[Secure-testing-commits] r54183 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Tue Aug 1 21:10:16 UTC 2017 

Author: sectracker
Date: 2017-08-01 21:10:15 +0000 (Tue, 01 Aug 2017)
New Revision: 54183

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-08-01 18:45:24 UTC (rev 54182)
+++ data/CVE/list	2017-08-01 21:10:15 UTC (rev 54183)
@@ -1,3 +1,7 @@
+CVE-2017-12133
+	RESERVED
+CVE-2017-12132 (The DNS stub resolver in the GNU C Library (aka glibc or libc6) before ...)
+	TODO: check
 CVE-2017-12131 (The Easy Testimonials plugin 3.0.4 for WordPress has XSS in ...)
 	TODO: check
 CVE-2017-12130
@@ -148,11 +152,9 @@
 	TODO: check
 CVE-2017-12063
 	RESERVED
-CVE-2017-12062 [XSS in manage_user_page.php]
-	RESERVED
+CVE-2017-12062 (An XSS issue was discovered in manage_user_page.php in MantisBT 2.x ...)
 	- mantis <removed>
-CVE-2017-12061 [XSS in /admin/install.php script]
-	RESERVED
+CVE-2017-12061 (An XSS issue was discovered in admin/install.php in MantisBT before ...)
 	- mantis <removed>
 CVE-2017-12060
 	RESERVED
@@ -1432,8 +1434,7 @@
 	- exiv2 <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1471772
 	TODO: check
-CVE-2017-11552 [memory corruption vulnerability]
-	RESERVED
+CVE-2017-11552 (The mad_decoder_run function in decoder.c in libmad 0.15.1b allows ...)
 	- libmad <unfixed> (bug #870406)
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/94
 CVE-2017-11551 (The id3_field_parse function in field.c in libid3tag 0.15.1b allows ...)
@@ -1893,12 +1894,12 @@
 	RESERVED
 CVE-2017-11382
 	RESERVED
-CVE-2017-11381
-	RESERVED
-CVE-2017-11380
-	RESERVED
-CVE-2017-11379
-	RESERVED
+CVE-2017-11381 (A command injection vulnerability exists in Trend Micro Deep Discovery ...)
+	TODO: check
+CVE-2017-11380 (Backup archives were found to be encrypted with a static password ...)
+	TODO: check
+CVE-2017-11379 (Configuration and database backup archives are not signed or validated ...)
+	TODO: check
 CVE-2017-11378
 	RESERVED
 CVE-2017-11377
@@ -2733,22 +2734,22 @@
 	RESERVED
 CVE-2017-11137
 	RESERVED
-CVE-2017-11136
-	RESERVED
-CVE-2017-11135
-	RESERVED
-CVE-2017-11134
-	RESERVED
-CVE-2017-11133
-	RESERVED
-CVE-2017-11132
-	RESERVED
-CVE-2017-11131
-	RESERVED
-CVE-2017-11130
-	RESERVED
-CVE-2017-11129
-	RESERVED
+CVE-2017-11136 (An issue was discovered in heinekingmedia StashCat through 1.7.5 for ...)
+	TODO: check
+CVE-2017-11135 (An issue was discovered in heinekingmedia StashCat through 1.7.5 for ...)
+	TODO: check
+CVE-2017-11134 (An issue was discovered in heinekingmedia StashCat through 1.7.5 for ...)
+	TODO: check
+CVE-2017-11133 (An issue was discovered in heinekingmedia StashCat through 1.7.5 for ...)
+	TODO: check
+CVE-2017-11132 (An issue was discovered in heinekingmedia StashCat before 1.5.18 for ...)
+	TODO: check
+CVE-2017-11131 (An issue was discovered in heinekingmedia StashCat through 1.7.5 for ...)
+	TODO: check
+CVE-2017-11130 (An issue was discovered in heinekingmedia StashCat through 1.7.5 for ...)
+	TODO: check
+CVE-2017-11129 (An issue was discovered in heinekingmedia StashCat through 1.7.5 for ...)
+	TODO: check
 CVE-2017-11128 (Bolt CMS 3.2.14 allows stored XSS via text input, as demonstrated by ...)
 	NOT-FOR-US: Bolt CMS
 CVE-2017-11127 (Bolt CMS 3.2.14 allows stored XSS by uploading an SVG document with a ...)
@@ -21578,12 +21579,12 @@
 	RESERVED
 CVE-2017-4924
 	RESERVED
-CVE-2017-4923
-	RESERVED
-CVE-2017-4922
-	RESERVED
-CVE-2017-4921
-	RESERVED
+CVE-2017-4923 (VMware vCenter Server (6.5 prior to 6.5 U1) contains an information ...)
+	TODO: check
+CVE-2017-4922 (VMware vCenter Server (6.5 prior to 6.5 U1) contains an information ...)
+	TODO: check
+CVE-2017-4921 (VMware vCenter Server (6.5 prior to 6.5 U1) contains an insecure ...)
+	TODO: check
 CVE-2017-4920
 	RESERVED
 CVE-2017-4919 (VMware vCenter Server 5.5, 6.0, 6.5 allows vSphere users with certain, ...)
@@ -30183,8 +30184,8 @@
 	RESERVED
 CVE-2017-1501
 	RESERVED
-CVE-2017-1500
-	RESERVED
+CVE-2017-1500 (IBM Worklight 6.1, 6.2, 6.3, 7.0, 7.1, and 8.0 is vulnerable to ...)
+	TODO: check
 CVE-2017-1499
 	RESERVED
 CVE-2017-1498
@@ -76043,8 +76044,7 @@
 	[wheezy] - wesnoth-1.10 1:1.10.3-3+deb7u2
 	- wesnoth-1.8 <removed>
 	NOTE: https://github.com/wesnoth/wesnoth/commit/f8914468182e8d0a1551b430c0879ba236fe4d6d
-CVE-2015-5059 [Information disclosure]
-	RESERVED
+CVE-2015-5059 (The "Project Documentation" feature in MantisBT 1.2.19 and earlier, ...)
 	- mantis <removed>
 	[wheezy] - mantis <no-dsa> (Minor issue)
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)

More information about the Secure-testing-commits mailing list