Author: sectracker Date: 2017-11-07 09:10:21 +0000 (Tue, 07 Nov 2017) New Revision: 57396
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-11-07 08:04:53 UTC (rev 57395) +++ data/CVE/list 2017-11-07 09:10:21 UTC (rev 57396) @@ -1,3 +1,15 @@ +CVE-2017-16638 (The Gentoo net-misc/vde package before version 2.3.2-r4 may allow ...) + TODO: check +CVE-2017-16637 (In Vectura Perfect Privacy VPN Manager v1.10.10 and v1.10.11, when ...) + TODO: check +CVE-2017-16636 (In Bludit v1.5.2 and v2.0.1, an XSS vulnerability is located in the new ...) + TODO: check +CVE-2017-16635 (In TinyWebGallery v2.4, an XSS vulnerability is located in the ...) + TODO: check +CVE-2017-16634 + RESERVED +CVE-2017-16633 + RESERVED CVE-2017-16632 RESERVED CVE-2017-16631 @@ -7284,24 +7296,24 @@ NOTE: https://bugzilla.novell.com/show_bug.cgi?id=1058757 NOTE: https://www.ruby-lang.org/en/news/2017/09/14/openssl-asn1-buffer-underrun-cve-2017-14033/ NOTE: https://github.com/ruby/openssl/commit/1648afef33c1d97fb203c82291b8a61269e85d3b -CVE-2017-14031 - RESERVED +CVE-2017-14031 (An Improper Access Control issue was discovered in Trihedral VTScada ...) + TODO: check CVE-2017-14030 RESERVED -CVE-2017-14029 - RESERVED +CVE-2017-14029 (An Uncontrolled Search Path Element issue was discovered in Trihedral ...) + TODO: check CVE-2017-14028 RESERVED CVE-2017-14027 (A Use of Hard-coded Credentials issue was discovered in Korenix JetNet ...) NOT-FOR-US: Korenix CVE-2017-14026 RESERVED -CVE-2017-14025 - RESERVED +CVE-2017-14025 (An Improper Input Validation issue was discovered in ABB FOX515T ...) + TODO: check CVE-2017-14024 RESERVED -CVE-2017-14023 - RESERVED +CVE-2017-14023 (An Improper Input Validation issue was discovered in Siemens SIMATIC ...) + TODO: check CVE-2017-14022 RESERVED CVE-2017-14021 (A Use of Hard-coded Cryptographic Key issue was discovered in Korenix ...) @@ -7314,8 +7326,8 @@ RESERVED CVE-2017-14017 (An Uncontrolled Search Path Element issue was discovered in Progea ...) NOT-FOR-US: Progea Movicon -CVE-2017-14016 - RESERVED +CVE-2017-14016 (A Stack-based Buffer Overflow issue was discovered in Advantech ...) + TODO: check CVE-2017-14015 RESERVED CVE-2017-14014 @@ -8263,10 +8275,10 @@ NOT-FOR-US: Symantec CVE-2017-13682 (In Symantec Encryption Desktop before SED 10.4.1 MP2HF1, a kernel ...) NOT-FOR-US: Symantec -CVE-2017-13681 - RESERVED -CVE-2017-13680 - RESERVED +CVE-2017-13681 (Symantec Endpoint Protection prior to SEP 12.1 RU6 MP9 could be ...) + TODO: check +CVE-2017-13680 (Prior to SEP 12.1 RU6 MP9 & SEP 14 RU1 Symantec Endpoint Protection ...) + TODO: check CVE-2017-13679 (A denial of service (DoS) attack in Symantec Encryption Desktop before ...) NOT-FOR-US: Symantec CVE-2017-13678 @@ -11157,8 +11169,8 @@ RESERVED CVE-2017-12720 RESERVED -CVE-2017-12719 - RESERVED +CVE-2017-12719 (An Untrusted Pointer Dereference issue was discovered in Advantech ...) + TODO: check CVE-2017-12718 RESERVED CVE-2017-12717 (An Uncontrolled Search Path Element issue was discovered in Advantech ...) @@ -11454,6 +11466,7 @@ CVE-2017-12619 RESERVED CVE-2017-12618 (Apache Portable Runtime Utility (APR-util) 1.6.0 and prior fail to ...) + {DLA-1163-1} - apr-util 1.6.1-1 (low; bug #879996) NOTE: mail-archives.apache.org/mod_mbox/apr-dev/201710.mbox/%3CCACsi252POs4toeJJciwg09_eu2cO3XFg%3DUqsPjXsfjDoeC3-UQ%40mail.gmail.com%3E NOTE: https://github.com/apache/apr/commit/f672b565c825c34de9ee298b5bdc62c01cdd6147 @@ -30418,8 +30431,8 @@ RESERVED CVE-2017-6332 RESERVED -CVE-2017-6331 - RESERVED +CVE-2017-6331 (Prior to SEP 14 RU1 Symantec Endpoint Protection product can encounter ...) + TODO: check CVE-2017-6330 (Symantec Encryption Desktop before SED 10.4.1MP2 can allow remote ...) NOT-FOR-US: Symantec CVE-2017-6329 (Symantec VIP Access for Desktop prior to 2.2.4 can be susceptible to a ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits