[Secure-testing-commits] r55959 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Thu Sep 21 09:10:14 UTC 2017 

Author: sectracker
Date: 2017-09-21 09:10:14 +0000 (Thu, 21 Sep 2017)
New Revision: 55959

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-09-21 07:17:06 UTC (rev 55958)
+++ data/CVE/list	2017-09-21 09:10:14 UTC (rev 55959)
@@ -1,3 +1,41 @@
+CVE-2017-14634 (In libsndfile 1.0.28, a divide-by-zero error exists in the function ...)
+	TODO: check
+CVE-2017-14633 (In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability ...)
+	TODO: check
+CVE-2017-14632 (Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing ...)
+	TODO: check
+CVE-2017-14631 (In sam2p 0.49.3, the pcxLoadRaster function in in_pcx.cpp has an ...)
+	TODO: check
+CVE-2017-14630 (In sam2p 0.49.3, an integer overflow exists in the pcxLoadImage24 ...)
+	TODO: check
+CVE-2017-14629 (In sam2p 0.49.3, the in_xpm_reader function in in_xpm.cpp has an ...)
+	TODO: check
+CVE-2017-14628 (In sam2p 0.49.3, a heap-based buffer overflow exists in the ...)
+	TODO: check
+CVE-2017-14627
+	RESERVED
+CVE-2017-14626 (ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in ...)
+	TODO: check
+CVE-2017-14625 (ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in ...)
+	TODO: check
+CVE-2017-14624 (ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in ...)
+	TODO: check
+CVE-2017-14623 (In the ldap.v2 (aka go-ldap) package through 2.5.0 for Go, an attacker ...)
+	TODO: check
+CVE-2017-14622
+	RESERVED
+CVE-2017-14621 (Portus 2.2.0 has XSS via the Team field, related to typeahead. ...)
+	TODO: check
+CVE-2017-14620
+	RESERVED
+CVE-2017-14619 (Cross-site scripting (XSS) vulnerability in phpMyFAQ through 2.9.8 ...)
+	TODO: check
+CVE-2017-14618 (Cross-site scripting (XSS) vulnerability in inc/PMF/Faq.php in phpMyFAQ ...)
+	TODO: check
+CVE-2017-14617 (In Poppler 0.59.0, a floating point exception occurs in the ImageStream ...)
+	TODO: check
+CVE-2015-9232 (The Good for Enterprise application 3.0.0.415 for Android does not use ...)
+	TODO: check
 CVE-2017-14616 (An FBX-5312 issue was discovered in WatchGuard Fireware before 12.0. If ...)
 	NOT-FOR-US: WatchGuard Fireware
 CVE-2017-14615 (An FBX-5313 issue was discovered in WatchGuard Fireware before 12.0. ...)
@@ -23,7 +61,7 @@
 CVE-2017-14607 (In ImageMagick 7.0.7-4 Q16, an out of bounds read flaw related to ...)
 	- imagemagick <unfixed> (low)
 	NOTE: IM6 patch: https://github.com/ImageMagick/ImageMagick/commit/cd665c3d05b46d1579c738a72214175ff50aec74
- 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/765
+	NOTE: https://github.com/ImageMagick/ImageMagick/issues/765
 CVE-2017-14606
 	RESERVED
 CVE-2017-14605
@@ -6550,22 +6588,22 @@
 	RESERVED
 CVE-2017-12256
 	RESERVED
-CVE-2017-12255
-	RESERVED
-CVE-2017-12254
-	RESERVED
-CVE-2017-12253
-	RESERVED
-CVE-2017-12252
-	RESERVED
+CVE-2017-12255 (A vulnerability in the CLI of Cisco UCS Central Software could allow an ...)
+	TODO: check
+CVE-2017-12254 (A vulnerability in the web interface of Cisco Unified Intelligence ...)
+	TODO: check
+CVE-2017-12253 (A vulnerability in the Cisco Unified Intelligence Center could allow an ...)
+	TODO: check
+CVE-2017-12252 (A vulnerability in the Cisco FindIT Network Discovery Utility could ...)
+	TODO: check
 CVE-2017-12251
 	RESERVED
-CVE-2017-12250
-	RESERVED
+CVE-2017-12250 (A vulnerability in the HTTP web interface for Cisco Wide Area ...)
+	TODO: check
 CVE-2017-12249 (A vulnerability in the Traversal Using Relay NAT (TURN) server included ...)
 	NOT-FOR-US: Cisco Meeting Server
-CVE-2017-12248
-	RESERVED
+CVE-2017-12248 (A vulnerability in the web framework code of Cisco Unified Intelligence ...)
+	TODO: check
 CVE-2017-12247
 	RESERVED
 CVE-2017-12246
@@ -6622,18 +6660,18 @@
 	NOT-FOR-US: Cisco
 CVE-2017-12220 (A vulnerability in the web-based management interface of Cisco ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12219
-	RESERVED
+CVE-2017-12219 (A vulnerability in the handling of IP fragments for the Cisco Small ...)
+	TODO: check
 CVE-2017-12218 (A vulnerability in the malware detection functionality within Advanced ...)
 	NOT-FOR-US: Cisco
 CVE-2017-12217 (A vulnerability in the General Packet Radio Service (GPRS) Tunneling ...)
 	NOT-FOR-US: Cisco
 CVE-2017-12216 (A vulnerability in the web-based user interface of Cisco SocialMiner ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12215
-	RESERVED
-CVE-2017-12214
-	RESERVED
+CVE-2017-12215 (A vulnerability in the email message filtering feature of Cisco AsyncOS ...)
+	TODO: check
+CVE-2017-12214 (A vulnerability in the Operations, Administration, Maintenance, and ...)
+	TODO: check
 CVE-2017-12213 (A vulnerability in the dynamic access control list (ACL) feature of ...)
 	NOT-FOR-US: Cisco
 CVE-2017-12212 (A vulnerability in the web framework of Cisco Unity Connection could ...)
@@ -22907,8 +22945,8 @@
 	NOT-FOR-US: Cisco
 CVE-2017-6721 (A vulnerability in the ingress processing of fragmented TCP packets by ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6720
-	RESERVED
+CVE-2017-6720 (A vulnerability in the Secure Shell (SSH) subsystem of Cisco Small ...)
+	TODO: check
 CVE-2017-6719 (A vulnerability in the CLI of Cisco IOS XR Software could allow an ...)
 	NOT-FOR-US: Cisco
 CVE-2017-6718 (A vulnerability in the CLI of Cisco IOS XR Software could allow an ...)

More information about the Secure-testing-commits mailing list