Author: sectracker
Date: 2017-12-01 21:10:21 +0000 (Fri, 01 Dec 2017)
New Revision: 58195
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-01 19:56:17 UTC (rev 58194)
+++ data/CVE/list 2017-12-01 21:10:21 UTC (rev 58195)
@@ -1,3 +1,605 @@
+CVE-2018-1040
+ RESERVED
+CVE-2018-1039
+ RESERVED
+CVE-2018-1038
+ RESERVED
+CVE-2018-1037
+ RESERVED
+CVE-2018-1036
+ RESERVED
+CVE-2018-1035
+ RESERVED
+CVE-2018-1034
+ RESERVED
+CVE-2018-1033
+ RESERVED
+CVE-2018-1032
+ RESERVED
+CVE-2018-1031
+ RESERVED
+CVE-2018-1030
+ RESERVED
+CVE-2018-1029
+ RESERVED
+CVE-2018-1028
+ RESERVED
+CVE-2018-1027
+ RESERVED
+CVE-2018-1026
+ RESERVED
+CVE-2018-1025
+ RESERVED
+CVE-2018-1024
+ RESERVED
+CVE-2018-1023
+ RESERVED
+CVE-2018-1022
+ RESERVED
+CVE-2018-1021
+ RESERVED
+CVE-2018-1020
+ RESERVED
+CVE-2018-1019
+ RESERVED
+CVE-2018-1018
+ RESERVED
+CVE-2018-1017
+ RESERVED
+CVE-2018-1016
+ RESERVED
+CVE-2018-1015
+ RESERVED
+CVE-2018-1014
+ RESERVED
+CVE-2018-1013
+ RESERVED
+CVE-2018-1012
+ RESERVED
+CVE-2018-1011
+ RESERVED
+CVE-2018-1010
+ RESERVED
+CVE-2018-1009
+ RESERVED
+CVE-2018-1008
+ RESERVED
+CVE-2018-1007
+ RESERVED
+CVE-2018-1006
+ RESERVED
+CVE-2018-1005
+ RESERVED
+CVE-2018-1004
+ RESERVED
+CVE-2018-1003
+ RESERVED
+CVE-2018-1002
+ RESERVED
+CVE-2018-1001
+ RESERVED
+CVE-2018-1000
+ RESERVED
+CVE-2018-0999
+ RESERVED
+CVE-2018-0998
+ RESERVED
+CVE-2018-0997
+ RESERVED
+CVE-2018-0996
+ RESERVED
+CVE-2018-0995
+ RESERVED
+CVE-2018-0994
+ RESERVED
+CVE-2018-0993
+ RESERVED
+CVE-2018-0992
+ RESERVED
+CVE-2018-0991
+ RESERVED
+CVE-2018-0990
+ RESERVED
+CVE-2018-0989
+ RESERVED
+CVE-2018-0988
+ RESERVED
+CVE-2018-0987
+ RESERVED
+CVE-2018-0986
+ RESERVED
+CVE-2018-0985
+ RESERVED
+CVE-2018-0984
+ RESERVED
+CVE-2018-0983
+ RESERVED
+CVE-2018-0982
+ RESERVED
+CVE-2018-0981
+ RESERVED
+CVE-2018-0980
+ RESERVED
+CVE-2018-0979
+ RESERVED
+CVE-2018-0978
+ RESERVED
+CVE-2018-0977
+ RESERVED
+CVE-2018-0976
+ RESERVED
+CVE-2018-0975
+ RESERVED
+CVE-2018-0974
+ RESERVED
+CVE-2018-0973
+ RESERVED
+CVE-2018-0972
+ RESERVED
+CVE-2018-0971
+ RESERVED
+CVE-2018-0970
+ RESERVED
+CVE-2018-0969
+ RESERVED
+CVE-2018-0968
+ RESERVED
+CVE-2018-0967
+ RESERVED
+CVE-2018-0966
+ RESERVED
+CVE-2018-0965
+ RESERVED
+CVE-2018-0964
+ RESERVED
+CVE-2018-0963
+ RESERVED
+CVE-2018-0962
+ RESERVED
+CVE-2018-0961
+ RESERVED
+CVE-2018-0960
+ RESERVED
