[Secure-testing-commits] r57274 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Fri Nov 3 09:11:04 UTC 2017
Author: sectracker
Date: 2017-11-03 09:11:04 +0000 (Fri, 03 Nov 2017)
New Revision: 57274
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-03 06:17:15 UTC (rev 57273)
+++ data/CVE/list 2017-11-03 09:11:04 UTC (rev 57274)
@@ -1,3 +1,5 @@
+CVE-2017-16511
+ RESERVED
CVE-2017-1000171
RESERVED
CVE-2017-1000157
@@ -54,7 +56,7 @@
RESERVED
CVE-2017-1000131
RESERVED
-CVE-2017-16510 [Unsafe queries with wpdb->prepare]
+CVE-2017-16510 (WordPress before 4.8.3 is affected by an issue where $wpdb->prepare() ...)
- wordpress 4.8.3+dfsg-1 (bug #880528)
NOTE: https://wpvulndb.com/vulnerabilities/8941
NOTE: https://github.com/WordPress/WordPress/commit/a2693fd8602e3263b5925b9d799ddd577202167d
@@ -650,8 +652,8 @@
RESERVED
CVE-2017-16238
RESERVED
-CVE-2017-16237
- RESERVED
+CVE-2017-16237 (In Vir.IT eXplorer Anti-Virus before 8.5.42, the driver file ...)
+ TODO: check
CVE-2017-16236
RESERVED
CVE-2017-16235
@@ -1631,12 +1633,15 @@
CVE-2017-15956 (ConverTo Video Downloader & Converter 1.4.1 allows Arbitrary File ...)
NOT-FOR-US: ConverTo Video Downloader
CVE-2017-15955 (bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to an ...)
+ {DLA-1158-1}
- bchunk <unfixed> (bug #880116)
NOTE: https://github.com/extramaster/bchunk/issues/4
CVE-2017-15954 (bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a ...)
+ {DLA-1158-1}
- bchunk <unfixed> (bug #880116)
NOTE: https://github.com/extramaster/bchunk/issues/3
CVE-2017-15953 (bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a ...)
+ {DLA-1158-1}
- bchunk <unfixed> (bug #880116)
NOTE: https://github.com/extramaster/bchunk/issues/2
CVE-2017-15952
@@ -2006,27 +2011,38 @@
NOT-FOR-US: XnView
CVE-2017-15801 (XnView Classic for Windows Version 2.43 allows attackers to cause a ...)
NOT-FOR-US: XnView
-CVE-2017-15800 (IrfanView version 4.50 (64bit) allows attackers to execute arbitrary ...)
+CVE-2017-15800
+ REJECTED
NOT-FOR-US: IrfanView
-CVE-2017-15799 (IrfanView version 4.50 (64bit) allows attackers to cause a denial of ...)
+CVE-2017-15799
+ REJECTED
NOT-FOR-US: IrfanView
-CVE-2017-15798 (IrfanView version 4.50 (64bit) allows attackers to cause a denial of ...)
+CVE-2017-15798
+ REJECTED
NOT-FOR-US: IrfanView
-CVE-2017-15797 (IrfanView version 4.50 (64bit) allows attackers to execute arbitrary ...)
+CVE-2017-15797
+ REJECTED
NOT-FOR-US: IrfanView
-CVE-2017-15796 (IrfanView version 4.50 (64bit) allows attackers to cause a denial of ...)
+CVE-2017-15796
+ REJECTED
NOT-FOR-US: IrfanView
-CVE-2017-15795 (IrfanView version 4.50 (64bit) allows attackers to cause a denial of ...)
+CVE-2017-15795
+ REJECTED
NOT-FOR-US: IrfanView
-CVE-2017-15794 (IrfanView version 4.50 (64bit) allows attackers to cause a denial of ...)
+CVE-2017-15794
+ REJECTED
NOT-FOR-US: IrfanView
-CVE-2017-15793 (IrfanView version 4.50 (64bit) allows attackers to execute arbitrary ...)
+CVE-2017-15793
+ REJECTED
NOT-FOR-US: IrfanView
-CVE-2017-15792 (IrfanView version 4.50 (64bit) allows attackers to cause a denial of ...)
+CVE-2017-15792
+ REJECTED
NOT-FOR-US: IrfanView
-CVE-2017-15791 (IrfanView version 4.50 (64bit) allows attackers to cause a denial of ...)
