[Secure-testing-commits] r57947 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Thu Nov 23 09:10:18 UTC 2017
Author: sectracker
Date: 2017-11-23 09:10:18 +0000 (Thu, 23 Nov 2017)
New Revision: 57947
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-23 09:03:06 UTC (rev 57946)
+++ data/CVE/list 2017-11-23 09:10:18 UTC (rev 57947)
@@ -1,4 +1,6 @@
-CVE-2017-16927 [buffer oveflow in scp_v0s_accept function]
+CVE-2017-16928
+ RESERVED
+CVE-2017-16927 (The scp_v0s_accept function in sesman/libscp/libscp_v0.c in the session ...)
- xrdp <unfixed> (bug #882463)
NOTE: Proposed pull request: https://github.com/neutrinolabs/xrdp/pull/958
NOTE: https://groups.google.com/forum/#!topic/xrdp-devel/PmVfMuy_xBA
@@ -179,8 +181,8 @@
- exiv2 <unfixed>
NOTE: http://www.openwall.com/lists/oss-security/2017/06/30/1
NOTE: Can't seem to reproduce this in wheezy.
-CVE-2017-16879
- RESERVED
+CVE-2017-16879 (Stack-based buffer overflow in the _nc_write_entry function in ...)
+ TODO: check
CVE-2017-16878
RESERVED
CVE-2017-16877 (ZEIT Next.js before 2.4.1 has directory traversal under the /_next and ...)
@@ -9407,7 +9409,7 @@
CVE-2017-13724 (On the Axesstel MU553S MU55XS-V1.14, there is a Stored Cross Site ...)
NOT-FOR-US: Axesstel MU553S MU55XS-V1.14
CVE-2017-13723 (In X.Org Server (aka xserver and xorg-server) before 1.19.4, a local ...)
- {DSA-4000-1}
+ {DSA-4000-1 DLA-1186-1}
- xorg-server 2:1.19.4-1
NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=94f11ca5cf011ef123bd222cabeaef6f424d76ac
NOTE: This is in libxkbfile in wheezy
@@ -13882,7 +13884,7 @@
NOTE: https://www.spinics.net/lists/kvm/msg156651.html
CVE-2017-12187
RESERVED
- {DSA-4000-1}
+ {DSA-4000-1 DLA-1186-1}
- xorg-server 2:1.19.5-1
NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=cad5a1050b7184d828aef9c1dd151c3ab649d37e
CVE-2017-12186
@@ -13893,22 +13895,22 @@
NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=cad5a1050b7184d828aef9c1dd151c3ab649d37e
CVE-2017-12185
RESERVED
- {DSA-4000-1}
+ {DSA-4000-1 DLA-1186-1}
- xorg-server 2:1.19.5-1
NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=cad5a1050b7184d828aef9c1dd151c3ab649d37e
CVE-2017-12184 [Unvalidated lengths]
RESERVED
- {DSA-4000-1}
+ {DSA-4000-1 DLA-1186-1}
- xorg-server 2:1.19.5-1
NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=cad5a1050b7184d828aef9c1dd151c3ab649d37e
CVE-2017-12183 [xfixes: unvalidated lengths]
RESERVED
- {DSA-4000-1}
+ {DSA-4000-1 DLA-1186-1}
- xorg-server 2:1.19.5-1
NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=55caa8b08c84af2b50fbc936cf334a5a93dd7db5
CVE-2017-12182 [hw/xfree86: unvalidated lengths]
RESERVED
- {DSA-4000-1}
+ {DSA-4000-1 DLA-1186-1}
- xorg-server 2:1.19.5-1
NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=1b1d4c04695dced2463404174b50b3581dbd857b
CVE-2017-12181 [hw/xfree86: unvalidated lengths]
@@ -13919,7 +13921,7 @@
NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=1b1d4c04695dced2463404174b50b3581dbd857b
CVE-2017-12180 [hw/xfree86: unvalidated lengths]
RESERVED
- {DSA-4000-1}
+ {DSA-4000-1 DLA-1186-1}
- xorg-server 2:1.19.5-1
NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=1b1d4c04695dced2463404174b50b3581dbd857b
CVE-2017-12179 [Xi: integer overflow and unvalidated length in (S)ProcXIBarrierReleasePointer]
@@ -13929,17 +13931,17 @@
[wheezy] - xorg-server <not-affected> (Vulnerable code introduced later)
CVE-2017-12178 [Xi: fix wrong extra length check in ProcXIChangeHierarchy]
RESERVED
- {DSA-4000-1}
+ {DSA-4000-1 DLA-1186-1}
- xorg-server 2:1.19.5-1
NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=859b08d523307eebde7724fd1a0789c44813e821
CVE-2017-12177 [dbe: Unvalidated variable-length request in ProcDbeGetVisualInfo]
RESERVED
- {DSA-4000-1}
+ {DSA-4000-1 DLA-1186-1}
- xorg-server 2:1.19.5-1
NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=4ca68b878e851e2136c234f40a25008297d8d831
CVE-2017-12176 [Unvalidated extra length in ProcEstablishConnection]
RESERVED
- {DSA-4000-1}
+ {DSA-4000-1 DLA-1186-1}
- xorg-server 2:1.19.5-1
NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=b747da5e25be944337a9cd1415506fc06b70aa81
CVE-2017-12175
@@ -13955,8 +13957,7 @@
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1498173
NOTE: Fixed by: https://pagure.io/SSSD/sssd/c/1f2662c8f97c9c0fa250055d4b6750abfc6d0835
NOTE: Introduced by https://pagure.io/SSSD/sssd/c/7ecb5aea65cb1899f16e7a41bffa93d074defd4a (sssd-1_12_0)
-CVE-2017-12172
- RESERVED
+CVE-2017-12172 (PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, ...)
- postgresql-10 10.1-1 (unimportant)
- postgresql-9.6 <unfixed> (unimportant)
[stretch] - postgresql-9.6 9.6.6-0+deb9u1
@@ -25500,206 +25501,206 @@
NOT-FOR-US: TP-Link
CVE-2017-8217 (TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build ...)
NOT-FOR-US: TP-Link
-CVE-2017-8216
- RESERVED
-CVE-2017-8215
- RESERVED
-CVE-2017-8214
- RESERVED
-CVE-2017-8213
- RESERVED
-CVE-2017-8212
- RESERVED
-CVE-2017-8211
- RESERVED
-CVE-2017-8210
- RESERVED
-CVE-2017-8209
- RESERVED
-CVE-2017-8208
- RESERVED
-CVE-2017-8207
- RESERVED
-CVE-2017-8206
- RESERVED
-CVE-2017-8205
- RESERVED
-CVE-2017-8204
- RESERVED
-CVE-2017-8203
- RESERVED
-CVE-2017-8202
- RESERVED
-CVE-2017-8201
- RESERVED
-CVE-2017-8200
- RESERVED
-CVE-2017-8199
- RESERVED
-CVE-2017-8198
- RESERVED
-CVE-2017-8197
- RESERVED
-CVE-2017-8196
- RESERVED
-CVE-2017-8195
- RESERVED
-CVE-2017-8194
- RESERVED
-CVE-2017-8193
- RESERVED
-CVE-2017-8192
- RESERVED
-CVE-2017-8191
- RESERVED
-CVE-2017-8190
- RESERVED
-CVE-2017-8189
- RESERVED
-CVE-2017-8188
- RESERVED
+CVE-2017-8216 (Warsaw Huawei Smart phones with software of versions earlier than ...)
+ TODO: check
+CVE-2017-8215 (Honor 8,Honor V8,Honor 9,Honor V9,Nova 2,Nova 2 Plus,P9,P10 ...)
+ TODO: check
+CVE-2017-8214 (Honor 8,Honor V8,Honor 9,Honor V9,Nova 2,Nova 2 Plus,P9,P10 ...)
+ TODO: check
+CVE-2017-8213 (Huawei SMC2.0 with software of V100R003C10, V100R005C00SPC100, ...)
+ TODO: check
+CVE-2017-8212 (The driver of honor 5C,honor 6x Huawei smart phones with software of ...)
+ TODO: check
+CVE-2017-8211 (The driver of honor 5C,honor 6x Huawei smart phones with software of ...)
+ TODO: check
+CVE-2017-8210 (The driver of honor 5C,honor 6x Huawei smart phones with software of ...)
+ TODO: check
+CVE-2017-8209 (The driver of honor 5C,honor 6x Huawei smart phones with software of ...)
+ TODO: check
+CVE-2017-8208 (The driver of honor 5C,honor 6x Huawei smart phones with software of ...)
+ TODO: check
+CVE-2017-8207 (The driver of honor 5C, honor 6x Huawei smart phones with software of ...)
+ TODO: check
+CVE-2017-8206 (HONOR 7 Lite mobile phones with software of versions earlier than ...)
+ TODO: check
+CVE-2017-8205 (The Bastet driver of Honor 9 Huawei smart phones with software of ...)
+ TODO: check
+CVE-2017-8204 (The Bastet driver of Honor 9 Huawei smart phones with software of ...)
+ TODO: check
+CVE-2017-8203 (The Bastet Driver of Nova 2 Plus,Nova 2 Huawei smart phones with ...)
+ TODO: check
+CVE-2017-8202 (The CameraISP driver of some Huawei smart phones with software of ...)
+ TODO: check
+CVE-2017-8201 (MAX PRESENCE V100R001C00, TP3106 V100R002C00, TP3206 V100R002C00 have ...)
+ TODO: check
+CVE-2017-8200 (MAX PRESENCE V100R001C00, TP3106 V100R002C00, TP3206 V100R002C00 have ...)
+ TODO: check
+CVE-2017-8199 (MAX PRESENCE V100R001C00, TP3106 V100R002C00, TP3206 V100R002C00 have ...)
+ TODO: check
+CVE-2017-8198 (FusionSphere V100R006C00SPC102(NFV) has an SQL injection ...)
+ TODO: check
+CVE-2017-8197 (FusionSphere V100R006C00SPC102(NFV) has a command injection ...)
+ TODO: check
+CVE-2017-8196 (FusionSphere V100R006C00SPC102(NFV) has an incorrect authorization ...)
+ TODO: check
+CVE-2017-8195 (The FusionSphere OpenStack V100R006C00SPC102(NFV) has an improper ...)
+ TODO: check
+CVE-2017-8194 (The FusionSphere OpenStack V100R006C00SPC102(NFV) has an improper ...)
+ TODO: check
+CVE-2017-8193 (The FusionSphere OpenStack V100R006C00SPC102(NFV) has a command ...)
+ TODO: check
+CVE-2017-8192 (FusionSphere OpenStack V100R006C00 has an improper authorization ...)
+ TODO: check
+CVE-2017-8191 (FusionSphere OpenStack V100R006C00SPC102(NFV)has a week cryptographic ...)
+ TODO: check
+CVE-2017-8190 (FusionSphere OpenStack V100R006C00SPC102(NFV)has an improper ...)
+ TODO: check
+CVE-2017-8189 (FusionSphere OpenStack V100R006C00SPC102(NFV)has a path traversal ...)
+ TODO: check
+CVE-2017-8188 (FusionSphere OpenStack V100R006C00SPC102(NFV)has a command injection ...)
+ TODO: check
CVE-2017-8187
RESERVED
-CVE-2017-8186
- RESERVED
-CVE-2017-8185
- RESERVED
-CVE-2017-8184
- RESERVED
-CVE-2017-8183
- RESERVED
-CVE-2017-8182
- RESERVED
-CVE-2017-8181
- RESERVED
-CVE-2017-8180
- RESERVED
-CVE-2017-8179
- RESERVED
-CVE-2017-8178
- RESERVED
-CVE-2017-8177
- RESERVED
+CVE-2017-8186 (The Bastet of some Huawei mobile phones with software of earlier than ...)
+ TODO: check
+CVE-2017-8185 (ME906s-158 earlier than ME906S_Installer_13.1805.10.3 versions has a ...)
+ TODO: check
+CVE-2017-8184 (MTK platform in Huawei smart phones with software of earlier than ...)
+ TODO: check
+CVE-2017-8183 (MTK platform in Huawei smart phones with software of earlier than ...)
+ TODO: check
+CVE-2017-8182 (MTK platform in Huawei smart phones with software of earlier than ...)
+ TODO: check
+CVE-2017-8181 (The camera driver of MTK platform in Huawei smart phones with software ...)
+ TODO: check
+CVE-2017-8180 (The camera driver of MTK platform in Huawei smart phones with software ...)
+ TODO: check
+CVE-2017-8179 (The camera driver of MTK platform in Huawei smart phones with software ...)
+ TODO: check
+CVE-2017-8178 (Huawei Email APP Vicky-AL00 smartphones with software of earlier than ...)
+ TODO: check
+CVE-2017-8177 (Huawei APP HiWallet earlier than 5.0.3.100 versions do not support ...)
+ TODO: check
CVE-2017-8176
RESERVED
-CVE-2017-8175
- RESERVED
-CVE-2017-8174
- RESERVED
-CVE-2017-8173
- RESERVED
-CVE-2017-8172
- RESERVED
-CVE-2017-8171
- RESERVED
-CVE-2017-8170
- RESERVED
-CVE-2017-8169
- RESERVED
-CVE-2017-8168
- RESERVED
-CVE-2017-8167
- RESERVED
-CVE-2017-8166
- RESERVED
+CVE-2017-8175 (The Bastet of some Huawei mobile phones with software earlier than ...)
+ TODO: check
+CVE-2017-8174 (Huawei USG6300 V100R001C30SPC300 and USG6600 with software of ...)
+ TODO: check
+CVE-2017-8173 (Maya-L02,VKY-L09,VTR-L29,Vicky-AL00A,Victoria-AL00A,Warsaw-AL00 smart ...)
+ TODO: check
+CVE-2017-8172 (Isub service in P10 Plus and P10 smart phones with earlier than ...)
+ TODO: check
+CVE-2017-8171 (Huawei smart phones with software earlier than Vicky-AL00AC00B172D ...)
+ TODO: check
+CVE-2017-8170 (Huawei smart phones with software earlier than VIE-L09C40B360 versions ...)
+ TODO: check
+CVE-2017-8169 (Huawei smart phones with software earlier than VIE-L09C40B360 versions ...)
+ TODO: check
+CVE-2017-8168 (FusionSphere OpenStack with software V100R006C00SPC102(NFV) and ...)
+ TODO: check
+CVE-2017-8167 (Huawei firewall products USG9500 V500R001C50 has a DoS vulnerability.A ...)
+ TODO: check
+CVE-2017-8166 (Huawei mobile phones Honor V9 with the software versions before ...)
+ TODO: check
CVE-2017-8165
RESERVED
CVE-2017-8164
RESERVED
-CVE-2017-8163
- RESERVED
-CVE-2017-8162
- RESERVED
-CVE-2017-8161
- RESERVED
-CVE-2017-8160
- RESERVED
-CVE-2017-8159
- RESERVED
-CVE-2017-8158
- RESERVED
-CVE-2017-8157
- RESERVED
-CVE-2017-8156
- RESERVED
-CVE-2017-8155
- RESERVED
+CVE-2017-8163 (AR120-S with software V200R006C10, V200R007C00, V200R008C20, ...)
+ TODO: check
+CVE-2017-8162 (AR120-S with software V200R006C10, V200R007C00, V200R008C20, ...)
+ TODO: check
+CVE-2017-8161 (EVA-L09 smartphones with software Earlier than ...)
+ TODO: check
+CVE-2017-8160 (The Madapt Driver of some Huawei smart phones with software Earlier ...)
+ TODO: check
+CVE-2017-8159 (Some Huawei smartphones with software ...)
+ TODO: check
+CVE-2017-8158 (FusionCompute V100R005C00 and V100R005C10 have an improper ...)
+ TODO: check
+CVE-2017-8157 (OceanStor 5800 V3 with software V300R002C00 and V300R002C10, OceanStor ...)
+ TODO: check
+CVE-2017-8156 (The outdoor unit of Customer Premise Equipment (CPE) product B2338-168 ...)
+ TODO: check
+CVE-2017-8155 (The outdoor unit of Customer Premise Equipment (CPE) product B2338-168 ...)
