[Secure-testing-commits] r58096 - data/CVE

Tue Nov 28 21:10:17 UTC 2017

Author: sectracker
Date: 2017-11-28 21:10:17 +0000 (Tue, 28 Nov 2017)
New Revision: 58096

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2017-11-28 21:04:17 UTC (rev 58095)
+++ data/CVE/list	2017-11-28 21:10:17 UTC (rev 58096)
@@ -1,3 +1,85 @@
+CVE-2018-0730
+	RESERVED
+CVE-2018-0729
+	RESERVED
+CVE-2018-0728
+	RESERVED
+CVE-2018-0727
+	RESERVED
+CVE-2018-0726
+	RESERVED
+CVE-2018-0725
+	RESERVED
+CVE-2018-0724
+	RESERVED
+CVE-2018-0723
+	RESERVED
+CVE-2018-0722
+	RESERVED
+CVE-2018-0721
+	RESERVED
+CVE-2018-0720
+	RESERVED
+CVE-2018-0719
+	RESERVED
+CVE-2018-0718
+	RESERVED
+CVE-2018-0717
+	RESERVED
+CVE-2018-0716
+	RESERVED
+CVE-2018-0715
+	RESERVED
+CVE-2018-0714
+	RESERVED
+CVE-2018-0713
+	RESERVED
+CVE-2018-0712
+	RESERVED
+CVE-2018-0711
+	RESERVED
+CVE-2018-0710
+	RESERVED
+CVE-2018-0709
+	RESERVED
+CVE-2018-0708
+	RESERVED
+CVE-2018-0707
+	RESERVED
+CVE-2018-0706
+	RESERVED
+CVE-2017-17042 (lib/yard/core_ext/file.rb in the server in YARD before 0.9.11 does not ...)
+	TODO: check
+CVE-2017-17041
+	RESERVED
+CVE-2017-17040
+	RESERVED
+CVE-2017-17039
+	RESERVED
+CVE-2017-17038
+	RESERVED
+CVE-2017-17037
+	RESERVED
+CVE-2017-17036
+	RESERVED
+CVE-2017-17035
+	RESERVED
+CVE-2017-17034
+	RESERVED
+CVE-2017-17033
+	RESERVED
+CVE-2017-17032
+	RESERVED
+CVE-2017-17031
+	RESERVED
+CVE-2017-17030
+	RESERVED
+CVE-2017-17029
+	RESERVED
+CVE-2017-17028
+	RESERVED
+CVE-2017-17027
+	RESERVED
 CVE-2017-XXXX [XSA-247: Missing p2m error checking in PoD code]
 	- xen <unfixed>
 	[stretch] - xen 4.8.2+xsa245-0+deb9u1
@@ -1419,10 +1501,10 @@
 	RESERVED
 CVE-2017-16953
 	RESERVED
-CVE-2017-16952
-	RESERVED
-CVE-2017-16951
-	RESERVED
+CVE-2017-16952 (KMPlayer 4.2.2.4 allows remote attackers to cause a denial of service ...)
+	TODO: check
+CVE-2017-16951 (Winamp Pro 5.66 Build 3512 allows remote attackers to cause a denial ...)
+	TODO: check
 CVE-2017-16950
 	RESERVED
 CVE-2017-16949
@@ -5309,8 +5391,8 @@
 	RESERVED
 CVE-2017-15674
 	RESERVED
-CVE-2017-15673
-	RESERVED
+CVE-2017-15673 (The files function in the administration section in CS-Cart 4.6.2 and ...)
+	TODO: check
 CVE-2017-15672 (The read_header function in libavcodec/ffv1dec.c in FFmpeg 3.3.4 and ...)
 	{DSA-4049-1}
 	- ffmpeg 7:3.4-1
@@ -5500,6 +5582,7 @@
 CVE-2017-15598
 	RESERVED
 CVE-2017-15597 (An issue was discovered in Xen through 4.9.x. Grant copying code made ...)
+	{DSA-4050-1}
 	- xen <unfixed>
 	NOTE: https://xenbits.xen.org/xsa/advisory-236.html
 CVE-2017-15586
@@ -6249,35 +6332,38 @@
 CVE-2017-15290 (Mirasys Video Management System (VMS) 6.x before 6.4.6, 7.x before ...)
 	NOT-FOR-US: Mirasys Video Management System
 CVE-2017-15594 (An issue was discovered in Xen through 4.9.x allowing x86 SVM PV guest ...)
+	{DSA-4050-1}
 	- xen <unfixed>
 	[wheezy] - xen <ignored> (minor issue)
 	NOTE: https://xenbits.xen.org/xsa/advisory-244.html
 CVE-2017-15592 (An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS ...)
-	{DLA-1181-1}
+	{DSA-4050-1 DLA-1181-1}
 	- xen <unfixed>
 	NOTE: https://xenbits.xen.org/xsa/advisory-243.html
 CVE-2017-15593 (An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS ...)
-	{DLA-1181-1}
+	{DSA-4050-1 DLA-1181-1}
 	- xen <unfixed>
 	NOTE: https://xenbits.xen.org/xsa/advisory-242.html
 CVE-2017-15588 (An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS ...)
-	{DLA-1181-1}
+	{DSA-4050-1 DLA-1181-1}
 	- xen <unfixed>
 	NOTE: https://xenbits.xen.org/xsa/advisory-241.html
 CVE-2017-15595 (An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS ...)
-	{DLA-1181-1}
+	{DSA-4050-1 DLA-1181-1}
 	- xen <unfixed>
 	NOTE: https://xenbits.xen.org/xsa/advisory-240.html
 CVE-2017-15589 (An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS ...)
-	{DLA-1181-1}
+	{DSA-4050-1 DLA-1181-1}
 	- xen <unfixed>
 	NOTE: https://xenbits.xen.org/xsa/advisory-239.html
 CVE-2017-15591 (An issue was discovered in Xen 4.5.x through 4.9.x allowing attackers ...)
+	{DSA-4050-1}
 	- xen <unfixed>
 	[jessie] - xen <not-affected> (Only affects 4.5 and later)
 	[wheezy] - xen <not-affected> (Only affects 4.5 and later)
 	NOTE: https://xenbits.xen.org/xsa/advisory-238.html
 CVE-2017-15590 (An issue was discovered in Xen through 4.9.x allowing x86 guest OS ...)
+	{DSA-4050-1}
 	- xen <unfixed>
 	NOTE: https://xenbits.xen.org/xsa/advisory-237.html
 CVE-2017-15289 (The mode4and5 write functions in hw/display/cirrus_vga.c in Qemu allow ...)
@@ -9232,21 +9318,21 @@
 CVE-2017-14320 (Mirasvit Helpdesk MX before 1.5.3 might allow remote attackers to ...)
 	NOT-FOR-US: Mirasvit Helpdesk MX
 CVE-2017-14319 (A grant unmapping issue was discovered in Xen through 4.9.x. When ...)
-	{DLA-1132-1}
+	{DSA-4050-1 DLA-1132-1}
 	- xen <unfixed>
 	NOTE: https://xenbits.xen.org/xsa/advisory-234.html
 CVE-2017-14318 (An issue was discovered in Xen 4.5.x through 4.9.x. The function ...)
-	{DLA-1132-1}
+	{DSA-4050-1 DLA-1132-1}
 	- xen <unfixed>
 	[jessie] - xen <not-affected> (Only affects 4.5 and later)
 	NOTE: https://xenbits.xen.org/xsa/advisory-232.html
 	NOTE: Wheezy will be affected with the upcoming grant table backport
 CVE-2017-14317 (A domain cleanup issue was discovered in the C xenstore daemon (aka ...)
-	{DLA-1132-1}
+	{DSA-4050-1 DLA-1132-1}
 	- xen <unfixed>
 	NOTE: https://xenbits.xen.org/xsa/advisory-233.html
 CVE-2017-14316 (A parameter verification issue was discovered in Xen through 4.9.x. The ...)
-	{DLA-1132-1}
+	{DSA-4050-1 DLA-1132-1}
 	- xen <unfixed>
 	NOTE: https://xenbits.xen.org/xsa/advisory-231.html
 CVE-2017-14315 (In Apple iOS 7 through 9, due to a BlueBorne flaw in the implementation ...)
@@ -23793,8 +23879,8 @@
 	RESERVED
 CVE-2017-9316 (Firmware upgrade authentication bypass vulnerability was found in ...)
 	NOT-FOR-US: Dahua
-CVE-2017-9315
-	RESERVED
+CVE-2017-9315 (Customer of Dahua IP camera or IP PTZ could submit relevant device ...)
+	TODO: check
 CVE-2017-9314 (Authentication vulnerability found in Dahua NVR models NVR50XX, ...)
 	NOT-FOR-US: Dahua NVR
 CVE-2017-9313 (Multiple Cross-site scripting (XSS) vulnerabilities in Webmin before ...)
@@ -68795,7 +68881,7 @@
 	NOT-FOR-US: Adobe
 CVE-2016-4119 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4118 (Untrusted search path vulnerability in the add-in installer in Adobe ...)
+CVE-2016-4118 (Untrusted search path vulnerability in the installer in Adobe Connect ...)
 	NOT-FOR-US: Adobe
 CVE-2016-4117 (Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to ...)
 	NOT-FOR-US: Adobe Flash Player