+CVE-2017-15791
+ REJECTED
NOT-FOR-US: IrfanView
-CVE-2017-15790 (IrfanView version 4.50 (64bit) allows attackers to cause a denial of ...)
+CVE-2017-15790
+ REJECTED
NOT-FOR-US: IrfanView
CVE-2017-15789 (XnView Classic for Windows Version 2.43 allows attackers to execute ...)
NOT-FOR-US: XnView
@@ -17801,6 +17817,7 @@
CVE-2017-10389 (Vulnerability in the Oracle Hospitality Suite8 component of Oracle ...)
NOT-FOR-US: Oracle
CVE-2017-10388 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+ {DSA-4015-1}
- openjdk-9 9.0.1+11-1
- openjdk-8 8u151-b12-1
- openjdk-7 <removed>
@@ -17880,18 +17897,21 @@
CVE-2017-10358 (Vulnerability in the Oracle Hyperion Financial Reporting component of ...)
NOT-FOR-US: Oracle
CVE-2017-10357 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+ {DSA-4015-1}
- openjdk-9 9.0.1+11-1
- openjdk-8 8u151-b12-1
- openjdk-7 <removed>
- openjdk-6 <removed>
[wheezy] - openjdk-6 <end-of-life>
CVE-2017-10356 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+ {DSA-4015-1}
- openjdk-9 9.0.1+11-1
- openjdk-8 8u151-b12-1
- openjdk-7 <removed>
- openjdk-6 <removed>
[wheezy] - openjdk-6 <end-of-life>
CVE-2017-10355 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+ {DSA-4015-1}
- openjdk-9 9.0.1+11-1
- openjdk-8 8u151-b12-1
- openjdk-7 <removed>
@@ -17906,34 +17926,40 @@
CVE-2017-10351 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of ...)
NOT-FOR-US: Oracle
CVE-2017-10350 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+ {DSA-4015-1}
- openjdk-9 9.0.1+11-1
- openjdk-8 8u151-b12-1
- openjdk-7 <removed>
CVE-2017-10349 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+ {DSA-4015-1}
- openjdk-9 9.0.1+11-1
- openjdk-8 8u151-b12-1
- openjdk-7 <removed>
- openjdk-6 <removed>
[wheezy] - openjdk-6 <end-of-life>
CVE-2017-10348 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+ {DSA-4015-1}
- openjdk-9 9.0.1+11-1
- openjdk-8 8u151-b12-1
- openjdk-7 <removed>
- openjdk-6 <removed>
[wheezy] - openjdk-6 <end-of-life>
CVE-2017-10347 (Vulnerability in the Java SE, JRockit component of Oracle Java SE ...)
+ {DSA-4015-1}
- openjdk-9 9.0.1+11-1
- openjdk-8 8u151-b12-1
- openjdk-7 <removed>
- openjdk-6 <removed>
[wheezy] - openjdk-6 <end-of-life>
CVE-2017-10346 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+ {DSA-4015-1}
- openjdk-9 9.0.1+11-1
- openjdk-8 8u151-b12-1
- openjdk-7 <removed>
- openjdk-6 <removed>
[wheezy] - openjdk-6 <end-of-life>
CVE-2017-10345 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+ {DSA-4015-1}
- openjdk-9 9.0.1+11-1
- openjdk-8 8u151-b12-1
- openjdk-7 <removed>
@@ -18049,6 +18075,7 @@
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
CVE-2017-10295 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+ {DSA-4015-1}
- openjdk-9 9.0.1+11-1
- openjdk-8 8u151-b12-1
- openjdk-7 <removed>
@@ -18080,6 +18107,7 @@
- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
CVE-2017-10285 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+ {DSA-4015-1}
- openjdk-9 9.0.1+11-1
- openjdk-8 8u151-b12-1
- openjdk-7 <removed>
@@ -18096,6 +18124,7 @@
CVE-2017-10282
RESERVED
CVE-2017-10281 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+ {DSA-4015-1}
- openjdk-9 9.0.1+11-1
- openjdk-8 8u151-b12-1
- openjdk-7 <removed>
@@ -18118,6 +18147,7 @@
CVE-2017-10275 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
NOT-FOR-US: Oracle
CVE-2017-10274 (Vulnerability in the Java SE component of Oracle Java SE ...)
+ {DSA-4015-1}
- openjdk-9 9.0.1+11-1
- openjdk-8 8u151-b12-1
- openjdk-7 <removed>
More information about the Secure-testing-commits
mailing list