[Secure-testing-commits] r50617 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Thu Apr 13 09:10:13 UTC 2017
Author: sectracker
Date: 2017-04-13 09:10:13 +0000 (Thu, 13 Apr 2017)
New Revision: 50617
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-04-13 08:34:02 UTC (rev 50616)
+++ data/CVE/list 2017-04-13 09:10:13 UTC (rev 50617)
@@ -1,3 +1,215 @@
+CVE-2017-7850
+ RESERVED
+CVE-2017-7849
+ RESERVED
+CVE-2017-7848
+ RESERVED
+CVE-2017-7847
+ RESERVED
+CVE-2017-7846
+ RESERVED
+CVE-2017-7845
+ RESERVED
+CVE-2017-7844
+ RESERVED
+CVE-2017-7843
+ RESERVED
+CVE-2017-7842
+ RESERVED
+CVE-2017-7841
+ RESERVED
+CVE-2017-7840
+ RESERVED
+CVE-2017-7839
+ RESERVED
+CVE-2017-7838
+ RESERVED
+CVE-2017-7837
+ RESERVED
+CVE-2017-7836
+ RESERVED
+CVE-2017-7835
+ RESERVED
+CVE-2017-7834
+ RESERVED
+CVE-2017-7833
+ RESERVED
+CVE-2017-7832
+ RESERVED
+CVE-2017-7831
+ RESERVED
+CVE-2017-7830
+ RESERVED
+CVE-2017-7829
+ RESERVED
+CVE-2017-7828
+ RESERVED
+CVE-2017-7827
+ RESERVED
+CVE-2017-7826
+ RESERVED
+CVE-2017-7825
+ RESERVED
+CVE-2017-7824
+ RESERVED
+CVE-2017-7823
+ RESERVED
+CVE-2017-7822
+ RESERVED
+CVE-2017-7821
+ RESERVED
+CVE-2017-7820
+ RESERVED
+CVE-2017-7819
+ RESERVED
+CVE-2017-7818
+ RESERVED
+CVE-2017-7817
+ RESERVED
+CVE-2017-7816
+ RESERVED
+CVE-2017-7815
+ RESERVED
+CVE-2017-7814
+ RESERVED
+CVE-2017-7813
+ RESERVED
+CVE-2017-7812
+ RESERVED
+CVE-2017-7811
+ RESERVED
+CVE-2017-7810
+ RESERVED
+CVE-2017-7809
+ RESERVED
+CVE-2017-7808
+ RESERVED
+CVE-2017-7807
+ RESERVED
+CVE-2017-7806
+ RESERVED
+CVE-2017-7805
+ RESERVED
+CVE-2017-7804
+ RESERVED
+CVE-2017-7803
+ RESERVED
+CVE-2017-7802
+ RESERVED
+CVE-2017-7801
+ RESERVED
+CVE-2017-7800
+ RESERVED
+CVE-2017-7799
+ RESERVED
+CVE-2017-7798
+ RESERVED
+CVE-2017-7797
+ RESERVED
+CVE-2017-7796
+ RESERVED
+CVE-2017-7795
+ RESERVED
+CVE-2017-7794
+ RESERVED
+CVE-2017-7793
+ RESERVED
+CVE-2017-7792
+ RESERVED
+CVE-2017-7791
+ RESERVED
+CVE-2017-7790
+ RESERVED
+CVE-2017-7789
+ RESERVED
+CVE-2017-7788
+ RESERVED
+CVE-2017-7787
+ RESERVED
+CVE-2017-7786
+ RESERVED
+CVE-2017-7785
+ RESERVED
+CVE-2017-7784
+ RESERVED
+CVE-2017-7783
+ RESERVED
+CVE-2017-7782
+ RESERVED
+CVE-2017-7781
+ RESERVED
+CVE-2017-7780
+ RESERVED
+CVE-2017-7779
+ RESERVED
+CVE-2017-7778
+ RESERVED
+CVE-2017-7777
+ RESERVED
+CVE-2017-7776
+ RESERVED
+CVE-2017-7775
+ RESERVED
+CVE-2017-7774
+ RESERVED
+CVE-2017-7773
+ RESERVED
+CVE-2017-7772
+ RESERVED
+CVE-2017-7771
+ RESERVED
+CVE-2017-7770
+ RESERVED
+CVE-2017-7769
+ RESERVED
+CVE-2017-7768
+ RESERVED
+CVE-2017-7767
+ RESERVED
+CVE-2017-7766
+ RESERVED
+CVE-2017-7765
+ RESERVED
+CVE-2017-7764
+ RESERVED
+CVE-2017-7763
+ RESERVED
+CVE-2017-7762
+ RESERVED
+CVE-2017-7761
+ RESERVED
+CVE-2017-7760
+ RESERVED
+CVE-2017-7759
+ RESERVED
+CVE-2017-7758
+ RESERVED
+CVE-2017-7757
+ RESERVED
+CVE-2017-7756
+ RESERVED
+CVE-2017-7755
+ RESERVED
+CVE-2017-7754
+ RESERVED
+CVE-2017-7753
+ RESERVED
+CVE-2017-7752
+ RESERVED
+CVE-2017-7751
+ RESERVED
+CVE-2017-7750
+ RESERVED
+CVE-2017-7749
+ RESERVED
+CVE-2017-7748 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WSP dissector ...)
