Author: sectracker
Date: 2017-03-10 09:12:20 +0000 (Fri, 10 Mar 2017)
New Revision: 49553
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-03-10 07:53:51 UTC (rev 49552)
+++ data/CVE/list 2017-03-10 09:12:20 UTC (rev 49553)
@@ -1,3 +1,459 @@
+CVE-2017-6797 (A cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
+CVE-2017-6796
+ RESERVED
+CVE-2017-6795
+ RESERVED
+CVE-2017-6794
+ RESERVED
+CVE-2017-6793
+ RESERVED
+CVE-2017-6792
+ RESERVED
+CVE-2017-6791
+ RESERVED
+CVE-2017-6790
+ RESERVED
+CVE-2017-6789
+ RESERVED
+CVE-2017-6788
+ RESERVED
+CVE-2017-6787
+ RESERVED
+CVE-2017-6786
+ RESERVED
+CVE-2017-6785
+ RESERVED
+CVE-2017-6784
+ RESERVED
+CVE-2017-6783
+ RESERVED
+CVE-2017-6782
+ RESERVED
+CVE-2017-6781
+ RESERVED
+CVE-2017-6780
+ RESERVED
+CVE-2017-6779
+ RESERVED
+CVE-2017-6778
+ RESERVED
+CVE-2017-6777
+ RESERVED
+CVE-2017-6776
+ RESERVED
+CVE-2017-6775
+ RESERVED
+CVE-2017-6774
+ RESERVED
+CVE-2017-6773
+ RESERVED
+CVE-2017-6772
+ RESERVED
+CVE-2017-6771
+ RESERVED
+CVE-2017-6770
+ RESERVED
+CVE-2017-6769
+ RESERVED
+CVE-2017-6768
+ RESERVED
+CVE-2017-6767
+ RESERVED
+CVE-2017-6766
+ RESERVED
+CVE-2017-6765
+ RESERVED
+CVE-2017-6764
+ RESERVED
+CVE-2017-6763
+ RESERVED
+CVE-2017-6762
+ RESERVED
+CVE-2017-6761
+ RESERVED
+CVE-2017-6760
+ RESERVED
+CVE-2017-6759
+ RESERVED
+CVE-2017-6758
+ RESERVED
+CVE-2017-6757
+ RESERVED
+CVE-2017-6756
+ RESERVED
+CVE-2017-6755
+ RESERVED
+CVE-2017-6754
+ RESERVED
+CVE-2017-6753
+ RESERVED
+CVE-2017-6752
+ RESERVED
+CVE-2017-6751
+ RESERVED
+CVE-2017-6750
+ RESERVED
+CVE-2017-6749
+ RESERVED
+CVE-2017-6748
+ RESERVED
+CVE-2017-6747
+ RESERVED
+CVE-2017-6746
+ RESERVED
+CVE-2017-6745
+ RESERVED
+CVE-2017-6744
+ RESERVED
+CVE-2017-6743
+ RESERVED
+CVE-2017-6742
+ RESERVED
+CVE-2017-6741
+ RESERVED
+CVE-2017-6740
+ RESERVED
+CVE-2017-6739
+ RESERVED
+CVE-2017-6738
+ RESERVED
+CVE-2017-6737
+ RESERVED
+CVE-2017-6736
+ RESERVED
+CVE-2017-6735
+ RESERVED
+CVE-2017-6734
+ RESERVED
+CVE-2017-6733
+ RESERVED
+CVE-2017-6732
+ RESERVED
+CVE-2017-6731
+ RESERVED
+CVE-2017-6730
+ RESERVED
+CVE-2017-6729
+ RESERVED
+CVE-2017-6728
+ RESERVED
+CVE-2017-6727
+ RESERVED
+CVE-2017-6726
+ RESERVED
+CVE-2017-6725
+ RESERVED
+CVE-2017-6724
+ RESERVED
+CVE-2017-6723
+ RESERVED
+CVE-2017-6722
+ RESERVED
+CVE-2017-6721
+ RESERVED
+CVE-2017-6720
+ RESERVED
+CVE-2017-6719
+ RESERVED
+CVE-2017-6718
+ RESERVED
+CVE-2017-6717
+ RESERVED
+CVE-2017-6716
+ RESERVED
+CVE-2017-6715
+ RESERVED
+CVE-2017-6714
+ RESERVED
+CVE-2017-6713
+ RESERVED
+CVE-2017-6712
+ RESERVED
+CVE-2017-6711
+ RESERVED
+CVE-2017-6710
+ RESERVED
+CVE-2017-6709
+ RESERVED
+CVE-2017-6708
+ RESERVED
+CVE-2017-6707
+ RESERVED
+CVE-2017-6706
+ RESERVED
+CVE-2017-6705
+ RESERVED
+CVE-2017-6704
+ RESERVED
+CVE-2017-6703
+ RESERVED
+CVE-2017-6702
+ RESERVED
+CVE-2017-6701
+ RESERVED
+CVE-2017-6700
+ RESERVED
+CVE-2017-6699
+ RESERVED
+CVE-2017-6698
+ RESERVED
+CVE-2017-6697
+ RESERVED
+CVE-2017-6696
+ RESERVED
+CVE-2017-6695
+ RESERVED
+CVE-2017-6694
+ RESERVED
+CVE-2017-6693
+ RESERVED
+CVE-2017-6692
+ RESERVED
+CVE-2017-6691
+ RESERVED
+CVE-2017-6690
+ RESERVED
+CVE-2017-6689
+ RESERVED
+CVE-2017-6688
+ RESERVED
+CVE-2017-6687
+ RESERVED
+CVE-2017-6686
+ RESERVED
+CVE-2017-6685
+ RESERVED
+CVE-2017-6684
+ RESERVED
+CVE-2017-6683
+ RESERVED
+CVE-2017-6682
+ RESERVED
+CVE-2017-6681
+ RESERVED
+CVE-2017-6680
+ RESERVED
+CVE-2017-6679
+ RESERVED
+CVE-2017-6678
+ RESERVED
+CVE-2017-6677
+ RESERVED
+CVE-2017-6676
+ RESERVED
+CVE-2017-6675
+ RESERVED
+CVE-2017-6674
+ RESERVED
+CVE-2017-6673
+ RESERVED
+CVE-2017-6672
+ RESERVED
+CVE-2017-6671
+ RESERVED
+CVE-2017-6670
+ RESERVED
+CVE-2017-6669
+ RESERVED
+CVE-2017-6668
+ RESERVED
+CVE-2017-6667
+ RESERVED
+CVE-2017-6666
+ RESERVED
+CVE-2017-6665
+ RESERVED
+CVE-2017-6664
+ RESERVED
+CVE-2017-6663
+ RESERVED
+CVE-2017-6662
+ RESERVED
+CVE-2017-6661
+ RESERVED
+CVE-2017-6660
+ RESERVED
+CVE-2017-6659
+ RESERVED
+CVE-2017-6658
+ RESERVED
+CVE-2017-6657
+ RESERVED
+CVE-2017-6656
+ RESERVED
+CVE-2017-6655
+ RESERVED
+CVE-2017-6654
+ RESERVED
+CVE-2017-6653
+ RESERVED
+CVE-2017-6652
+ RESERVED
+CVE-2017-6651
+ RESERVED
+CVE-2017-6650
+ RESERVED
+CVE-2017-6649
+ RESERVED
+CVE-2017-6648
+ RESERVED
+CVE-2017-6647
+ RESERVED
+CVE-2017-6646
+ RESERVED
+CVE-2017-6645
+ RESERVED
+CVE-2017-6644
+ RESERVED
+CVE-2017-6643
+ RESERVED
+CVE-2017-6642
+ RESERVED
+CVE-2017-6641
+ RESERVED
+CVE-2017-6640
+ RESERVED
+CVE-2017-6639
+ RESERVED
+CVE-2017-6638
+ RESERVED
+CVE-2017-6637
+ RESERVED
+CVE-2017-6636
+ RESERVED
+CVE-2017-6635
+ RESERVED
+CVE-2017-6634
+ RESERVED
+CVE-2017-6633
+ RESERVED
+CVE-2017-6632
+ RESERVED
+CVE-2017-6631
+ RESERVED
+CVE-2017-6630
+ RESERVED
+CVE-2017-6629
+ RESERVED
+CVE-2017-6628
+ RESERVED
+CVE-2017-6627
+ RESERVED
+CVE-2017-6626
+ RESERVED
+CVE-2017-6625
+ RESERVED
+CVE-2017-6624
+ RESERVED
+CVE-2017-6623
+ RESERVED
+CVE-2017-6622
+ RESERVED
+CVE-2017-6621
+ RESERVED
+CVE-2017-6620
+ RESERVED
+CVE-2017-6619
+ RESERVED
+CVE-2017-6618
+ RESERVED
+CVE-2017-6617
+ RESERVED
+CVE-2017-6616
+ RESERVED
+CVE-2017-6615
+ RESERVED
+CVE-2017-6614
+ RESERVED
+CVE-2017-6613
+ RESERVED
+CVE-2017-6612
+ RESERVED
+CVE-2017-6611
+ RESERVED
+CVE-2017-6610
+ RESERVED
