Author: sectracker Date: 2017-11-22 09:10:22 +0000 (Wed, 22 Nov 2017) New Revision: 57923
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-11-22 08:33:10 UTC (rev 57922) +++ data/CVE/list 2017-11-22 09:10:22 UTC (rev 57923) @@ -1,3 +1,5 @@ +CVE-2017-16926 (Ohcount 3.0.0 is prone to a command injection via specially crafted ...) + TODO: check CVE-2017-XXXX [Command injection through file names] - ohcount <unfixed> (bug #882372) CVE-2017-16925 @@ -18241,6 +18243,7 @@ CVE-2017-10700 (In the medialibrary component in QNAP NAS 4.3.3.0229, an ...) NOT-FOR-US: QNAP CVE-2017-10699 (avcodec 2.2.x, as used in VideoLAN VLC media player 2.2.7-x before ...) + {DSA-4045-1} - vlc 2.2.6-3 [wheezy] - vlc <end-of-life> (Not supported in wheezy LTS) NOTE: http://git.videolan.org/?p=vlc/vlc-2.2.git;a=commitdiff;h=6cc73bcad19da2cd2e95671173f2e0d203a57e9b @@ -22395,6 +22398,7 @@ - vlc 2.2.5.1-1 [wheezy] - vlc <end-of-life> (Not supported in wheezy LTS) CVE-2017-9300 (plugins\codec\libflac_plugin.dll in VideoLAN VLC media player 2.2.4 ...) + {DSA-4045-1} - vlc 2.2.6-3 [wheezy] - vlc <end-of-life> (Not supported in wheezy LTS) NOTE: https://git.videolan.org/?p=vlc/vlc-2.2.git;a=commit;h=55a82442cfea9dab8b853f3a4610f2880c5fadf3 @@ -23757,16 +23761,16 @@ RESERVED CVE-2017-8865 RESERVED -CVE-2017-8864 - RESERVED -CVE-2017-8863 - RESERVED -CVE-2017-8862 - RESERVED -CVE-2017-8861 - RESERVED -CVE-2017-8860 - RESERVED +CVE-2017-8864 (Client-side enforcement using JavaScript of server-side security ...) + TODO: check +CVE-2017-8863 (Information disclosure of .esp source code on the Cohu 3960 allows an ...) + TODO: check +CVE-2017-8862 (The webupgrade function on the Cohu 3960HD does not verify the firmware ...) + TODO: check +CVE-2017-8861 (Missing authentication for the remote configuration port 1236/tcp on ...) + TODO: check +CVE-2017-8860 (Information disclosure through directory listing on the Cohu 3960HD ...) + TODO: check CVE-2017-8859 (In Veritas NetBackup Appliance 3.0 and earlier, unauthenticated users ...) NOT-FOR-US: Veritas NetBackup CVE-2017-8858 (In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits