[Secure-testing-commits] r57535 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Fri Nov 10 21:10:14 UTC 2017 

Author: sectracker
Date: 2017-11-10 21:10:14 +0000 (Fri, 10 Nov 2017)
New Revision: 57535

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-11-10 20:59:55 UTC (rev 57534)
+++ data/CVE/list	2017-11-10 21:10:14 UTC (rev 57535)
@@ -1,13 +1,43 @@
-CVE-2017-16764
+CVE-2017-16779
 	RESERVED
-CVE-2017-16763
+CVE-2017-16778
 	RESERVED
-CVE-2017-16762
+CVE-2017-16777
 	RESERVED
-CVE-2017-16761
+CVE-2017-16776
 	RESERVED
-CVE-2017-16760
+CVE-2017-16775
 	RESERVED
+CVE-2017-16774
+	RESERVED
+CVE-2017-16773
+	RESERVED
+CVE-2017-16772
+	RESERVED
+CVE-2017-16771
+	RESERVED
+CVE-2017-16770
+	RESERVED
+CVE-2017-16769
+	RESERVED
+CVE-2017-16768
+	RESERVED
+CVE-2017-16767
+	RESERVED
+CVE-2017-16766
+	RESERVED
+CVE-2017-16765 (XSS exists on D-Link DWR-933 1.00(WW)B17 devices via cgi-bin/gui.cgi. ...)
+	TODO: check
+CVE-2017-16764 (An exploitable vulnerability exists in the YAML parsing functionality ...)
+	TODO: check
+CVE-2017-16763 (An exploitable vulnerability exists in the YAML parsing functionality ...)
+	TODO: check
+CVE-2017-16762 (Sanic before 0.5.1 allows reading arbitrary files with directory ...)
+	TODO: check
+CVE-2017-16761 (An Open Redirect vulnerability in Inedo BuildMaster before 5.8.2 allows ...)
+	TODO: check
+CVE-2017-16760 (Inedo BuildMaster before 5.8.2 has XSS. ...)
+	TODO: check
 CVE-2017-16759 (The installation process in LibreNMS before 2017-08-18 allows remote ...)
 	NOT-FOR-US: LibreNMS
 CVE-2017-16758 (Cross-site scripting (XSS) vulnerability in ...)
@@ -195,6 +225,7 @@
 CVE-2017-16670
 	RESERVED
 CVE-2017-16669 (coders/wpg.c in GraphicsMagick 1.3.26 allows remote attackers to cause ...)
+	{DLA-1168-1}
 	- graphicsmagick <unfixed>
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/450/
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/135bdcb88b8d
@@ -557,8 +588,8 @@
 	NOT-FOR-US: MitraStar
 CVE-2017-16522 (MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ...)
 	NOT-FOR-US: MitraStar
-CVE-2017-16521
-	RESERVED
+CVE-2017-16521 (In Inedo BuildMaster before 5.8.2, XslTransform was used where ...)
+	TODO: check
 CVE-2017-16520
 	RESERVED
 CVE-2017-16519
@@ -3137,7 +3168,7 @@
 CVE-2017-15539 (SQL Injection exists in zorovavi/blog through 2017-10-17 via the id ...)
 	NOT-FOR-US: zorovavi/blog
 CVE-2017-15587 (An integer overflow was discovered in pdf_read_new_xref_section in ...)
-	{DSA-4006-1 DLA-1164-1}
+	{DSA-4006-2 DSA-4006-1 DLA-1164-1}
 	- mupdf 1.11+ds1-2 (bug #879055)
 	NOTE: http://git.ghostscript.com/?p=mupdf.git;h=82df2631d7d0446b206ea6b434ea609b6c28b0e8
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698605 (not public)

More information about the Secure-testing-commits mailing list