Author: sectracker
Date: 2017-02-02 09:10:34 +0000 (Thu, 02 Feb 2017)
New Revision: 48661
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-02-02 08:43:53 UTC (rev 48660)
+++ data/CVE/list 2017-02-02 09:10:34 UTC (rev 48661)
@@ -1,3 +1,11 @@
+CVE-2017-5679
+ RESERVED
+CVE-2017-5678
+ RESERVED
+CVE-2017-5677
+ RESERVED
+CVE-2017-5676
+ RESERVED
CVE-2017-5857
- qemu <unfixed>
[jessie] - qemu <not-affected> (Vulnerable code not present)
@@ -11932,8 +11940,8 @@
RESERVED
CVE-2016-9740
RESERVED
-CVE-2016-9739
- RESERVED
+CVE-2016-9739 (IBM Security Identity Manager Virtual Appliance stores user ...)
+ TODO: check
CVE-2016-9738
RESERVED
CVE-2016-9737
@@ -12002,10 +12010,10 @@
RESERVED
CVE-2016-9705
RESERVED
-CVE-2016-9704
- RESERVED
-CVE-2016-9703
- RESERVED
+CVE-2016-9704 (IBM Security Identity Manager Virtual Appliance is vulnerable
to ...)
+ TODO: check
+CVE-2016-9703 (IBM Security Identity Manager Virtual Appliance does not
invalidate ...)
+ TODO: check
CVE-2016-9702
RESERVED
CVE-2016-9701
@@ -15793,8 +15801,8 @@
RESERVED
CVE-2016-9009
RESERVED
-CVE-2016-9008
- RESERVED
+CVE-2016-9008 (IBM UrbanCode Deploy could allow a malicious user to access the
Agent ...)
+ TODO: check
CVE-2016-9007
RESERVED
CVE-2016-9006
@@ -15809,10 +15817,10 @@
RESERVED
CVE-2016-9001
RESERVED
-CVE-2016-9000
- RESERVED
-CVE-2016-8999
- RESERVED
+CVE-2016-9000 (IBM InfoSphere DataStage is vulnerable to cross-frame
scripting, ...)
+ TODO: check
+CVE-2016-8999 (IBM InfoSphere Information Server contains a Path-relative
stylesheet ...)
+ TODO: check
CVE-2016-8998
RESERVED
CVE-2016-8997
@@ -15845,8 +15853,8 @@
RESERVED
CVE-2016-8983
RESERVED
-CVE-2016-8982
- RESERVED
+CVE-2016-8982 (IBM InfoSphere Information Server stores sensitive information
in URL ...)
+ TODO: check
CVE-2016-8981 (IBM BigFix Inventory v9 allows web pages to be stored locally
which ...)
TODO: check
CVE-2016-8980 (IBM BigFix Inventory v9 is vulnerable to a denial of service,
caused ...)
@@ -15855,8 +15863,8 @@
RESERVED
CVE-2016-8978
RESERVED
-CVE-2016-8977
- RESERVED
+CVE-2016-8977 (IBM BigFix Inventory v9 could disclose sensitive information to
an ...)
+ TODO: check
CVE-2016-8976
RESERVED
CVE-2016-8975
@@ -15875,16 +15883,16 @@
RESERVED
CVE-2016-8968
RESERVED
-CVE-2016-8967
- RESERVED
+CVE-2016-8967 (IBM BigFix Inventory v9 9.2 stores user credentials in plain in
clear ...)
+ TODO: check
CVE-2016-8966 (IBM BigFix Inventory v9 could allow a remote attacker to obtain
...)
TODO: check
CVE-2016-8965
RESERVED
CVE-2016-8964
RESERVED
-CVE-2016-8963
- RESERVED
+CVE-2016-8963 (IBM BigFix Inventory v9 stores potentially sensitive
information in ...)
+ TODO: check
CVE-2016-8962
RESERVED
CVE-2016-8961 (IBM BigFix Inventory v9 could allow a remote attacker to
conduct ...)
@@ -15933,8 +15941,8 @@
RESERVED
CVE-2016-8939
RESERVED
-CVE-2016-8938
- RESERVED
+CVE-2016-8938 (IBM UrbanCode Deploy could allow a user to execute code using a
...)
+ TODO: check
CVE-2016-8937
RESERVED
CVE-2016-8936 (IBM Social Rendering Templates for Digital Data Connector is
...)
@@ -15943,18 +15951,18 @@
RESERVED
CVE-2016-8934 (IBM WebSphere Application Server is vulnerable to cross-site
...)
TODO: check
-CVE-2016-8933
- RESERVED
-CVE-2016-8932
- RESERVED
-CVE-2016-8931
- RESERVED
-CVE-2016-8930
- RESERVED
-CVE-2016-8929
- RESERVED
-CVE-2016-8928
- RESERVED
+CVE-2016-8933 (IBM Kenexa LMS on Cloud could allow a remote attacker to
traverse ...)
+ TODO: check
+CVE-2016-8932 (IBM Kenexa LMS on Cloud could allow a remote attacker to upload
...)
+ TODO: check
+CVE-2016-8931 (IBM Kenexa LMS on Cloud could allow a remote attacker to upload
...)
+ TODO: check
+CVE-2016-8930 (IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A
remote ...)
+ TODO: check
+CVE-2016-8929 (IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A
remote ...)
+ TODO: check
+CVE-2016-8928 (IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A
remote ...)
+ TODO: check
CVE-2016-8927
RESERVED
CVE-2016-8926
@@ -15971,8 +15979,8 @@
TODO: check
CVE-2016-8920 (IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 is vulnerable to
...)
TODO: check
-CVE-2016-8919
- RESERVED
+CVE-2016-8919 (IBM WebSphere Application Server may be vulnerable to a denial
of ...)
+ TODO: check
CVE-2016-8918 (IBM Integration Bus, under non default configurations, could
allow a ...)
TODO: check
CVE-2016-8917
@@ -25511,12 +25519,12 @@
RESERVED
CVE-2016-6118
RESERVED
-CVE-2016-6117
- RESERVED
+CVE-2016-6117 (IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 can be deployed
with ...)
+ TODO: check
CVE-2016-6116
RESERVED
-CVE-2016-6115
- RESERVED
+CVE-2016-6115 (IBM General Parallel File System is vulnerable to a buffer
overflow. A ...)
+ TODO: check
CVE-2016-6114
RESERVED
CVE-2016-6113 (IBM Verse is vulnerable to cross-site scripting. This
vulnerability ...)
@@ -25525,8 +25533,8 @@
RESERVED
CVE-2016-6111
RESERVED
-CVE-2016-6110
- RESERVED
+CVE-2016-6110 (IBM Tivoli Storage Manager undisclosed unencrypted login
credentials ...)
+ TODO: check
CVE-2016-6109
RESERVED
CVE-2016-6108
@@ -25535,8 +25543,8 @@
RESERVED
CVE-2016-6106
RESERVED
-CVE-2016-6105
- RESERVED
+CVE-2016-6105 (IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 do not perform an
...)
+ TODO: check
CVE-2016-6104
RESERVED
CVE-2016-6103
@@ -25609,8 +25617,8 @@
RESERVED
CVE-2016-6069
RESERVED
-CVE-2016-6068
- RESERVED
+CVE-2016-6068 (IBM UrbanCode Deploy could allow an authenticated user with
access to ...)
+ TODO: check
CVE-2016-6067
RESERVED
CVE-2016-6066
@@ -25743,8 +25751,8 @@
RESERVED
CVE-2016-6002
RESERVED
-CVE-2016-6001
- RESERVED
+CVE-2016-6001 (IBM Forms Experience Builder could be susceptible to a
server-side ...)
+ TODO: check
CVE-2016-6000 (IBM TRIRIGA Application Platform is vulnerable to cross-site
...)
TODO: check
CVE-2016-5999
@@ -25839,8 +25847,8 @@
TODO: check
CVE-2016-5954 (IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through
6.1.5.3 ...)
NOT-FOR-US: IBM
-CVE-2016-5953
- RESERVED
+CVE-2016-5953 (IBM Sterling Order Management transmits the session identifier
within ...)
+ TODO: check
CVE-2016-5952 (IBM Kenexa LCMS Premier on Cloud is vulnerable to SQL
injection. A ...)
TODO: check
CVE-2016-5951 (IBM Kenexa LCMS Premier on Cloud is vulnerable to cross-site
...)
@@ -25861,16 +25869,16 @@
NOT-FOR-US: IBM
CVE-2016-5943 (IBM Spectrum Control (formerly Tivoli Storage Productivity
Center) ...)
NOT-FOR-US: IBM
-CVE-2016-5942
- RESERVED
-CVE-2016-5941
- RESERVED
-CVE-2016-5940
- RESERVED
+CVE-2016-5942 (IBM Kenexa LMS on Cloud is vulnerable to cross-site scripting.
This ...)
+ TODO: check
+CVE-2016-5941 (IBM Kenexa LMS on Cloud could allow a remote attacker to
traverse ...)
+ TODO: check
+CVE-2016-5940 (IBM Kenexa LMS on Cloud is vulnerable to cross-site scripting.
This ...)
+ TODO: check
CVE-2016-5939 (IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A
remote ...)
TODO: check
-CVE-2016-5938
- RESERVED
+CVE-2016-5938 (IBM Kenexa LMS on Cloud allows web pages to be stored locally
which ...)
+ TODO: check
CVE-2016-5937 (IBM Kenexa LCMS Premier on Cloud is vulnerable to cross-site
request ...)
TODO: check
CVE-2016-5936
@@ -25983,8 +25991,8 @@
RESERVED
CVE-2016-5882 (IBM iNotes is vulnerable to cross-site scripting. This
vulnerability ...)
TODO: check
-CVE-2016-5881
- RESERVED
+CVE-2016-5881 (IBM iNotes is vulnerable to cross-site scripting. This
vulnerability ...)
+ TODO: check
CVE-2016-5880 (IBM iNotes is vulnerable to cross-site scripting. This
vulnerability ...)
TODO: check
CVE-2016-5879 (MQCLI on IBM MQ Appliance M2000 and M2001 devices allows local
users ...)
@@ -35348,8 +35356,8 @@
TODO: check
CVE-2016-2993
RESERVED
-CVE-2016-2992
- RESERVED
+CVE-2016-2992 (IBM Infosphere BigInsights is vulnerable to cross-site
scripting. This ...)
+ TODO: check
CVE-2016-2991 (Multiple cross-site scripting (XSS) vulnerabilities in IBM
Lotus ...)
TODO: check
CVE-2016-2990
@@ -35448,10 +35456,10 @@
TODO: check
CVE-2016-2943 (IBM BigFix Remote Control before 9.1.3 allows local users to
obtain ...)
TODO: check
-CVE-2016-2942
- RESERVED
-CVE-2016-2941
- RESERVED
+CVE-2016-2942 (IBM UrbanCode Deploy could allow an authenticated attacker with
...)
+ TODO: check
+CVE-2016-2941 (IBM UrbanCode Deploy creates temporary files during step
execution ...)
+ TODO: check
CVE-2016-2940 (Multiple unspecified vulnerabilities in IBM BigFix Remote
Control ...)
TODO: check
CVE-2016-2939 (IBM iNotes is vulnerable to cross-site scripting. This
vulnerability ...)
@@ -35484,8 +35492,8 @@
TODO: check
CVE-2016-2925 (Cross-site scripting (XSS) vulnerability in IBM WebSphere
Portal ...)
TODO: check
-CVE-2016-2924
- RESERVED
+CVE-2016-2924 (IBM Infosphere BigInsights is vulnerable to cross-site
scripting, ...)
+ TODO: check
CVE-2016-2923 (IBM WebSphere Application Server (WAS) 8.5 through 8.5.5.9
Liberty ...)
TODO: check
CVE-2016-2922
@@ -44850,8 +44858,8 @@
RESERVED
CVE-2016-0372 (IBM Rational Collaborative Lifecycle Management 3.0.1.6 before
iFix8, ...)
TODO: check
-CVE-2016-0371
- RESERVED
+CVE-2016-0371 (The Tivoli Storage Manager (TSM) password may be displayed in
plain ...)
+ TODO: check
CVE-2016-0370 (Cross-site scripting (XSS) vulnerability in IBM Forms
Experience ...)
TODO: check
CVE-2016-0369
@@ -44952,8 +44960,8 @@
NOT-FOR-US: IBM
CVE-2016-0321 (IBM Personal Communications (aka PCOMM) 6.x before 6.0.17 and
12.x ...)
TODO: check
-CVE-2016-0320
- RESERVED
+CVE-2016-0320 (IBM UrbanCode Deploy could allow an authenticated user to
modify Ucd ...)
+ TODO: check
CVE-2016-0319 (The XML parser in Lifecycle Query Engine (LQE) in IBM Jazz
Reporting ...)
TODO: check
CVE-2016-0318 (Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service 6.0
and ...)
@@ -45156,10 +45164,10 @@
RESERVED
CVE-2016-0219
RESERVED
-CVE-2016-0218
- RESERVED
-CVE-2016-0217
- RESERVED
+CVE-2016-0218 (IBM Cognos TM1 is vulnerable to cross-site scripting, caused by
...)
+ TODO: check
+CVE-2016-0217 (IBM Cognos Business Intelligence and IBM Cognos Analytics are
...)
+ TODO: check
CVE-2016-0216 (Stack-based buffer overflow in IBM Tivoli Storage Manager
FastBack 5.5 ...)
NOT-FOR-US: IBM
CVE-2016-0215
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
