Author: sectracker
Date: 2017-11-14 21:10:19 +0000 (Tue, 14 Nov 2017)
New Revision: 57638
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-14 20:55:39 UTC (rev 57637)
+++ data/CVE/list 2017-11-14 21:10:19 UTC (rev 57638)
@@ -1,3 +1,9 @@
+CVE-2017-16817
+ RESERVED
+CVE-2017-16816
+ RESERVED
+CVE-2017-16815 (installer.php in the Snap Creek Duplicator (WordPress Site
Migration & ...)
+ TODO: check
CVE-2017-16820 [snmp plugin: double free or heap corruption]
- collectd <unfixed> (bug #881757)
NOTE: https://github.com/collectd/collectd/issues/2291
@@ -1386,8 +1392,8 @@
RESERVED
CVE-2017-16240
RESERVED
-CVE-2017-16239
- RESERVED
+CVE-2017-16239 (In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and
16.x through ...)
+ TODO: check
CVE-2017-16238
RESERVED
CVE-2017-16237 (In Vir.IT eXplorer Anti-Virus before 8.5.42, the driver file
...)
@@ -11949,12 +11955,10 @@
NOT-FOR-US: Ipswitch IMail
CVE-2017-12637 (Directory traversal vulnerability in ...)
NOT-FOR-US: SAP
-CVE-2017-12636
- RESERVED
+CVE-2017-12636 (CouchDB administrative users can configure the database server
via ...)
- couchdb <removed>
NOTE: http://www.openwall.com/lists/oss-security/2017/11/14/6
-CVE-2017-12635
- RESERVED
+CVE-2017-12635 (Due to differences in the Erlang-based JSON parser and ...)
- couchdb <removed>
NOTE: http://www.openwall.com/lists/oss-security/2017/11/14/6
CVE-2017-12634
@@ -11982,8 +11986,8 @@
RESERVED
CVE-2017-12625 (Apache Hive 2.1.x before 2.1.2, 2.2.x before 2.2.1, and 2.3.x
before ...)
NOT-FOR-US: Apache Hive
-CVE-2017-12624
- RESERVED
+CVE-2017-12624 (Apache CXF supports sending and receiving attachments via
either the ...)
+ TODO: check
CVE-2017-12623 (An authorized user could upload a template which contained
malicious ...)
NOT-FOR-US: Apache NiFi
CVE-2017-12622
@@ -17551,6 +17555,7 @@
CVE-2017-10673 (admin/profile.php in GetSimple CMS 3.x has XSS in a name
field. ...)
NOT-FOR-US: GetSimple CMS
CVE-2017-10672 (Use-after-free in the XML-LibXML module through 2.0129 for
Perl allows ...)
+ {DLA-1171-1}
- libxml-libxml-perl 2.0128+dfsg-5 (bug #866676)
NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=122246
NOTE: Pull request: https://github.com/shlomif/perl-XML-LibXML/pull/8
@@ -22333,8 +22338,8 @@
RESERVED
CVE-2017-9086
RESERVED
-CVE-2017-9085
- RESERVED
+CVE-2017-9085 (Multiple cross-site scripting (XSS) vulnerabilities in Kodak
InSite 6.5 ...)
+ TODO: check
CVE-2017-9084
RESERVED
CVE-2017-9083 (poppler 0.54.0, as used in Evince and other products, has a
NULL ...)
@@ -31247,10 +31252,10 @@
NOT-FOR-US: NVIDIA Windows GPU Display Driver
CVE-2017-6276
RESERVED
-CVE-2017-6275
- RESERVED
-CVE-2017-6274
- RESERVED
+CVE-2017-6275 (An information disclosure vulnerability exists in the Thermal
Driver, ...)
+ TODO: check
+CVE-2017-6274 (An elevation of Privilege vulnerability exists in the Thermal
Driver, ...)
+ TODO: check
CVE-2017-6273 (NVIDIA ADSP Firmware contains a vulnerability in the ADSP
Loader ...)
NOT-FOR-US: NVIDIA ADSP Firmware
CVE-2017-6272 (NVIDIA GPU Display Driver contains a vulnerability in the
kernel mode ...)
@@ -31290,8 +31295,8 @@
NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/4544
CVE-2017-6265
RESERVED
-CVE-2017-6264
- RESERVED
+CVE-2017-6264 (An elevation of privilege vulnerability exists in the NVIDIA
GPU ...)
+ TODO: check
CVE-2017-6263
RESERVED
CVE-2017-6262
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
