[Secure-testing-commits] r57358 - data/CVE

security tracker role Mon, 06 Nov 2017 01:10:59 -0800

Author: sectracker
Date: 2017-11-06 09:10:22 +0000 (Mon, 06 Nov 2017)
New Revision: 57358


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-11-06 05:30:22 UTC (rev 57357)
+++ data/CVE/list       2017-11-06 09:10:22 UTC (rev 57358)
@@ -1,3 +1,55 @@
+CVE-2017-16570 (KeystoneJS before 4.0.0-beta.7 allows application-wide CSRF 
bypass by ...)
+       TODO: check
+CVE-2017-16569 (An Open URL Redirect issue exists in Zurmo 3.2.1.57987acc3018 
via an ...)
+       TODO: check
+CVE-2017-16568
+       RESERVED
+CVE-2017-16567
+       RESERVED
+CVE-2017-16566
+       RESERVED
+CVE-2017-16565 (Cross-Site Request Forgery (CSRF) in /cgi-bin/login on Vonage 
...)
+       TODO: check
+CVE-2017-16564 (Stored Cross-site scripting (XSS) vulnerability in 
/cgi-bin/config2 on ...)
+       TODO: check
+CVE-2017-16563 (Cross-Site Request Forgery (CSRF) in the Basic Settings screen 
on ...)
+       TODO: check
+CVE-2017-16562
+       RESERVED
+CVE-2017-16561
+       RESERVED
+CVE-2017-16560
+       RESERVED
+CVE-2017-16559
+       RESERVED
+CVE-2017-16558
+       RESERVED
+CVE-2017-16557
+       RESERVED
+CVE-2017-16556
+       RESERVED
+CVE-2017-16555
+       RESERVED
+CVE-2017-16554
+       RESERVED
+CVE-2017-16553
+       RESERVED
+CVE-2017-16552
+       RESERVED
+CVE-2017-16551
+       RESERVED
+CVE-2017-16550
+       RESERVED
+CVE-2017-16549
+       RESERVED
+CVE-2017-16548 (The receive_xattr function in xattrs.c in rsync 3.1.2 and ...)
+       TODO: check
+CVE-2017-16547 (The DrawImage function in magick/render.c in GraphicsMagick 
1.3.26 does ...)
+       TODO: check
+CVE-2017-16546 (The ReadWPGImage function in coders/wpg.c in ImageMagick 
7.0.7-9 does ...)
+       TODO: check
+CVE-2017-16545 (The ReadWPGImage function in coders/wpg.c in GraphicsMagick 
1.3.26 does ...)
+       TODO: check
 CVE-2017-16544
        RESERVED
 CVE-2017-16543 (Zoho ManageEngine Applications Manager 13 allows SQL injection 
via ...)
@@ -54,8 +106,8 @@
        NOTE: Fixed by: 
https://git.kernel.org/linus/bbf26183b7a6236ba602f4d6a2f7cade35bba043
 CVE-2017-16525 (The usb_serial_console_disconnect function in ...)
        - linux 4.13.10-1
-CVE-2017-16524
-       RESERVED
+CVE-2017-16524 (Web Viewer 1.0.0.193 on Samsung SRN-1670D devices suffers from 
an ...)
+       TODO: check
 CVE-2017-16523 (MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ...)
        NOT-FOR-US: MitraStar
 CVE-2017-16522 (MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ...)
@@ -3001,48 +3053,59 @@
        RESERVED
 CVE-2017-15396
        RESERVED
+       {DSA-4020-1}
        - chromium-browser 62.0.3202.75-1
        [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
        - libv8 <unfixed> (unimportant)
        NOTE: libv8 not covered by security support
 CVE-2017-15395
        RESERVED
+       {DSA-4020-1}
        - chromium-browser 62.0.3202.75-1
        [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-15394
        RESERVED
+       {DSA-4020-1}
        - chromium-browser 62.0.3202.75-1
        [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-15393
        RESERVED
+       {DSA-4020-1}
        - chromium-browser 62.0.3202.75-1
        [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-15392
        RESERVED
+       {DSA-4020-1}
        - chromium-browser 62.0.3202.75-1
        [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-15391
        RESERVED
+       {DSA-4020-1}
        - chromium-browser 62.0.3202.75-1
        [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-15390
        RESERVED
+       {DSA-4020-1}
        - chromium-browser 62.0.3202.75-1
        [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-15389
        RESERVED
+       {DSA-4020-1}
        - chromium-browser 62.0.3202.75-1
        [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-15388
        RESERVED
+       {DSA-4020-1}
        - chromium-browser 62.0.3202.75-1
        [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-15387
        RESERVED
+       {DSA-4020-1}
        - chromium-browser 62.0.3202.75-1
        [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-15386
        RESERVED
+       {DSA-4020-1}
        - chromium-browser 62.0.3202.75-1
        [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-15385 (The store_versioninfo_gnu_verdef function in 
libr/bin/format/elf/elf.c ...)
@@ -4004,8 +4067,8 @@
        NOTE: 
https://groups.google.com/d/msg/golang-dev/RinSE3EiJBI/kYL7zb07AgAJ
 CVE-2017-15040
        RESERVED
-CVE-2017-15039
-       RESERVED
+CVE-2017-15039 (Cross-site scripting (XSS) exists in Zurmo 3.2.1.57987acc3018 
via a ...)
+       TODO: check
 CVE-2017-15038 (Race condition in the v9fs_xattrwalk function in hw/9pfs/9p.c 
in QEMU ...)
        {DLA-1129-1 DLA-1128-1}
        - qemu 1:2.10.0+dfsg-2 (bug #877890)
@@ -34331,14 +34394,17 @@
        RESERVED
 CVE-2017-5133
        RESERVED
+       {DSA-4020-1}
        - chromium-browser 62.0.3202.75-1
        [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-5132
        RESERVED
+       {DSA-4020-1}
        - chromium-browser 62.0.3202.75-1
        [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-5131
        RESERVED
+       {DSA-4020-1}
        - chromium-browser 62.0.3202.75-1
        [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-5130
@@ -34353,26 +34419,32 @@
        TODO: waiting for upstream confirmation that mapping is correct, and 
initially triaged by gcs
 CVE-2017-5129
        RESERVED
+       {DSA-4020-1}
        - chromium-browser 62.0.3202.75-1
        [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-5128
        RESERVED
+       {DSA-4020-1}
        - chromium-browser 62.0.3202.75-1
        [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-5127
        RESERVED
+       {DSA-4020-1}
        - chromium-browser 62.0.3202.75-1
        [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-5126
        RESERVED
+       {DSA-4020-1}
        - chromium-browser 62.0.3202.75-1
        [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-5125
        RESERVED
+       {DSA-4020-1}
        - chromium-browser 62.0.3202.75-1
        [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-5124
        RESERVED
+       {DSA-4020-1}
        - chromium-browser 62.0.3202.75-1
        [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-5123 [waitid() not calling access_ok()]


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r57358 - data/CVE

Reply via email to