+ TODO: check
+CVE-2017-7747 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the PacketBB dissector ...)
+ TODO: check
+CVE-2017-7746 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SLSK dissector ...)
+ TODO: check
+CVE-2017-7745 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SIGCOMP dissector ...)
+ TODO: check
CVE-2017-7744
RESERVED
CVE-2017-7743
@@ -83,18 +295,18 @@
RESERVED
CVE-2017-7706
RESERVED
-CVE-2017-7705
- RESERVED
-CVE-2017-7704
- RESERVED
-CVE-2017-7703
- RESERVED
-CVE-2017-7702
- RESERVED
-CVE-2017-7701
- RESERVED
-CVE-2017-7700
- RESERVED
+CVE-2017-7705 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the RPC over RDMA ...)
+ TODO: check
+CVE-2017-7704 (In Wireshark 2.2.0 to 2.2.5, the DOF dissector could go into an ...)
+ TODO: check
+CVE-2017-7703 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the IMAP dissector ...)
+ TODO: check
+CVE-2017-7702 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissector ...)
+ TODO: check
+CVE-2017-7701 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the BGP dissector ...)
+ TODO: check
+CVE-2017-7700 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the NetScaler file ...)
+ TODO: check
CVE-2017-7699
RESERVED
CVE-2017-7698
@@ -239,12 +451,12 @@
RESERVED
CVE-2017-7629
RESERVED
-CVE-2017-7628
- RESERVED
-CVE-2017-7627
- RESERVED
-CVE-2017-7626
- RESERVED
+CVE-2017-7628 (The "Smart related articles" extension 1.1 for Joomla! has SQL ...)
+ TODO: check
+CVE-2017-7627 (The "Smart related articles" extension 1.1 for Joomla! does not prevent ...)
+ TODO: check
+CVE-2017-7626 (The "Smart related articles" extension 1.1 for Joomla! has XSS in ...)
+ TODO: check
CVE-2017-7625 (In Fiyo CMS 2.x through 2.0.7, attackers may upload a webshell via the ...)
NOT-FOR-US: Fiyo CMS
CVE-2017-7624 (The iw_read_bmp_file function in imagew-bmp.c in libimageworsener.a in ...)
@@ -1291,18 +1503,18 @@
RESERVED
CVE-2017-7285 (A vulnerability in the network stack of MikroTik Version 6.38.5 ...)
NOT-FOR-US: MikroTik
-CVE-2017-7284
- RESERVED
+CVE-2017-7284 (An attacker that has hijacked a Unitrends Enterprise Backup (before ...)
+ TODO: check
CVE-2017-7283
RESERVED
CVE-2017-7282
RESERVED
-CVE-2017-7281
- RESERVED
-CVE-2017-7280
- RESERVED
-CVE-2017-7279
- RESERVED
+CVE-2017-7281 (An issue was discovered in Unitrends Enterprise Backup before 9.1.2. A ...)
+ TODO: check
+CVE-2017-7280 (An issue was discovered in api/includes/systems.php in Unitrends ...)
+ TODO: check
+CVE-2017-7279 (An unprivileged user of the Unitrends Enterprise Backup before 9.0.0 ...)
+ TODO: check
CVE-2017-7278
RESERVED
CVE-2017-7277 (The TCP stack in the Linux kernel through 4.10.6 mishandles the ...)
@@ -5028,8 +5240,7 @@
NOT-FOR-US: node-serialize
CVE-2017-5939
RESERVED
-CVE-2017-5936
- RESERVED
+CVE-2017-5936 (OpenStack Nova-LXD before 13.1.1 uses the wrong name for the veth ...)
NOT-FOR-US: Nova-LXD
CVE-2017-5937 (The util_format_is_pure_uint function in vrend_renderer.c in Virgil 3d ...)
- virglrenderer <unfixed> (bug #854728)
@@ -30488,8 +30699,7 @@
NOT-FOR-US: Cisco
CVE-2016-6353
RESERVED
-CVE-2016-6348
- RESERVED
+CVE-2016-6348 (JacksonJsonpInterceptor in RESTEasy might allow remote attackers to ...)
- resteasy <unfixed> (low; bug #837170)
[jessie] - resteasy <no-dsa> (Minor issue)
CVE-2016-6347
@@ -32267,8 +32477,8 @@
RESERVED
CVE-2016-5857 (The Qualcomm SPCom driver in Android before 7.0 allows local users to ...)
NOTE: Red Hat seem to have typoed the CVE, which should be CVE-2016-5875, asked to confirm
-CVE-2016-5856
- RESERVED
+CVE-2016-5856 (Drivers/soc/qcom/spcom.c in the Qualcom SPCom driver in the Android ...)
