[Secure-testing-commits] r51712 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Thu May 18 09:10:14 UTC 2017
Author: sectracker
Date: 2017-05-18 09:10:13 +0000 (Thu, 18 May 2017)
New Revision: 51712
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-05-18 06:56:24 UTC (rev 51711)
+++ data/CVE/list 2017-05-18 09:10:13 UTC (rev 51712)
@@ -1,5 +1,59 @@
-CVE-2017-9058 [Heap-based buffer overflow due to incorrect boundary checking]
- - libytnef <unfixed> (bug #862556)
+CVE-2017-9059 (The NFSv4 implementation in the Linux kernel through 4.11.1 allows ...)
+ TODO: check
+CVE-2017-9057
+ RESERVED
+CVE-2017-9056
+ RESERVED
+CVE-2017-9055 (An issue, also known as DW201703-001, was discovered in libdwarf ...)
+ TODO: check
+CVE-2017-9054 (An issue, also known as DW201703-002, was discovered in libdwarf ...)
+ TODO: check
+CVE-2017-9053 (An issue, also known as DW201703-005, was discovered in libdwarf ...)
+ TODO: check
+CVE-2017-9052 (An issue, also known as DW201703-006, was discovered in libdwarf ...)
+ TODO: check
+CVE-2017-9051 (libav before 12.1 is vulnerable to an invalid read of size 1 due to ...)
+ TODO: check
+CVE-2017-9050 (libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based ...)
+ TODO: check
+CVE-2017-9049 (libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based ...)
+ TODO: check
+CVE-2017-9048 (libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based ...)
+ TODO: check
+CVE-2017-9047 (A buffer overflow was discovered in libxml2 ...)
+ TODO: check
+CVE-2017-9046
+ RESERVED
+CVE-2017-9045 (The Google I/O 2017 application before 5.1.4 for Android downloads ...)
+ TODO: check
+CVE-2017-9044 (The print_symbol_for_build_attribute function in readelf.c in GNU ...)
+ TODO: check
+CVE-2017-9043 (readelf.c in GNU Binutils 2017-04-12 has a "shift exponent too large ...)
+ TODO: check
+CVE-2017-9042 (readelf.c in GNU Binutils 2017-04-12 has a "cannot be represented in ...)
+ TODO: check
+CVE-2017-9041 (GNU Binutils 2.28 allows remote attackers to cause a denial of service ...)
+ TODO: check
+CVE-2017-9040 (GNU Binutils 2017-04-03 allows remote attackers to cause a denial of ...)
+ TODO: check
+CVE-2017-9039 (GNU Binutils 2.28 allows remote attackers to cause a denial of service ...)
+ TODO: check
+CVE-2017-9038 (GNU Binutils 2.28 allows remote attackers to cause a denial of service ...)
+ TODO: check
+CVE-2017-9037
+ RESERVED
+CVE-2017-9036
+ RESERVED
+CVE-2017-9035
+ RESERVED
+CVE-2017-9034
+ RESERVED
+CVE-2017-9033
+ RESERVED
+CVE-2017-9032
+ RESERVED
+CVE-2017-9058 (In libytnef in ytnef through 1.9.2, there is a heap-based buffer ...)
+ - libytnef <unfixed> (bug #862556)
CVE-2017-9030 (The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 ...)
NOT-FOR-US: Joomla extension
CVE-2017-9029
@@ -275,8 +329,7 @@
RESERVED
CVE-2017-8918
RESERVED
-CVE-2017-8917
- RESERVED
+CVE-2017-8917 (SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows ...)
NOT-FOR-US: Joomla
CVE-2017-8916
RESERVED
@@ -673,8 +726,8 @@
RESERVED
CVE-2017-8770
RESERVED
-CVE-2017-8769
- RESERVED
+CVE-2017-8769 (** DISPUTED ** Facebook WhatsApp Messenger 2.17.146 for Android uses ...)
+ TODO: check
CVE-2017-8768 (Atlassian SourceTree v2.5c and prior are affected by a command ...)
NOT-FOR-US: Atlassian SourceTree
CVE-2017-8767
@@ -1705,8 +1758,8 @@
RESERVED
CVE-2017-8339 (PSKMAD.sys in Panda Free Antivirus 18.0 allows local users to cause a ...)
NOT-FOR-US: Panda Free Antivirus
-CVE-2017-8338
- RESERVED
+CVE-2017-8338 (A vulnerability in MikroTik Version 6.38.5 could allow an ...)
+ TODO: check
CVE-2017-8337
RESERVED
CVE-2017-8336
@@ -7978,8 +8031,8 @@
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697596
NOTE: Fixed by: http://git.ghostscript.com/?p=ghostpdl.git;h=ecceafe3abba2714ef9b432035fe0739d9b1a283
NOTE: Possibly introduced only after http://git.ghostscript.com/?p=ghostpdl.git;h=cffb5712bc10c2c2f46adf311fc74aaae74cb784
-CVE-2017-6195
- RESERVED
+CVE-2017-6195 (Ipswitch MOVEit Transfer (formerly DMZ) allows pre-authentication blind ...)
+ TODO: check
CVE-2017-6194 (The relocs function in libr/bin/p/bin_bflt.c in radare2 1.2.1 allows ...)
[experimental] - radare2 1.3.0+dfsg-1
- radare2 1.1.0+dfsg-4 (bug #859448)
@@ -14181,20 +14234,20 @@
RESERVED
CVE-2017-4018
RESERVED
-CVE-2017-4017
- RESERVED
-CVE-2017-4016
- RESERVED
-CVE-2017-4015
- RESERVED
-CVE-2017-4014
- RESERVED
-CVE-2017-4013
- RESERVED
-CVE-2017-4012
- RESERVED
-CVE-2017-4011
- RESERVED
+CVE-2017-4017 (User Name Disclosure in the server in McAfee Network Data Loss ...)
+ TODO: check
+CVE-2017-4016 (Web Server method disclosure in the server in McAfee Network Data Loss ...)
+ TODO: check
+CVE-2017-4015 (Clickjacking vulnerability in the server in McAfee Network Data Loss ...)
+ TODO: check
+CVE-2017-4014 (Session Side jacking vulnerability in the server in McAfee Network ...)
+ TODO: check
+CVE-2017-4013 (Banner Disclosure in the server in McAfee Network Data Loss Prevention ...)
+ TODO: check
+CVE-2017-4012 (Privilege Escalation vulnerability in the server in McAfee Network ...)
+ TODO: check
+CVE-2017-4011 (Embedding Script (XSS) in HTTP Headers vulnerability in the server in ...)
+ TODO: check
CVE-2017-4010
RESERVED
CVE-2017-4009
More information about the Secure-testing-commits
mailing list