Author: sectracker
Date: 2017-06-30 09:10:13 +0000 (Fri, 30 Jun 2017)
New Revision: 53031
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-06-30 09:01:02 UTC (rev 53030)
+++ data/CVE/list 2017-06-30 09:10:13 UTC (rev 53031)
@@ -1,3 +1,45 @@
+CVE-2017-10698
+ RESERVED
+CVE-2017-10697
+ RESERVED
+CVE-2017-10696
+ RESERVED
+CVE-2017-10695
+ RESERVED
+CVE-2017-10694
+ RESERVED
+CVE-2017-10693
+ RESERVED
+CVE-2017-10692
+ RESERVED
+CVE-2017-10691
+ RESERVED
+CVE-2017-10690
+ RESERVED
+CVE-2017-10689
+ RESERVED
+CVE-2017-10688 (In LibTIFF 4.0.8, there is a assertion abort in the ...)
+ TODO: check
+CVE-2017-10687 (In LibSass 3.4.5, there is a heap-based buffer over-read in
the ...)
+ TODO: check
+CVE-2017-10686 (In Netwide Assembler (NASM) 2.14rc0, there are multiple heap
use after ...)
+ TODO: check
+CVE-2017-10685 (In ncurses 6.0, there is a format string vulnerability in the
fmt_entry ...)
+ TODO: check
+CVE-2017-10684 (In ncurses 6.0, there is a stack-based buffer overflow in the
fmt_entry ...)
+ TODO: check
+CVE-2017-10683 (In mpg123 1.25.0, there is a heap-based buffer over-read in
the ...)
+ TODO: check
+CVE-2017-10682 (SQL injection vulnerability in the administrative backend in
Piwigo ...)
+ TODO: check
+CVE-2017-10681 (Cross-site request forgery (CSRF) vulnerability in Piwigo
through 2.9.1 ...)
+ TODO: check
+CVE-2017-10680 (Cross-site request forgery (CSRF) vulnerability in Piwigo
through 2.9.1 ...)
+ TODO: check
+CVE-2017-10679 (Piwigo through 2.9.1 allows remote attackers to obtain
sensitive ...)
+ TODO: check
+CVE-2017-10678 (Cross-site request forgery (CSRF) vulnerability in Piwigo
through 2.9.1 ...)
+ TODO: check
CVE-2017-10677
RESERVED
CVE-2017-10676
@@ -7208,22 +7250,22 @@
NOT-FOR-US: Schneider
CVE-2017-7906
RESERVED
-CVE-2017-7905
- RESERVED
+CVE-2017-7905 (A Weak Cryptography for Passwords issue was discovered in
General ...)
+ TODO: check
CVE-2017-7904
RESERVED
-CVE-2017-7903
- RESERVED
-CVE-2017-7902
- RESERVED
-CVE-2017-7901
- RESERVED
+CVE-2017-7903 (A Weak Password Requirements issue was discovered in Rockwell
...)
+ TODO: check
+CVE-2017-7902 (A "Reusing a Nonce, Key Pair in Encryption" issue was
discovered in ...)
+ TODO: check
+CVE-2017-7901 (A Predictable Value Range from Previous Values issue was
discovered in ...)
+ TODO: check
CVE-2017-7900
RESERVED
-CVE-2017-7899
- RESERVED
-CVE-2017-7898
- RESERVED
+CVE-2017-7899 (An Information Exposure issue was discovered in Rockwell
Automation ...)
+ TODO: check
+CVE-2017-7898 (An Improper Restriction of Excessive Authentication Attempts
issue was ...)
+ TODO: check
CVE-2017-7897 (A cross-site scripting (XSS) vulnerability in the MantisBT
(2.3.x ...)
- mantis <removed>
[wheezy] - mantis <end-of-life> (Unsupported in Wheezy LTS)
@@ -12985,66 +13027,66 @@
NOT-FOR-US: Satel Iberia SenNet Data Logger and Electricity Meters
CVE-2017-6047
RESERVED
-CVE-2017-6046
- RESERVED
+CVE-2017-6046 (An Insufficiently Protected Credentials issue was discovered in
Sierra ...)
+ TODO: check
CVE-2017-6045 (An Information Exposure issue was discovered in Trihedral
VTScada ...)
NOT-FOR-US: Trihedral VTScada
-CVE-2017-6044
- RESERVED
+CVE-2017-6044 (An Improper Authorization issue was discovered in Sierra
Wireless ...)
+ TODO: check
CVE-2017-6043 (A Resource Consumption issue was discovered in Trihedral
VTScada ...)
NOT-FOR-US: Trihedral VTScada
-CVE-2017-6042
- RESERVED
-CVE-2017-6041
- RESERVED
-CVE-2017-6040
- RESERVED
+CVE-2017-6042 (A Cross-Site Request Forgery issue was discovered in Sierra
Wireless ...)
+ TODO: check
+CVE-2017-6041 (An Unrestricted Upload issue was discovered in Marel Food
Processing ...)
+ TODO: check
+CVE-2017-6040 (An Information Exposure issue was discovered in Belden
Hirschmann GECKO ...)
+ TODO: check
CVE-2017-6039 (A Use of Hard-Coded Password issue was discovered in Phoenix
Broadband ...)
NOT-FOR-US: Phoenix
-CVE-2017-6038
- RESERVED
+CVE-2017-6038 (A Cross-Site Request Forgery issue was discovered in Belden
Hirschmann ...)
+ TODO: check
CVE-2017-6037 (A Heap-Based Buffer Overflow issue was discovered in Wecon
Technologies ...)
NOT-FOR-US: Wecon
-CVE-2017-6036
- RESERVED
+CVE-2017-6036 (A Server-Side Request Forgery issue was discovered in Belden
Hirschmann ...)
+ TODO: check
CVE-2017-6035 (A Stack-Based Buffer Overflow issue was discovered in Wecon ...)
NOT-FOR-US: Wecon
-CVE-2017-6034
- RESERVED
+CVE-2017-6034 (An Authentication Bypass by Capture-Replay issue was discovered
in ...)
+ TODO: check
CVE-2017-6033 (A DLL Hijacking issue was discovered in Schneider Electric
Interactive ...)
NOT-FOR-US: Schneider Electric
-CVE-2017-6032
- RESERVED
+CVE-2017-6032 (A Violation of Secure Design Principles issue was discovered in
...)
+ TODO: check
CVE-2017-6031 (A Header Injection issue was discovered in Certec EDV GmbH
atvise scada ...)
NOT-FOR-US: Certec EDV GmbH atvise scada
-CVE-2017-6030
- RESERVED
+CVE-2017-6030 (A Predictable Value Range from Previous Values issue was
discovered in ...)
+ TODO: check
CVE-2017-6029 (A Cross-Site Scripting issue was discovered in Certec EDV GmbH
atvise ...)
NOT-FOR-US: Certec EDV GmbH atvise scada
-CVE-2017-6028
- RESERVED
+CVE-2017-6028 (An Insufficiently Protected Credentials issue was discovered in
...)
+ TODO: check
CVE-2017-6027 (An Arbitrary File Upload issue was discovered in 3S-Smart
Software ...)
NOT-FOR-US: 3S-Smart Software Solutions GmbH CODESYS Web Server
-CVE-2017-6026
- RESERVED
+CVE-2017-6026 (A Use of Insufficiently Random Values issue was discovered in
Schneider ...)
+ TODO: check
CVE-2017-6025 (A Stack Buffer Overflow issue was discovered in 3S-Smart
Software ...)
NOT-FOR-US: 3S-Smart Software Solutions GmbH CODESYS Web Server
CVE-2017-6024 (A Resource Exhaustion issue was discovered in Rockwell
Automation ...)
NOT-FOR-US: Rockwell
CVE-2017-6023 (An issue was discovered in Fatek Automation PLC Ethernet
Module. The ...)
NOT-FOR-US: Fatek
-CVE-2017-6022
- RESERVED
+CVE-2017-6022 (A hard-coded password issue was discovered in Becton, Dickinson
and ...)
+ TODO: check
CVE-2017-6021
RESERVED
CVE-2017-6020
RESERVED
CVE-2017-6019 (An issue was discovered in Schneider Electric Conext ComBox,
model ...)
NOT-FOR-US: Schneider Electric
-CVE-2017-6018
- RESERVED
-CVE-2017-6017
- RESERVED
+CVE-2017-6018 (An open redirect issue was discovered in B. Braun Medical
SpaceCom ...)
+ TODO: check
+CVE-2017-6017 (A Resource Exhaustion issue was discovered in Schneider
Electric ...)
+ TODO: check
CVE-2017-6016 (An Improper Access Control issue was discovered in LCDS - Leao
...)
NOT-FOR-US: LCDS (Leao Consultoria e Desenvolvimento de Sistemas LTDA
ME LAquis SCADA)
CVE-2017-6015
@@ -29543,8 +29585,8 @@
NOT-FOR-US: General Electric
CVE-2016-9359
REJECTED
-CVE-2016-9358
- RESERVED
+CVE-2016-9358 (A Hard-Coded Passwords issue was discovered in Marel Food
Processing ...)
+ TODO: check
CVE-2016-9357 (An issue was discovered in certain legacy Eaton ePDUs -- the
affected ...)
NOT-FOR-US: legacy Eaton ePDUs
CVE-2016-9356 (An issue was discovered in Moxa DACenter Versions 1.4 and
older. The ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