+ TODO: check
CVE-2016-5855
RESERVED
CVE-2016-5854
@@ -34104,8 +34314,8 @@
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2554
NOTE: Reproducer http://bugzilla.maptools.org/attachment.cgi?id=654
NOTE: Upstream fix https://github.com/vadz/libtiff/commit/391e77fcd217e78b2c51342ac3ddb7100ecacdd2
-CVE-2016-5313
- RESERVED
+CVE-2016-5313 (Symantec Web Gateway (SWG) before 5.2.5 allows remote authenticated ...)
+ TODO: check
CVE-2016-5312
RESERVED
CVE-2016-5311
@@ -36202,20 +36412,20 @@
RESERVED
CVE-2016-4898
RESERVED
-CVE-2016-4897
- RESERVED
-CVE-2016-4896
- RESERVED
-CVE-2016-4895
- RESERVED
-CVE-2016-4894
- RESERVED
-CVE-2016-4893
- RESERVED
-CVE-2016-4892
- RESERVED
-CVE-2016-4891
- RESERVED
+CVE-2016-4897 (Multiple cross-site scripting (XSS) vulnerabilities in (1) ...)
+ TODO: check
+CVE-2016-4896 (SetucoCMS allows remote attackers to alter or disclose information, ...)
+ TODO: check
+CVE-2016-4895 (SetucoCMS allows remote authenticated users to execute arbitrary code. ...)
+ TODO: check
+CVE-2016-4894 (SetucoCMS allows remote attackers to cause a denial of service. ...)
+ TODO: check
+CVE-2016-4893 (SQL injection vulnerability in SetucoCMS. ...)
+ TODO: check
+CVE-2016-4892 (Cross-site scripting (XSS) vulnerability in SetucoCMS. ...)
+ TODO: check
+CVE-2016-4891 (Cross-site request forgery (CSRF) vulnerability in SetucoCMS. ...)
+ TODO: check
CVE-2016-4890
RESERVED
CVE-2016-4889
@@ -37814,8 +38024,8 @@
[jessie] - zabbix 1:2.2.7+dfsg-2+deb8u1
NOTE: http://seclists.org/bugtraq/2016/May/11
NOTE: https://support.zabbix.com/browse/ZBX-10741
-CVE-2016-4337
- RESERVED
+CVE-2016-4337 (SQL injection vulnerability in the mgr.login.php file in Ktools.net ...)
+ TODO: check
CVE-2016-4336 (An exploitable out-of-bounds write exists in the Bzip2 parsing of the ...)
NOT-FOR-US: Lexmark Document Filters
CVE-2016-4335 (An exploitable buffer overflow exists in the XLS parsing of the ...)
@@ -42137,8 +42347,7 @@
- firefox-esr <not-affected> (Only Firefox 46)
- firefox 46.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-39/
-CVE-2016-2803
- RESERVED
+CVE-2016-2803 (Cross-site scripting (XSS) vulnerability in the dependency graphs in ...)
- bugzilla4 <itp> (bug #669643)
- bugzilla <removed>
CVE-2016-2802 (The graphite2::TtfUtil::CmapSubtable4NextCodepoint function in ...)
@@ -48232,10 +48441,10 @@
NOTE: but as this completely deactivates multipart requests, this should not be generally applied
CVE-2016-1180 (Cross-site scripting (XSS) vulnerability in the Cyber-Will ...)
NOT-FOR-US: Cyber-Will Social-button Premium plugin
-CVE-2016-1179
- RESERVED
-CVE-2016-1178
- RESERVED
+CVE-2016-1179 (Cross-site scripting (XSS) vulnerability in the standard template of ...)
+ TODO: check
+CVE-2016-1178 (The session management of the comment functionality in appleple a-blog ...)
+ TODO: check
CVE-2016-1177 (The management screen in Falcon WisePoint 4.3.1 and earlier and ...)
NOT-FOR-US: Falcon WisePoint
CVE-2016-1176 (Buffer overflow in the ActiveX control in Sharp EVA Animeter allows ...)
@@ -54727,12 +54936,12 @@
NOTE: Proposed upstream patch: http://marc.info/?l=linux-usb&m=145260786729359&w=2
CVE-2015-7565
RESERVED
-CVE-2015-7564
- RESERVED
-CVE-2015-7563
- RESERVED
-CVE-2015-7562
- RESERVED
+CVE-2015-7564 (Multiple SQL injection vulnerabilities in TeamPass 2.1.24 and earlier ...)
+ TODO: check
+CVE-2015-7563 (Cross-site request forgery (CSRF) vulnerability in TeamPass 2.1.24 and ...)
+ TODO: check
+CVE-2015-7562 (Mulitple cross-site scripting (XSS) vulnerabilities in TeamPass 2.1.24 ...)
+ TODO: check
CVE-2015-7561
RESERVED
NOT-FOR-US: OpenShift
More information about the Secure-testing-commits
mailing list