[Secure-testing-commits] r51250 - data/CVE

Mon May 1 21:10:12 UTC 2017

Author: sectracker
Date: 2017-05-01 21:10:12 +0000 (Mon, 01 May 2017)
New Revision: 51250

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2017-05-01 20:10:47 UTC (rev 51249)
+++ data/CVE/list	2017-05-01 21:10:12 UTC (rev 51250)
@@ -1,3 +1,39 @@
+CVE-2017-8403 (360fly 4K cameras allow unauthenticated Wi-Fi password changes and ...)
+	TODO: check
+CVE-2017-8402
+	RESERVED
+CVE-2017-8401 (In SWFTools 0.9.2, an out-of-bounds read of heap data can occur in the ...)
+	TODO: check
+CVE-2017-8400 (In SWFTools 0.9.2, an out-of-bounds write of heap data can occur in the ...)
+	TODO: check
+CVE-2017-8399 (PCRE2 before 2017-03-10 has an out-of-bounds write caused by a ...)
+	TODO: check
+CVE-2017-8398 (dwarf.c in GNU Binutils 2.28 is vulnerable to an invalid read of size 1 ...)
+	TODO: check
+CVE-2017-8397 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed ...)
+	TODO: check
+CVE-2017-8396 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed ...)
+	TODO: check
+CVE-2017-8395 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed ...)
+	TODO: check
+CVE-2017-8394 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed ...)
+	TODO: check
+CVE-2017-8393 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed ...)
+	TODO: check
+CVE-2017-8392 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed ...)
+	TODO: check
+CVE-2017-8391
+	RESERVED
+CVE-2017-8390
+	RESERVED
+CVE-2017-8389
+	RESERVED
+CVE-2017-8388 (GeniXCMS 1.0.2 allows remote attackers to bypass the alertDanger ...)
+	TODO: check
+CVE-2017-8387
+	RESERVED
+CVE-2017-8386
+	RESERVED
 CVE-2017-8385 (Craft CMS before 2.6.2976 does not prevent modification of the URL in a ...)
 	NOT-FOR-US: Craft CMS
 CVE-2017-8384 (Craft CMS before 2.6.2976 allows XSS attacks because an array returned ...)
@@ -15,10 +51,10 @@
 CVE-2017-8378 (Heap-based buffer overflow in the PdfParser::ReadObjects function in ...)
 	- libpodofo <unfixed> (bug #861597)
 	NOTE: https://github.com/xiangxiaobo/poc_and_report/tree/master/podofo_heapoverflow_PdfParser.ReadObjects
-CVE-2017-8377
-	RESERVED
-CVE-2017-8376
-	RESERVED
+CVE-2017-8377 (GeniXCMS 1.0.2 has SQL Injection in ...)
+	TODO: check
+CVE-2017-8376 (GeniXCMS 1.0.2 has XSS triggered by an authenticated comment that is ...)
+	TODO: check
 CVE-2017-8375
 	RESERVED
 CVE-2017-8374 (The mad_bit_skip function in bit.c in Underbit MAD libmad 0.15.1b ...)
@@ -43,7 +79,7 @@
 	- ettercap <unfixed> (bug #861604)
 	NOTE: https://github.com/Ettercap/ettercap/issues/792
 CVE-2017-8365 (The i2les_array function in pcm.c in libsndfile 1.0.28 allows remote ...)
-	 - libsndfile <unfixed>
+	- libsndfile <unfixed>
 	NOTE: https://blogs.gentoo.org/ago/2017/04/29/libsndfile-global-buffer-overflow-in-i2les_array-pcm-c/
 	NOTE: https://github.com/erikd/libsndfile/issues/230
 	NOTE: Fixed by: https://github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3
@@ -4937,10 +4973,10 @@
 	RESERVED
 CVE-2017-6566
 	RESERVED
-CVE-2017-6565
-	RESERVED
-CVE-2017-6564
-	RESERVED
+CVE-2017-6565 (On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the roleDiag ...)
+	TODO: check
+CVE-2017-6564 (On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the Guest ...)
+	TODO: check
 CVE-2017-6563
 	RESERVED
 CVE-2017-6562 (XSS in Agora-Project 3.2.2 exists with an ...)
@@ -6355,8 +6391,8 @@
 	NOT-FOR-US: F5
 CVE-2017-6129
 	RESERVED
-CVE-2017-6128
-	RESERVED
+CVE-2017-6128 (An attacker may be able to cause a denial-of-service (DoS) attack ...)
+	TODO: check
 CVE-2017-6188 (Munin before 2.999.6 has a local file write vulnerability when CGI ...)
 	{DSA-3794-1 DLA-836-1}
 	- munin 2.0.31-1 (bug #855705)
@@ -7893,8 +7929,8 @@
 	NOT-FOR-US: D-Link
 CVE-2017-5632 (An issue was discovered on the ASUS RT-N56U Wireless Router with ...)
 	NOT-FOR-US: Asus router
-CVE-2017-5631
-	RESERVED
+CVE-2017-5631 (An issue was discovered in KMCIS CaseAware. Reflected cross site ...)
+	TODO: check
 CVE-2017-5630 (PECL in the download utility class in the Installer in PEAR Base System ...)
 	- php5 <unfixed> (unimportant)
 	- php-pear <unfixed> (unimportant)