+CVE-2017-6609
+ RESERVED
+CVE-2017-6608
+ RESERVED
+CVE-2017-6607
+ RESERVED
+CVE-2017-6606
+ RESERVED
+CVE-2017-6605
+ RESERVED
+CVE-2017-6604
+ RESERVED
+CVE-2017-6603
+ RESERVED
+CVE-2017-6602
+ RESERVED
+CVE-2017-6601
+ RESERVED
+CVE-2017-6600
+ RESERVED
+CVE-2017-6599
+ RESERVED
+CVE-2017-6598
+ RESERVED
+CVE-2017-6597
+ RESERVED
+CVE-2017-6596
+ RESERVED
+CVE-2017-6595
+ RESERVED
+CVE-2017-6594
+ RESERVED
+CVE-2017-6593
+ RESERVED
+CVE-2017-6592
+ RESERVED
+CVE-2017-6591 (There is a cross-site scripting vulnerability in
django-epiceditor ...)
+ TODO: check
+CVE-2017-6590 (An issue was discovered in network-manager-applet (aka ...)
+ TODO: check
+CVE-2017-6589 (EpicEditor through 0.2.3 has Cross-Site Scripting because of an
...)
+ TODO: check
+CVE-2017-6588
+ RESERVED
+CVE-2017-6587
+ RESERVED
+CVE-2017-6586
+ RESERVED
+CVE-2017-6585
+ RESERVED
+CVE-2017-6584
+ RESERVED
+CVE-2017-6583
+ RESERVED
+CVE-2017-6582
+ RESERVED
+CVE-2017-6581
+ RESERVED
+CVE-2017-6580
+ RESERVED
+CVE-2017-6579
+ RESERVED
+CVE-2017-6578 (A SQL injection issue is exploitable, with WordPress admin
access, in ...)
+ TODO: check
+CVE-2017-6577 (A SQL injection issue is exploitable, with WordPress admin
access, in ...)
+ TODO: check
+CVE-2017-6576 (A SQL injection issue is exploitable, with WordPress admin
access, in ...)
+ TODO: check
+CVE-2017-6575 (A SQL injection issue is exploitable, with WordPress admin
access, in ...)
+ TODO: check
+CVE-2017-6574 (A SQL injection issue is exploitable, with WordPress admin
access, in ...)
+ TODO: check
+CVE-2017-6573 (A SQL injection issue is exploitable, with WordPress admin
access, in ...)
+ TODO: check
+CVE-2017-6572 (A SQL injection issue is exploitable, with WordPress admin
access, in ...)
+ TODO: check
+CVE-2017-6571 (A SQL injection issue is exploitable, with WordPress admin
access, in ...)
+ TODO: check
+CVE-2017-6570 (A SQL injection issue is exploitable, with WordPress admin
access, in ...)
+ TODO: check
CVE-2017-6569
RESERVED
CVE-2017-6568
@@ -12,38 +468,38 @@
RESERVED
CVE-2017-6563
RESERVED
-CVE-2017-6562
- RESERVED
-CVE-2017-6561
- RESERVED
-CVE-2017-6560
- RESERVED
-CVE-2017-6559
- RESERVED
-CVE-2017-6558
- RESERVED
+CVE-2017-6562 (XSS in Agora-Project 3.2.2 exists with an ...)
+ TODO: check
+CVE-2017-6561 (XSS in Agora-Project 3.2.2 exists with an ...)
+ TODO: check
+CVE-2017-6560 (XSS in Agora-Project 3.2.2 exists with an ...)
+ TODO: check
+CVE-2017-6559 (XSS in Agora-Project 3.2.2 exists with an ...)
+ TODO: check
+CVE-2017-6558 (iball Baton 150M iB-WRA150N v1 00000001 1.2.6 build 110401
Rel.47776n ...)
