Author: sectracker
Date: 2017-12-04 21:10:19 +0000 (Mon, 04 Dec 2017)
New Revision: 58254
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-04 20:52:15 UTC (rev 58253)
+++ data/CVE/list 2017-12-04 21:10:19 UTC (rev 58254)
@@ -1,3 +1,11 @@
+CVE-2017-17384
+ RESERVED
+CVE-2017-17383
+ RESERVED
+CVE-2017-17382
+ RESERVED
+CVE-2017-17381
+ RESERVED
CVE-2018-1140
RESERVED
CVE-2018-1139
@@ -1533,10 +1541,10 @@
RESERVED
CVE-2017-17058 (The WooCommerce plugin through 3.x for WordPress has a
Directory ...)
NOT-FOR-US: WooCommerce plugin for WordPress
-CVE-2017-17057
- RESERVED
-CVE-2017-17056
- RESERVED
+CVE-2017-17057 (There is a reflected XSS vulnerability in ZKTime Web
2.0.1.12280. The ...)
+ TODO: check
+CVE-2017-17056 (The ZKTime Web Software 2.0.1.12280 allows the Administrator
to ...)
+ TODO: check
CVE-2017-17055
RESERVED
CVE-2017-17054 (In aubio 0.4.6, a divide-by-zero error exists in the function
...)
@@ -4118,8 +4126,8 @@
RESERVED
CVE-2017-16722
RESERVED
-CVE-2017-16721
- RESERVED
+CVE-2017-16721 (A Cross-site Scripting issue was discovered in Geovap Reliance
SCADA ...)
+ TODO: check
CVE-2017-16720
RESERVED
CVE-2017-16719 (An Injection issue was discovered in Moxa NPort 5110 Version
2.2, NPort ...)
@@ -6431,6 +6439,7 @@
- konversation 1.7.3-1 (bug #881586)
NOTE:
https://cgit.kde.org/konversation.git/commit/?h=1.7&id=6a7f59ee1b9dbc6e5cf9e5f3b306504d02b73ef0
CVE-2017-15922 (In GNU Libextractor 1.4, there is an out-of-bounds read in the
...)
+ {DLA-1198-1}
- libextractor <unfixed> (low; bug #880016)
NOTE:
http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00008.html
NOTE: Fixed by:
https://gnunet.org/git/libextractor.git/commit/?id=d4d488b0e5ab13dda241d688d87a07816368f117
@@ -6508,8 +6517,8 @@
RESERVED
CVE-2017-15890
RESERVED
-CVE-2017-15889
- RESERVED
+CVE-2017-15889 (Command injection vulnerability in smart.cgi in Synology
DiskStation ...)
+ TODO: check
CVE-2017-15888 (Cross-site scripting (XSS) vulnerability in Custom Internet
Radio List ...)
NOT-FOR-US: Synology
CVE-2017-15887 (An improper restriction of excessive authentication attempts
...)
@@ -6931,7 +6940,7 @@
RESERVED
CVE-2017-15702 (In Apache Qpid Broker-J 0.18 through 0.32, if the broker is
configured ...)
- qpid-java <itp> (bug #840131)
-CVE-2017-15701 (In Apache Qpid Broker-J before 6.1.x before 6.1.5, the broker
does not ...)
+CVE-2017-15701 (In Apache Qpid Broker-J versions 6.1.0 through 6.1.4
(inclusive) the ...)
- qpid-java <itp> (bug #840131)
CVE-2017-15700
RESERVED
@@ -7172,14 +7181,17 @@
CVE-2017-15603
RESERVED
CVE-2017-15602 (In GNU Libextractor 1.4, there is an integer signedness error
for the ...)
+ {DLA-1198-1}
- libextractor 1:1.6-1
NOTE:
http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00005.html
NOTE: Fixed by
https://gnunet.org/git/libextractor.git/commit/?id=ffab889c1710c7646af9ed360c796a2a0a619efc
CVE-2017-15601 (In GNU Libextractor 1.4, there is a heap-based buffer overflow
in the ...)
+ {DLA-1198-1}
- libextractor 1:1.6-1
NOTE:
http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00006.html
NOTE: Fixed by
https://gnunet.org/git/libextractor.git/commit/?id=f813535dad4ad860b989952a46266a1469801091
CVE-2017-15600 (In GNU Libextractor 1.4, there is a NULL Pointer Dereference
in the ...)
+ {DLA-1198-1}
- libextractor 1:1.6-1
NOTE:
http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00004.html
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1501695
@@ -8064,6 +8076,7 @@
NOTE: https://bugs.launchpad.net/bugs/1718964
NOTE: Fixed by:
https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=a7b20a8efa28e5f22c26c06cd06c2f12bc863493
CVE-2017-15267 (In GNU Libextractor 1.4, there is a NULL Pointer Dereference
in ...)
+ {DLA-1198-1}
- libextractor 1:1.6-1 (bug #878314)
[stretch] - libextractor <no-dsa> (Minor issue)
[jessie] - libextractor <no-dsa> (Minor issue)
@@ -8072,6 +8085,7 @@
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1499600
NOTE: Fixed by:
https://gnunet.org/git/libextractor.git/commit/?id=6095d7132b57fc7368fc7a40bab2a71b735724d2
CVE-2017-15266 (In GNU Libextractor 1.4, there is a Divide-By-Zero in ...)
+ {DLA-1198-1}
- libextractor 1:1.6-1 (bug #878314)
[stretch] - libextractor <no-dsa> (Minor issue)
[jessie] - libextractor <no-dsa> (Minor issue)
@@ -17566,10 +17580,10 @@
RESERVED
CVE-2017-12081
RESERVED
-CVE-2017-12080
- RESERVED
-CVE-2017-12079
- RESERVED
+CVE-2017-12080 (An information exposure vulnerability in default HTTP
configuration ...)
+ TODO: check
+CVE-2017-12079 (Files or directories accessible to external parties
vulnerability in ...)
+ TODO: check
CVE-2017-12078
RESERVED
CVE-2017-12077 (Uncontrolled Resource Consumption vulnerability in ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