+ TODO: check
CVE-2017-8154
RESERVED
-CVE-2017-8153
- RESERVED
-CVE-2017-8152
- RESERVED
-CVE-2017-8151
- RESERVED
-CVE-2017-8150
- RESERVED
-CVE-2017-8149
- RESERVED
-CVE-2017-8148
- RESERVED
-CVE-2017-8147
- RESERVED
-CVE-2017-8146
- RESERVED
-CVE-2017-8145
- RESERVED
-CVE-2017-8144
- RESERVED
-CVE-2017-8143
- RESERVED
-CVE-2017-8142
- RESERVED
-CVE-2017-8141
- RESERVED
-CVE-2017-8140
- RESERVED
-CVE-2017-8139
- RESERVED
-CVE-2017-8138
- RESERVED
-CVE-2017-8137
- RESERVED
-CVE-2017-8136
- RESERVED
-CVE-2017-8135
- RESERVED
-CVE-2017-8134
- RESERVED
-CVE-2017-8133
- RESERVED
-CVE-2017-8132
- RESERVED
-CVE-2017-8131
- RESERVED
-CVE-2017-8130
- RESERVED
-CVE-2017-8129
- RESERVED
-CVE-2017-8128
- RESERVED
-CVE-2017-8127
- RESERVED
-CVE-2017-8126
- RESERVED
-CVE-2017-8125
- RESERVED
-CVE-2017-8124
- RESERVED
-CVE-2017-8123
- RESERVED
-CVE-2017-8122
- RESERVED
-CVE-2017-8121
- RESERVED
-CVE-2017-8120
- RESERVED
-CVE-2017-8119
- RESERVED
-CVE-2017-8118
- RESERVED
-CVE-2017-8117
- RESERVED
+CVE-2017-8153 (Huawei VMall (for Android) with the versions before 1.5.8.5 have a ...)
+ TODO: check
+CVE-2017-8152 (Huawei Honor 5S smart phones with software the versions before ...)
+ TODO: check
+CVE-2017-8151 (Huawei Honor 5S smart phones with software the versions before ...)
+ TODO: check
+CVE-2017-8150 (The boot loaders of P10 and P10 Plus Huawei mobile phones with ...)
+ TODO: check
+CVE-2017-8149 (The boot loaders of P10 and P10 Plus Huawei mobile phones with ...)
+ TODO: check
+CVE-2017-8148 (Audio driver in P9 smartphones with software The versions before ...)
+ TODO: check
+CVE-2017-8147 (AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software ...)
+ TODO: check
+CVE-2017-8146 (The call module of P10 and P10 Plus smrtphones with software the ...)
+ TODO: check
+CVE-2017-8145 (The call module of P10 and P10 Plus smrtphones with software the ...)
+ TODO: check
+CVE-2017-8144 (Honor 5A,Honor 8 Lite,Mate9,Mate9 Pro,P10,P10 Plus Huawei smartphones ...)
+ TODO: check
+CVE-2017-8143 (Wi-Fi driver of Honor 5C and P9 Lite Huawei smart phones with software ...)
+ TODO: check
+CVE-2017-8142 (The Trusted Execution Environment (TEE) module driver of Mate 9 and ...)
+ TODO: check
+CVE-2017-8141 (The Touch Panel (TP) driver in P10 Plus smart phones with software ...)
+ TODO: check
+CVE-2017-8140 (The soundtrigger driver in P9 Plus smart phones with software versions ...)
+ TODO: check
+CVE-2017-8139 (HedEx Earlier than V200R006C00 versions have the stored cross-site ...)
+ TODO: check
+CVE-2017-8138 (HedEx Earlier than V200R006C00 versions has a cross-site request ...)
+ TODO: check
+CVE-2017-8137 (HedEx Earlier than V200R006C00 versions has a dynamic link library ...)
+ TODO: check
+CVE-2017-8136 (HedEx Earlier than V200R006C00 versions has an arbitrary file download ...)
+ TODO: check
+CVE-2017-8135 (The FusionSphere OpenStack with software V100R006C00 and V100R006C10 ...)
+ TODO: check
+CVE-2017-8134 (The FusionSphere OpenStack with software V100R006C00 and V100R006C10 ...)
+ TODO: check
+CVE-2017-8133 (Huawei iManager NetEco with software V600R008C00 and V600R008C10 has a ...)
+ TODO: check
+CVE-2017-8132 (The FusionSphere OpenStack with software V100R006C00 and V100R006C10 ...)