+CVE-2018-0959
+ RESERVED
+CVE-2018-0958
+ RESERVED
+CVE-2018-0957
+ RESERVED
+CVE-2018-0956
+ RESERVED
+CVE-2018-0955
+ RESERVED
+CVE-2018-0954
+ RESERVED
+CVE-2018-0953
+ RESERVED
+CVE-2018-0952
+ RESERVED
+CVE-2018-0951
+ RESERVED
+CVE-2018-0950
+ RESERVED
+CVE-2018-0949
+ RESERVED
+CVE-2018-0948
+ RESERVED
+CVE-2018-0947
+ RESERVED
+CVE-2018-0946
+ RESERVED
+CVE-2018-0945
+ RESERVED
+CVE-2018-0944
+ RESERVED
+CVE-2018-0943
+ RESERVED
+CVE-2018-0942
+ RESERVED
+CVE-2018-0941
+ RESERVED
+CVE-2018-0940
+ RESERVED
+CVE-2018-0939
+ RESERVED
+CVE-2018-0938
+ RESERVED
+CVE-2018-0937
+ RESERVED
+CVE-2018-0936
+ RESERVED
+CVE-2018-0935
+ RESERVED
+CVE-2018-0934
+ RESERVED
+CVE-2018-0933
+ RESERVED
+CVE-2018-0932
+ RESERVED
+CVE-2018-0931
+ RESERVED
+CVE-2018-0930
+ RESERVED
+CVE-2018-0929
+ RESERVED
+CVE-2018-0928
+ RESERVED
+CVE-2018-0927
+ RESERVED
+CVE-2018-0926
+ RESERVED
+CVE-2018-0925
+ RESERVED
+CVE-2018-0924
+ RESERVED
+CVE-2018-0923
+ RESERVED
+CVE-2018-0922
+ RESERVED
+CVE-2018-0921
+ RESERVED
+CVE-2018-0920
+ RESERVED
+CVE-2018-0919
+ RESERVED
+CVE-2018-0918
+ RESERVED
+CVE-2018-0917
+ RESERVED
+CVE-2018-0916
+ RESERVED
+CVE-2018-0915
+ RESERVED
+CVE-2018-0914
+ RESERVED
+CVE-2018-0913
+ RESERVED
+CVE-2018-0912
+ RESERVED
+CVE-2018-0911
+ RESERVED
+CVE-2018-0910
+ RESERVED
+CVE-2018-0909
+ RESERVED
+CVE-2018-0908
+ RESERVED
+CVE-2018-0907
+ RESERVED
+CVE-2018-0906
+ RESERVED
+CVE-2018-0905
+ RESERVED
+CVE-2018-0904
+ RESERVED
+CVE-2018-0903
+ RESERVED
+CVE-2018-0902
+ RESERVED
+CVE-2018-0901
+ RESERVED
+CVE-2018-0900
+ RESERVED
+CVE-2018-0899
+ RESERVED
+CVE-2018-0898
+ RESERVED
+CVE-2018-0897
+ RESERVED
+CVE-2018-0896
+ RESERVED
+CVE-2018-0895
+ RESERVED
+CVE-2018-0894
+ RESERVED
+CVE-2018-0893
+ RESERVED
+CVE-2018-0892
+ RESERVED
+CVE-2018-0891
+ RESERVED
+CVE-2018-0890
+ RESERVED
+CVE-2018-0889
+ RESERVED
+CVE-2018-0888
+ RESERVED
+CVE-2018-0887
+ RESERVED
+CVE-2018-0886
+ RESERVED
+CVE-2018-0885
+ RESERVED
+CVE-2018-0884
+ RESERVED
+CVE-2018-0883
+ RESERVED
+CVE-2018-0882
+ RESERVED
+CVE-2018-0881
+ RESERVED
+CVE-2018-0880
+ RESERVED
+CVE-2018-0879
+ RESERVED
+CVE-2018-0878
+ RESERVED
+CVE-2018-0877
+ RESERVED
+CVE-2018-0876
+ RESERVED
+CVE-2018-0875
+ RESERVED
+CVE-2018-0874
+ RESERVED
+CVE-2018-0873
+ RESERVED
+CVE-2018-0872
+ RESERVED
+CVE-2018-0871
+ RESERVED
+CVE-2018-0870
+ RESERVED
+CVE-2018-0869
+ RESERVED
+CVE-2018-0868
+ RESERVED
+CVE-2018-0867
+ RESERVED
+CVE-2018-0866
+ RESERVED
+CVE-2018-0865
+ RESERVED
+CVE-2018-0864
+ RESERVED
+CVE-2018-0863
+ RESERVED
+CVE-2018-0862
+ RESERVED
+CVE-2018-0861
+ RESERVED
+CVE-2018-0860
+ RESERVED
+CVE-2018-0859
+ RESERVED
+CVE-2018-0858
+ RESERVED
+CVE-2018-0857
+ RESERVED
+CVE-2018-0856
+ RESERVED
+CVE-2018-0855
+ RESERVED
+CVE-2018-0854
+ RESERVED
+CVE-2018-0853
+ RESERVED
+CVE-2018-0852
+ RESERVED
+CVE-2018-0851
+ RESERVED
+CVE-2018-0850
+ RESERVED
+CVE-2018-0849
+ RESERVED
+CVE-2018-0848
+ RESERVED
+CVE-2018-0847
+ RESERVED
+CVE-2018-0846
+ RESERVED
+CVE-2018-0845
+ RESERVED
+CVE-2018-0844
+ RESERVED
+CVE-2018-0843
+ RESERVED
+CVE-2018-0842
+ RESERVED
+CVE-2018-0841
+ RESERVED
+CVE-2018-0840
+ RESERVED
+CVE-2018-0839
+ RESERVED
+CVE-2018-0838
+ RESERVED
+CVE-2018-0837
+ RESERVED
+CVE-2018-0836
+ RESERVED
+CVE-2018-0835
+ RESERVED
+CVE-2018-0834
+ RESERVED
+CVE-2018-0833
+ RESERVED
+CVE-2018-0832
+ RESERVED
+CVE-2018-0831
+ RESERVED
+CVE-2018-0830
+ RESERVED
+CVE-2018-0829
+ RESERVED
+CVE-2018-0828
+ RESERVED
+CVE-2018-0827
+ RESERVED
+CVE-2018-0826
+ RESERVED
+CVE-2018-0825
+ RESERVED
+CVE-2018-0824
+ RESERVED
+CVE-2018-0823
+ RESERVED
+CVE-2018-0822
+ RESERVED
+CVE-2018-0821
+ RESERVED
+CVE-2018-0820
+ RESERVED
+CVE-2018-0819
+ RESERVED
+CVE-2018-0818
+ RESERVED
+CVE-2018-0817
+ RESERVED
+CVE-2018-0816
+ RESERVED
+CVE-2018-0815
+ RESERVED
+CVE-2018-0814
+ RESERVED
+CVE-2018-0813
+ RESERVED
+CVE-2018-0812
+ RESERVED
+CVE-2018-0811
+ RESERVED
+CVE-2018-0810
+ RESERVED
+CVE-2018-0809
+ RESERVED
+CVE-2018-0808
+ RESERVED
+CVE-2018-0807
+ RESERVED
+CVE-2018-0806
+ RESERVED
+CVE-2018-0805
+ RESERVED
+CVE-2018-0804
+ RESERVED
+CVE-2018-0803
+ RESERVED
+CVE-2018-0802
+ RESERVED
+CVE-2018-0801
+ RESERVED
+CVE-2018-0800
+ RESERVED
+CVE-2018-0799
+ RESERVED
+CVE-2018-0798
+ RESERVED
+CVE-2018-0797
+ RESERVED
+CVE-2018-0796
+ RESERVED
+CVE-2018-0795
+ RESERVED
+CVE-2018-0794
+ RESERVED
+CVE-2018-0793
+ RESERVED
+CVE-2018-0792
+ RESERVED
+CVE-2018-0791
+ RESERVED
+CVE-2018-0790
+ RESERVED
+CVE-2018-0789
+ RESERVED
+CVE-2018-0788
+ RESERVED
+CVE-2018-0787
+ RESERVED
+CVE-2018-0786
+ RESERVED
+CVE-2018-0785
+ RESERVED
+CVE-2018-0784
+ RESERVED
+CVE-2018-0783
+ RESERVED
+CVE-2018-0782
+ RESERVED
+CVE-2018-0781
+ RESERVED
+CVE-2018-0780
+ RESERVED
+CVE-2018-0779
+ RESERVED
+CVE-2018-0778
+ RESERVED
+CVE-2018-0777
+ RESERVED
+CVE-2018-0776
+ RESERVED
+CVE-2018-0775
+ RESERVED
+CVE-2018-0774
+ RESERVED
+CVE-2018-0773
+ RESERVED
+CVE-2018-0772
+ RESERVED
+CVE-2018-0771
+ RESERVED
+CVE-2018-0770
+ RESERVED
+CVE-2018-0769
+ RESERVED
+CVE-2018-0768
+ RESERVED
+CVE-2018-0767
+ RESERVED
+CVE-2018-0766
+ RESERVED
+CVE-2018-0765
+ RESERVED
+CVE-2018-0764
+ RESERVED
+CVE-2018-0763
+ RESERVED
+CVE-2018-0762
+ RESERVED
+CVE-2018-0761
+ RESERVED
+CVE-2018-0760
+ RESERVED
+CVE-2018-0759
+ RESERVED
+CVE-2018-0758
+ RESERVED
+CVE-2018-0757
+ RESERVED
+CVE-2018-0756
+ RESERVED
+CVE-2018-0755
+ RESERVED
+CVE-2018-0754
+ RESERVED
+CVE-2018-0753
+ RESERVED
+CVE-2018-0752
+ RESERVED
+CVE-2018-0751
+ RESERVED
+CVE-2018-0750
+ RESERVED
+CVE-2018-0749
+ RESERVED
+CVE-2018-0748
+ RESERVED
+CVE-2018-0747
+ RESERVED
+CVE-2018-0746
+ RESERVED
+CVE-2018-0745
+ RESERVED
+CVE-2018-0744
+ RESERVED
+CVE-2018-0743
+ RESERVED
+CVE-2018-0742
+ RESERVED
+CVE-2018-0741
+ RESERVED
+CVE-2017-17089
+ RESERVED
CVE-2017-XXXX [Use a properly generated hash for the 'newbloguser' key instead
of a determinate substring]
- wordpress <unfixed>
NOTE:
https://github.com/WordPress/WordPress/commit/eaf1cfdc1fe0bdffabd8d879c591b864d833326c
@@ -1653,8 +2255,8 @@
NOT-FOR-US: InLinks plugin for WordPress
CVE-2017-16954
RESERVED
-CVE-2017-16953
- RESERVED
+CVE-2017-16953 (connoppp.cgi on ZTE ZXDSL 831CII devices does not require HTTP
Basic ...)
+ TODO: check
CVE-2017-16952 (KMPlayer 4.2.2.4 allows remote attackers to cause a denial of
service ...)
TODO: check
CVE-2017-16951 (Winamp Pro 5.66 Build 3512 allows remote attackers to cause a
denial ...)
@@ -1826,12 +2428,12 @@
- tt-rss <unfixed> (bug #882543)
NOTE:
https://discourse.tt-rss.org/t/sql-injection-in-forgotpass-fixed/669
NOTE:
https://git.tt-rss.org/git/tt-rss/commit/2352c320c2ed34ec7df1ad22f0c55a1b26489815
-CVE-2017-16895
- RESERVED
+CVE-2017-16895 (The (1) arq_updater, (2) arqcommitter, (3) standardrestorer,
(4) ...)
+ TODO: check
CVE-2017-16894 (In Laravel framework through 5.5.21, remote attackers can
obtain ...)
NOT-FOR-US: Laravel framework
-CVE-2017-16893
- RESERVED
+CVE-2017-16893 (The application Piwigo is affected by an SQL injection
vulnerability ...)
+ TODO: check
CVE-2017-16892 (In Bftpd before 4.7, there is a memory leak in the file rename
...)
