Author: sectracker Date: 2017-10-28 09:10:13 +0000 (Sat, 28 Oct 2017) New Revision: 57056
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-10-28 09:01:55 UTC (rev 57055) +++ data/CVE/list 2017-10-28 09:10:13 UTC (rev 57056) @@ -1,7 +1,31 @@ -CVE-2017-15939 +CVE-2017-15951 (The KEYS subsystem in the Linux kernel before 4.13.10 does not ...) + TODO: check +CVE-2017-15950 RESERVED -CVE-2017-15938 +CVE-2017-15949 (Xavier PHP Management Panel 2.4 allows SQL injection via the usertoedit ...) + TODO: check +CVE-2017-15948 (Perch Content Management System 3.0.3 allows unrestricted file upload ...) + TODO: check +CVE-2017-15947 (Simple ASC Content Management System v1.2 has XSS in the location field ...) + TODO: check +CVE-2017-15946 (In the com_tag component 1.7.6 for Joomla!, a SQL injection ...) + TODO: check +CVE-2017-15945 (The installation scripts in the Gentoo dev-db/mysql, dev-db/mariadb, ...) + TODO: check +CVE-2017-15944 RESERVED +CVE-2017-15943 + RESERVED +CVE-2017-15942 + RESERVED +CVE-2017-15941 + RESERVED +CVE-2017-15940 + RESERVED +CVE-2017-15939 (dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as ...) + TODO: check +CVE-2017-15938 (dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as ...) + TODO: check CVE-2017-15937 (Artica Pandora FMS version 7.0 leaks a full installation pathname via ...) TODO: check CVE-2017-15936 (In Artica Pandora FMS version 7.0, an Attacker with write Permission ...) @@ -7353,9 +7377,11 @@ CVE-2017-13091 RESERVED CVE-2017-13090 (The retr.c:fd_read_body() function is called when processing OK ...) + {DLA-1149-1} - wget <unfixed> (bug #879957) NOTE: http://git.savannah.gnu.org/cgit/wget.git/commit/?id=ba6b44f6745b14dce414761a8e4b35d31b176bba CVE-2017-13089 (The http.c:skip_short_body() function is called in some circumstances, ...) + {DLA-1149-1} - wget <unfixed> (bug #879957) NOTE: http://git.savannah.gnu.org/cgit/wget.git/commit/?id=d892291fb8ace4c3b734ea5125770989c215df3f CVE-2017-13088 (Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows ...) @@ -10366,7 +10392,7 @@ RESERVED CVE-2017-12193 RESERVED -CVE-2017-12192 (A vulnerability was found in the Key Management sub component of the ...) +CVE-2017-12192 (The keyctl_read_key function in security/keys/keyctl.c in the Key ...) - linux 4.13.4-2 [wheezy] - linux <not-affected> (Vulnerable code introduced later) NOTE: Fixed by: https://git.kernel.org/linus/37863c43b2c6464f252862bf2e9768264e961678 (4.14-rc3) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits