Author: sectracker Date: 2017-09-18 21:10:17 +0000 (Mon, 18 Sep 2017) New Revision: 55885
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-09-18 20:48:11 UTC (rev 55884) +++ data/CVE/list 2017-09-18 21:10:17 UTC (rev 55885) @@ -1,89 +1,91 @@ -CVE-2017-14580 +CVE-2017-14581 RESERVED -CVE-2017-14579 - RESERVED -CVE-2017-14578 - RESERVED -CVE-2017-14577 - RESERVED -CVE-2017-14576 - RESERVED -CVE-2017-14575 - RESERVED -CVE-2017-14574 - RESERVED -CVE-2017-14573 - RESERVED -CVE-2017-14572 - RESERVED -CVE-2017-14571 - RESERVED -CVE-2017-14570 - RESERVED -CVE-2017-14569 - RESERVED -CVE-2017-14568 - RESERVED -CVE-2017-14567 - RESERVED -CVE-2017-14566 - RESERVED -CVE-2017-14565 - RESERVED -CVE-2017-14564 - RESERVED -CVE-2017-14563 - RESERVED -CVE-2017-14562 - RESERVED -CVE-2017-14561 - RESERVED -CVE-2017-14560 - RESERVED -CVE-2017-14559 - RESERVED -CVE-2017-14558 - RESERVED -CVE-2017-14557 - RESERVED -CVE-2017-14556 - RESERVED -CVE-2017-14555 - RESERVED -CVE-2017-14554 - RESERVED -CVE-2017-14553 - RESERVED -CVE-2017-14552 - RESERVED -CVE-2017-14551 - RESERVED -CVE-2017-14550 - RESERVED -CVE-2017-14549 - RESERVED -CVE-2017-14548 - RESERVED -CVE-2017-14547 - RESERVED -CVE-2017-14546 - RESERVED -CVE-2017-14545 - RESERVED -CVE-2017-14544 - RESERVED -CVE-2017-14543 - RESERVED -CVE-2017-14542 - RESERVED -CVE-2017-14541 - RESERVED -CVE-2017-14540 - RESERVED -CVE-2017-14539 - RESERVED -CVE-2017-14538 - RESERVED +CVE-2017-14580 (XnView Classic for Windows Version 2.41 allows attackers to execute ...) + TODO: check +CVE-2017-14579 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...) + TODO: check +CVE-2017-14578 (IrfanView 4.44 - 32bit allows attackers to cause a denial of service or ...) + TODO: check +CVE-2017-14577 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...) + TODO: check +CVE-2017-14576 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...) + TODO: check +CVE-2017-14575 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...) + TODO: check +CVE-2017-14574 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...) + TODO: check +CVE-2017-14573 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...) + TODO: check +CVE-2017-14572 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...) + TODO: check +CVE-2017-14571 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...) + TODO: check +CVE-2017-14570 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...) + TODO: check +CVE-2017-14569 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...) + TODO: check +CVE-2017-14568 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...) + TODO: check +CVE-2017-14567 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...) + TODO: check +CVE-2017-14566 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...) + TODO: check +CVE-2017-14565 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...) + TODO: check +CVE-2017-14564 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...) + TODO: check +CVE-2017-14563 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...) + TODO: check +CVE-2017-14562 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...) + TODO: check +CVE-2017-14561 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...) + TODO: check +CVE-2017-14560 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...) + TODO: check +CVE-2017-14559 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...) + TODO: check +CVE-2017-14558 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...) + TODO: check +CVE-2017-14557 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...) + TODO: check +CVE-2017-14556 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...) + TODO: check +CVE-2017-14555 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...) + TODO: check +CVE-2017-14554 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...) + TODO: check +CVE-2017-14553 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...) + TODO: check +CVE-2017-14552 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...) + TODO: check +CVE-2017-14551 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...) + TODO: check +CVE-2017-14550 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...) + TODO: check +CVE-2017-14549 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...) + TODO: check +CVE-2017-14548 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...) + TODO: check +CVE-2017-14547 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...) + TODO: check +CVE-2017-14546 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...) + TODO: check +CVE-2017-14545 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...) + TODO: check +CVE-2017-14544 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...) + TODO: check +CVE-2017-14543 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or ...) + TODO: check +CVE-2017-14542 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...) + TODO: check +CVE-2017-14541 (XnView Classic for Windows Version 2.40 allows attackers to cause a ...) + TODO: check +CVE-2017-14540 (IrfanView 4.44 - 32bit allows attackers to cause a denial of service or ...) + TODO: check +CVE-2017-14539 (IrfanView 4.44 - 32bit allows attackers to cause a denial of service or ...) + TODO: check +CVE-2017-14538 (XnView Classic for Windows Version 2.40 allows attackers to execute ...) + TODO: check CVE-2017-14537 RESERVED CVE-2017-14536 @@ -205,6 +207,7 @@ - libarchive <unfixed> (bug #875966) NOTE: https://github.com/libarchive/libarchive/issues/949 CVE-2017-14500 (Improper Neutralization of Special Elements used in an OS Command in ...) + {DSA-3977-1} - newsbeuter 2.9-7 (bug #876004) NOTE: http://openwall.com/lists/oss-security/2017/09/16/1 NOTE: newsbeuter-2.9.x: https://github.com/akrennmair/newsbeuter/commit/26f5a4350f3ab5507bb8727051c87bb04660f333 @@ -2080,7 +2083,7 @@ NOT-FOR-US: ONOS CVE-2017-13762 (ONOS versions 1.8.0, 1.9.0, and 1.10.0 are vulnerable to XSS. ...) NOT-FOR-US: ONOS -CVE-2017-13761 (The Fastly CDN module before 1.2.26 for Magneto2, when used with a ...) +CVE-2017-13761 (The Fastly CDN module before 1.2.26 for Magento2, when used with a ...) NOT-FOR-US: Fastly CDN module for Magento2 CVE-2017-13760 (In The Sleuth Kit (TSK) 4.4.2, fls hangs on a corrupt exfat image in ...) - sleuthkit <unfixed> (unimportant; bug #873724) @@ -11668,8 +11671,7 @@ NOTE: http://subversion.apache.org/security/CVE-2017-9800-advisory.txt CVE-2017-9799 (It was found that under some situations and configurations of Apache ...) NOT-FOR-US: Apache Storm -CVE-2017-9798 - RESERVED +CVE-2017-9798 (Apache httpd allows remote attackers to read secret data from process ...) - apache2 <unfixed> (bug #876109) NOTE: https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html NOTE: https://github.com/hannob/optionsbleed @@ -24548,8 +24550,8 @@ RESERVED CVE-2017-6148 RESERVED -CVE-2017-6147 - RESERVED +CVE-2017-6147 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, ...) + TODO: check CVE-2017-6146 RESERVED CVE-2017-6145 @@ -34597,6 +34599,7 @@ CVE-2017-2863 (An out-of-bounds write vulnerability exists in the PDF parsing ...) NOT-FOR-US: Iceni Infix CVE-2017-2862 (An exploitable heap overflow vulnerability exists in the ...) + {DSA-3978-1} - gdk-pixbuf <unfixed> (bug #874552) NOTE: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=c2a40a92fe3df4111ed9da51fe3368c079b86926 NOTE: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=6dd89e126a277460faafc1f679db44ccf78446fb @@ -40340,8 +40343,7 @@ {DSA-3731-1} - chromium-browser 55.0.2883.75-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) -CVE-2017-0380 [Stack disclosure in hidden services logs when SafeLogging disabled] - RESERVED +CVE-2017-0380 (The rend_service_intro_established function in or/rendservice.c in Tor ...) - tor <unfixed> [jessie] - tor <not-affected> (Issue introduced in 0.2.7.2-alpha) [wheezy] - tor <not-affected> (Issue introduced in 0.2.7.2-alpha) @@ -107035,8 +107037,8 @@ RESERVED CVE-2014-6107 (IBM Security Identity Manager 6.x before 6.0.0.3 IF14 allows remote ...) NOT-FOR-US: IBM -CVE-2014-6106 - RESERVED +CVE-2014-6106 (Cross-site request forgery (CSRF) vulnerability in IBM Security ...) + TODO: check CVE-2014-6105 (IBM Security Identity Manager 6.x before 6.0.0.3 IF14 allows remote ...) NOT-FOR-US: IBM CVE-2014-6104 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits