[Secure-testing-commits] r58740 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Wed Dec 20 21:10:13 UTC 2017
Author: sectracker
Date: 2017-12-20 21:10:12 +0000 (Wed, 20 Dec 2017)
New Revision: 58740
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-20 20:37:38 UTC (rev 58739)
+++ data/CVE/list 2017-12-20 21:10:12 UTC (rev 58740)
@@ -78,42 +78,42 @@
RESERVED
CVE-2018-3560
RESERVED
-CVE-2017-17804
- RESERVED
-CVE-2017-17803
- RESERVED
-CVE-2017-17802
- RESERVED
-CVE-2017-17801
- RESERVED
-CVE-2017-17800
- RESERVED
-CVE-2017-17799
- RESERVED
-CVE-2017-17798
- RESERVED
-CVE-2017-17797
- RESERVED
-CVE-2017-17796
- RESERVED
-CVE-2017-17795
- RESERVED
-CVE-2017-17794
- RESERVED
-CVE-2017-17793
- RESERVED
-CVE-2017-17792
- RESERVED
+CVE-2017-17804 (In IKARUS anti.virus 2.16.20, the driver file (ntguard.SYS) allows ...)
+ TODO: check
+CVE-2017-17803 (In TG Soft Vir.IT eXplorer Lite 8.5.65, the driver file (VIRAGTLT.SYS) ...)
+ TODO: check
+CVE-2017-17802 (In TG Soft Vir.IT eXplorer Lite 8.5.65, the driver file (VIRAGTLT.SYS) ...)
+ TODO: check
+CVE-2017-17801 (In TG Soft Vir.IT eXplorer Lite 8.5.65, the driver file (VIRAGTLT.SYS) ...)
+ TODO: check
+CVE-2017-17800 (In TG Soft Vir.IT eXplorer Lite 8.5.65, the driver file (VIRAGTLT.SYS) ...)
+ TODO: check
+CVE-2017-17799 (In TG Soft Vir.IT eXplorer Lite 8.5.65, the driver file (VIRAGTLT.SYS) ...)
+ TODO: check
+CVE-2017-17798 (In TG Soft Vir.IT eXplorer Lite 8.5.42, the driver file (VIRAGTLT.SYS) ...)
+ TODO: check
+CVE-2017-17797 (In IKARUS anti.virus 2.16.20, the driver file (ntguard.SYS) allows ...)
+ TODO: check
+CVE-2017-17796 (In TG Soft Vir.IT eXplorer Lite 8.5.65, the driver file (VIRAGTLT.SYS) ...)
+ TODO: check
+CVE-2017-17795 (In IKARUS anti.virus 2.16.20, the driver file (ntguard.SYS) allows ...)
+ TODO: check
+CVE-2017-17794 (validate_form_preferences in admin/preferences.php in BlogoText through ...)
+ TODO: check
+CVE-2017-17793 (Information Disclosure vulnerability in creer_fichier_zip in ...)
+ TODO: check
+CVE-2017-17792 (Cross site scripting (XSS) vulnerability in the markup_clean_href ...)
+ TODO: check
CVE-2017-17791
RESERVED
-CVE-2017-17790
- RESERVED
-CVE-2017-17783
- RESERVED
-CVE-2017-17782
- RESERVED
-CVE-2017-17781
- RESERVED
+CVE-2017-17790 (The lazy_initialize function in lib/resolv.rb in Ruby through 2.4.3 ...)
+ TODO: check
+CVE-2017-17783 (In GraphicsMagick 1.3.27a, there is a buffer over-read in ReadPALMImage ...)
+ TODO: check
+CVE-2017-17782 (In GraphicsMagick 1.3.27a, there is a heap-based buffer over-read in ...)
+ TODO: check
+CVE-2017-17781 (In Horde Groupware through 5.2.22, SQL Injection exists via the group ...)
+ TODO: check
CVE-2017-17780 (The Clockwork SMS clockwork-test-message.php component has XSS via a ...)
NOT-FOR-US: Clockwork SMS plugins for WordPress
CVE-2017-17779 (Paid To Read Script 2.0.5 has SQL injection via the referrals.php id ...)
@@ -154,20 +154,18 @@
RESERVED
CVE-2017-17761 (An issue was discovered on Ichano AtHome IP Camera devices. The device ...)
NOT-FOR-US: Ichano AtHome IP Camera
-CVE-2017-17476 [OSA-2017-10: Session hijacking]
- RESERVED
+CVE-2017-17476 (Open Ticket Request System (OTRS) 4.0.x before 4.0.28, 5.0.x before ...)
+ {DSA-4069-1}
- otrs2 6.0.3-1 (bug #884801)
NOTE: https://www.otrs.com/security-advisory-2017-10-security-update-otrs-framework/
NOTE: OTRS-6: https://github.com/OTRS/otrs/commit/36e3be99cfe8a9e09afa1b75fdc39f3e28f561fc
NOTE: OTRS-5: https://github.com/OTRS/otrs/commit/720c73fbf53e476ca7dfdf2ae1d4d3d2aad2b953
NOTE: OTRS-4: https://github.com/OTRS/otrs/commit/26707eaaa791648e6c7ad6aeaa27efd70e7c66eb
-CVE-2017-17785 [gimp: Heap overflow in FLI import]
- RESERVED
+CVE-2017-17785 (In GIMP 2.8.22, there is a heap-based buffer overflow in the ...)
- gimp <unfixed> (bug #884836)
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=739133
NOTE: Can be reproduced (at least in wheezy) with "valgrind --trace-children=yes gimp <reproducerfile>"
-CVE-2017-17786 [gimp: OOB read in TGA]
- RESERVED
+CVE-2017-17786 (In GIMP 2.8.22, there is a heap-based buffer over-read in ReadImage in ...)
- gimp <unfixed> (unimportant; bug #884862)
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=739134
NOTE: https://git.gnome.org/browse/gimp/commit/?id=674b62ad45b6579ec6d7923dc3cb1ef4e8b5498b (master)
@@ -175,27 +173,23 @@
NOTE: https://git.gnome.org/browse/gimp/commit/?h=gimp-2-8&id=ef9c821fff8b637a2178eab1c78cae6764c50e12 (gimp-2-8)
NOTE: https://git.gnome.org/browse/gimp/commit/?h=gimp-2-8&id=22e2571c25425f225abdb11a566cc281fca6f366 (gimp-2-8)
NOTE: Crash in desktop tool, no/negligable security impact
-CVE-2017-17788 [gimp: OOB read in XCF]
- RESERVED
+CVE-2017-17788 (In GIMP 2.8.22, there is a stack-based buffer over-read in ...)
- gimp <unfixed> (unimportant)
NOTE: https://git.gnome.org/browse/gimp/commit/?id=702c4227e8b6169f781e4bb5ae4b5733f51ab126 (master)
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=790783
NOTE: Crash in desktop tool, no/negligable security impact
-CVE-2017-17784 [gimp: OOB read in GBR]
- RESERVED
+CVE-2017-17784 (In GIMP 2.8.22, there is a heap-based buffer over-read in load_image in ...)
- gimp <unfixed> (unimportant)
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=790784
NOTE: Crash in desktop tool, no/negligable security impact
-CVE-2017-17789 [gimp: Heap overflow in PSP]
- RESERVED
+CVE-2017-17789 (In GIMP 2.8.22, there is a heap-based buffer overflow in ...)
- gimp <unfixed> (bug #884837)
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=790849
NOTE: https://git.gnome.org/browse/GIMP/commit/?id=28e95fbeb5720e6005a088fa811f5bf3c1af48b8 (master)
NOTE: https://git.gnome.org/browse/GIMP/commit/?id=01898f10f87a094665a7fdcf7153990f4e511d3f (gimp-2-8)
NOTE: Cannot be reproduced in wheezy with "valgrind --trace-children=yes gimp <reproducerfile>"
NOTE: Some OOB read/write can be reproduced in sid with "valgrind --trace-children=yes gimp <reproducerfile>"
-CVE-2017-17787 [gimp: OOB read in PSP]
- RESERVED
+CVE-2017-17787 (In GIMP 2.8.22, there is a heap-based buffer over-read in ...)
- gimp <unfixed> (unimportant)
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=790853
NOTE: Crash in desktop tool, no/negligable security impact
@@ -215,8 +209,8 @@
RESERVED
CVE-2017-17753 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
NOT-FOR-US: esb-csv-import-export plugin for WordPress
-CVE-2017-17752
- RESERVED
+CVE-2017-17752 (Ability Mail Server 3.3.2 has Cross Site Scripting (XSS) via the body ...)
+ TODO: check
CVE-2017-17751
RESERVED
CVE-2017-17750
@@ -225,12 +219,12 @@
RESERVED
CVE-2017-17748
RESERVED
-CVE-2017-17747
- RESERVED
-CVE-2017-17746
- RESERVED
-CVE-2017-17745
- RESERVED
+CVE-2017-17747 (Weak access controls in the Device Logout functionality on the TP-Link ...)
+ TODO: check
+CVE-2017-17746 (Weak access control methods on the TP-Link TL-SG108E 1.0.0 allow any ...)
+ TODO: check
+CVE-2017-17745 (Cross-site scripting (XSS) vulnerability in system_name_set.cgi in ...)
+ TODO: check
CVE-2017-17744 (A cross-site scripting (XSS) vulnerability in the custom-map plugin ...)
NOT-FOR-US: custom-map plugin for WordPress
CVE-2017-17743
@@ -10032,8 +10026,7 @@
NOT-FOR-US: b3log Symphony
CVE-2017-16819 (A stored cross-site scripting vulnerability in the Icon Time Systems ...)
NOT-FOR-US: Icon Time Systems RTC-1000
-CVE-2017-16818 [Failed assertion through user input in ceph_assert() function in rgw_iam_policy.cc]
- RESERVED
+CVE-2017-16818 (RADOS Gateway in Ceph 12.1.0 through 12.2.1 allows remote ...)
- ceph <not-affected> (Vulnerable code introduced after 12.1.0)
NOTE: https://github.com/ceph/ceph/commit/b3118cabb8060a8cc6a01c4e8264cb18e7b1745a
CVE-2017-16817
@@ -10245,16 +10238,16 @@
RESERVED
CVE-2017-16736
RESERVED
-CVE-2017-16735
- RESERVED
+CVE-2017-16735 (A SQL Injection issue was discovered in Ecava IntegraXor v 6.1.1030.1 ...)
+ TODO: check
CVE-2017-16734
RESERVED
-CVE-2017-16733
- RESERVED
+CVE-2017-16733 (A SQL Injection issue was discovered in Ecava IntegraXor v 6.1.1030.1 ...)
+ TODO: check
CVE-2017-16732
RESERVED
-CVE-2017-16731
- RESERVED
+CVE-2017-16731 (An Unprotected Transport of Credentials issue was discovered in ABB ...)
+ TODO: check
CVE-2017-16730
RESERVED
CVE-2017-16729
@@ -10265,8 +10258,8 @@
RESERVED
CVE-2017-16726
RESERVED
-CVE-2017-16725
- RESERVED
+CVE-2017-16725 (A Stack-based Buffer Overflow issue was discovered in Xiongmai ...)
+ TODO: check
CVE-2017-16724
RESERVED
CVE-2017-16723 (A Cross-site Scripting issue was discovered in PHOENIX CONTACT FL ...)
@@ -10281,8 +10274,8 @@
NOT-FOR-US: Moxa
CVE-2017-16718
RESERVED
-CVE-2017-16717
- RESERVED
+CVE-2017-16717 (A Heap-based Buffer Overflow issue was discovered in WECON LeviStudio ...)
+ TODO: check
CVE-2017-16716
RESERVED
CVE-2017-16715 (An Information Exposure issue was discovered in Moxa NPort 5110 Version ...)
@@ -10638,44 +10631,44 @@
RESERVED
CVE-2017-16590
RESERVED
-CVE-2017-16589
- RESERVED
-CVE-2017-16588
- RESERVED
-CVE-2017-16587
- RESERVED
-CVE-2017-16586
- RESERVED
-CVE-2017-16585
- RESERVED
-CVE-2017-16584
- RESERVED
-CVE-2017-16583
- RESERVED
-CVE-2017-16582
- RESERVED
-CVE-2017-16581
- RESERVED
-CVE-2017-16580
- RESERVED
-CVE-2017-16579
- RESERVED
-CVE-2017-16578
- RESERVED
-CVE-2017-16577
- RESERVED
-CVE-2017-16576
- RESERVED
-CVE-2017-16575
- RESERVED
-CVE-2017-16574
- RESERVED
-CVE-2017-16573
- RESERVED
-CVE-2017-16572
- RESERVED
-CVE-2017-16571
- RESERVED
+CVE-2017-16589 (This vulnerability allows remote attackers to disclose sensitive ...)
+ TODO: check
+CVE-2017-16588 (This vulnerability allows remote attackers to disclose sensitive ...)
+ TODO: check
+CVE-2017-16587 (This vulnerability allows remote attackers to execute arbitrary code ...)
+ TODO: check
+CVE-2017-16586 (This vulnerability allows remote attackers to execute arbitrary code ...)
+ TODO: check
+CVE-2017-16585 (This vulnerability allows remote attackers to execute arbitrary code ...)
+ TODO: check
+CVE-2017-16584 (This vulnerability allows remote attackers to disclose sensitive ...)
+ TODO: check
+CVE-2017-16583 (This vulnerability allows remote attackers to execute arbitrary code ...)
+ TODO: check
+CVE-2017-16582 (This vulnerability allows remote attackers to execute arbitrary code ...)
+ TODO: check
+CVE-2017-16581 (This vulnerability allows remote attackers to execute arbitrary code ...)
+ TODO: check
+CVE-2017-16580 (This vulnerability allows remote attackers to disclose sensitive ...)
+ TODO: check
+CVE-2017-16579 (This vulnerability allows remote attackers to disclose sensitive ...)
+ TODO: check
+CVE-2017-16578 (This vulnerability allows remote attackers to execute arbitrary code ...)
+ TODO: check
+CVE-2017-16577 (This vulnerability allows remote attackers to execute arbitrary code ...)
+ TODO: check
+CVE-2017-16576 (This vulnerability allows remote attackers to execute arbitrary code ...)
+ TODO: check
+CVE-2017-16575 (This vulnerability allows remote attackers to execute arbitrary code ...)
+ TODO: check
+CVE-2017-16574 (This vulnerability allows remote attackers to disclose sensitive ...)
+ TODO: check
+CVE-2017-16573 (This vulnerability allows remote attackers to disclose sensitive ...)
+ TODO: check
+CVE-2017-16572 (This vulnerability allows remote attackers to execute arbitrary code ...)
+ TODO: check
+CVE-2017-16571 (This vulnerability allows remote attackers to execute arbitrary code ...)
+ TODO: check
CVE-2017-16570 (KeystoneJS before 4.0.0-beta.7 allows application-wide CSRF bypass by ...)
NOT-FOR-US: KeystoneJS
CVE-2017-16569 (An Open URL Redirect issue exists in Zurmo 3.2.1.57987acc3018 via an ...)
@@ -13525,8 +13518,8 @@
RESERVED
CVE-2017-15533
RESERVED
-CVE-2017-15532
- RESERVED
+CVE-2017-15532 (Prior to 10.6.4, Symantec Messaging Gateway may be susceptible to a ...)
+ TODO: check
CVE-2017-15531
RESERVED
CVE-2017-15530 (Prior to 4.4.1.10, the Norton Family Android App can be susceptible to ...)
@@ -15462,22 +15455,22 @@
NOTE: https://mail.openvswitch.org/pipermail/ovs-dev/2017-September/339085.html
NOTE: https://mail.openvswitch.org/pipermail/ovs-dev/2017-September/339086.html
NOTE: Not considered a security issue by upstream, see #877543
-CVE-2017-14969
- RESERVED
-CVE-2017-14968
- RESERVED
-CVE-2017-14967
- RESERVED
-CVE-2017-14966
- RESERVED
-CVE-2017-14965
- RESERVED
-CVE-2017-14964
- RESERVED
-CVE-2017-14963
- RESERVED
-CVE-2017-14962
- RESERVED
+CVE-2017-14969 (In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an ...)
+ TODO: check
+CVE-2017-14968 (In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an ...)
+ TODO: check
+CVE-2017-14967 (In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an ...)
+ TODO: check
+CVE-2017-14966 (In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an ...)
+ TODO: check
+CVE-2017-14965 (In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an ...)
+ TODO: check
+CVE-2017-14964 (In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an ...)
+ TODO: check
+CVE-2017-14963 (In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an ...)
+ TODO: check
+CVE-2017-14962 (In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an ...)
+ TODO: check
CVE-2017-14961 (In IKARUS anti.virus 2.16.7, the ntguard.sys driver contains an ...)
NOT-FOR-US: IKARUS anti.virus
CVE-2017-14960
@@ -15876,46 +15869,46 @@
NOT-FOR-US: TeamWork Photo Fusion
CVE-2017-14838 (TeamWork Job Links allows Arbitrary File Upload in profileChange and ...)
NOT-FOR-US: TeamWork Job Links
-CVE-2017-14837
- RESERVED
-CVE-2017-14836
- RESERVED
-CVE-2017-14835
- RESERVED
-CVE-2017-14834
- RESERVED
-CVE-2017-14833
- RESERVED
-CVE-2017-14832
- RESERVED
-CVE-2017-14831
- RESERVED
-CVE-2017-14830
- RESERVED
-CVE-2017-14829
- RESERVED
-CVE-2017-14828
- RESERVED
-CVE-2017-14827
- RESERVED
-CVE-2017-14826
- RESERVED
-CVE-2017-14825
- RESERVED
-CVE-2017-14824
- RESERVED
-CVE-2017-14823
- RESERVED
-CVE-2017-14822
- RESERVED
-CVE-2017-14821
- RESERVED
-CVE-2017-14820
- RESERVED
-CVE-2017-14819
- RESERVED
-CVE-2017-14818
- RESERVED
+CVE-2017-14837 (This vulnerability allows remote attackers to execute arbitrary code ...)
+ TODO: check
+CVE-2017-14836 (This vulnerability allows remote attackers to execute arbitrary code ...)
+ TODO: check
+CVE-2017-14835 (This vulnerability allows remote attackers to execute arbitrary code ...)
+ TODO: check
+CVE-2017-14834 (This vulnerability allows remote attackers to execute arbitrary code ...)
+ TODO: check
+CVE-2017-14833 (This vulnerability allows remote attackers to execute arbitrary code ...)
+ TODO: check
+CVE-2017-14832 (This vulnerability allows remote attackers to execute arbitrary code ...)
+ TODO: check
+CVE-2017-14831 (This vulnerability allows remote attackers to execute arbitrary code ...)
+ TODO: check
+CVE-2017-14830 (This vulnerability allows remote attackers to execute arbitrary code ...)
+ TODO: check
+CVE-2017-14829 (This vulnerability allows remote attackers to execute arbitrary code ...)
+ TODO: check
+CVE-2017-14828 (This vulnerability allows remote attackers to execute arbitrary code ...)
+ TODO: check
+CVE-2017-14827 (This vulnerability allows remote attackers to execute arbitrary code ...)
+ TODO: check
+CVE-2017-14826 (This vulnerability allows remote attackers to execute arbitrary code ...)
+ TODO: check
+CVE-2017-14825 (This vulnerability allows remote attackers to execute arbitrary code ...)
+ TODO: check
+CVE-2017-14824 (This vulnerability allows remote attackers to execute arbitrary code ...)
+ TODO: check
+CVE-2017-14823 (This vulnerability allows remote attackers to execute arbitrary code ...)
+ TODO: check
+CVE-2017-14822 (This vulnerability allows remote attackers to disclose sensitive ...)
+ TODO: check
+CVE-2017-14821 (This vulnerability allows remote attackers to disclose sensitive ...)
+ TODO: check
+CVE-2017-14820 (This vulnerability allows remote attackers to disclose sensitive ...)
+ TODO: check
+CVE-2017-14819 (This vulnerability allows remote attackers to disclose sensitive ...)
+ TODO: check
+CVE-2017-14818 (This vulnerability allows remote attackers to disclose sensitive on ...)
+ TODO: check
CVE-2017-14817
RESERVED
CVE-2017-14816
@@ -24004,8 +23997,8 @@
NOT-FOR-US: Synology
CVE-2017-12073
RESERVED
-CVE-2017-12072
- RESERVED
+CVE-2017-12072 (Cross-site scripting (XSS) vulnerability in PixlrEditorHandler.php in ...)
+ TODO: check
CVE-2017-12071 (Server-side request forgery (SSRF) vulnerability in file_upload.php in ...)
NOT-FOR-US: Synology
CVE-2017-12070
@@ -27430,14 +27423,14 @@
NOT-FOR-US: REDCap
CVE-2017-10960
RESERVED
-CVE-2017-10959
- RESERVED
-CVE-2017-10958
- RESERVED
-CVE-2017-10957
- RESERVED
-CVE-2017-10956
- RESERVED
+CVE-2017-10959 (This vulnerability allows remote attackers to execute arbitrary code ...)
+ TODO: check
+CVE-2017-10958 (This vulnerability allows remote attackers to execute arbitrary code ...)
+ TODO: check
+CVE-2017-10957 (This vulnerability allows remote attackers to execute arbitrary code ...)
+ TODO: check
+CVE-2017-10956 (This vulnerability allows remote attackers to disclose sensitive ...)
+ TODO: check
CVE-2017-10955 (** DISPUTED ** This vulnerability allows remote attackers to execute ...)
NOT-FOR-US: EMC
CVE-2017-10954 (This vulnerability allows remote attackers to execute arbitrary code ...)
@@ -42377,8 +42370,8 @@
NOT-FOR-US: Mail Masta plugin for Wordpress
CVE-2017-6095 (A SQL injection issue was discovered in the Mail Masta (aka mail-masta) ...)
NOT-FOR-US: Mail Masta plugin for Wordpress
-CVE-2017-6094
- RESERVED
+CVE-2017-6094 (CPEs used by subscribers on the access network receive their ...)
+ TODO: check
CVE-2017-6093
RESERVED
CVE-2017-6092
@@ -46801,14 +46794,14 @@
RESERVED
CVE-2017-4944
RESERVED
-CVE-2017-4943
- RESERVED
+CVE-2017-4943 (VMware vCenter Server Appliance (vCSA) (6.5 before 6.5 U1d) contains a ...)
+ TODO: check
CVE-2017-4942 (VMware AirWatch Console (AWC) contains a Broken Access Control ...)
NOT-FOR-US: VMware
-CVE-2017-4941
- RESERVED
-CVE-2017-4940
- RESERVED
+CVE-2017-4941 (VMware ESXi (6.0 before ESXi600-201711101-SG, 5.5 ...)
+ TODO: check
+CVE-2017-4940 (The ESXi Host Client in VMware ESXi (6.5 before ESXi650-201712103-SG, ...)
+ TODO: check
CVE-2017-4939 (VMware Workstation (12.x before 12.5.8) installer contains a DLL ...)
NOT-FOR-US: VMware
CVE-2017-4938 (VMware Workstation (12.x before 12.5.8) and Fusion (8.x before 8.5.9) ...)
@@ -46821,8 +46814,8 @@
NOT-FOR-US: VMware
CVE-2017-4934 (VMware Workstation (12.x before 12.5.8) and Fusion (8.x before 8.5.9) ...)
NOT-FOR-US: VMware
-CVE-2017-4933
- RESERVED
+CVE-2017-4933 (VMware ESXi (6.5 before ESXi650-201710401-BG), Workstation (12.x ...)
+ TODO: check
CVE-2017-4932 (VMware AirWatch Launcher for Android prior to 3.2.2 contains a ...)
NOT-FOR-US: VMware
CVE-2017-4931 (VMware AirWatch Console 9.x prior to 9.2.0 contains a vulnerability ...)
@@ -55041,8 +55034,8 @@
RESERVED
CVE-2017-1758
RESERVED
-CVE-2017-1757
- RESERVED
+CVE-2017-1757 (IBM Security Guardium 10.0 is vulnerable to SQL injection. A remote ...)
+ TODO: check
CVE-2017-1756
RESERVED
CVE-2017-1755
@@ -55053,8 +55046,8 @@
RESERVED
CVE-2017-1752
RESERVED
-CVE-2017-1751
- RESERVED
+CVE-2017-1751 (IBM Robotic Process Automation with Automation Anywhere 10.0.0 is ...)
+ TODO: check
CVE-2017-1750
RESERVED
CVE-2017-1749
@@ -55063,8 +55056,8 @@
RESERVED
CVE-2017-1747
RESERVED
-CVE-2017-1746
- RESERVED
+CVE-2017-1746 (IBM Jazz for Service Management (IBM Tivoli Components 1.1.3) is ...)
+ TODO: check
CVE-2017-1745
RESERVED
CVE-2017-1744
@@ -55163,12 +55156,12 @@
RESERVED
CVE-2017-1697
RESERVED
-CVE-2017-1696
- RESERVED
+CVE-2017-1696 (IBM QRadar 7.2 and 7.3 could allow a remote authenticated attacker to ...)
+ TODO: check
CVE-2017-1695
RESERVED
-CVE-2017-1694
- RESERVED
+CVE-2017-1694 (IBM Integration Bus 9.0 and 10.0 transmits user credentials in plain ...)
+ TODO: check
CVE-2017-1693
RESERVED
CVE-2017-1692
@@ -55293,8 +55286,8 @@
RESERVED
CVE-2017-1632 (IBM Sterling File Gateway 2.2 is vulnerable to cross-site scripting. ...)
TODO: check
-CVE-2017-1631
- RESERVED
+CVE-2017-1631 (IBM Jazz for Service Management (IBM Tivoli Components 1.1.3) is ...)
+ TODO: check
CVE-2017-1630
RESERVED
CVE-2017-1629
@@ -55355,18 +55348,18 @@
RESERVED
CVE-2017-1601
RESERVED
-CVE-2017-1600
- RESERVED
+CVE-2017-1600 (IBM Security Guardium 10.0 Database Activity Monitor is vulnerable to ...)
+ TODO: check
CVE-2017-1599
RESERVED
-CVE-2017-1598
- RESERVED
+CVE-2017-1598 (IBM Security Guardium 10.0 Database Activity Monitor uses weaker than ...)
+ TODO: check
CVE-2017-1597
RESERVED
-CVE-2017-1596
- RESERVED
-CVE-2017-1595
- RESERVED
+CVE-2017-1596 (IBM Security Guardium 10.0 Database Activity Monitor could allow a ...)
+ TODO: check
+CVE-2017-1595 (IBM Security Guardium 10.0 Database Activity Monitor could allow a ...)
+ TODO: check
CVE-2017-1594
RESERVED
CVE-2017-1593 (IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to ...)
@@ -55567,8 +55560,8 @@
NOT-FOR-US: IBM
CVE-2017-1495 (IBM InfoSphere Information Server 9.1, 11.3, and 11.5 could allow a ...)
NOT-FOR-US: IBM
-CVE-2017-1494
- RESERVED
+CVE-2017-1494 (IBM Business Process Manager 8.5 is vulnerable to cross-site ...)
+ TODO: check
CVE-2017-1493
RESERVED
CVE-2017-1492
@@ -55709,8 +55702,8 @@
NOT-FOR-US: IBM
CVE-2017-1424 (IBM Business Process Manager 8.5.7 is vulnerable to cross-site ...)
NOT-FOR-US: IBM
-CVE-2017-1423
- RESERVED
+CVE-2017-1423 (IBM WebSphere Portal 8.5 and 9.0 exposes backend server URLs that are ...)
+ TODO: check
CVE-2017-1422 (IBM MaaS360 DTM all versions up to 3.81 does not perform proper ...)
NOT-FOR-US: IBM
CVE-2017-1421 (IBM iNotes is vulnerable to cross-site scripting. This vulnerability ...)
@@ -56015,34 +56008,34 @@
RESERVED
CVE-2017-1271 (IBM Security Guardium 9.0, 9.1, and 9.5 supports interaction between ...)
NOT-FOR-US: IBM
-CVE-2017-1270
- RESERVED
+CVE-2017-1270 (IBM Security Guardium 10.0 does not renew a session variable after a ...)
+ TODO: check
CVE-2017-1269 (IBM Security Guardium 10.0 and 10.1 is vulnerable to SQL injection. A ...)
NOT-FOR-US: IBM
CVE-2017-1268
RESERVED
CVE-2017-1267 (IBM Security Guardium 10.0 and 10.1 processes patches, image backups ...)
NOT-FOR-US: IBM
-CVE-2017-1266
- RESERVED
+CVE-2017-1266 (IBM Security Guardium 10.0 specifies permissions for a ...)
+ TODO: check
CVE-2017-1265
RESERVED
CVE-2017-1264 (IBM Security Guardium 10.0 does not prove or insufficiently proves ...)
NOT-FOR-US: IBM
CVE-2017-1263
RESERVED
-CVE-2017-1262
- RESERVED
-CVE-2017-1261
- RESERVED
+CVE-2017-1262 (IBM Security Guardium 10.0 is vulnerable to HTTP response splitting ...)
+ TODO: check
+CVE-2017-1261 (IBM Security Guardium 10.0 stores potentially sensitive information in ...)
+ TODO: check
CVE-2017-1260
RESERVED
CVE-2017-1259
RESERVED
CVE-2017-1258 (IBM Security Guardium 10.0 and 10.1 does not perform an authentication ...)
NOT-FOR-US: IBM
-CVE-2017-1257
- RESERVED
+CVE-2017-1257 (IBM Security Guardium 10.0 discloses sensitive information to ...)
+ TODO: check
CVE-2017-1256 (IBM Security Guardium 10.0, 10.1 is vulnerable to cross-site ...)
NOT-FOR-US: IBM
CVE-2017-1255
More information about the Secure-testing-commits
mailing list