[Secure-testing-commits] r56032 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Fri Sep 22 21:10:17 UTC 2017
Author: sectracker
Date: 2017-09-22 21:10:17 +0000 (Fri, 22 Sep 2017)
New Revision: 56032
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-22 21:07:22 UTC (rev 56031)
+++ data/CVE/list 2017-09-22 21:10:17 UTC (rev 56032)
@@ -1,3 +1,35 @@
+CVE-2017-14717 (In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks ...)
+ TODO: check
+CVE-2017-14716 (In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Title ...)
+ TODO: check
+CVE-2017-14715 (In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Alerts ...)
+ TODO: check
+CVE-2017-14714 (In EPESI 1.8.2 rev20170830, there is Stored XSS in the Phonecalls ...)
+ TODO: check
+CVE-2017-14713 (In EPESI 1.8.2 rev20170830, there is Stored XSS in the Phonecalls ...)
+ TODO: check
+CVE-2017-14712 (In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Phonecall ...)
+ TODO: check
+CVE-2017-14711
+ RESERVED
+CVE-2017-14710
+ RESERVED
+CVE-2017-14709
+ RESERVED
+CVE-2017-14708
+ RESERVED
+CVE-2017-14707
+ RESERVED
+CVE-2017-14706 (DenyAll WAF before 6.4.1 allows unauthenticated remote attackers to ...)
+ TODO: check
+CVE-2017-14705 (DenyAll WAF before 6.4.1 allows unauthenticated remote command ...)
+ TODO: check
+CVE-2017-14704
+ RESERVED
+CVE-2017-14703
+ RESERVED
+CVE-2017-14702
+ RESERVED
CVE-2017-XXXX [Cross-site scripting (XSS) vulnerability in the link modal]
- wordpress 4.8.2+dfsg-1 (bug #876274)
CVE-2017-XXXX [Cross-site scripting (XSS) vulnerability in template names]
@@ -30,8 +62,8 @@
RESERVED
CVE-2017-14695
RESERVED
-CVE-2017-14694
- RESERVED
+CVE-2017-14694 (Foxit Reader 8.3.2.25013 allows attackers to execute arbitrary code or ...)
+ TODO: check
CVE-2017-14693 (IrfanView 4.44 - 32bit allows attackers to cause a denial of service or ...)
NOT-FOR-US: IrfanView
CVE-2017-14692 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause ...)
@@ -1685,14 +1717,14 @@
RESERVED
CVE-2017-14082
RESERVED
-CVE-2017-14081
- RESERVED
-CVE-2017-14080
- RESERVED
-CVE-2017-14079
- RESERVED
-CVE-2017-14078
- RESERVED
+CVE-2017-14081 (Proxy command injection vulnerabilities in Trend Micro Mobile Security ...)
+ TODO: check
+CVE-2017-14080 (Authentication bypass vulnerability in Trend Micro Mobile Security ...)
+ TODO: check
+CVE-2017-14079 (Unrestricted file uploads in Trend Micro Mobile Security (Enterprise) ...)
+ TODO: check
+CVE-2017-14078 (SQL Injection vulnerabilities in Trend Micro Mobile Security ...)
+ TODO: check
CVE-2017-14098 (In the pjsip channel driver (res_pjsip) in Asterisk 13.x before 13.17.1 ...)
- asterisk 1:13.17.1~dfsg-1 (bug #873909)
[stretch] - asterisk <not-affected> (Vulnerable code not present; issue introduced in 13.15)
@@ -9136,10 +9168,10 @@
RESERVED
CVE-2017-11397
RESERVED
-CVE-2017-11396
- RESERVED
-CVE-2017-11395
- RESERVED
+CVE-2017-11396 (Vulnerability issues with the web service inspection of input ...)
+ TODO: check
+CVE-2017-11395 (Command injection vulnerability in Trend Micro Smart Protection Server ...)
+ TODO: check
CVE-2017-11394 (Proxy command injection vulnerability in Trend Micro OfficeScan 11 and ...)
NOT-FOR-US: Trend Micro
CVE-2017-11393 (Proxy command injection vulnerability in Trend Micro OfficeScan 11 and ...)
