[Secure-testing-commits] r54857 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Fri Aug 18 21:10:16 UTC 2017
Author: sectracker
Date: 2017-08-18 21:10:16 +0000 (Fri, 18 Aug 2017)
New Revision: 54857
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-18 18:58:30 UTC (rev 54856)
+++ data/CVE/list 2017-08-18 21:10:16 UTC (rev 54857)
@@ -1,36 +1,62 @@
-CVE-2017-12942 [buffer overflow in the Unpack::LongLZ function]
+CVE-2017-12954
+ RESERVED
+CVE-2017-12953
+ RESERVED
+CVE-2017-12952
+ RESERVED
+CVE-2017-12951
+ RESERVED
+CVE-2017-12950
+ RESERVED
+CVE-2017-12949 (lib\modules\contributors\contributor_list_table.php in the Podlove ...)
+ TODO: check
+CVE-2017-12948 (Core\Admin\PFTemplater.php in the PressForward plugin 4.3.0 and earlier ...)
+ TODO: check
+CVE-2017-12947 (classes\controller\admin\modals.php in the Easy Modal plugin before ...)
+ TODO: check
+CVE-2017-12946 (classes\controller\admin\modals.php in the Easy Modal plugin before ...)
+ TODO: check
+CVE-2017-12945
+ RESERVED
+CVE-2017-12944 (The TIFFReadDirEntryArray function in tif_read.c in LibTIFF 4.0.8 ...)
+ TODO: check
+CVE-2017-12943 (D-Link DIR-600 Rev Bx devices with v2.x firmware allow remote attackers ...)
+ TODO: check
+CVE-2017-12939 (A Remote Code Execution vulnerability was identified in all Windows ...)
+ TODO: check
+CVE-2017-12942 (libunrar.a in UnRAR before 5.5.7 has a buffer overflow in the ...)
- unrar-nonfree <unfixed>
[stretch] - unrar-nonfree <no-dsa> (Non-free not supported)
[jessie] - unrar-nonfree <no-dsa> (Non-free not supported)
[wheezy] - unrar-nonfree <no-dsa> (Non-free not supported)
NOTE: http://www.openwall.com/lists/oss-security/2017/08/18/6
-CVE-2017-12941 [out-of-bounds read in the Unpack::Unpack20 function]
+CVE-2017-12941 (libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the ...)
- unrar-nonfree <unfixed>
[stretch] - unrar-nonfree <no-dsa> (Non-free not supported)
[jessie] - unrar-nonfree <no-dsa> (Non-free not supported)
[wheezy] - unrar-nonfree <no-dsa> (Non-free not supported)
NOTE: http://www.openwall.com/lists/oss-security/2017/08/18/6
-CVE-2017-12940 [out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHeader15 function]
+CVE-2017-12940 (libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the ...)
- unrar-nonfree <unfixed>
[stretch] - unrar-nonfree <no-dsa> (Non-free not supported)
[jessie] - unrar-nonfree <no-dsa> (Non-free not supported)
[wheezy] - unrar-nonfree <no-dsa> (Non-free not supported)
NOTE: http://www.openwall.com/lists/oss-security/2017/08/18/6
-CVE-2017-12938 [directory traversal]
+CVE-2017-12938 (UnRAR before 5.5.7 allows remote attackers to bypass a ...)
- unrar-nonfree <unfixed>
[stretch] - unrar-nonfree <no-dsa> (Non-free not supported)
[jessie] - unrar-nonfree <no-dsa> (Non-free not supported)
[wheezy] - unrar-nonfree <no-dsa> (Non-free not supported)
NOTE: http://www.openwall.com/lists/oss-security/2017/08/18/2
-CVE-2017-12937 [heap-based buffer overflow in ReadSUNImage (sun.c)]
+CVE-2017-12937 (The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has ...)
- graphicsmagick <unfixed> (bug #872574)
NOTE: http://www.openwall.com/lists/oss-security/2017/08/18/5
NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/95d00d55e978
-CVE-2017-12936 [use-after-free in ReadWMFImage (wmf.c)]
+CVE-2017-12936 (The ReadWMFImage function in coders/wmf.c in GraphicsMagick 1.3.26 has ...)
- graphicsmagick <unfixed> (bug #872575)
NOTE: http://www.openwall.com/lists/oss-security/2017/08/18/3
NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/be898b7c97bd
-CVE-2017-12935 [invalid memory read in SetImageColorCallBack (image.c)]
+CVE-2017-12935 (The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 ...)
- graphicsmagick <unfixed> (bug #872576)
NOTE: http://www.openwall.com/lists/oss-security/2017/08/18/4
NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/cd699a44f188
@@ -93,6 +119,7 @@
RESERVED
CVE-2017-12904 [RCE in newbeuter when bookmarking malicious article]
RESERVED
+ {DSA-3947-1}
- newsbeuter 2.9-6
NOTE: https://github.com/akrennmair/newsbeuter/issues/591
NOTE: https://github.com/akrennmair/newsbeuter/commit/96e9506ae9e252c548665152d1b8968297128307
@@ -170,11 +197,9 @@
RESERVED
CVE-2017-12883
RESERVED
-CVE-2017-12882
- RESERVED
+CVE-2017-12882 (Stored Cross-site scripting (XSS) vulnerability in Spring Batch Admin ...)
NOT-FOR-US: Spring Batch Admin
-CVE-2017-12881
- RESERVED
+CVE-2017-12881 (Cross-site request forgery (CSRF) vulnerability in the Spring Batch ...)
NOT-FOR-US: Spring Batch Admin
CVE-2017-12880
REJECTED
@@ -714,8 +739,8 @@
RESERVED
CVE-2017-12860
RESERVED
-CVE-2017-12859
- RESERVED
+CVE-2017-12859 (NetApp Data ONTAP before 8.2.5, when operating in 7-Mode in NFS ...)
+ TODO: check
CVE-2017-12858
RESERVED
CVE-2017-12857
@@ -975,8 +1000,8 @@
NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.282017-08-10.29
CVE-2017-12777 (Cross-Site Scripting (XSS) exists in NexusPHP version v1.5 via some ...)
NOT-FOR-US: NexusPHP
-CVE-2017-12776
- RESERVED
+CVE-2017-12776 (SQL injection vulnerability in reports.php in NexusPHP 1.5 allows ...)
+ TODO: check
CVE-2017-12775
RESERVED
CVE-2017-12774 (finecms in 1.9.5\controllers\member\ContentController.php allows ...)
@@ -1183,8 +1208,8 @@
RESERVED
CVE-2017-12681
RESERVED
-CVE-2017-12680
- RESERVED
+CVE-2017-12680 (Cross-Site Scripting (XSS) exists in NexusPHP 1.5 via the type ...)
+ TODO: check
CVE-2017-12679
RESERVED
CVE-2017-12678 (In TagLib 1.11.1, the rebuildAggregateFrames function in ...)
@@ -1391,16 +1416,16 @@
RESERVED
CVE-2017-12594
RESERVED
-CVE-2017-12593
- RESERVED
-CVE-2017-12592
- RESERVED
-CVE-2017-12591
- RESERVED
+CVE-2017-12593 (ASUS DSL-N10S V2.1.16_APAC devices allow CSRF. ...)
+ TODO: check
+CVE-2017-12592 (ASUS DSL-N10S V2.1.16_APAC devices have a privilege escalation ...)
+ TODO: check
+CVE-2017-12591 (ASUS DSL-N10S V2.1.16_APAC devices have reflected and stored cross ...)
+ TODO: check
CVE-2017-12590
RESERVED
-CVE-2017-12589
- RESERVED
+CVE-2017-12589 (ToMAX R60G R60GV2-V2.0-v.2.6.3-170330 devices do not have any ...)
+ TODO: check
CVE-2017-12588 (The zmq3 input and output modules in rsyslog before 8.28.0 interpreted ...)
- rsyslog 8.28.0-1 (unimportant)
NOTE: https://github.com/rsyslog/rsyslog/commit/062d0c671a29f7c6f7dff4a2f1f35df375bbb30b
@@ -1422,8 +1447,8 @@
[jessie] - dokuwiki <not-affected> (Vulnerable code not present)
[wheezy] - dokuwiki <not-affected> (Vulnerable code not present)
NOTE: https://github.com/splitbrain/dokuwiki/issues/2061
-CVE-2017-12582
- RESERVED
+CVE-2017-12582 (Unprivileged user can access all functions in the Surveillance Station ...)
+ TODO: check
CVE-2017-12581 (GitHub Electron before 1.6.8 allows remote command execution because of ...)
NOT-FOR-US: Electron
CVE-2017-12580
@@ -1789,8 +1814,8 @@
CVE-2017-12441 (The row_is_empty function in base/4bitmap.c:274 in minidjvu 0.8 can ...)
- minidjvu <unfixed> (unimportant; bug #871495)
NOTE: https://sourceforge.net/p/minidjvu/bugs/8/
-CVE-2017-12440
- RESERVED
+CVE-2017-12440 (Aodh as packaged in Openstack Ocata and Newton before change-ID ...)
+ TODO: check
CVE-2017-12439 (SocuSoft Flash Slideshow Maker Professional through v5.20, when the ...)
NOT-FOR-US: SocuSoft Flash Slideshow Maker Professional
CVE-2017-12438
@@ -1845,8 +1870,8 @@
RESERVED
CVE-2017-12421
RESERVED
-CVE-2017-12420
- RESERVED
+CVE-2017-12420 (Heap-based buffer overflow in the SMB implementation in NetApp ...)
+ TODO: check
CVE-2017-12419 (If, after successful installation of MantisBT through 2.5.2 on ...)
- mantis <removed>
[wheezy] - mantis <end-of-life> (Not supported in Wheezy)
@@ -3618,10 +3643,10 @@
[jessie] - sipcrack <no-dsa> (Minor issue)
[wheezy] - sipcrack <no-dsa> (Minor issue)
NOTE: http://www.openwall.com/lists/oss-security/2017/07/26/1
-CVE-2017-11653
- RESERVED
-CVE-2017-11652
- RESERVED
+CVE-2017-11653 (Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the ...)
+ TODO: check
+CVE-2017-11652 (Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the ...)
+ TODO: check
CVE-2017-11651 (NexusPHP V1.5 has XSS via a javascript: or data: URL in a UBBCode url ...)
NOT-FOR-US: NexusPHP
CVE-2017-11650
@@ -4927,8 +4952,8 @@
NOT-FOR-US: phpMyFAQ
CVE-2017-11186
RESERVED
-CVE-2017-11185 [denial of service in the gmp plugin]
- RESERVED
+CVE-2017-11185 (The gmp plugin in strongSwan before 5.6.0 allows remote attackers to ...)
+ {DLA-1059-1}
- strongswan <unfixed> (bug #872155)
NOTE: https://www.strongswan.org/blog/2017/08/14/strongswan-vulnerability-(cve-2017-11185).html
NOTE: https://git.strongswan.org/?p=strongswan.git;a=commit;h=ef5c37fcdf47273feea320091598135688df4ef7
@@ -5038,8 +5063,8 @@
RESERVED
CVE-2017-11161
RESERVED
-CVE-2017-11160
- RESERVED
+CVE-2017-11160 (Multiple untrusted search path vulnerabilities in installer in ...)
+ TODO: check
CVE-2017-11159
RESERVED
CVE-2017-11158
@@ -6122,14 +6147,14 @@
RESERVED
CVE-2017-10825
RESERVED
-CVE-2017-10824
- RESERVED
-CVE-2017-10823
- RESERVED
-CVE-2017-10822
- RESERVED
-CVE-2017-10821
- RESERVED
+CVE-2017-10824 (Untrusted search path vulnerability in TDB CA TypeA use software ...)
+ TODO: check
+CVE-2017-10823 (Untrusted search path vulnerability in Installer for Shin Kinkyuji ...)
+ TODO: check
+CVE-2017-10822 (Untrusted search path vulnerability in Installer for Shin Sekiyu Yunyu ...)
+ TODO: check
+CVE-2017-10821 (Untrusted search path vulnerability in Installer for Shin Kikan Toukei ...)
+ TODO: check
CVE-2017-10820 (Untrusted search path vulnerability in Installer of IP Messenger for ...)
NOT-FOR-US: Installer of IP Messenger for Win
CVE-2017-10819 (MaLion for Mac 4.3.0 to 5.2.1 does not properly validate certificates, ...)
@@ -6148,8 +6173,8 @@
RESERVED
CVE-2017-10812
RESERVED
-CVE-2017-10811
- RESERVED
+CVE-2017-10811 (Buffalo WCR-1166DS devices with firmware 1.30 and earlier allow an ...)
+ TODO: check
CVE-2017-10810 (Memory leak in the virtio_gpu_object_create function in ...)
{DSA-3927-1}
- linux 4.11.11-1 (low)
@@ -6528,8 +6553,8 @@
NOT-FOR-US: Zen Cart
CVE-2017-10666
RESERVED
-CVE-2017-10665
- RESERVED
+CVE-2017-10665 (Directory traversal vulnerability in ajaxfileupload.php in Kayson ...)
+ TODO: check
CVE-2017-9998 (The _dwarf_decode_s_leb128_chk function in dwarf_leb.c in libdwarf ...)
- dwarfutils 20170416-3 (bug #866968)
[stretch] - dwarfutils 20161124-1+deb9u1
@@ -7172,8 +7197,8 @@
RESERVED
CVE-2017-9817
RESERVED
-CVE-2017-9816
- RESERVED
+CVE-2017-9816 (Cross-site scripting (XSS) vulnerability in Paessler PRTG Network ...)
+ TODO: check
CVE-2017-9815 (In LibTIFF 4.0.7, the TIFFReadDirEntryLong8Array function in ...)
- tiff 4.0.8-1
[jessie] - tiff <no-dsa> (Minor issue)
@@ -8653,8 +8678,8 @@
NOT-FOR-US: Razer Synapse
CVE-2017-9768
RESERVED
-CVE-2017-9767
- RESERVED
+CVE-2017-9767 (Multiple cross-site scripting (XSS) vulnerabilities in Quali ...)
+ TODO: check
CVE-2017-9766 (In Wireshark 2.2.7, PROFINET IO data with a high recursion depth allows ...)
- wireshark 2.4.0-1 (bug #870175)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13811
@@ -9052,27 +9077,22 @@
RESERVED
CVE-2017-9686
RESERVED
-CVE-2017-9685
- RESERVED
-CVE-2017-9684
- RESERVED
+CVE-2017-9685 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2017-9684 (In all Qualcomm products with Android releases from CAF using the ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2017-9683
RESERVED
-CVE-2017-9682
- RESERVED
+CVE-2017-9682 (In all Qualcomm products with Android releases from CAF using the ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2017-9681
RESERVED
NOT-FOR-US: Google drivers for Android
-CVE-2017-9680
- RESERVED
+CVE-2017-9680 (In all Qualcomm products with Android releases from CAF using the ...)
NOT-FOR-US: Google drivers for Android
-CVE-2017-9679
- RESERVED
+CVE-2017-9679 (In all Qualcomm products with Android releases from CAF using the ...)
NOT-FOR-US: Google drivers for Android
-CVE-2017-9678
- RESERVED
+CVE-2017-9678 (In all Qualcomm products with Android releases from CAF using the ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2017-9677
RESERVED
@@ -9656,8 +9676,8 @@
RESERVED
CVE-2017-9455
RESERVED
-CVE-2017-9454
- RESERVED
+CVE-2017-9454 (Buffer overflow in the ares_parse_a_reply function in the embedded ...)
+ TODO: check
CVE-2017-9453
RESERVED
CVE-2017-9452 (Cross-site scripting (XSS) vulnerability in admin.php in Piwigo 2.9.0 ...)
@@ -10141,32 +10161,32 @@
RESERVED
CVE-2016-10393
RESERVED
-CVE-2016-10392
- RESERVED
-CVE-2016-10391
- RESERVED
-CVE-2016-10390
- RESERVED
-CVE-2016-10389
- RESERVED
-CVE-2016-10388
- RESERVED
-CVE-2016-10387
- RESERVED
-CVE-2016-10386
- RESERVED
-CVE-2016-10385
- RESERVED
-CVE-2016-10384
- RESERVED
-CVE-2016-10383
- RESERVED
-CVE-2016-10382
- RESERVED
-CVE-2016-10381
- RESERVED
-CVE-2016-10380
- RESERVED
+CVE-2016-10392 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2016-10391 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2016-10390 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2016-10389 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2016-10388 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2016-10387 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2016-10386 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2016-10385 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2016-10384 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2016-10383 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2016-10382 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2016-10381 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2016-10380 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
CVE-2015-9095
RESERVED
CVE-2015-9094
@@ -10211,34 +10231,34 @@
RESERVED
CVE-2015-9074
RESERVED
-CVE-2015-9073
- RESERVED
-CVE-2015-9072
- RESERVED
-CVE-2015-9071
- RESERVED
-CVE-2015-9070
- RESERVED
-CVE-2015-9069
- RESERVED
-CVE-2015-9068
- RESERVED
-CVE-2015-9067
- RESERVED
-CVE-2015-9066
- RESERVED
-CVE-2015-9065
- RESERVED
-CVE-2015-9064
- RESERVED
-CVE-2015-9063
- RESERVED
-CVE-2015-9062
- RESERVED
-CVE-2015-9061
- RESERVED
-CVE-2015-9060
- RESERVED
+CVE-2015-9073 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-9072 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-9071 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-9070 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-9069 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-9068 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-9067 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-9066 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-9065 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-9064 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-9063 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-9062 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-9061 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-9060 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
CVE-2014-9984 (nscd in the GNU C Library (aka glibc or libc6) before version 2.20 does ...)
- glibc 2.19-14
- eglibc <removed>
@@ -10246,28 +10266,28 @@
NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=c44496df2f090a56d3bf75df930592dac6bba46f
CVE-2014-9982
RESERVED
-CVE-2014-9981
- RESERVED
-CVE-2014-9980
- RESERVED
-CVE-2014-9979
- RESERVED
-CVE-2014-9978
- RESERVED
-CVE-2014-9977
- RESERVED
-CVE-2014-9976
- RESERVED
-CVE-2014-9975
- RESERVED
-CVE-2014-9974
- RESERVED
-CVE-2014-9973
- RESERVED
-CVE-2014-9972
- RESERVED
-CVE-2014-9971
- RESERVED
+CVE-2014-9981 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2014-9980 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2014-9979 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2014-9978 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2014-9977 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2014-9976 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2014-9975 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2014-9974 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2014-9973 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2014-9972 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2014-9971 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
CVE-2017-1000380 (sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a ...)
- linux 4.11.6-1
NOTE: Fixed by: https://git.kernel.org/linus/d11662f4f798b50d8c8743f433842c3e40fe3378 (v4.12-rc5)
@@ -12615,10 +12635,10 @@
RESERVED
CVE-2017-8447
RESERVED
-CVE-2017-8446
- RESERVED
-CVE-2017-8445
- RESERVED
+CVE-2017-8446 (The Reporting feature in X-Pack in versions prior to 5.5.2 and ...)
+ TODO: check
+CVE-2017-8445 (An error was found in the X-Pack Security TLS trust manager for ...)
+ TODO: check
CVE-2017-8444
RESERVED
CVE-2017-8443 (In Kibana X-Pack security versions prior to 5.4.3 if a Kibana user ...)
@@ -13216,46 +13236,46 @@
RESERVED
CVE-2017-8273 (In all Qualcomm products with Android release from CAF using the Linux ...)
NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8272
- RESERVED
+CVE-2017-8272 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
CVE-2017-8271 (Out of bound memory write can happen in the MDSS Rotator driver in all ...)
NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8270
- RESERVED
+CVE-2017-8270 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
CVE-2017-8269 (Userspace-controlled non null terminated parameter for IPA WAN ioctl ...)
NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8268
- RESERVED
-CVE-2017-8267
- RESERVED
-CVE-2017-8266
- RESERVED
-CVE-2017-8265
- RESERVED
+CVE-2017-8268 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2017-8267 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2017-8266 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2017-8265 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
CVE-2017-8264 (A userspace process can cause a Denial of Service in the camera driver ...)
NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8263
- RESERVED
-CVE-2017-8262
- RESERVED
-CVE-2017-8261
- RESERVED
-CVE-2017-8260
- RESERVED
+CVE-2017-8263 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2017-8262 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2017-8261 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2017-8260 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
CVE-2017-8259 (In the service locator in all Qualcomm products with Android releases ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2017-8258 (An array out-of-bounds access in all Qualcomm products with Android ...)
NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8257
- RESERVED
-CVE-2017-8256
- RESERVED
-CVE-2017-8255
- RESERVED
-CVE-2017-8254
- RESERVED
-CVE-2017-8253
- RESERVED
+CVE-2017-8257 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2017-8256 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2017-8255 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2017-8254 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2017-8253 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
CVE-2017-8252
RESERVED
CVE-2017-8251
@@ -14028,12 +14048,12 @@
NOTE: But the vulnerable code via base/gxscan.c, a new scan converter introduced in 9.20 is present.
CVE-2017-7947 (NetApp Clustered Data ONTAP before 8.3.2P11, 9.0 before P4, and 9.1 ...)
NOT-FOR-US: NetApp
-CVE-2016-10347
- RESERVED
-CVE-2016-10346
- RESERVED
-CVE-2015-9055
- RESERVED
+CVE-2016-10347 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2016-10346 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-9055 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
CVE-2013-7463 (The aescrypt gem 1.0.0 for Ruby does not randomize the CBC IV for use ...)
NOT-FOR-US: aescrypt gem for Ruby
CVE-2017-7946 (The get_relocs_64 function in libr/bin/format/mach0/mach0.c in radare2 ...)
@@ -14158,10 +14178,10 @@
- passenger <unfixed> (unimportant)
NOTE: https://github.com/phusion/passenger/commit/e5b4b0824d6b648525b4bf63d9fa37e5beeae441
NOTE: Source present, but passenger-install-nginx-module not installed
-CVE-2016-10344
- RESERVED
-CVE-2016-10343
- RESERVED
+CVE-2016-10344 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2016-10343 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
CVE-2016-10342 (In all Android releases from CAF using the Linux kernel, a buffer ...)
NOT-FOR-US: Qualcomm component for Android
CVE-2016-10341 (In all Android releases from CAF using the Linux kernel, 3rd party ...)
@@ -14190,48 +14210,48 @@
NOT-FOR-US: Synology Photo Station
CVE-2016-10329 (Command injection vulnerability in login.php in Synology Photo Station ...)
NOT-FOR-US: Synology Photo Station
-CVE-2015-9054
- RESERVED
-CVE-2015-9053
- RESERVED
-CVE-2015-9052
- RESERVED
-CVE-2015-9051
- RESERVED
-CVE-2015-9050
- RESERVED
-CVE-2015-9049
- RESERVED
-CVE-2015-9048
- RESERVED
-CVE-2015-9047
- RESERVED
-CVE-2015-9046
- RESERVED
-CVE-2015-9045
- RESERVED
-CVE-2015-9044
- RESERVED
-CVE-2015-9043
- RESERVED
-CVE-2015-9042
- RESERVED
-CVE-2015-9041
- RESERVED
-CVE-2015-9040
- RESERVED
-CVE-2015-9039
- RESERVED
-CVE-2015-9038
- RESERVED
-CVE-2015-9037
- RESERVED
-CVE-2015-9036
- RESERVED
-CVE-2015-9035
- RESERVED
-CVE-2015-9034
- RESERVED
+CVE-2015-9054 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-9053 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-9052 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-9051 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-9050 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-9049 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-9048 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-9047 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-9046 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-9045 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-9044 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-9043 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-9042 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-9041 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-9040 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-9039 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-9038 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-9037 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-9036 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-9035 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-9034 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
CVE-2015-9033 (In all Android releases from CAF using the Linux kernel, a QTEE system ...)
NOT-FOR-US: Qualcomm component for Android
CVE-2015-9032 (In all Android releases from CAF using the Linux kernel, a DRM key was ...)
@@ -14260,10 +14280,10 @@
NOT-FOR-US: Qualcomm component for Android
CVE-2015-9020 (In all Android releases from CAF using the Linux kernel, an untrusted ...)
NOT-FOR-US: Qualcomm component for Android
-CVE-2014-9969
- RESERVED
-CVE-2014-9968
- RESERVED
+CVE-2014-9969 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2014-9968 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
CVE-2014-9967 (In all Android releases from CAF using the Linux kernel, an untrusted ...)
NOT-FOR-US: Qualcomm component for Android
CVE-2014-9966 (In all Android releases from CAF using the Linux kernel, a ...)
@@ -16277,8 +16297,8 @@
NOT-FOR-US: Android driver
CVE-2017-7365 (In all Android releases from CAF using the Linux kernel, a buffer ...)
NOT-FOR-US: Android
-CVE-2017-7364
- RESERVED
+CVE-2017-7364 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
CVE-2017-7363 (Pixie 1.0.4 allows an admin/index.php s=publish&m=module&x= XSS ...)
NOT-FOR-US: Pixie CMS
CVE-2017-7362 (Pixie 1.0.4 allows an admin/index.php s=publish&m=dynamic&x= XSS ...)
@@ -16644,8 +16664,8 @@
NOT-FOR-US: Unitrends Enterprise Backup
CVE-2017-7279 (An unprivileged user of the Unitrends Enterprise Backup before 9.0.0 ...)
NOT-FOR-US: Unitrends Enterprise Backup
-CVE-2017-7278
- RESERVED
+CVE-2017-7278 (Unspecified vulnerability in ASSA ABLOY APTUS Styra Porttelefonkort ...)
+ TODO: check
CVE-2017-7277 (The TCP stack in the Linux kernel through 4.10.6 mishandles the ...)
- linux <not-affected> (Vulnerable code introduced in 4.10-rc1)
CVE-2017-7276 (There is reflected XSS in TOPdesk before 5.7.6 and 6.x and 7.x before ...)
@@ -26913,8 +26933,8 @@
RESERVED
CVE-2017-3757
RESERVED
-CVE-2017-3756
- RESERVED
+CVE-2017-3756 (A privilege escalation vulnerability was identified in Lenovo Active ...)
+ TODO: check
CVE-2017-3755
RESERVED
CVE-2017-3754 (Some Lenovo brand notebook systems do not have write protections ...)
@@ -31451,8 +31471,8 @@
RESERVED
CVE-2017-2290 (On Windows installations of the mcollective-puppet-agent plugin, ...)
NOT-FOR-US: mcollective-puppet-agent plugin on Windows
-CVE-2017-2289
- RESERVED
+CVE-2017-2289 (Untrusted search path vulnerability in Installer of Qua station ...)
+ TODO: check
CVE-2017-2288 (Untrusted search path vulnerability in LhaForge Ver.1.6.5 and earlier ...)
NOT-FOR-US: LhaForge
CVE-2017-2287 (Untrusted search path vulnerability in NFC Port Software remover ...)
@@ -31573,8 +31593,8 @@
NOT-FOR-US: Douro Kouji Kanseizutou Check Program
CVE-2017-2229 (Untrusted search path vulnerability in Douroshisetu Kihon Data Sakusei ...)
NOT-FOR-US: Douroshisetu Kihon Data Sakusei System
-CVE-2017-2228
- RESERVED
+CVE-2017-2228 (Untrusted search path vulnerability in Teikihoukokusho Sakuseishien ...)
+ TODO: check
CVE-2017-2227 (Untrusted search path vulnerability in The installer of Charamin OMP ...)
NOT-FOR-US: installer of Charamin OMP
CVE-2017-2226 (Untrusted search path vulnerability in Setup file of advance ...)
@@ -33027,8 +33047,8 @@
RESERVED
CVE-2017-1502
RESERVED
-CVE-2017-1501
- RESERVED
+CVE-2017-1501 (IBM WebSphere Application Server 8.0, 8.5, and 9.0 could provide ...)
+ TODO: check
CVE-2017-1500 (A Reflected Cross Site Scripting (XSS) vulnerability exists in the ...)
NOT-FOR-US: IBM
CVE-2017-1499
@@ -33353,8 +33373,8 @@
RESERVED
CVE-2017-1339
RESERVED
-CVE-2017-1338
- RESERVED
+CVE-2017-1338 (IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to ...)
+ TODO: check
CVE-2017-1337 (IBM WebSphere MQ 9.0.1 and 9.0.2 Java/JMS application can incorrectly ...)
NOT-FOR-US: IBM
CVE-2017-1336
@@ -34803,8 +34823,8 @@
NOT-FOR-US: Android media framework
CVE-2017-0688 (A denial of service vulnerability in the Android media framework. ...)
NOT-FOR-US: Android media framework
-CVE-2017-0687
- RESERVED
+CVE-2017-0687 (A denial of service vulnerability in the Android media framework ...)
+ TODO: check
CVE-2017-0686 (A denial of service vulnerability in the Android media framework. ...)
NOT-FOR-US: Android media framework
CVE-2017-0685 (A denial of service vulnerability in the Android media framework. ...)
@@ -48455,10 +48475,10 @@
NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0205/
CVE-2016-5874 (Siemens SIMATIC NET PC-Software before 13 SP2 allows remote attackers ...)
NOT-FOR-US: Siemens
-CVE-2016-5872
- RESERVED
-CVE-2016-5871
- RESERVED
+CVE-2016-5872 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2016-5871 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
CVE-2016-5870 (The msm_ipc_router_close function in net/ipc_router/ipc_router_socket.c ...)
- linux <not-affected> (Qualcomm-specific kernel patch)
CVE-2016-5869
@@ -65339,16 +65359,16 @@
RESERVED
CVE-2015-8597 (Open redirect vulnerability in Blue Coat ProxySG 6.5 before 6.5.8.8 ...)
NOT-FOR-US: Blue Coat
-CVE-2015-8596
- RESERVED
-CVE-2015-8595
- RESERVED
-CVE-2015-8594
- RESERVED
-CVE-2015-8593
- RESERVED
-CVE-2015-8592
- RESERVED
+CVE-2015-8596 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-8595 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-8594 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-8593 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-8592 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
CVE-2015-8612 (The EnableNetwork method in the Network class in ...)
{DSA-3427-1}
- blueman 2.0.3-1
@@ -69624,8 +69644,7 @@
RESERVED
CVE-2015-7946
RESERVED
-CVE-2015-7945 [DRBD secret leak]
- RESERVED
+CVE-2015-7945 (The RESTful control interface (aka RAPI or ganeti-rapi) in Ganeti ...)
{DSA-3431-1}
- ganeti 2.15.2-1 (bug #809538)
[squeeze] - ganeti <end-of-life> (Depends on KVM/Xen, unsupported in Squeeze LTS)
@@ -69634,8 +69653,7 @@
NOTE: http://git.ganeti.org/?p=ganeti.git;a=commit;h=6e94ad76446904961744f9b0826414a5e4120693
NOTE: http://git.ganeti.org/?p=ganeti.git;a=commit;h=6d44be24c50944fc35de7a490bc836938a82e1df
NOTE: http://git.ganeti.org/?p=ganeti.git;a=commit;h=6f9ba80f8312d5607da70841f698c49000a31126
-CVE-2015-7944 [DoS]
- RESERVED
+CVE-2015-7944 (The RESTful control interface (aka RAPI or ganeti-rapi) in Ganeti ...)
{DSA-3431-1}
- ganeti 2.15.2-1 (bug #809537)
[squeeze] - ganeti <end-of-life> (Depends on KVM/Xen, unsupported in Squeeze LTS)
@@ -77623,8 +77641,7 @@
NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=cb72cba83021fa42719e73a5249c12096a4d1cfc
NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=03441c3a4a42beb25460dd11592539030337d0f8
NOTE: Introduced by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=ce560dcf20c14194db5ef3b9fc1ea592d4e68109 (v1.3.0-rc0)
-CVE-2015-5153
- RESERVED
+CVE-2015-5153 (Pulp does not remove permissions for named objects upon deletion, ...)
NOT-FOR-US: Pulp (Red Hat)
CVE-2015-5152 (Foreman after 1.1 and before 1.9.0-RC1 does not redirect HTTP requests ...)
- foreman <itp> (bug #663101)
@@ -77811,8 +77828,7 @@
- ruby-redcarpet <not-affected> (Affects v3.3.0 - v3.3.1)
NOTE: https://github.com/vmg/redcarpet/commit/2cee777c1e5babe8a1e2683d31ea75cc4afe55fb
NOTE: http://www.openwall.com/lists/oss-security/2015/06/29/3
-CVE-2015-5081 [CSRF]
- RESERVED
+CVE-2015-5081 (Cross-site request forgery (CSRF) vulnerability in django CMS before ...)
- python-django-cms <itp> (bug #516183)
CVE-2015-5073 (Heap-based buffer overflow in the find_fixedlength function in ...)
- pcre3 2:8.35-7 (bug #790000)
@@ -78861,8 +78877,7 @@
[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
NOTE: http://github.com/mantisbt/mantisbt/commit/f39cf525 (1.2.x)
NOTE: https://mantisbt.org/bugs/view.php?id=19873
-CVE-2015-5057
- RESERVED
+CVE-2015-5057 (Cross-site scripting (XSS) vulnerability exists in the Wordpress admin ...)
NOT-FOR-US: WordPress plugin broken-link-checker
CVE-2015-4707 [IPython XSS in JSON error responses -- /api/notebooks path]
RESERVED
@@ -79465,8 +79480,8 @@
RESERVED
CVE-2015-4465 (Cross-site scripting (XSS) vulnerability in the zM Ajax Login & ...)
NOT-FOR-US: WordPress plugin zM Ajax Login & Register
-CVE-2015-4464
- RESERVED
+CVE-2015-4464 (Kguard Digital Video Recorder 104, 108, v2 does not have any ...)
+ TODO: check
CVE-2015-4463 (The file_manager component in eFront CMS before 3.6.15.5 allows remote ...)
NOT-FOR-US: eFront CMS
CVE-2015-4462 (Absolute path traversal vulnerability in the file_manager component of ...)
@@ -80495,8 +80510,8 @@
RESERVED
CVE-2015-4072
RESERVED
-CVE-2015-4071
- RESERVED
+CVE-2015-4071 (The Helpdesk Pro Plugin before 1.4.0 for Joomla! allows remote ...)
+ TODO: check
CVE-2015-4070 (Open redirect vulnerability in the proxyimages function in ...)
NOT-FOR-US: Wow Moodboard Lite
CVE-2015-4069 (The EdgeServiceImpl web service in Arcserve UDP before 5.0 Update 4 ...)
@@ -80527,8 +80542,7 @@
NOTE: hwclock is not installed suid in Debian
NOTE: https://github.com/karelzak/util-linux/commit/687cc5d58942b24a9f4013c68876d8cbea907ab1
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/05/26/10
-CVE-2015-4082 [encrypted backups attack]
- RESERVED
+CVE-2015-4082 (attic before 0.15 does not confirm unencrypted backups with the user, ...)
- attic 0.16-1 (bug #787435)
[jessie] - attic <no-dsa> (Minor issue)
NOTE: https://github.com/jborg/attic/issues/271
@@ -81599,8 +81613,8 @@
RESERVED
CVE-2015-3650 (vmware-vmx.exe in VMware Workstation 7.x through 10.x before 10.0.7 ...)
NOT-FOR-US: VMware
-CVE-2015-3649
- RESERVED
+CVE-2015-3649 (The open-uri-cached rubygem allows local users to execute arbitrary ...)
+ TODO: check
CVE-2015-3648 (Directory traversal vulnerability in pages/setup.php in Montala ...)
NOT-FOR-US: ResourceSpace
CVE-2015-3647 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
@@ -86322,8 +86336,7 @@
NOT-FOR-US: fusion_options function in functions.php in the Fusion theme for WordPress
CVE-2015-2193
RESERVED
-CVE-2015-2675 [Invalid pointer dereference in the GNOME librest library]
- RESERVED
+CVE-2015-2675 (The OAuth implementation in librest before 0.7.93 incorrectly ...)
- librest 0.7.92-3 (bug #780101)
[wheezy] - librest <not-affected> (rest_proxy_call_get_url not yet used)
[squeeze] - librest <not-affected> (rest_proxy_call_get_url not yet used)
@@ -87153,8 +87166,8 @@
- piwigo <removed>
[squeeze] - piwigo <end-of-life> (Unsupported in squeeze-lts)
NOTE: Request to mark the package as unsupported in #779104
-CVE-2015-1878
- RESERVED
+CVE-2015-1878 (Thales nShield Connect hardware models 500, 1500, 6000, 500+, 1500+, ...)
+ TODO: check
CVE-2015-1876
RESERVED
CVE-2015-1875 (SQL injection vulnerability in a2billing/customer/iridium_threed.php ...)
@@ -87381,8 +87394,7 @@
NOTE: Concerns by Florian Weimer: https://bugzilla.gnome.org/show_bug.cgi?id=748278
CVE-2015-1818 (XML external entity (XXE) vulnerability in the dashbuilder import ...)
NOT-FOR-US: JBoss dashbuilder
-CVE-2015-1817 [stack-based buffer overflow in ipv6 literal parsing]
- RESERVED
+CVE-2015-1817 (Stack-based buffer overflow in the inet_pton function in ...)
- musl 1.1.5-2 (bug #781497)
CVE-2015-1816 (Forman before 1.7.4 does not verify SSL certificates for LDAP ...)
- foreman <itp> (bug #663101)
@@ -91688,12 +91700,12 @@
NOT-FOR-US: Cisco Adaptive Security Appliance
CVE-2015-0577 (Multiple cross-site scripting (XSS) vulnerabilities in the IronPort ...)
NOT-FOR-US: Cisco AsyncOS
-CVE-2015-0576
- RESERVED
-CVE-2015-0575
- RESERVED
-CVE-2015-0574
- RESERVED
+CVE-2015-0576 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-0575 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
+CVE-2015-0574 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
CVE-2015-0573 (drivers/media/platform/msm/broadcast/tsc.c in the TSC driver for the ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2015-0572 (Multiple race conditions in drivers/char/adsprpc.c and ...)
@@ -92940,8 +92952,8 @@
- libressl <itp> (bug #754513)
CVE-2014-9412 (Multiple cross-site scripting (XSS) vulnerabilities in NetIQ Access ...)
NOT-FOR-US: NetIQ Access Manager
-CVE-2014-9411
- RESERVED
+CVE-2014-9411 (In all Qualcomm products with Android releases from CAF using the ...)
+ TODO: check
CVE-2014-9410 (The vfe31_proc_general function in ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2014-9409
@@ -109224,8 +109236,7 @@
NOT-FOR-US: MediaWiki extension SemanticForms
CVE-2014-3452 (Filters\LAV\avfilter-lav-4.dll in K-lite Codec 10.4.5 and earlier ...)
NOT-FOR-US: K-lite Codec
-CVE-2014-3451
- RESERVED
+CVE-2014-3451 (OpenFire XMPP Server before 3.10 accepts self-signed certificates, ...)
NOT-FOR-US: Openfire
CVE-2014-3450 (Unspecified vulnerability in Panda Gold Protection and Global ...)
NOT-FOR-US: Panda
@@ -217588,8 +217599,8 @@
{DSA-1447-1}
- tomcat5.5 5.5.25-4 (low; bug #458237)
- tomcat5 <not-affected> (Vulnerable code not present)
-CVE-2007-5341
- RESERVED
+CVE-2007-5341 (Remote code execution in the Venkman script debugger in Mozilla ...)
+ TODO: check
CVE-2007-5340 (Multiple vulnerabilities in the Javascript engine in Mozilla Firefox ...)
{DSA-1401-1 DSA-1396-1 DSA-1392-1 DSA-1391-1 DTSA-69-1 DTSA-71-1 DTSA-80-1}
- iceweasel 2.0.0.8-1 (high)
@@ -218084,8 +218095,8 @@
{DTSA-74-1}
- hugin 0.6.1-1.1 (low; bug #447344)
[etch] - hugin <no-dsa> (Minor issue)
-CVE-2007-5199
- RESERVED
+CVE-2007-5199 (A single byte overflow in catalogue.c in X.Org libXfont 1.3.1 allows ...)
+ TODO: check
CVE-2007-5198 (Buffer overflow in the redir function in check_http.c in Nagios ...)
{DSA-1495-1 DTSA-67-1}
- nagios-plugins 1.4.8-2.2 (low; bug #445475)
More information about the Secure-testing-commits
mailing list