- bftpd <itp> (bug #640469)
NOTE: http://bftpd.sourceforge.net/news.html#032390
@@ -2992,14 +3594,12 @@
{DSA-4044-1}
- swauth 1.2.0-4 (bug #882314)
NOTE: https://bugs.launchpad.net/swift/+bug/1655781
-CVE-2017-16612 [heap overflows when parsing malicious files]
- RESERVED
+CVE-2017-16612 (libXcursor before 1.1.15 has various integer overflows that
could lead ...)
- libxcursor <unfixed>
NOTE: http://www.openwall.com/lists/oss-security/2017/11/28/6
NOTE:
https://cgit.freedesktop.org/xorg/lib/libXcursor/commit/?id=4794b5dd34688158fb51a2943032569d3780c4b8
NOTE:
https://marc.info/?l=freedesktop-xorg-announce&m=151188036018262&w=2
-CVE-2017-16611 [Open files with O_NOFOLLOW]
- RESERVED
+CVE-2017-16611 (In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local
attacker ...)
- libxfont <unfixed> (low)
[stretch] - libxfont <no-dsa> (Minor issue)
[jessie] - libxfont <no-dsa> (Minor issue)
@@ -5501,8 +6101,8 @@
RESERVED
CVE-2017-15708
RESERVED
-CVE-2017-15707
- RESERVED
+CVE-2017-15707 (In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an
outdated ...)
+ TODO: check
CVE-2017-15706
RESERVED
CVE-2017-15705
@@ -5511,11 +6111,9 @@
RESERVED
CVE-2017-15703
RESERVED
-CVE-2017-15702
- RESERVED
+CVE-2017-15702 (In Apache Qpid Broker-J 0.18 through 0.32, if the broker is
configured ...)
- qpid-java <itp> (bug #840131)
-CVE-2017-15701
- RESERVED
+CVE-2017-15701 (In Apache Qpid Broker-J before 6.1.x before 6.1.5, the broker
does not ...)
- qpid-java <itp> (bug #840131)
CVE-2017-15700
RESERVED
@@ -6379,8 +6977,8 @@
NOT-FOR-US: 3CX Phone System
CVE-2017-15358
RESERVED
-CVE-2017-15357
- RESERVED
+CVE-2017-15357 (The setpermissions function in the auto-updater in Arq before
5.9.7 ...)
+ TODO: check
CVE-2017-15356
RESERVED
CVE-2017-15355
@@ -7699,8 +8297,8 @@
CVE-2017-14954 (The waitid implementation in kernel/exit.c in the Linux kernel
through ...)
- linux <not-affected> (Vulnerable code introduced in v4.13-rc1)
NOTE: Fixed by:
https://git.kernel.org/linus/6c85501f2fabcfc4fc6ed976543d252c4eaf4be9
-CVE-2017-14953
- RESERVED
+CVE-2017-14953 (HikVision Wi-Fi IP cameras, when used in a wired
configuration, allow ...)
+ TODO: check
CVE-2017-14952 (Double free in i18n/zonemeta.cpp in International Components
for ...)
- icu 57.1-7 (bug #878840)
[stretch] - icu <postponed> (Should be fixed along in future update)
@@ -9091,10 +9689,10 @@
NOTE: Fixed by:
https://git.kernel.org/linus/c88f0e6b06f4092995688211a631bb436125d77b
CVE-2017-14488
RESERVED
-CVE-2017-14487
- RESERVED
-CVE-2017-14486
- RESERVED
+CVE-2017-14487 (The OhMiBod Remote app for Android and iOS allows remote
attackers to ...)
+ TODO: check
+CVE-2017-14486 (The Vibease Wireless Remote Vibrator app for Android and the
Vibease ...)
+ TODO: check
CVE-2017-14485
RESERVED
CVE-2017-14484 (The Gentoo sci-mathematics/gimps package before 28.10-r1 for
Great ...)
@@ -11525,10 +12123,10 @@
- x265 <not-affected> (Affected code is not enabled)
CVE-2017-13665
RESERVED
-CVE-2017-13664
- RESERVED
-CVE-2017-13663
- RESERVED
+CVE-2017-13664 (Password file exposure in firmware in iSmartAlarm CubeOne
version ...)
+ TODO: check
+CVE-2017-13663 (Encryption key exposure in firmware in iSmartAlarm CubeOne
version ...)
