[Secure-testing-commits] r57287 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Fri Nov 3 21:10:17 UTC 2017
Author: sectracker
Date: 2017-11-03 21:10:17 +0000 (Fri, 03 Nov 2017)
New Revision: 57287
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-03 20:48:57 UTC (rev 57286)
+++ data/CVE/list 2017-11-03 21:10:17 UTC (rev 57287)
@@ -1,61 +1,87 @@
-CVE-2017-16511
+CVE-2017-16524
RESERVED
-CVE-2017-1000171
+CVE-2017-16523 (MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ...)
+ TODO: check
+CVE-2017-16522 (MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ...)
+ TODO: check
+CVE-2017-16521
RESERVED
-CVE-2017-1000157
+CVE-2017-16520
RESERVED
-CVE-2017-1000156
+CVE-2017-16519
RESERVED
-CVE-2017-1000155
+CVE-2017-16518
RESERVED
-CVE-2017-1000154
+CVE-2017-16517
RESERVED
-CVE-2017-1000153
+CVE-2017-16516 (In the yajl-ruby gem 1.3.0 for Ruby, when a crafted JSON file is ...)
+ TODO: check
+CVE-2017-16515
RESERVED
-CVE-2017-1000152
+CVE-2017-16514
RESERVED
-CVE-2017-1000151
+CVE-2017-16513 (Ipswitch WS_FTP Professional before 12.6.0.3 has buffer overflows in ...)
+ TODO: check
+CVE-2017-16512
RESERVED
-CVE-2017-1000150
+CVE-2017-16511
RESERVED
-CVE-2017-1000149
- RESERVED
-CVE-2017-1000148
- RESERVED
-CVE-2017-1000147
- RESERVED
-CVE-2017-1000146
- RESERVED
-CVE-2017-1000145
- RESERVED
-CVE-2017-1000144
- RESERVED
-CVE-2017-1000143
- RESERVED
-CVE-2017-1000142
- RESERVED
+CVE-2017-1000171 (Mahara Mobile before 1.2.1 is vulnerable to passwords being sent to ...)
+ TODO: check
+CVE-2017-1000157 (Mahara 15.04 before 15.04.13 and 16.04 before 16.04.7 and 16.10 before ...)
+ TODO: check
+CVE-2017-1000156 (Mahara 15.04 before 15.04.9 and 15.10 before 15.10.5 and 16.04 before ...)
+ TODO: check
+CVE-2017-1000155 (Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before ...)
+ TODO: check
+CVE-2017-1000154 (Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before ...)
+ TODO: check
+CVE-2017-1000153 (Mahara 15.04 before 15.04.10 and 15.10 before 15.10.6 and 16.04 before ...)
+ TODO: check
+CVE-2017-1000152 (Mahara 15.04 before 15.04.7 and 15.10 before 15.10.3 running PHP 5.3 ...)
+ TODO: check
+CVE-2017-1000151 (Mahara 15.04 before 15.04.9 and 15.10 before 15.10.5 and 16.04 before ...)
+ TODO: check
+CVE-2017-1000150 (Mahara 15.04 before 15.04.7 and 15.10 before 15.10.3 are vulnerable to ...)
+ TODO: check
+CVE-2017-1000149 (Mahara 1.10 before 1.10.9 and 15.04 before 15.04.6 and 15.10 before ...)
+ TODO: check
+CVE-2017-1000148 (Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before ...)
+ TODO: check
+CVE-2017-1000147 (Mahara 1.9 before 1.9.8 and 1.10 before 1.10.6 and 15.04 before ...)
+ TODO: check
+CVE-2017-1000146 (Mahara 1.9 before 1.9.7 and 1.10 before 1.10.5 and 15.04 before ...)
+ TODO: check
+CVE-2017-1000145 (Mahara 1.9 before 1.9.7 and 1.10 before 1.10.5 and 15.04 before ...)
+ TODO: check
+CVE-2017-1000144 (Mahara 1.9 before 1.9.6 and 1.10 before 1.10.4 and 15.04 before ...)
+ TODO: check
+CVE-2017-1000143 (Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 ...)
+ TODO: check
+CVE-2017-1000142 (Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 ...)
+ TODO: check
CVE-2017-1000141
RESERVED
-CVE-2017-1000140
- RESERVED
-CVE-2017-1000139
- RESERVED
-CVE-2017-1000138
- RESERVED
-CVE-2017-1000137
- RESERVED
-CVE-2017-1000136
- RESERVED
-CVE-2017-1000135
- RESERVED
-CVE-2017-1000134
- RESERVED
-CVE-2017-1000133
- RESERVED
-CVE-2017-1000132
- RESERVED
-CVE-2017-1000131
- RESERVED
+CVE-2017-1000140 (Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 ...)
+ TODO: check
+CVE-2017-1000139 (Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 ...)
+ TODO: check
+CVE-2017-1000138 (Mahara 1.10 before 1.10.0 and 15.04 before 15.04.0 are vulnerable to ...)
+ TODO: check
+CVE-2017-1000137 (Mahara 1.10 before 1.10.0 and 15.04 before 15.04.0 are vulnerable to ...)
+ TODO: check
+CVE-2017-1000136 (Mahara 1.8 before 1.8.6 and 1.9 before 1.9.4 and 1.10 before 1.10.1 ...)
+ TODO: check
+CVE-2017-1000135 (Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 ...)
+ TODO: check
+CVE-2017-1000134 (Mahara 1.8 before 1.8.6 and 1.9 before 1.9.4 and 1.10 before 1.10.1 ...)
+ TODO: check
+CVE-2017-1000133 (Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before ...)
+ TODO: check
+CVE-2017-1000132 (Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 ...)
+ TODO: check
+CVE-2017-1000131 (Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before ...)
+ TODO: check
CVE-2017-16510 (WordPress before 4.8.3 is affected by an issue where $wpdb->prepare() ...)
- wordpress 4.8.3+dfsg-1 (bug #880528)
NOTE: https://wpvulndb.com/vulnerabilities/8941
@@ -391,10 +417,12 @@
CVE-2017-16354
RESERVED
CVE-2017-16353 (GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure ...)
+ {DLA-1159-1}
- graphicsmagick 1.3.26-17
NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=e4e1c2a581d8
NOTE: https://blogs.securiteam.com/index.php/archives/3494
CVE-2017-16352 (GraphicsMagick 1.3.26 is vulnerable to a heap-based buffer overflow ...)
+ {DLA-1159-1}
- graphicsmagick 1.3.26-17
NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=7292230dd185
NOTE: https://blogs.securiteam.com/index.php/archives/3494
@@ -2167,14 +2195,17 @@
CVE-2017-15724
RESERVED
CVE-2017-15723 (In Irssi before 1.0.5, overlong nicks or targets may result in a NULL ...)
+ {DSA-4016-1}
- irssi <unfixed> (bug #879521)
NOTE: https://irssi.org/security/irssi_sa_2017_10.txt
NOTE: https://github.com/irssi/irssi/commit/43e44d553d44e313003cee87e6ea5e24d68b84a1
CVE-2017-15722 (In certain cases, Irssi before 1.0.5 may fail to verify that a Safe ...)
+ {DSA-4016-1}
- irssi <unfixed> (bug #879521)
NOTE: https://irssi.org/security/irssi_sa_2017_10.txt
NOTE: https://github.com/irssi/irssi/commit/43e44d553d44e313003cee87e6ea5e24d68b84a1
CVE-2017-15721 (In Irssi before 1.0.5, certain incorrectly formatted DCC CTCP messages ...)
+ {DSA-4016-1}
- irssi <unfixed> (bug #879521)
NOTE: https://irssi.org/security/irssi_sa_2017_10.txt
NOTE: https://github.com/irssi/irssi/commit/43e44d553d44e313003cee87e6ea5e24d68b84a1
@@ -3376,10 +3407,12 @@
CVE-2017-15229
RESERVED
CVE-2017-15228 (Irssi before 1.0.5, when installing themes with unterminated colour ...)
+ {DSA-4016-1}
- irssi <unfixed> (bug #879521)
NOTE: https://irssi.org/security/irssi_sa_2017_10.txt
NOTE: https://github.com/irssi/irssi/commit/43e44d553d44e313003cee87e6ea5e24d68b84a1
CVE-2017-15227 (Irssi before 1.0.5, while waiting for the channel synchronisation, may ...)
+ {DSA-4016-1}
- irssi <unfixed> (bug #879521)
NOTE: https://irssi.org/security/irssi_sa_2017_10.txt
NOTE: https://github.com/irssi/irssi/commit/43e44d553d44e313003cee87e6ea5e24d68b84a1
@@ -4963,7 +4996,7 @@
- salt <unfixed> (bug #879089)
NOTE: Fixed by: https://github.com/saltstack/salt/commit/80d90307b07b3703428ecbb7c8bb468e28a9ae6d
NOTE: Fixed by: https://github.com/saltstack/salt/commit/206ae23f15cb7ec95a07dee4cbe9802da84f9c42 (2016.11)
-CVE-2017-14694 (Foxit Reader 8.3.2.25013 allows attackers to execute arbitrary code or ...)
+CVE-2017-14694 (Foxit Reader 8.3.2.25013 and earlier and Foxit PhantomPDF 8.3.2.25013 ...)
NOT-FOR-US: Foxit Reader
CVE-2017-14693 (IrfanView 4.44 - 32bit allows attackers to cause a denial of service or ...)
NOT-FOR-US: IrfanView
@@ -5908,8 +5941,8 @@
RESERVED
CVE-2017-14360
RESERVED
-CVE-2017-14359
- RESERVED
+CVE-2017-14359 (A potential security vulnerability has been identified in HPE ...)
+ TODO: check
CVE-2017-14358 (A URL redirection to untrusted site vulnerability in HP ArcSight ESM ...)
NOT-FOR-US: HP ArcSight
CVE-2017-14357 (A Reflected and Stored Cross-Site Scripting (XSS) vulnerability in HP ...)
@@ -24637,7 +24670,7 @@
NOT-FOR-US: Qualcomm component for Android
CVE-2014-9960 (In all Android releases from CAF using the Linux kernel, a buffer ...)
NOT-FOR-US: Qualcomm component for Android
-CVE-2017-7894 (WinDjView 2.1 might allow user-assisted attackers to execute code via a ...)
+CVE-2017-7894 (WinDjView 2.1 might allow user-assisted attackers to execute code via ...)
NOT-FOR-US: WinDjView
CVE-2017-7893
RESERVED
More information about the Secure-testing-commits
mailing list