[Secure-testing-commits] r50463 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Sat Apr 8 09:10:18 UTC 2017
Author: sectracker
Date: 2017-04-08 09:10:18 +0000 (Sat, 08 Apr 2017)
New Revision: 50463
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-04-08 06:53:52 UTC (rev 50462)
+++ data/CVE/list 2017-04-08 09:10:18 UTC (rev 50463)
@@ -1,3 +1,5 @@
+CVE-2017-7587
+ RESERVED
CVE-2017-7586 (In libsndfile before 1.0.28, an error in the "header_read()" function ...)
- libsndfile 1.0.27-2
NOTE: https://github.com/erikd/libsndfile/commit/708e996c87c5fae77b104ccfeb8f6db784c32074
@@ -22,10 +24,10 @@
RESERVED
CVE-2017-7579 (inc/PMF/Faq.php in phpMyFAQ before 2.9.7 has XSS in the question field. ...)
NOT-FOR-US: phpMyFAQ
-CVE-2007-6760
- RESERVED
-CVE-2007-6759
- RESERVED
+CVE-2007-6760 (Dataprobe iBootBar (with 2007-09-20 and possibly later beta firmware) ...)
+ TODO: check
+CVE-2007-6759 (Dataprobe iBootBar (with 2007-09-20 and possibly later released ...)
+ TODO: check
CVE-2017-7577 (XiongMai uc-httpd has directory traversal allowing the reading of ...)
NOT-FOR-US: XiongMai uc-httpd
CVE-2017-7576 (DragonWave Horizon 1.01.03 wireless radios have hardcoded login ...)
@@ -4286,8 +4288,8 @@
RESERVED
CVE-2017-6034
RESERVED
-CVE-2017-6033
- RESERVED
+CVE-2017-6033 (A DLL Hijacking issue was discovered in Schneider Electric Interactive ...)
+ TODO: check
CVE-2017-6032
RESERVED
CVE-2017-6031
@@ -4314,8 +4316,8 @@
RESERVED
CVE-2017-6020
RESERVED
-CVE-2017-6019
- RESERVED
+CVE-2017-6019 (An issue was discovered in Schneider Electric Conext ComBox, model ...)
+ TODO: check
CVE-2017-6018
RESERVED
CVE-2017-6017
@@ -4660,6 +4662,7 @@
[wheezy] - postfixadmin <not-affected> (Vulnerable code not present)
NOTE: http://www.openwall.com/lists/oss-security/2017/02/07/6
CVE-2017-5929 (QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting ...)
+ {DLA-888-1}
- logback 1:1.1.9-3 (bug #857343)
[jessie] - logback <no-dsa> (Minor issue; can be fixed via point release)
NOTE: https://github.com/qos-ch/logback/commit/f46044b805bca91efe5fd6afe52257cd02f775f8
@@ -18376,138 +18379,105 @@
RESERVED
CVE-2017-0587
RESERVED
-CVE-2017-0586
- RESERVED
+CVE-2017-0586 (An information disclosure vulnerability in the Qualcomm sound driver ...)
NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0585
- RESERVED
+CVE-2017-0585 (An information disclosure vulnerability in the Broadcom Wi-Fi driver ...)
NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0584
- RESERVED
+CVE-2017-0584 (An information disclosure vulnerability in the Qualcomm Wi-Fi driver ...)
NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0583
- RESERVED
+CVE-2017-0583 (An elevation of privilege vulnerability in the Qualcomm CP access ...)
NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0582
- RESERVED
+CVE-2017-0582 (An elevation of privilege vulnerability in the HTC OEM fastboot ...)
NOT-FOR-US: HTC driver for Android
-CVE-2017-0581
- RESERVED
+CVE-2017-0581 (An elevation of privilege vulnerability in the Synaptics Touchscreen ...)
NOT-FOR-US: Synaptics driver for Android
-CVE-2017-0580
- RESERVED
+CVE-2017-0580 (An elevation of privilege vulnerability in the Synaptics Touchscreen ...)
NOT-FOR-US: Synaptics driver for Android
-CVE-2017-0579
- RESERVED
+CVE-2017-0579 (An elevation of privilege vulnerability in the Qualcomm video driver ...)
NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0578
- RESERVED
+CVE-2017-0578 (An elevation of privilege vulnerability in the DTS sound driver could ...)
NOT-FOR-US: DTS driver for Android
-CVE-2017-0577
- RESERVED
+CVE-2017-0577 (An elevation of privilege vulnerability in the HTC touchscreen driver ...)
NOT-FOR-US: HTC driver for Android
-CVE-2017-0576
- RESERVED
+CVE-2017-0576 (An elevation of privilege vulnerability in the Qualcomm crypto engine ...)
NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0575
- RESERVED
+CVE-2017-0575 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...)
NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0574
- RESERVED
+CVE-2017-0574 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0573
- RESERVED
+CVE-2017-0573 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0572
- RESERVED
+CVE-2017-0572 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0571
- RESERVED
+CVE-2017-0571 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0570
- RESERVED
+CVE-2017-0570 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0569
- RESERVED
+CVE-2017-0569 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0568
- RESERVED
+CVE-2017-0568 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0567
- RESERVED
+CVE-2017-0567 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0566
- RESERVED
+CVE-2017-0566 (An elevation of privilege vulnerability in the MediaTek camera driver ...)
NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0565
- RESERVED
+CVE-2017-0565 (An elevation of privilege vulnerability in the MediaTek thermal driver ...)
NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0564
- RESERVED
+CVE-2017-0564 (An elevation of privilege vulnerability in the kernel ION subsystem ...)
- linux <undetermined>
NOTE: present in drivers/staging/android/ion
-CVE-2017-0563
- RESERVED
+CVE-2017-0563 (An elevation of privilege vulnerability in the HTC touchscreen driver ...)
NOT-FOR-US: HTC driver for Android
-CVE-2017-0562
- RESERVED
+CVE-2017-0562 (An elevation of privilege vulnerability in the MediaTek touchscreen ...)
NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0561
- RESERVED
+CVE-2017-0561 (A remote code execution vulnerability in the Broadcom Wi-Fi firmware ...)
NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0560
- RESERVED
+CVE-2017-0560 (An information disclosure vulnerability in the factory reset process ...)
NOT-FOR-US: Android
-CVE-2017-0559
- RESERVED
+CVE-2017-0559 (An information disclosure vulnerability in libskia could enable a ...)
- skia <itp> (bug #818180)
-CVE-2017-0558
- RESERVED
-CVE-2017-0557
- RESERVED
-CVE-2017-0556
- RESERVED
-CVE-2017-0555
- RESERVED
-CVE-2017-0554
- RESERVED
+CVE-2017-0558 (An information disclosure vulnerability in Mediaserver could enable a ...)
+ TODO: check
+CVE-2017-0557 (An information disclosure vulnerability in libmpeg2 in Mediaserver ...)
+ TODO: check
+CVE-2017-0556 (An information disclosure vulnerability in libmpeg2 in Mediaserver ...)
+ TODO: check
+CVE-2017-0555 (An information disclosure vulnerability in libavc in Mediaserver could ...)
+ TODO: check
+CVE-2017-0554 (An elevation of privilege vulnerability in the Telephony component ...)
NOT-FOR-US: Android
-CVE-2017-0553
- RESERVED
-CVE-2017-0552
- RESERVED
-CVE-2017-0551
- RESERVED
-CVE-2017-0550
- RESERVED
-CVE-2017-0549
- RESERVED
-CVE-2017-0548
- RESERVED
+CVE-2017-0553 (An elevation of privilege vulnerability in libnl could enable a local ...)
+ TODO: check
+CVE-2017-0552 (A remote denial of service vulnerability in libavc in Mediaserver ...)
+ TODO: check
+CVE-2017-0551 (A remote denial of service vulnerability in libavc in Mediaserver ...)
