[Secure-testing-commits] r51405 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Mon May 8 09:10:24 UTC 2017
Author: sectracker
Date: 2017-05-08 09:10:24 +0000 (Mon, 08 May 2017)
New Revision: 51405
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-05-08 07:29:50 UTC (rev 51404)
+++ data/CVE/list 2017-05-08 09:10:24 UTC (rev 51405)
@@ -1,3 +1,61 @@
+CVE-2017-8834
+ RESERVED
+CVE-2017-8833 (Zen Cart 1.6.0 has XSS in the main_page parameter to index.php. NOTE: ...)
+ TODO: check
+CVE-2017-8832 (Allen Disk 1.6 has XSS in the id parameter to downfile.php. ...)
+ TODO: check
+CVE-2017-8831 (The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c ...)
+ TODO: check
+CVE-2017-8830 (In ImageMagick 7.0.5-6, the ReadBMPImage function in bmp.c:1379 allows ...)
+ TODO: check
+CVE-2017-8828
+ RESERVED
+CVE-2017-8827 (forgotpassword.php in GeniXCMS 1.0.2 lacks a rate limit, which might ...)
+ TODO: check
+CVE-2017-8826
+ RESERVED
+CVE-2017-8825
+ RESERVED
+CVE-2017-8824
+ RESERVED
+CVE-2017-8823
+ RESERVED
+CVE-2017-8822
+ RESERVED
+CVE-2017-8821
+ RESERVED
+CVE-2017-8820
+ RESERVED
+CVE-2017-8819
+ RESERVED
+CVE-2017-8818
+ RESERVED
+CVE-2017-8817
+ RESERVED
+CVE-2017-8816
+ RESERVED
+CVE-2017-8815
+ RESERVED
+CVE-2017-8814
+ RESERVED
+CVE-2017-8813
+ RESERVED
+CVE-2017-8812
+ RESERVED
+CVE-2017-8811
+ RESERVED
+CVE-2017-8810
+ RESERVED
+CVE-2017-8809
+ RESERVED
+CVE-2017-8808
+ RESERVED
+CVE-2017-8807
+ RESERVED
+CVE-2017-8806
+ RESERVED
+CVE-2017-8805
+ RESERVED
CVE-2017-1000041
REJECTED
CVE-2017-1000040
@@ -34,7 +92,7 @@
REJECTED
CVE-2016-1000360
REJECTED
-CVE-2017-8829 [insecure YAML validation]
+CVE-2017-8829 (Deserialization vulnerability in lintian through 2.5.50.3 allows ...)
- lintian <unfixed> (bug #861958)
CVE-2017-8804 (The xdr_bytes and xdr_string functions in the GNU C Library (aka glibc ...)
- glibc <unfixed>
@@ -1612,6 +1670,7 @@
CVE-2017-8115 (Directory traversal in setup/processors/url_search.php (aka the search ...)
NOT-FOR-US: MODX
CVE-2017-8114 (Roundcube Webmail allows arbitrary password resets by authenticated ...)
+ {DLA-933-1}
- roundcube 1.2.3+dfsg.1-4 (bug #861388)
NOTE: https://github.com/roundcube/roundcubemail/releases/tag/1.2.5
NOTE: https://github.com/roundcube/roundcubemail/commit/6e054a37d13dc3772d0aa454a32d5dc3bdcc7003 (1.2.x)
@@ -2463,7 +2522,7 @@
RESERVED
CVE-2017-7854 (The consume_init_expr function in wasm.c in radare2 1.3.0 allows remote ...)
- radare2 <not-affected> (Vulnerable code introduced later)
-CVE-2017-7853 (In libosip2 in GNU oSIP 5.0.0, a malformed SIP message can lead to a ...)
+CVE-2017-7853 (In libosip2 in GNU oSIP 4.1.0 and 5.0.0, a malformed SIP message can ...)
{DLA-898-1}
- libosip2 4.1.0-2.1 (bug #860287)
NOTE: https://savannah.gnu.org/support/index.php?109265
More information about the Secure-testing-commits
mailing list