Author: sectracker
Date: 2017-04-05 21:10:14 +0000 (Wed, 05 Apr 2017)
New Revision: 50388
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-04-05 20:57:30 UTC (rev 50387)
+++ data/CVE/list 2017-04-05 21:10:14 UTC (rev 50388)
@@ -1,3 +1,15 @@
+CVE-2017-7444 (In Veritas System Recovery before 16 SP1, there is a DLL
hijacking ...)
+ TODO: check
+CVE-2017-7443 (apt-cacher before 1.7.15 and apt-cacher-ng before 3.4 allow
HTTP ...)
+ TODO: check
+CVE-2017-7442
+ RESERVED
+CVE-2017-7441
+ RESERVED
+CVE-2017-7440
+ RESERVED
+CVE-2017-7439
+ RESERVED
CVE-2017-7438
RESERVED
CVE-2017-7437
@@ -1388,8 +1400,8 @@
RESERVED
CVE-2017-6976
RESERVED
-CVE-2017-6975
- RESERVED
+CVE-2017-6975 (Wi-Fi in Apple iOS before 10.3.1 does not prevent CVE-2017-6956
stack ...)
+ TODO: check
CVE-2017-6974 (An issue was discovered in certain Apple products. macOS before
...)
NOT-FOR-US: Apple
CVE-2017-6973 (A cross-site scripting (XSS) vulnerability in the MantisBT ...)
@@ -1455,8 +1467,8 @@
NOT-FOR-US: MantisBT Source Integration Plugin
CVE-2017-6957 (Stack-based buffer overflow in the firmware in Broadcom Wi-Fi
HardMAC ...)
NOT-FOR-US: Firmware on some Broadcom SoCs
-CVE-2017-6956
- RESERVED
+CVE-2017-6956 (On the Broadcom Wi-Fi HardMAC SoC with fbt firmware, a stack
buffer ...)
+ TODO: check
CVE-2017-6955 (An issue was discovered in by-email/by-email.php in the Invite
Anyone ...)
NOT-FOR-US: wordpress Anyone plugin
CVE-2017-6954 (An issue was discovered in includes/component.php in the
BuddyPress ...)
@@ -3180,12 +3192,12 @@
NOT-FOR-US: Dahua devices
CVE-2017-6341 (Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10
...)
NOT-FOR-US: Dahua devices
-CVE-2017-6340
- RESERVED
-CVE-2017-6339
- RESERVED
-CVE-2017-6338
- RESERVED
+CVE-2017-6340 (Trend Micro InterScan Web Security Virtual Appliance (IWSVA)
6.5 before ...)
+ TODO: check
+CVE-2017-6339 (Trend Micro InterScan Web Security Virtual Appliance (IWSVA)
6.5 before ...)
+ TODO: check
+CVE-2017-6338 (Multiple Access Control issues in Trend Micro InterScan Web
Security ...)
+ TODO: check
CVE-2017-6337
RESERVED
CVE-2017-6336
@@ -16654,8 +16666,8 @@
NOT-FOR-US: Oracle Primavera
CVE-2017-1181
RESERVED
-CVE-2017-1180
- RESERVED
+CVE-2017-1180 (The IBM TRIRIGA Document Manager contains a vulnerability that
could ...)
+ TODO: check
CVE-2017-1179
RESERVED
CVE-2017-1178
@@ -17238,18 +17250,18 @@
RESERVED
CVE-2017-0889
RESERVED
-CVE-2017-0888
- RESERVED
-CVE-2017-0887
- RESERVED
-CVE-2017-0886
- RESERVED
-CVE-2017-0885
- RESERVED
-CVE-2017-0884
- RESERVED
-CVE-2017-0883
- RESERVED
+CVE-2017-0888 (Nextcloud Server before 9.0.55 and 10.0.2 suffers from a ...)
+ TODO: check
+CVE-2017-0887 (Nextcloud Server before 9.0.55 and 10.0.2 suffers from a bypass
in the ...)
+ TODO: check
+CVE-2017-0886 (Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Denial
of ...)
+ TODO: check
+CVE-2017-0885 (Nextcloud Server before 9.0.55 and 10.0.2 suffers from a error
message ...)
+ TODO: check
+CVE-2017-0884 (Nextcloud Server before 9.0.55 and 10.0.2 suffers from a
creation of ...)
+ TODO: check
+CVE-2017-0883 (Nextcloud Server before 9.0.55 and 10.0.2 suffers from a
permission ...)
+ TODO: check
CVE-2017-0882 (Multiple versions of GitLab expose sensitive user credentials
when ...)
- gitlab 8.13.11+dfsg-7 (bug #858410)
NOTE: https://gitlab.com/gitlab-org/gitlab-ce/issues/29661
@@ -18755,8 +18767,7 @@
RESERVED
CVE-2017-0340
RESERVED
-CVE-2017-0339
- RESERVED
+CVE-2017-0339 (An elevation of privilege vulnerability in the NVIDIA crypto
driver ...)
NOT-FOR-US: NVIDIA driver for Android
CVE-2017-0338 (An elevation of privilege vulnerability in the NVIDIA GPU
driver could ...)