+ TODO: check
+CVE-2017-0550 (A remote denial of service vulnerability in libavc in Mediaserver ...)
+ TODO: check
+CVE-2017-0549 (A remote denial of service vulnerability in libavc in Mediaserver ...)
+ TODO: check
+CVE-2017-0548 (A remote denial of service vulnerability in libskia could enable an ...)
- skia <itp> (bug #818180)
-CVE-2017-0547
- RESERVED
-CVE-2017-0546
- RESERVED
+CVE-2017-0547 (An information disclosure vulnerability in libmedia in Mediaserver ...)
+ TODO: check
+CVE-2017-0546 (An elevation of privilege vulnerability in SurfaceFlinger could enable ...)
NOT-FOR-US: Android
-CVE-2017-0545
- RESERVED
+CVE-2017-0545 (An elevation of privilege vulnerability in Audioserver could enable a ...)
NOT-FOR-US: Android
-CVE-2017-0544
- RESERVED
+CVE-2017-0544 (An elevation of privilege vulnerability in CameraBase could enable a ...)
NOT-FOR-US: Android
-CVE-2017-0543
- RESERVED
-CVE-2017-0542
- RESERVED
-CVE-2017-0541
- RESERVED
-CVE-2017-0540
- RESERVED
-CVE-2017-0539
- RESERVED
-CVE-2017-0538
- RESERVED
+CVE-2017-0543 (A remote code execution vulnerability in libavc in Mediaserver could ...)
+ TODO: check
+CVE-2017-0542 (A remote code execution vulnerability in libavc in Mediaserver could ...)
+ TODO: check
+CVE-2017-0541 (A remote code execution vulnerability in sonivox in Mediaserver could ...)
+ TODO: check
+CVE-2017-0540 (A remote code execution vulnerability in libhevc in Mediaserver could ...)
+ TODO: check
+CVE-2017-0539 (A remote code execution vulnerability in libhevc in Mediaserver could ...)
+ TODO: check
+CVE-2017-0538 (A remote code execution vulnerability in libavc in Mediaserver could ...)
+ TODO: check
CVE-2017-0537 (An information disclosure vulnerability in the kernel USB gadget ...)
NOT-FOR-US: Nvidia driver for Android
NOTE: https://source.android.com/security/bulletin/2017-03-01.html
@@ -18663,8 +18633,7 @@
NOT-FOR-US: Qualcomm driver for Android
CVE-2017-0463 (An elevation of privilege vulnerability in the Qualcomm networking ...)
NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0462
- RESERVED
+CVE-2017-0462 (An elevation of privilege vulnerability in the Qualcomm Seemp driver ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2017-0461 (An information disclosure vulnerability in the Qualcomm Wi-Fi driver ...)
NOT-FOR-US: Qualcomm driver for Android
@@ -18680,8 +18649,7 @@
NOT-FOR-US: Qualcomm driver for Android
CVE-2017-0455 (An information disclosure vulnerability in the Qualcomm bootloader ...)
NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0454
- RESERVED
+CVE-2017-0454 (An elevation of privilege vulnerability in the Qualcomm audio driver ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2017-0453 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...)
NOT-FOR-US: Qualcomm driver for Android
@@ -25766,8 +25734,8 @@
NOTE: For kde-cli-tools fixed in 5.7.5 upstream
NOTE: kde-runtime's affected binary is /usr/lib/kde4/libexec/kdesu-distrib/kdesu
NOTE: kdesudo's affected binary is /usr/bin/kdesudo
-CVE-2016-7786
- RESERVED
+CVE-2016-7786 (Sophos Cyberoam UTM CR25iNG 10.6.3 MR-5 allows remote authenticated ...)
+ TODO: check
CVE-2016-7785 (The avi_read_seek function in libavformat/avidec.c in FFmpeg before ...)
- ffmpeg 7:3.1.4-1 (bug #840434)
NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/c8c5f66b42edc37474baa5cb51460cbf6f33075b (n3.1.4)
More information about the Secure-testing-commits
mailing list