+ TODO: check
CVE-2017-6557
RESERVED
-CVE-2017-6556
- RESERVED
-CVE-2017-6555
- RESERVED
+CVE-2017-6556 (Cross-site scripting (XSS) vulnerability in CMS Made Simple
(CMSMS) ...)
+ TODO: check
+CVE-2017-6555 (Cross-site scripting (XSS) vulnerability in
/admin/moduleinterface.php ...)
+ TODO: check
CVE-2017-6554
RESERVED
CVE-2017-6553
RESERVED
-CVE-2017-6552
- RESERVED
+CVE-2017-6552 (Livebox 3 Sagemcom SG30_sip-fr-5.15.8.1 devices have an
insufficiently ...)
+ TODO: check
CVE-2017-6551
RESERVED
CVE-2017-6550
RESERVED
-CVE-2017-6549
- RESERVED
-CVE-2017-6548
- RESERVED
-CVE-2017-6547
- RESERVED
+CVE-2017-6549 (Session hijack vulnerability in httpd in ASUS ASUSWRT on
RT-AC53 ...)
+ TODO: check
+CVE-2017-6548 (Buffer overflows in networkmap in ASUS ASUSWRT on RT-AC53 ...)
+ TODO: check
+CVE-2017-6547 (Cross-site scripting (XSS) vulnerability in httpd in ASUS
ASUSWRT on ...)
+ TODO: check
CVE-2017-6546
RESERVED
CVE-2017-6545
@@ -78,14 +534,14 @@
RESERVED
CVE-2017-6530
RESERVED
-CVE-2017-6529
- RESERVED
-CVE-2017-6528
- RESERVED
-CVE-2017-6527
- RESERVED
-CVE-2017-6526
- RESERVED
+CVE-2017-6529 (An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS
is ...)
+ TODO: check
+CVE-2017-6528 (An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS
is ...)
+ TODO: check
+CVE-2017-6527 (An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS
is ...)
+ TODO: check
+CVE-2017-6526 (An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS
is ...)
+ TODO: check
CVE-2017-6525
RESERVED
CVE-2017-6524
@@ -154,6 +610,7 @@
NOTE:
https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
NOTE:
https://github.com/WordPress/WordPress/commit/263831a72d08556bc2f3a328673d95301a152829
CVE-2017-6508 (CRLF injection vulnerability in the url_parse function in url.c
in Wget ...)
+ {DLA-851-1}
- wget <unfixed> (bug #857073)
[jessie] - wget <no-dsa> (Minor issue)
NOTE: http://lists.gnu.org/archive/html/bug-wget/2017-03/msg00018.html
@@ -301,8 +758,8 @@
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12083
CVE-2017-6466
RESERVED
-CVE-2017-6465
- RESERVED
+CVE-2017-6465 (Remote Code Execution was discovered in FTPShell Client 6.53.
By ...)
+ TODO: check
CVE-2017-6464
RESERVED
CVE-2017-6463
@@ -380,8 +837,8 @@
RESERVED
CVE-2017-6433
RESERVED
-CVE-2017-6432
- RESERVED
+CVE-2017-6432 (An issue was discovered on Dahua DHI-HCVR7216A-S3 3.210.0001.10
build ...)
+ TODO: check
CVE-2017-6431
RESERVED
CVE-2017-6430 [Out-of-bounds read in etterfilter utility]
@@ -704,8 +1161,7 @@
RESERVED
CVE-2013-7460
RESERVED
-CVE-2017-6355 [integer overflow while creating shader object]
- RESERVED
+CVE-2017-6355 (Integer overflow in the vrend_create_shader function in ...)
- virglrenderer <unfixed>
NOTE: Fixed by:
https://cgit.freedesktop.org/virglrenderer/commit/?id=93761787b29f37fa627dea9082cdfc1a1ec608d6
(0.6.0)
CVE-2017-6354
@@ -817,26 +1273,22 @@
RESERVED
- virglrenderer <unfixed>
NOTE:
https://cgit.freedesktop.org/virglrenderer/commit/?id=a2f12a1b0f95b13b6f8dc3d05d7b74b4386394e4
(0.6.0)
-CVE-2017-6314 [Infinite loop in io-tiff.c]
- RESERVED
+CVE-2017-6314 (The make_available_at_least function in io-tiff.c in gdk-pixbuf
allows ...)