+ TODO: check
CVE-2017-13662
RESERVED
CVE-2017-13661
@@ -19689,32 +20287,32 @@
RESERVED
CVE-2017-10904
RESERVED
-CVE-2017-10903
- RESERVED
-CVE-2017-10902
- RESERVED
-CVE-2017-10901
- RESERVED
-CVE-2017-10900
- RESERVED
-CVE-2017-10899
- RESERVED
-CVE-2017-10898
- RESERVED
+CVE-2017-10903 (Improper authentication issue in PTW-WMS1 firmware version
2.000.012 ...)
+ TODO: check
+CVE-2017-10902 (PTW-WMS1 firmware version 2.000.012 allows remote attackers to
execute ...)
+ TODO: check
+CVE-2017-10901 (Buffer overflow in PTW-WMS1 firmware version 2.000.012 allows
remote ...)
+ TODO: check
+CVE-2017-10900 (PTW-WMS1 firmware version 2.000.012 allows remote attackers to
bypass ...)
+ TODO: check
+CVE-2017-10899 (SQL injection vulnerability in the A-Reserve and A-Reserve for
MT ...)
+ TODO: check
+CVE-2017-10898 (SQL injection vulnerability in the A-Member and A-Member for
MT cloud ...)
+ TODO: check
CVE-2017-10897
RESERVED
CVE-2017-10896
RESERVED
-CVE-2017-10895
- RESERVED
-CVE-2017-10894
- RESERVED
+CVE-2017-10895 (sDNSProxy.exe ver1.1.0.0 and earlier allows remote attackers
to cause ...)
+ TODO: check
+CVE-2017-10894 (StreamRelay.NET.exe ver2.14.0.7 and earlier allows remote
attackers to ...)
+ TODO: check
CVE-2017-10893
RESERVED
-CVE-2017-10892
- RESERVED
-CVE-2017-10891
- RESERVED
+CVE-2017-10892 (Untrusted search path vulnerability in Music Center for PC
version ...)
+ TODO: check
+CVE-2017-10891 (Untrusted search path vulnerability in Media Go version
3.2.0.191 and ...)
+ TODO: check
CVE-2017-10890 (Session management issue in RX-V200 firmware versions prior to
...)
NOT-FOR-US: RX-V200 firmware
CVE-2017-10889 (TablePress prior to version 1.8.1 allows an attacker to
conduct XML ...)
@@ -19747,8 +20345,8 @@
RESERVED
CVE-2017-10875 (I-O DATA DEVICE LAN DISK Connect Ver2.02 and earlier allows an
...)
NOT-FOR-US: I-O DATA DEVICE LAN DISK Connect
-CVE-2017-10874
- RESERVED
+CVE-2017-10874 (PWR-Q200 does not use random values for source ports of DNS
query ...)
+ TODO: check
CVE-2017-10873 (OpenAM (Open Source Edition) allows an attacker to bypass ...)
NOT-FOR-US: OpenAM
CVE-2017-10872
@@ -19773,8 +20371,8 @@
NOT-FOR-US: HIBUN Confidential File Decryption
CVE-2017-10862 (jwt-scala 1.2.2 and earlier fails to verify token signatures
correctly ...)
NOT-FOR-US: jwt-scala
-CVE-2017-10861
- RESERVED
+CVE-2017-10861 (Directory traversal vulnerability in QND Advance/Standard
allows an ...)
+ TODO: check
CVE-2017-10860 (Untrusted search path vulnerability in "i-filter 6.0
installer" ...)
NOT-FOR-US: i-filter 6.0 installer
CVE-2017-10859 (Untrusted search path vulnerability in "i-filter 6.0
installer" ...)
@@ -32644,8 +33242,8 @@
NOT-FOR-US: Cisco
CVE-2017-6680 (A vulnerability in the AutoVNF logging function of Cisco Ultra
Services ...)
NOT-FOR-US: Cisco
-CVE-2017-6679
- RESERVED
+CVE-2017-6679 (The Cisco Umbrella Virtual Appliance Version 2.0.3 and prior
contained ...)
+ TODO: check
CVE-2017-6678 (A vulnerability in the ingress UDP packet processing
functionality of ...)
NOT-FOR-US: Cisco
CVE-2017-6677
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