+ TODO: check
+CVE-2017-8131 (The FusionSphere OpenStack with software V100R006C00 and V100R006C10 ...)
+ TODO: check
+CVE-2017-8130 (The UMA product with software V200R001 and V300R001 has an information ...)
+ TODO: check
+CVE-2017-8129 (The UMA product with software V200R001 and V300R001 has a privilege ...)
+ TODO: check
+CVE-2017-8128 (The UMA product with software V200R001 and V300R001 has a privilege ...)
+ TODO: check
+CVE-2017-8127 (The UMA product with software V200R001 has a cross-site scripting ...)
+ TODO: check
+CVE-2017-8126 (The UMA product with software V200R001 has a privilege elevation ...)
+ TODO: check
+CVE-2017-8125 (The UMA product with software V200R001 and V300R001 has a cross-site ...)
+ TODO: check
+CVE-2017-8124 (The UMA product with software V200R001 has a privilege elevation ...)
+ TODO: check
+CVE-2017-8123 (The UMA product with software V200R001 has a privilege elevation ...)
+ TODO: check
+CVE-2017-8122 (The UMA product with software V200R001 has a privilege elevation ...)
+ TODO: check
+CVE-2017-8121 (The UMA product with software V200R001 and V300R001 has an information ...)
+ TODO: check
+CVE-2017-8120 (The UMA product with software V200R001 and V300R001 has a privilege ...)
+ TODO: check
+CVE-2017-8119 (The UMA product with software V200R001 and V300R001 has a privilege ...)
+ TODO: check
+CVE-2017-8118 (The UMA product with software V200R001 and V300R001 has an information ...)
+ TODO: check
+CVE-2017-8117 (The UMA product with software V200R001 and V300R001 has a privilege ...)
+ TODO: check
CVE-2017-8116 (The management interface for the Teltonika RUT9XX routers (aka LuCI) ...)
NOT-FOR-US: Teltonika RUT9XX routers
CVE-2017-8115 (Directory traversal in setup/processors/url_search.php (aka the search ...)
@@ -27852,7 +27853,7 @@
NOT-FOR-US: Red Hat Mobile Application Platform
CVE-2017-7553 (The external_request api call in App Studio (millicore) allows server ...)
NOT-FOR-US: Red Hat Mobile Application Platform
-CVE-2017-7552 (The file editor in millicore allows files to be executed, as well as ...)
+CVE-2017-7552 (A flaw was discovered in the file editor of millicore, affecting ...)
NOT-FOR-US: Red Hat Mobile Application Platform
CVE-2017-7551 (389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to ...)
- 389-ds-base 1.3.6.7-1 (bug #870752)
@@ -28099,8 +28100,7 @@
[experimental] - nss 2:3.29-1
- nss 2:3.26.2-1.1 (bug #863839)
NOTE: https://hg.mozilla.org/projects/nss/rev/55ea60effd0d
-CVE-2017-7501 [Following symlinks to files when installing packages allows privilege escalation]
- RESERVED
+CVE-2017-7501 (It was found that versions of rpm before 4.13.0.2 use temporary files ...)
- rpm <unfixed> (unimportant)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1452133
NOTE: Not supported for installations in Debian (and an unprivileged attacker would not have permissions for systems directories anyway)
@@ -42891,106 +42891,106 @@
RESERVED
CVE-2017-2740
RESERVED
-CVE-2017-2739
- RESERVED
-CVE-2017-2738
- RESERVED
-CVE-2017-2737
- RESERVED
-CVE-2017-2736
- RESERVED
-CVE-2017-2735
- RESERVED
-CVE-2017-2734
- RESERVED
-CVE-2017-2733
- RESERVED
-CVE-2017-2732
- RESERVED
-CVE-2017-2731
- RESERVED
-CVE-2017-2730
- RESERVED
-CVE-2017-2729
- RESERVED
-CVE-2017-2728
- RESERVED
-CVE-2017-2727
- RESERVED
-CVE-2017-2726
- RESERVED
-CVE-2017-2725
- RESERVED
-CVE-2017-2724
- RESERVED
-CVE-2017-2723
- RESERVED
-CVE-2017-2722
- RESERVED
-CVE-2017-2721
- RESERVED
-CVE-2017-2720
- RESERVED
-CVE-2017-2719
- RESERVED
-CVE-2017-2718
- RESERVED
-CVE-2017-2717
- RESERVED
-CVE-2017-2716
- RESERVED
-CVE-2017-2715
- RESERVED
-CVE-2017-2714
- RESERVED
-CVE-2017-2713
- RESERVED
-CVE-2017-2712
- RESERVED
-CVE-2017-2711
- RESERVED
-CVE-2017-2710
- RESERVED
-CVE-2017-2709
- RESERVED
-CVE-2017-2708
- RESERVED
-CVE-2017-2707
- RESERVED
-CVE-2017-2706
- RESERVED
-CVE-2017-2705
- RESERVED
-CVE-2017-2704
- RESERVED
-CVE-2017-2703
- RESERVED
-CVE-2017-2702
- RESERVED
-CVE-2017-2701
- RESERVED
-CVE-2017-2700
- RESERVED
-CVE-2017-2699
- RESERVED
-CVE-2017-2698
- RESERVED
-CVE-2017-2697
- RESERVED
-CVE-2017-2696
- RESERVED
-CVE-2017-2695
- RESERVED
-CVE-2017-2694
- RESERVED
-CVE-2017-2693
- RESERVED
-CVE-2017-2692
- RESERVED
-CVE-2017-2691
- RESERVED
-CVE-2017-2690
- RESERVED
+CVE-2017-2739 (The upgrade package of Huawei Vmall APP Earlier than HwVmall 1.5.3.0 ...)
+ TODO: check
+CVE-2017-2738 (VCM5010 with software versions earlier before V100R002C50SPC100 has an ...)
+ TODO: check
+CVE-2017-2737 (VCM5010 with software versions earlier before V100R002C50SPC100 has an ...)
+ TODO: check
+CVE-2017-2736 (VCM5010 with software versions earlier before V100R002C50SPC100 has a ...)
+ TODO: check
+CVE-2017-2735 (TIT-AL00 smartphones with software versions earlier before ...)
+ TODO: check
+CVE-2017-2734 (P9 Plus smartphones with software versions earlier before ...)
+ TODO: check
+CVE-2017-2733 (Honor 6X smartphones with software versions earlier than ...)
+ TODO: check
+CVE-2017-2732 (Huawei Hilink APP Versions earlier before 5.0.25.306 has an ...)
+ TODO: check
+CVE-2017-2731 (The vibrator service in P9 Plus smart phones with software versions ...)
+ TODO: check
+CVE-2017-2730 (HUAWEI HiLink APP (for IOS) versions earlier before 5.0.25.306 and ...)
+ TODO: check
+CVE-2017-2729 (The boot loaders in Honor 5A smart phones with software Versions ...)
+ TODO: check
+CVE-2017-2728 (Some HHuawei mobile phones Honor 6X Berlin-L22C636B150 and earlier ...)
+ TODO: check
+CVE-2017-2727 (Huawei P9 smart phones with software versions earlier before ...)
+ TODO: check
+CVE-2017-2726 (Bastet in P10 Plus and P10 smart phones with software Eariler than ...)
+ TODO: check
+CVE-2017-2725 (Bastet in P10 Plus and P10 smart phones with software Eariler than ...)
+ TODO: check
+CVE-2017-2724 (Bastet in P10 Plus and P10 smart phones with software Eariler than ...)
+ TODO: check
+CVE-2017-2723 (The Files APP 7.1.1.308 and earlier versions in some Huawei mobile ...)
+ TODO: check
+CVE-2017-2722 (DP300 V500R002C00,TE60 with software V100R001C01, V100R001C10, ...)
+ TODO: check
+CVE-2017-2721 (Some Huawei smart phones with software ...)
+ TODO: check
+CVE-2017-2720 (FusionSphere OpenStack V100R006C00 has an information exposure ...)
+ TODO: check
+CVE-2017-2719 (FusionSphere OpenStack with software V100R006C00 and V100R006C10RC2 ...)
+ TODO: check
+CVE-2017-2718 (FusionSphere OpenStack with software V100R006C00 and V100R006C10RC2 ...)
+ TODO: check
+CVE-2017-2717 (honor 8 Pro with software Duke-L09C10B120 and earlier ...)
