[Secure-testing-commits] r58288 - data/CVE

security tracker role Wed, 06 Dec 2017 01:11:12 -0800

Author: sectracker
Date: 2017-12-06 09:10:24 +0000 (Wed, 06 Dec 2017)
New Revision: 58288


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-12-06 07:56:02 UTC (rev 58287)
+++ data/CVE/list       2017-12-06 09:10:24 UTC (rev 58288)
@@ -1,3 +1,17 @@
+CVE-2017-17438
+       RESERVED
+CVE-2017-17437
+       RESERVED
+CVE-2017-17436
+       RESERVED
+CVE-2017-17435
+       RESERVED
+CVE-2017-17434 (The daemon in rsync 3.1.2, and 3.1.3-development before 
2017-12-03, ...)
+       TODO: check
+CVE-2017-17433 (The recv_files function in receiver.c in the daemon in rsync 
3.1.2, and ...)
+       TODO: check
+CVE-2017-17431 (GeniXCMS 1.1.5 has XSS via the from, id, lang, menuid, mod, q, 
status, ...)
+       TODO: check
 CVE-2017-17430
        RESERVED
 CVE-2017-17429
@@ -17,7 +31,7 @@
        RESERVED
 CVE-2017-1000408
        RESERVED
-CVE-2017-17432 [OPENAFS-SA-2017-001: Rx assertion failure from insufficient 
input validation]
+CVE-2017-17432 (OpenAFS 1.x before 1.6.22 does not properly validate Rx ack 
packets, ...)
        - openafs 1.6.22-1 (bug #883602)
        NOTE: https://www.openafs.org/pages/security/OPENAFS-SA-2017-001.txt
 CVE-2018-1180
@@ -184,8 +198,8 @@
        RESERVED
 CVE-2017-17384
        RESERVED
-CVE-2017-17383
-       RESERVED
+CVE-2017-17383 (Jenkins through 2.93 allows remote authenticated 
administrators to ...)
+       TODO: check
 CVE-2017-17382
        RESERVED
 CVE-2017-17381 [virtio: divide by zero exception while updating rings]
@@ -1702,8 +1716,8 @@
        RESERVED
 CVE-2017-17070
        RESERVED
-CVE-2017-17069
-       RESERVED
+CVE-2017-17069 (ActiveSetupN.exe in Amazon Audible for Windows before November 
2017 ...)
+       TODO: check
 CVE-2017-17068
        RESERVED
 CVE-2017-17067 (Splunk Web in Splunk Enterprise 7.0.x before 7.0.0.1, 6.6.x 
before ...)
@@ -6772,8 +6786,7 @@
        RESERVED
 CVE-2017-15869
        RESERVED
-CVE-2017-15868 [Bluetooth: bnep: bnep_add_connection() should verify that it's 
dealing with l2cap socket]
-       RESERVED
+CVE-2017-15868 (The bnep_add_connection function in net/bluetooth/bnep/core.c 
in the ...)
        - linux 4.0.2-1
        NOTE: Fixed by: 
https://git.kernel.org/linus/71bb99a02b32b4cc4265118e85f6035ca72923f0 
(v3.19-rc3)
 CVE-2017-15867 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
@@ -11024,8 +11037,8 @@
        NOT-FOR-US: EMC AppSync Server
 CVE-2017-14375 (EMC Unisphere for VMAX Virtual Appliance (vApp) versions prior 
to ...)
        NOT-FOR-US: EMC
-CVE-2017-14374
-       RESERVED
+CVE-2017-14374 (The SMI-S service in Dell Storage Manager versions earlier 
than 16.3.20 ...)
+       TODO: check
 CVE-2017-14373 (EMC RSA Authentication Manager 8.2 SP1 P4 and earlier contains 
a ...)
        NOT-FOR-US: RSA Authentication Manager
 CVE-2017-14372 (RSA Archer GRC Platform prior to 6.2.0.5 is affected by 
reflected ...)
@@ -11062,8 +11075,8 @@
        NOT-FOR-US: HP ArcSight
 CVE-2017-14356 (An SQL Injection vulnerability in HP ArcSight ESM and HP 
ArcSight ESM ...)
        NOT-FOR-US: HP ArcSight
-CVE-2017-14355
-       RESERVED
+CVE-2017-14355 (A potential security vulnerability has been identified in HPE 
...)
+       TODO: check
 CVE-2017-14354 (A remote cross-site scripting vulnerability in HP UCMDB 
Foundation ...)
        NOT-FOR-US: HP UCMDB Foundation
 CVE-2017-14353 (A remote code execution vulnerability in HP UCMDB Foundation 
Software ...)
@@ -12129,8 +12142,8 @@
        NOT-FOR-US: AutomationDirect
 CVE-2017-14019 (An Unquoted Search Path or Element issue was discovered in 
Progea ...)
        NOT-FOR-US: Progea Movicon
-CVE-2017-14018
-       RESERVED
+CVE-2017-14018 (An improper authentication issue was discovered in Johnson 
&amp; Johnson ...)
+       TODO: check
 CVE-2017-14017 (An Uncontrolled Search Path Element issue was discovered in 
Progea ...)
        NOT-FOR-US: Progea Movicon
 CVE-2017-14016 (A Stack-based Buffer Overflow issue was discovered in 
Advantech ...)
@@ -40610,8 +40623,8 @@
        NOT-FOR-US: VMware
 CVE-2017-4921 (VMware vCenter Server (6.5 prior to 6.5 U1) contains an 
insecure ...)
        NOT-FOR-US: VMware
-CVE-2017-4920
-       RESERVED
+CVE-2017-4920 (The implementation of the OSPF protocol in VMware NSX-V Edge 
6.2.x ...)
+       TODO: check
 CVE-2017-4919 (VMware vCenter Server 5.5, 6.0, 6.5 allows vSphere users with 
certain, ...)
        NOT-FOR-US: VMware vCenter Server
 CVE-2017-4918 (VMware Horizon View Client (2.x, 3.x and 4.x prior to 4.5.0) 
contains ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r58288 - data/CVE

Reply via email to