Author: sectracker Date: 2017-12-20 09:10:13 +0000 (Wed, 20 Dec 2017) New Revision: 58716
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-12-20 05:56:12 UTC (rev 58715) +++ data/CVE/list 2017-12-20 09:10:13 UTC (rev 58716) @@ -1,3 +1,159 @@ +CVE-2018-3599 + RESERVED +CVE-2018-3598 + RESERVED +CVE-2018-3597 + RESERVED +CVE-2018-3596 + RESERVED +CVE-2018-3595 + RESERVED +CVE-2018-3594 + RESERVED +CVE-2018-3593 + RESERVED +CVE-2018-3592 + RESERVED +CVE-2018-3591 + RESERVED +CVE-2018-3590 + RESERVED +CVE-2018-3589 + RESERVED +CVE-2018-3588 + RESERVED +CVE-2018-3587 + RESERVED +CVE-2018-3586 + RESERVED +CVE-2018-3585 + RESERVED +CVE-2018-3584 + RESERVED +CVE-2018-3583 + RESERVED +CVE-2018-3582 + RESERVED +CVE-2018-3581 + RESERVED +CVE-2018-3580 + RESERVED +CVE-2018-3579 + RESERVED +CVE-2018-3578 + RESERVED +CVE-2018-3577 + RESERVED +CVE-2018-3576 + RESERVED +CVE-2018-3575 + RESERVED +CVE-2018-3574 + RESERVED +CVE-2018-3573 + RESERVED +CVE-2018-3572 + RESERVED +CVE-2018-3571 + RESERVED +CVE-2018-3570 + RESERVED +CVE-2018-3569 + RESERVED +CVE-2018-3568 + RESERVED +CVE-2018-3567 + RESERVED +CVE-2018-3566 + RESERVED +CVE-2018-3565 + RESERVED +CVE-2018-3564 + RESERVED +CVE-2018-3563 + RESERVED +CVE-2018-3562 + RESERVED +CVE-2018-3561 + RESERVED +CVE-2018-3560 + RESERVED +CVE-2017-17804 + RESERVED +CVE-2017-17803 + RESERVED +CVE-2017-17802 + RESERVED +CVE-2017-17801 + RESERVED +CVE-2017-17800 + RESERVED +CVE-2017-17799 + RESERVED +CVE-2017-17798 + RESERVED +CVE-2017-17797 + RESERVED +CVE-2017-17796 + RESERVED +CVE-2017-17795 + RESERVED +CVE-2017-17794 + RESERVED +CVE-2017-17793 + RESERVED +CVE-2017-17792 + RESERVED +CVE-2017-17791 + RESERVED +CVE-2017-17790 + RESERVED +CVE-2017-17783 + RESERVED +CVE-2017-17782 + RESERVED +CVE-2017-17781 + RESERVED +CVE-2017-17780 (The Clockwork SMS clockwork-test-message.php component has XSS via a ...) + TODO: check +CVE-2017-17779 (Paid To Read Script 2.0.5 has SQL injection via the referrals.php id ...) + TODO: check +CVE-2017-17778 (Paid To Read Script 2.0.5 has XSS via the referrals.php tier parameter ...) + TODO: check +CVE-2017-17777 (Paid To Read Script 2.0.5 has authentication bypass in the admin panel ...) + TODO: check +CVE-2017-17776 (Paid To Read Script 2.0.5 has full path disclosure via an invalid ...) + TODO: check +CVE-2017-17775 (Piwigo 2.9.2 has XSS via the name parameter in an ...) + TODO: check +CVE-2017-17774 (admin/configuration.php in Piwigo 2.9.2 has CSRF. ...) + TODO: check +CVE-2017-17773 + RESERVED +CVE-2017-17772 + RESERVED +CVE-2017-17771 + RESERVED +CVE-2017-17770 + RESERVED +CVE-2017-17769 + RESERVED +CVE-2017-17768 + RESERVED +CVE-2017-17767 + RESERVED +CVE-2017-17766 + RESERVED +CVE-2017-17765 + RESERVED +CVE-2017-17764 + RESERVED +CVE-2017-17763 (SuperBeam through 4.1.3, when using the LAN or WiFi Direct Share ...) + TODO: check +CVE-2017-17762 + RESERVED +CVE-2017-17761 (An issue was discovered on Ichano AtHome IP Camera devices. The device ...) + TODO: check CVE-2017-17476 [OSA-2017-10: Session hijacking] RESERVED - otrs2 <unfixed> (bug #884801) @@ -6,24 +162,30 @@ NOTE: OTRS-5: https://github.com/OTRS/otrs/commit/720c73fbf53e476ca7dfdf2ae1d4d3d2aad2b953 NOTE: OTRS-4: https://github.com/OTRS/otrs/commit/26707eaaa791648e6c7ad6aeaa27efd70e7c66eb CVE-2017-17785 [gimp: Heap overflow in FLI import] + RESERVED - gimp <unfixed> NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=739133 CVE-2017-17786 [gimp: OOB read in TGA] + RESERVED - gimp <unfixed> (unimportant) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=739134 NOTE: Crash in desktop tool, no/negligable security impact CVE-2017-17788 [gimp: OOB read in XCF] + RESERVED - gimp <unfixed> (unimportant) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=790783 NOTE: Crash in desktop tool, no/negligable security impact CVE-2017-17784 [gimp: OOB read in GBR] + RESERVED - gimp <unfixed> (unimportant) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=790784 NOTE: Crash in desktop tool, no/negligable security impact CVE-2017-17789 [gimp: Heap overflow in PSP] + RESERVED - gimp <unfixed> NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=790849 CVE-2017-17787 [gimp: OOB read in PSP] + RESERVED - gimp <unfixed> (unimportant) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=790853 NOTE: Crash in desktop tool, no/negligable security impact @@ -12278,7 +12440,7 @@ RESERVED CVE-2014-10064 RESERVED -CVE-2017-15994 (rsync 3.1.3-development before 2017-10-24, as used in the xlucas svfs ...) +CVE-2017-15994 (rsync 3.1.3-development before 2017-10-24 mishandles archaic ...) - rsync <not-affected> (Problematic code to allow checksum choice only introduced after 3.1.2 release) NOTE: https://git.samba.org/?p=rsync.git;a=commit;h=7b8a4ecd6ff9cdf4e5d3850ebf822f1e989255b3 NOTE: https://git.samba.org/?p=rsync.git;a=commit;h=9a480deec4d20277d8e20bc55515ef0640ca1e55 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits