[Secure-testing-commits] r57396 - data/CVE

[security tracker role]

Author: sectracker
Date: 2017-11-07 09:10:21 +0000 (Tue, 07 Nov 2017)
New Revision: 57396

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-11-07 08:04:53 UTC (rev 57395)
+++ data/CVE/list	2017-11-07 09:10:21 UTC (rev 57396)
@@ -1,3 +1,15 @@
+CVE-2017-16638 (The Gentoo net-misc/vde package before version 2.3.2-r4 may allow ...)
+	TODO: check
+CVE-2017-16637 (In Vectura Perfect Privacy VPN Manager v1.10.10 and v1.10.11, when ...)
+	TODO: check
+CVE-2017-16636 (In Bludit v1.5.2 and v2.0.1, an XSS vulnerability is located in the new ...)
+	TODO: check
+CVE-2017-16635 (In TinyWebGallery v2.4, an XSS vulnerability is located in the ...)
+	TODO: check
+CVE-2017-16634
+	RESERVED
+CVE-2017-16633
+	RESERVED
 CVE-2017-16632
 	RESERVED
 CVE-2017-16631
@@ -7284,24 +7296,24 @@
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=1058757
 	NOTE: https://www.ruby-lang.org/en/news/2017/09/14/openssl-asn1-buffer-underrun-cve-2017-14033/
 	NOTE: https://github.com/ruby/openssl/commit/1648afef33c1d97fb203c82291b8a61269e85d3b
-CVE-2017-14031
-	RESERVED
+CVE-2017-14031 (An Improper Access Control issue was discovered in Trihedral VTScada ...)
+	TODO: check
 CVE-2017-14030
 	RESERVED
-CVE-2017-14029
-	RESERVED
+CVE-2017-14029 (An Uncontrolled Search Path Element issue was discovered in Trihedral ...)
+	TODO: check
 CVE-2017-14028
 	RESERVED
 CVE-2017-14027 (A Use of Hard-coded Credentials issue was discovered in Korenix JetNet ...)
 	NOT-FOR-US: Korenix
 CVE-2017-14026
 	RESERVED
-CVE-2017-14025
-	RESERVED
+CVE-2017-14025 (An Improper Input Validation issue was discovered in ABB FOX515T ...)
+	TODO: check
 CVE-2017-14024
 	RESERVED
-CVE-2017-14023
-	RESERVED
+CVE-2017-14023 (An Improper Input Validation issue was discovered in Siemens SIMATIC ...)
+	TODO: check
 CVE-2017-14022
 	RESERVED
 CVE-2017-14021 (A Use of Hard-coded Cryptographic Key issue was discovered in Korenix ...)
@@ -7314,8 +7326,8 @@
 	RESERVED
 CVE-2017-14017 (An Uncontrolled Search Path Element issue was discovered in Progea ...)
 	NOT-FOR-US: Progea Movicon
-CVE-2017-14016
-	RESERVED
+CVE-2017-14016 (A Stack-based Buffer Overflow issue was discovered in Advantech ...)
+	TODO: check
 CVE-2017-14015
 	RESERVED
 CVE-2017-14014
@@ -8263,10 +8275,10 @@
 	NOT-FOR-US: Symantec
 CVE-2017-13682 (In Symantec Encryption Desktop before SED 10.4.1 MP2HF1, a kernel ...)
 	NOT-FOR-US: Symantec
-CVE-2017-13681
-	RESERVED
-CVE-2017-13680
-	RESERVED
+CVE-2017-13681 (Symantec Endpoint Protection prior to SEP 12.1 RU6 MP9 could be ...)
+	TODO: check
+CVE-2017-13680 (Prior to SEP 12.1 RU6 MP9 & SEP 14 RU1 Symantec Endpoint Protection ...)
+	TODO: check
 CVE-2017-13679 (A denial of service (DoS) attack in Symantec Encryption Desktop before ...)
 	NOT-FOR-US: Symantec
 CVE-2017-13678
@@ -11157,8 +11169,8 @@
 	RESERVED
 CVE-2017-12720
 	RESERVED
-CVE-2017-12719
-	RESERVED
+CVE-2017-12719 (An Untrusted Pointer Dereference issue was discovered in Advantech ...)
+	TODO: check
 CVE-2017-12718
 	RESERVED
 CVE-2017-12717 (An Uncontrolled Search Path Element issue was discovered in Advantech ...)
@@ -11454,6 +11466,7 @@
 CVE-2017-12619
 	RESERVED
 CVE-2017-12618 (Apache Portable Runtime Utility (APR-util) 1.6.0 and prior fail to ...)
+	{DLA-1163-1}
 	- apr-util 1.6.1-1 (low; bug #879996)
 	NOTE: mail-archives.apache.org/mod_mbox/apr-dev/201710.mbox/%3CCACsi252POs4toeJJciwg09_eu2cO3XFg%3DUqsPjXsfjDoeC3-UQ%40mail.gmail.com%3E
 	NOTE: https://github.com/apache/apr/commit/f672b565c825c34de9ee298b5bdc62c01cdd6147
@@ -30418,8 +30431,8 @@
 	RESERVED
 CVE-2017-6332
 	RESERVED
-CVE-2017-6331
-	RESERVED
+CVE-2017-6331 (Prior to SEP 14 RU1 Symantec Endpoint Protection product can encounter ...)
+	TODO: check
 CVE-2017-6330 (Symantec Encryption Desktop before SED 10.4.1MP2 can allow remote ...)
 	NOT-FOR-US: Symantec
 CVE-2017-6329 (Symantec VIP Access for Desktop prior to 2.2.4 can be susceptible to a ...)