NOT-FOR-US: NVIDIA driver for Android
@@ -18770,27 +18781,21 @@
NOT-FOR-US: NVIDIA driver for Android
CVE-2017-0333 (An elevation of privilege vulnerability in the NVIDIA GPU
driver could ...)
NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0332
- RESERVED
+CVE-2017-0332 (An elevation of privilege vulnerability in the NVIDIA crypto
driver ...)
NOT-FOR-US: NVIDIA driver for Android
CVE-2017-0331
RESERVED
-CVE-2017-0330
- RESERVED
+CVE-2017-0330 (An information disclosure vulnerability in the NVIDIA crypto
driver ...)
NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0329
- RESERVED
+CVE-2017-0329 (An elevation of privilege vulnerability in the NVIDIA boot and
power ...)
NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0328
- RESERVED
+CVE-2017-0328 (An information disclosure vulnerability in the NVIDIA crypto
driver ...)
NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0327
- RESERVED
+CVE-2017-0327 (An elevation of privilege vulnerability in the NVIDIA crypto
driver ...)
NOT-FOR-US: NVIDIA driver for Android
CVE-2017-0326
RESERVED
-CVE-2017-0325
- RESERVED
+CVE-2017-0325 (An elevation of privilege vulnerability in the NVIDIA I2C HID
driver ...)
NOT-FOR-US: NVIDIA driver for Android
CVE-2017-0324 (All versions of NVIDIA Windows GPU Display Driver contain a ...)
NOT-FOR-US: NVIDIA drivers for Windows
@@ -20892,8 +20897,8 @@
RESERVED
CVE-2016-9092
RESERVED
-CVE-2016-9091
- RESERVED
+CVE-2016-9091 (Blue Coat Advanced Secure Gateway (ASG) 6.6 before 6.6.5.4 and
Content ...)
+ TODO: check
CVE-2016-9090
RESERVED
CVE-2016-9089
@@ -30860,8 +30865,8 @@
NOT-FOR-US: IBM Tivoli Key Lifecycle Manager
CVE-2016-6101
RESERVED
-CVE-2016-6100
- RESERVED
+CVE-2016-6100 (IBM Disposal and Governance Management for IT and IBM Global
Retention ...)
+ TODO: check
CVE-2016-6099 (IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 discloses
sensitive ...)
NOT-FOR-US: IBM
CVE-2016-6098
@@ -33856,8 +33861,7 @@
RESERVED
{DLA-731-1}
- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9829 [Fix an out of bound access in sun file]
- RESERVED
+CVE-2014-9829 (coders/sun.c in ImageMagick allows remote attackers to cause a
denial ...)
{DLA-731-1}
- imagemagick 8:6.8.9.9-4 (bug #773834)
CVE-2014-9830 [Fix handling of corrupted sun file]
@@ -40545,8 +40549,8 @@
NOT-FOR-US: IBM
CVE-2016-3032
RESERVED
-CVE-2016-3031
- RESERVED
+CVE-2016-3031 (IBM Cognos Analytics 11.0 is vulnerable to cross-site
scripting. This ...)
+ TODO: check
CVE-2016-3030
RESERVED
CVE-2016-3029 (IBM Security Access Manager for Web is vulnerable to cross-site
...)
@@ -40577,8 +40581,8 @@
NOT-FOR-US: IBM
CVE-2016-3016 (IBM Security Access Manager for Web processes patches, image
backups ...)
NOT-FOR-US: IBM
-CVE-2016-3015
- RESERVED
+CVE-2016-3015 (IBM Cognos Analytics 11.0 is vulnerable to cross-site
scripting. This ...)
+ TODO: check
CVE-2016-3014 (Cross-site scripting (XSS) vulnerability in IBM Rational
Collaborative ...)
NOT-FOR-US: IBM
CVE-2016-3013 (IBM WebSphere MQ 8.0 could allow an authenticated user to crash
the MQ ...)
@@ -50408,7 +50412,7 @@
RESERVED
CVE-2016-0219
RESERVED
-CVE-2016-0218 (IBM Cognos TM1 is vulnerable to cross-site scripting, caused by
...)
+CVE-2016-0218 (IBM Cognos Business Intelligence and IBM Cognos Analytics are
...)
NOT-FOR-US: IBM
CVE-2016-0217 (IBM Cognos Business Intelligence and IBM Cognos Analytics are
...)
NOT-FOR-US: IBM
@@ -61919,8 +61923,7 @@
CVE-2015-4695 (meta.h in libwmf 0.2.8.4 allows remote attackers to cause a
denial of ...)
{DSA-3302-1 DLA-257-1}
- libwmf 0.2.8.4-10.4 (bug #784205)
-CVE-2015-4680 [insufficent CRL application]
- RESERVED
+CVE-2015-4680 (FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not
properly ...)
- freeradius 2.2.8+dfsg-0.1 (bug #789623)
[jessie] - freeradius <no-dsa> (Minor issue)
[wheezy] - freeradius <no-dsa> (Minor issue)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