+ TODO: check
+CVE-2017-2716 (The camerafs driver in Mate 9 Versions earlier than MHA-AL00BC00B173 ...)
+ TODO: check
+CVE-2017-2715 (The Files APP 7.1.1.309 and earlier versions in some Huawei mobile ...)
+ TODO: check
+CVE-2017-2714 (The GaussDB in FusionSphere OpenStack V100R005C10SPC705 and earlier ...)
+ TODO: check
+CVE-2017-2713 (HUAWEI P9 smartphones with software versions earlier before ...)
+ TODO: check
+CVE-2017-2712 (S3300 V100R006C05 have an Ethernet in the First Mile (EFM) flapping ...)
+ TODO: check
+CVE-2017-2711 (P9 Plus smartphones with software earlier than VIE-AL10C00B352 ...)
+ TODO: check
+CVE-2017-2710 (BTV-W09C229B002CUSTC229D005,BTV-W09C233B029, earlier than ...)
+ TODO: check
+CVE-2017-2709 (HiGame with software earlier than 7.3.0 versions, SkyTone with ...)
+ TODO: check
+CVE-2017-2708 (The 'Find Phone' function in Nice smartphones with software versions ...)
+ TODO: check
+CVE-2017-2707 (Mate 9 smartphones with software MHA-AL00AC00B125 have a privilege ...)
+ TODO: check
+CVE-2017-2706 (Mate 9 smartphones with software MHA-AL00AC00B125 have a directory ...)
+ TODO: check
+CVE-2017-2705 (Huawei P9 smartphones with software versions earlier before ...)
+ TODO: check
+CVE-2017-2704 (Smarthome 1.0.2.364 and earlier versions,HiAPP 7.3.0.303 and earlier ...)
+ TODO: check
+CVE-2017-2703 (Phone Finder in versions earlier before MHA-AL00BC00B156,Versions ...)
+ TODO: check
+CVE-2017-2702 (Phone Finder in versions earlier before MHA-AL00C00B170 can be bypass. ...)
+ TODO: check
+CVE-2017-2701 (Mate 9 with software MHA-AL00AC00B125 has a denial of service (DoS) ...)
+ TODO: check
+CVE-2017-2700 (AC6005 with software V200R006C10, AC6605 with software V200R006C10 ...)
+ TODO: check
+CVE-2017-2699 (The Huawei Themes APP in versions earlier than PLK-UL00C17B385, ...)
+ TODO: check
+CVE-2017-2698 (The ddr_devfreq driver in versions earlier than GRA-UL00C00B197 has ...)
+ TODO: check
+CVE-2017-2697 (The goldeneye driver in NMO-L31C432B120 and earlier ...)
+ TODO: check
+CVE-2017-2696 (The emerg_data driver in CAM-L21C10B130 and earlier versions, ...)
+ TODO: check
+CVE-2017-2695 (TIT-AL00C583B211 has a directory traversal vulnerability which allows ...)
+ TODO: check
+CVE-2017-2694 (The AlarmService component in HwVmall with software earlier than ...)
+ TODO: check
+CVE-2017-2693 (ALE-L02C635B140 and earlier versions,ALE-L02C636B140 and earlier ...)
+ TODO: check
+CVE-2017-2692 (The Keyguard application in ALE-L02C635B140 and earlier ...)
+ TODO: check
+CVE-2017-2691 (Huawei P9 versions earlier before EVA-AL10C00B373, versions earlier ...)
+ TODO: check
+CVE-2017-2690 (SoftCo with software V200R003C20,eSpace U1910 with software ...)
+ TODO: check
CVE-2017-2689 (Siemens RUGGEDCOM ROX I (all versions) allow an authenticated user to ...)
NOT-FOR-US: Siemens
CVE-2017-2688 (The integrated web server in Siemens RUGGEDCOM ROX I (all versions) at ...)
@@ -43223,6 +43223,7 @@
NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/
CVE-2017-2624 [Timing attack against MIT Cookie]
RESERVED
+ {DLA-1186-1}
- xorg-server 2:1.19.2-1 (low; bug #856398)
[jessie] - xorg-server 2:1.16.4-1+deb8u2
NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/
More information about the Secure-testing-commits
mailing list