@@ -14724,8 +14756,8 @@
RESERVED
CVE-2017-9394
RESERVED
-CVE-2017-9393
- RESERVED
+CVE-2017-9393 (CA Identity Manager r12.6 to r12.6 SP8, 14.0, and 14.1 allows remote ...)
+ TODO: check
CVE-2017-9392
RESERVED
CVE-2017-9391
@@ -24137,6 +24169,7 @@
CVE-2017-6421 (In the touch controller function in all Qualcomm products with Android ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2017-6420 (The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 allows ...)
+ {DLA-1105-1}
- clamav 0.99.3~beta1+dfsg-1
[stretch] - clamav <no-dsa> (Gets updated via -updates)
[jessie] - clamav <no-dsa> (Gets updated via -updates)
@@ -24155,6 +24188,7 @@
NOTE: src:clamav source package.
NOTE: libmspack: https://github.com/kyz/libmspack/commit/6139a0b9e93fcb7fcf423e56aa825bc869e02229
CVE-2017-6418 (libclamav/message.c in ClamAV 0.99.2 allows remote attackers to cause a ...)
+ {DLA-1105-1}
- clamav 0.99.3~beta1+dfsg-1
[stretch] - clamav <no-dsa> (Gets updated via -updates)
[jessie] - clamav <no-dsa> (Gets updated via -updates)
@@ -24296,7 +24330,7 @@
CVE-2017-6363
RESERVED
CVE-2017-6362 (Double free vulnerability in the gdImagePngPtr function in libgd2 ...)
- {DSA-3961-1}
+ {DSA-3961-1 DLA-1106-1}
- libgd2 2.2.5-1
NOTE: https://github.com/libgd/libgd/issues/381
NOTE: https://github.com/libgd/libgd/commit/56ce6ef068b954ad28379e83cca04feefc51320c
@@ -24609,8 +24643,8 @@
RESERVED
CVE-2017-6278
RESERVED
-CVE-2017-6277
- RESERVED
+CVE-2017-6277 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+ TODO: check
CVE-2017-6276
RESERVED
CVE-2017-6275
@@ -24619,28 +24653,25 @@
RESERVED
CVE-2017-6273
RESERVED
-CVE-2017-6272
- RESERVED
+CVE-2017-6272 (NVIDIA GPU Display Driver contains a vulnerability in the kernel mode ...)
- nvidia-graphics-drivers <unfixed> (bug #876414)
- nvidia-graphics-drivers-legacy-340xx <undetermined>
- nvidia-graphics-drivers-legacy-304xx <undetermined>
NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/4544
-CVE-2017-6271
- RESERVED
-CVE-2017-6270
- RESERVED
-CVE-2017-6269
- RESERVED
-CVE-2017-6268
- RESERVED
-CVE-2017-6267
- RESERVED
+CVE-2017-6271 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+ TODO: check
+CVE-2017-6270 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+ TODO: check
+CVE-2017-6269 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+ TODO: check
+CVE-2017-6268 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...)
+ TODO: check
+CVE-2017-6267 (NVIDIA GPU Display Driver contains a vulnerability in the kernel mode ...)
- nvidia-graphics-drivers <unfixed> (bug #876414)
- nvidia-graphics-drivers-legacy-340xx <undetermined>
- nvidia-graphics-drivers-legacy-304xx <undetermined>
NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/4544
-CVE-2017-6266
- RESERVED
+CVE-2017-6266 (NVIDIA GPU Display Driver contains a vulnerability in the kernel mode ...)
- nvidia-graphics-drivers <unfixed> (bug #876414)
- nvidia-graphics-drivers-legacy-340xx <undetermined>
- nvidia-graphics-drivers-legacy-304xx <undetermined>
@@ -31873,8 +31904,8 @@
RESERVED
CVE-2017-3771
RESERVED
-CVE-2017-3770
- RESERVED
+CVE-2017-3770 (Privilege escalation vulnerability in LXCA versions earlier than 1.3.2 ...)
+ TODO: check
CVE-2017-3769
RESERVED
CVE-2017-3768
@@ -31887,8 +31918,8 @@
RESERVED
CVE-2017-3764
RESERVED
-CVE-2017-3763
- RESERVED
+CVE-2017-3763 (An attacker who obtains access to the location where the LXCA file ...)
+ TODO: check
CVE-2017-3762
RESERVED
CVE-2017-3761
More information about the Secure-testing-commits
mailing list