[Secure-testing-commits] r57546 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Sat Nov 11 09:10:16 UTC 2017
Author: sectracker
Date: 2017-11-11 09:10:16 +0000 (Sat, 11 Nov 2017)
New Revision: 57546
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-11 09:08:20 UTC (rev 57545)
+++ data/CVE/list 2017-11-11 09:10:16 UTC (rev 57546)
@@ -1,4 +1,24 @@
-CVE-2017-16785 [reflected XSS via the PATH_INFO to host.php]
+CVE-2017-16790
+ RESERVED
+CVE-2017-16789
+ RESERVED
+CVE-2017-16788
+ RESERVED
+CVE-2017-16787
+ RESERVED
+CVE-2017-16786
+ RESERVED
+CVE-2017-16784 (In CMS Made Simple 2.2.2, there is Reflected XSS via the ...)
+ TODO: check
+CVE-2017-16783 (In CMS Made Simple 2.1.6, there is Server-Side Template Injection via ...)
+ TODO: check
+CVE-2017-16782 (In Home Assistant before 0.57, it is possible to inject JavaScript code ...)
+ TODO: check
+CVE-2017-16781 (The installer in MyBB before 1.8.13 has XSS. ...)
+ TODO: check
+CVE-2017-16780 (The installer in MyBB before 1.8.13 allows remote attackers to execute ...)
+ TODO: check
+CVE-2017-16785 (Cacti 1.1.27 has reflected XSS via the PATH_INFO to host.php. ...)
- cacti <unfixed>
NOTE: https://github.com/Cacti/cacti/issues/1071
CVE-2017-16779
@@ -594,8 +614,8 @@
NOT-FOR-US: MitraStar
CVE-2017-16521 (In Inedo BuildMaster before 5.8.2, XslTransform was used where ...)
NOT-FOR-US: Inedo BuildMaster
-CVE-2017-16520
- RESERVED
+CVE-2017-16520 (Inedo BuildMaster before 5.8.2 does not properly restrict creation of ...)
+ TODO: check
CVE-2017-16519
RESERVED
CVE-2017-16518
More information about the Secure-testing-commits
mailing list