- gdk-pixbuf <unfixed> (bug #856448)
[jessie] - gdk-pixbuf <no-dsa> (Minor issue, can be fixed via point
release)
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=779020
NOTE: http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html
-CVE-2017-6313 [An dangerous integer underflow in io-icns.c]
- RESERVED
+CVE-2017-6313 (Integer underflow in the load_resources function in io-icns.c
in ...)
- gdk-pixbuf <unfixed> (bug #856445)
[jessie] - gdk-pixbuf <no-dsa> (Minor issue, can be fixed via point
release)
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=779016
NOTE: http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html
-CVE-2017-6312 [Out-of-bounds read on io-ico.c]
- RESERVED
+CVE-2017-6312 (Integer overflow in io-ico.c in gdk-pixbuf allows
context-dependent ...)
- gdk-pixbuf <unfixed> (bug #856444)
[jessie] - gdk-pixbuf <no-dsa> (Minor issue, can be fixed via point
release)
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=779012
NOTE: http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html
-CVE-2017-6311 [NULL dereference on gdk-pixbuf-thumbnailer]
- RESERVED
+CVE-2017-6311 (gdk-pixbuf-thumbnailer.c in gdk-pixbuf allows context-dependent
...)
- gdk-pixbuf <unfixed> (unimportant)
[jessie] - gdk-pixbuf <not-affected> (Code introduced in 2.36.1)
[wheezy] - gdk-pixbuf <not-affected> (Code introduced in 2.36.1)
@@ -2046,8 +2498,8 @@
RESERVED
CVE-2017-5873
RESERVED
-CVE-2017-5872
- RESERVED
+CVE-2017-5872 (The TCP/IP networking module in Unisys ClearPath MCP systems
with ...)
+ TODO: check
CVE-2017-5871
RESERVED
CVE-2017-5870
@@ -5143,8 +5595,8 @@
RESERVED
CVE-2017-4961
RESERVED
-CVE-2017-4960
- RESERVED
+CVE-2017-4960 (An issue was discovered in Cloud Foundry release v247 through
v252, UAA ...)
+ TODO: check
CVE-2017-4959
RESERVED
CVE-2017-4958
@@ -10735,14 +11187,14 @@
NOT-FOR-US: JustSystems Ichitaro Office
CVE-2017-2789 (When copying filedata into a buffer, JustSystems Ichitaro
Office 2016 ...)
NOT-FOR-US: JustSystems Ichitaro Office 2016 Trial
-CVE-2017-2788
- RESERVED
-CVE-2017-2787
- RESERVED
-CVE-2017-2786
- RESERVED
-CVE-2017-2785
- RESERVED
+CVE-2017-2788 (A buffer overflows exists in the psnotifyd application of the
Pharos ...)
+ TODO: check
+CVE-2017-2787 (A buffer overflows exists in the psnotifyd application of the
Pharos ...)
+ TODO: check
+CVE-2017-2786 (A denial of service vulnerability exists in the psnotifyd
application ...)
+ TODO: check
+CVE-2017-2785 (An exploitable buffer overflow exists in the psnotifyd
application of ...)
+ TODO: check
CVE-2017-2784
RESERVED
CVE-2017-2783
@@ -19265,8 +19717,8 @@
RESERVED
CVE-2016-8715 (An exploitable heap corruption vulnerability exists in the
loadTrailer ...)
NOT-FOR-US: Iceni Argus
-CVE-2016-8714
- RESERVED
+CVE-2016-8714 (An exploitable buffer overflow vulnerability exists in the ...)
+ TODO: check
CVE-2016-8713 (A remote out of bound write / memory corruption vulnerability
exists ...)
NOT-FOR-US: Nitro Pro
CVE-2016-8712
@@ -66361,8 +66813,7 @@
NOTE:
https://github.com/php/php-src/commit/ef8fc4b53d92fbfcd8ef1abbd6f2f5fe2c4a11e5
NOTE: http://www.openwall.com/lists/oss-security/2015/03/18/1
NOTE: libzip patch: http://hg.nih.at/libzip/rev/9f11d54f692e
-CVE-2015-2330 [WebKitGTK+ late TLS certificate verification]
- RESERVED
+CVE-2015-2330 (Late TLS certificate verification in WebKitGTK+ prior to 2.6.6
allows ...)
- webkitgtk 2.4.9-1 (unimportant)
[jessie] - webkitgtk 2.4.9-1~deb8u1
NOTE: Not covered by security support
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
