Author: sectracker Date: 2017-11-14 21:10:19 +0000 (Tue, 14 Nov 2017) New Revision: 57638
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-11-14 20:55:39 UTC (rev 57637) +++ data/CVE/list 2017-11-14 21:10:19 UTC (rev 57638) @@ -1,3 +1,9 @@ +CVE-2017-16817 + RESERVED +CVE-2017-16816 + RESERVED +CVE-2017-16815 (installer.php in the Snap Creek Duplicator (WordPress Site Migration & ...) + TODO: check CVE-2017-16820 [snmp plugin: double free or heap corruption] - collectd <unfixed> (bug #881757) NOTE: https://github.com/collectd/collectd/issues/2291 @@ -1386,8 +1392,8 @@ RESERVED CVE-2017-16240 RESERVED -CVE-2017-16239 - RESERVED +CVE-2017-16239 (In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through ...) + TODO: check CVE-2017-16238 RESERVED CVE-2017-16237 (In Vir.IT eXplorer Anti-Virus before 8.5.42, the driver file ...) @@ -11949,12 +11955,10 @@ NOT-FOR-US: Ipswitch IMail CVE-2017-12637 (Directory traversal vulnerability in ...) NOT-FOR-US: SAP -CVE-2017-12636 - RESERVED +CVE-2017-12636 (CouchDB administrative users can configure the database server via ...) - couchdb <removed> NOTE: http://www.openwall.com/lists/oss-security/2017/11/14/6 -CVE-2017-12635 - RESERVED +CVE-2017-12635 (Due to differences in the Erlang-based JSON parser and ...) - couchdb <removed> NOTE: http://www.openwall.com/lists/oss-security/2017/11/14/6 CVE-2017-12634 @@ -11982,8 +11986,8 @@ RESERVED CVE-2017-12625 (Apache Hive 2.1.x before 2.1.2, 2.2.x before 2.2.1, and 2.3.x before ...) NOT-FOR-US: Apache Hive -CVE-2017-12624 - RESERVED +CVE-2017-12624 (Apache CXF supports sending and receiving attachments via either the ...) + TODO: check CVE-2017-12623 (An authorized user could upload a template which contained malicious ...) NOT-FOR-US: Apache NiFi CVE-2017-12622 @@ -17551,6 +17555,7 @@ CVE-2017-10673 (admin/profile.php in GetSimple CMS 3.x has XSS in a name field. ...) NOT-FOR-US: GetSimple CMS CVE-2017-10672 (Use-after-free in the XML-LibXML module through 2.0129 for Perl allows ...) + {DLA-1171-1} - libxml-libxml-perl 2.0128+dfsg-5 (bug #866676) NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=122246 NOTE: Pull request: https://github.com/shlomif/perl-XML-LibXML/pull/8 @@ -22333,8 +22338,8 @@ RESERVED CVE-2017-9086 RESERVED -CVE-2017-9085 - RESERVED +CVE-2017-9085 (Multiple cross-site scripting (XSS) vulnerabilities in Kodak InSite 6.5 ...) + TODO: check CVE-2017-9084 RESERVED CVE-2017-9083 (poppler 0.54.0, as used in Evince and other products, has a NULL ...) @@ -31247,10 +31252,10 @@ NOT-FOR-US: NVIDIA Windows GPU Display Driver CVE-2017-6276 RESERVED -CVE-2017-6275 - RESERVED -CVE-2017-6274 - RESERVED +CVE-2017-6275 (An information disclosure vulnerability exists in the Thermal Driver, ...) + TODO: check +CVE-2017-6274 (An elevation of Privilege vulnerability exists in the Thermal Driver, ...) + TODO: check CVE-2017-6273 (NVIDIA ADSP Firmware contains a vulnerability in the ADSP Loader ...) NOT-FOR-US: NVIDIA ADSP Firmware CVE-2017-6272 (NVIDIA GPU Display Driver contains a vulnerability in the kernel mode ...) @@ -31290,8 +31295,8 @@ NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/4544 CVE-2017-6265 RESERVED -CVE-2017-6264 - RESERVED +CVE-2017-6264 (An elevation of privilege vulnerability exists in the NVIDIA GPU ...) + TODO: check CVE-2017-6263 RESERVED CVE-2017-6262 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits