252, UAA ...) + TODO: check CVE-2017-4959 RESERVED CVE-2017-4958 @@ -10735,14 +11187,14 @@ NOT-FOR-US: JustSystems Ichitaro Office CVE-2017-2789 (When copying filedata into a buffer, JustSystems Ichitaro Office 2016 ...) NOT-FOR-US: JustSystems Ichitaro Office 2016 Trial -CVE-2017-2788 - RESERVED -CVE-2017-2787 - RESERVED -CVE-2017-2786 - RESERVED -CVE-2017-2785 - RESERVED +CVE-2017-2788 (A buffer overflows exists in the psnotifyd application of the Pharos ...) + TODO: check +CVE-2017-2787 (A buffer overflows exists in the psnotifyd application of the Pharos ...) + TODO: check +CVE-2017-2786 (A denial of service vulnerability exists in the psnotifyd application ...) + TODO: check +CVE-2017-2785 (An exploitable buffer overflow exists in the psnotifyd application of ...) + TODO: check CVE-2017-2784 RESERVED CVE-2017-2783 @@ -19265,8 +19717,8 @@ RESERVED CVE-2016-8715 (An exploitable heap corruption vulnerability exists in the loadTrailer ...) NOT-FOR-US: Iceni Argus -CVE-2016-8714 - RESERVED +CVE-2016-8714 (An exploitable buffer overflow vulnerability exists in the ...) + TODO: check CVE-2016-8713 (A remote out of bound write / memory corruption vulnerability exists ...) NOT-FOR-US: Nitro Pro CVE-2016-8712 @@ -66361,8 +66813,7 @@ NOTE: https://github.com/php/php-src/commit/ef8fc4b53d92fbfcd8ef1abbd6f2f5fe2c4a11e5 NOTE: http://www.openwall.com/lists/oss-security/2015/03/18/1 NOTE: libzip patch: http://hg.nih.at/libzip/rev/9f11d54f692e -CVE-2015-2330 [WebKitGTK+ late TLS certificate verification] - RESERVED +CVE-2015-2330 (Late TLS certificate verification in WebKitGTK+ prior to 2.6.6 allows ...) - webkitgtk 2.4.9-1 (unimportant) [jessie] - webkitgtk 2.4.9-1~deb8u1 NOTE: Not covered by security support _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits