Author: sectracker
Date: 2017-10-13 21:10:16 +0000 (Fri, 13 Oct 2017)
New Revision: 56680
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-10-13 20:31:52 UTC (rev 56679)
+++ data/CVE/list 2017-10-13 21:10:16 UTC (rev 56680)
@@ -78,8 +78,8 @@
NOTE: https://github.com/ImageMagick/ImageMagick/issues/592
NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/923c4a525c99
NOTE: https://github.com/neex/gifoeb
-CVE-2017-15276
- RESERVED
+CVE-2017-15276 (OpenText Documentum Content Server (formerly EMC Documentum
Content ...)
+ TODO: check
CVE-2017-15275
RESERVED
CVE-2017-15274 (security/keys/keyctl.c in the Linux kernel before 4.11.5 does
not ...)
@@ -770,12 +770,12 @@
NOTE: https://github.com/ImageMagick/ImageMagick/issues/724
NOTE: ImageMagick-6:
https://github.com/ImageMagick/ImageMagick/commit/0cbb3b3b02e7af493a9aafa8f7e7d23fc70644e4
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/a0cef9db632ef8e1b9de4c463700c6a24d4f96ca
-CVE-2017-15014
- RESERVED
-CVE-2017-15013
- RESERVED
-CVE-2017-15012
- RESERVED
+CVE-2017-15014 (OpenText Documentum Content Server (formerly EMC Documentum
Content ...)
+ TODO: check
+CVE-2017-15013 (OpenText Documentum Content Server (formerly EMC Documentum
Content ...)
+ TODO: check
+CVE-2017-15012 (OpenText Documentum Content Server (formerly EMC Documentum
Content ...)
+ TODO: check
CVE-2017-1000120 ([ERPNext][Frappe Version <= 7.1.27] SQL injection
vulnerability in ...)
NOT-FOR-US: ERPNext Frappe framework
CVE-2017-1000119 (October CMS build 412 is vulnerable to PHP code execution in
the file ...)
@@ -9625,142 +9625,142 @@
RESERVED
CVE-2017-11830
RESERVED
-CVE-2017-11829
- RESERVED
+CVE-2017-11829 (Microsoft Windows 10 allows an elevation of privilege
vulnerability ...)
+ TODO: check
CVE-2017-11828
RESERVED
CVE-2017-11827
RESERVED
-CVE-2017-11826
- RESERVED
-CVE-2017-11825
- RESERVED
-CVE-2017-11824
- RESERVED
-CVE-2017-11823
- RESERVED
-CVE-2017-11822
- RESERVED
-CVE-2017-11821
- RESERVED
-CVE-2017-11820
- RESERVED
-CVE-2017-11819
- RESERVED
-CVE-2017-11818
- RESERVED
-CVE-2017-11817
- RESERVED
-CVE-2017-11816
- RESERVED
-CVE-2017-11815
- RESERVED
-CVE-2017-11814
- RESERVED
-CVE-2017-11813
- RESERVED
-CVE-2017-11812
- RESERVED
-CVE-2017-11811
- RESERVED
-CVE-2017-11810
- RESERVED
-CVE-2017-11809
- RESERVED
-CVE-2017-11808
- RESERVED
-CVE-2017-11807
- RESERVED
-CVE-2017-11806
- RESERVED
-CVE-2017-11805
- RESERVED
-CVE-2017-11804
- RESERVED
+CVE-2017-11826 (Microsoft Office 2010, SharePoint Enterprise Server 2010,
SharePoint ...)
+ TODO: check
+CVE-2017-11825 (Microsoft Office 2016 Click-to-Run (C2R) and Microsoft Office
2016 for ...)
+ TODO: check
+CVE-2017-11824 (The Microsoft Graphics Component on Microsoft Windows Server
2008 SP2 ...)
+ TODO: check
+CVE-2017-11823 (The Microsoft Device Guard on Microsoft Windows 10 Gold, 1511,
1607, ...)
+ TODO: check
+CVE-2017-11822 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server
2008 SP2 ...)
+ TODO: check
+CVE-2017-11821 (ChakraCore and Microsoft Edge in Microsoft Windows 10 1703
allows an ...)
+ TODO: check
+CVE-2017-11820 (Microsoft SharePoint Enterprise Server 2013 SP1 and Microsoft
...)
+ TODO: check
+CVE-2017-11819 (Microsoft Windows 7 SP1 allows an attacker to execute
arbitrary code ...)
+ TODO: check
+CVE-2017-11818 (The Microsoft Windows Storage component on Microsoft Windows
8.1, ...)
+ TODO: check
+CVE-2017-11817 (The Microsoft Windows Kernel component on Microsoft Windows
Server ...)
+ TODO: check
+CVE-2017-11816 (The Microsoft Windows Graphics Device Interface (GDI) on
Microsoft ...)
+ TODO: check
+CVE-2017-11815 (The Microsoft Server Block Message (SMB) on Microsoft Windows
Server ...)
+ TODO: check
+CVE-2017-11814 (The Microsoft Windows Kernel component on Microsoft Windows
Server ...)
+ TODO: check
+CVE-2017-11813 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server
2008 R2 ...)
+ TODO: check
+CVE-2017-11812 (ChakraCore and Microsoft Edge in Microsoft Windows 10 1511,
1607, ...)
+ TODO: check
+CVE-2017-11811 (ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold,
1511, ...)
+ TODO: check
+CVE-2017-11810 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server
2008 SP2 ...)
+ TODO: check
+CVE-2017-11809 (ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold,
1511, ...)
+ TODO: check
+CVE-2017-11808 (ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold,
1511, ...)
+ TODO: check
+CVE-2017-11807 (ChakraCore and Microsoft Edge in Microsoft Windows 10 1703
allows an ...)
+ TODO: check
+CVE-2017-11806 (ChakraCore and Microsoft Edge in Microsoft Windows 10 1703
allows an ...)
+ TODO: check
+CVE-2017-11805 (ChakraCore and Microsoft Edge in Microsoft Windows 10 1703
allows an ...)
+ TODO: check
+CVE-2017-11804 (ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold,
1511, ...)
+ TODO: check
CVE-2017-11803
RESERVED
-CVE-2017-11802
- RESERVED
-CVE-2017-11801
- RESERVED
-CVE-2017-11800
- RESERVED
-CVE-2017-11799
- RESERVED
-CVE-2017-11798
- RESERVED
-CVE-2017-11797
- RESERVED
-CVE-2017-11796
- RESERVED
+CVE-2017-11802 (ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold,
1511, ...)
+ TODO: check
+CVE-2017-11801 (ChakraCore allows an attacker to execute arbitrary code in the
context ...)
+ TODO: check
+CVE-2017-11800 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and
Windows ...)
+ TODO: check
+CVE-2017-11799 (ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold,
1511, ...)
+ TODO: check
+CVE-2017-11798 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703,
and ...)
+ TODO: check
+CVE-2017-11797 (ChakraCore allows an attacker to execute arbitrary code in the
context ...)
+ TODO: check
+CVE-2017-11796 (ChakraCore and Microsoft Edge in Windows 10 1703 allows an
attacker to ...)
+ TODO: check
CVE-2017-11795
RESERVED
-CVE-2017-11794
- RESERVED
-CVE-2017-11793
- RESERVED
-CVE-2017-11792
- RESERVED
+CVE-2017-11794 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker
to ...)
+ TODO: check
+CVE-2017-11793 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server
2008 SP2 ...)
+ TODO: check
+CVE-2017-11792 (ChakraCore and Microsoft Edge in Microsoft Windows 10 1703
allow an ...)
+ TODO: check
CVE-2017-11791
RESERVED
-CVE-2017-11790
- RESERVED
+CVE-2017-11790 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server
2008 SP2 ...)
+ TODO: check
CVE-2017-11789
RESERVED
CVE-2017-11788
RESERVED
CVE-2017-11787
RESERVED
-CVE-2017-11786
- RESERVED
-CVE-2017-11785
- RESERVED
-CVE-2017-11784
- RESERVED
-CVE-2017-11783
- RESERVED
-CVE-2017-11782
- RESERVED
-CVE-2017-11781
- RESERVED
-CVE-2017-11780
- RESERVED
-CVE-2017-11779
- RESERVED
+CVE-2017-11786 (Skype for Business in Microsoft Lync 2013 SP1 and Skype for
Business ...)
+ TODO: check
+CVE-2017-11785 (The Microsoft Windows Kernel component on Microsoft Windows
Server ...)
+ TODO: check
+CVE-2017-11784 (The Microsoft Windows Kernel component on Microsoft Windows
Server ...)
+ TODO: check
+CVE-2017-11783 (Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1,
Windows ...)
+ TODO: check
+CVE-2017-11782 (The Microsoft Server Block Message (SMB) on Microsoft Windows
10 1607 ...)
+ TODO: check
+CVE-2017-11781 (The Microsoft Server Block Message (SMB) on Microsoft Windows
Server ...)
+ TODO: check
+CVE-2017-11780 (The Server Message Block 1.0 (SMBv1) on Microsoft Windows
Server 2008 ...)
+ TODO: check
+CVE-2017-11779 (The Microsoft Windows Domain Name System (DNS) DNSAPI.dll on
Microsoft ...)
+ TODO: check
CVE-2017-11778
RESERVED
-CVE-2017-11777
- RESERVED
-CVE-2017-11776
- RESERVED
-CVE-2017-11775
- RESERVED
-CVE-2017-11774
- RESERVED
+CVE-2017-11777 (Microsoft SharePoint Enterprise Server 2013 SP1 and Microsoft
...)
+ TODO: check
+CVE-2017-11776 (Microsoft Outlook 2016 allows an attacker to obtain the email
content ...)
+ TODO: check
+CVE-2017-11775 (Microsoft SharePoint Enterprise Server 2013 SP1 and Microsoft
...)
+ TODO: check
+CVE-2017-11774 (Microsoft Outlook 2010 SP2, Outlook 2013 SP1 and RT SP1, and
Outlook ...)
+ TODO: check
CVE-2017-11773
RESERVED
-CVE-2017-11772
- RESERVED
-CVE-2017-11771
- RESERVED
+CVE-2017-11772 (The Microsoft Windows Search component on Microsoft Windows
Server ...)
+ TODO: check
+CVE-2017-11771 (The Microsoft Windows Search component on Microsoft Windows
Server ...)
+ TODO: check
CVE-2017-11770
RESERVED
-CVE-2017-11769
- RESERVED
+CVE-2017-11769 (The Microsoft Windows TRIE component on Microsoft Windows 10
Gold, ...)
+ TODO: check
CVE-2017-11768
RESERVED
CVE-2017-11767
RESERVED
CVE-2017-11766 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703,
and ...)
NOT-FOR-US: Microsoft
-CVE-2017-11765
- RESERVED
+CVE-2017-11765 (The Microsoft Windows Kernel component on Microsoft Windows
Server ...)
+ TODO: check
CVE-2017-11764 (Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows
Server ...)
NOT-FOR-US: Microsoft
-CVE-2017-11763
- RESERVED
-CVE-2017-11762
- RESERVED
+CVE-2017-11763 (The Microsoft Graphics Component on Microsoft Windows Server
2008 SP2 ...)
+ TODO: check
+CVE-2017-11762 (The Microsoft Graphics Component on Microsoft Windows Server
2008 SP2 ...)
+ TODO: check
CVE-2017-11761 (Microsoft Exchange Server 2013 and Microsoft Exchange Server
2016 ...)
NOT-FOR-US: Microsoft
CVE-2017-11760 (uploadImage.php in ProjeQtOr before 6.3.2 allows remote
authenticated ...)
@@ -13287,44 +13287,44 @@
RESERVED
CVE-2017-10625
RESERVED
-CVE-2017-10624
- RESERVED
-CVE-2017-10623
- RESERVED
-CVE-2017-10622
- RESERVED
-CVE-2017-10621
- RESERVED
-CVE-2017-10620
- RESERVED
-CVE-2017-10619
- RESERVED
-CVE-2017-10618
- RESERVED
-CVE-2017-10617
- RESERVED
-CVE-2017-10616
- RESERVED
-CVE-2017-10615
- RESERVED
-CVE-2017-10614
- RESERVED
-CVE-2017-10613
- RESERVED
-CVE-2017-10612
- RESERVED
-CVE-2017-10611
- RESERVED
-CVE-2017-10610
- RESERVED
+CVE-2017-10624 (Insufficient verification of node certificates in Juniper
Networks ...)
+ TODO: check
+CVE-2017-10623 (Lack of authentication and authorization of cluster messages
in ...)
+ TODO: check
+CVE-2017-10622 (An authentication bypass vulnerability in Juniper Networks
Junos Space ...)
+ TODO: check
+CVE-2017-10621 (A denial of service vulnerability in telnetd service on
Juniper ...)
+ TODO: check
+CVE-2017-10620 (Juniper Networks Junos OS on SRX series devices do not verify
the ...)
+ TODO: check
+CVE-2017-10619 (When Express Path (formerly known as service offloading) is
configured ...)
+ TODO: check
+CVE-2017-10618 (When the 'bgp-error-tolerance' feature
&#xe2;&#x80;" designed to help ...)
+ TODO: check
+CVE-2017-10617 (The ifmap service that comes bundled with Contrail has an XML
External ...)
+ TODO: check
+CVE-2017-10616 (The ifmap service that comes bundled with Juniper Networks
Contrail ...)
+ TODO: check
+CVE-2017-10615 (A vulnerability in the pluggable authentication module (PAM)
of ...)
+ TODO: check
+CVE-2017-10614 (A vulnerability in telnetd service on Junos OS allows a remote
...)
+ TODO: check
+CVE-2017-10613 (A vulnerability in a specific loopback filter action command,
...)
+ TODO: check
+CVE-2017-10612 (A persistent site scripting vulnerability in Juniper Networks
Junos ...)
+ TODO: check
+CVE-2017-10611 (If extended statistics are enabled via 'set chassis ...)
+ TODO: check
+CVE-2017-10610 (On SRX Series devices, a crafted ICMP packet embedded within a
NAT64 ...)
+ TODO: check
CVE-2017-10609
RESERVED
-CVE-2017-10608
- RESERVED
-CVE-2017-10607
- RESERVED
-CVE-2017-10606
- RESERVED
+CVE-2017-10608 (Any Juniper Networks SRX series device with one or more ALGs
enabled ...)
+ TODO: check
+CVE-2017-10607 (Juniper Networks Junos OS 16.1R1, and services releases based
off of ...)
+ TODO: check
+CVE-2017-10606 (Version 4.40 of the TPM (Trusted Platform Module) firmware on
Juniper ...)
+ TODO: check
CVE-2017-10605 (On all vSRX and SRX Series devices, when the DHCP or DHCP
relay is ...)
NOT-FOR-US: Juniper
CVE-2017-10604 (When the device is configured to perform account lockout with
a ...)
@@ -18817,10 +18817,10 @@
NOT-FOR-US: Microsoft
CVE-2017-8728 (Microsoft Windows PDF Library in Microsoft Windows 8.1 and
Windows RT ...)
NOT-FOR-US: Microsoft
-CVE-2017-8727
- RESERVED
-CVE-2017-8726
- RESERVED
+CVE-2017-8727 (Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1,
Windows ...)
+ TODO: check
+CVE-2017-8726 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703,
and ...)
+ TODO: check
CVE-2017-8725 (A remote code execution vulnerability exists in Microsoft
Publisher ...)
NOT-FOR-US: Microsoft
CVE-2017-8724 (Microsoft Edge in Microsoft Windows 10 Version 1703 allows an
attacker ...)
@@ -18835,14 +18835,14 @@
NOT-FOR-US: Microsoft
CVE-2017-8719 (The Windows kernel component on Microsoft Windows Server 2008
SP2 and ...)
NOT-FOR-US: Microsoft
-CVE-2017-8718
- RESERVED
-CVE-2017-8717
- RESERVED
+CVE-2017-8718 (The Microsoft JET Database Engine in Windows Server 2008 SP2
and R2 ...)
+ TODO: check
+CVE-2017-8717 (The Microsoft JET Database Engine in Windows Server 2008 SP2
and R2 ...)
+ TODO: check
CVE-2017-8716 (Windows Control Flow Guard in Microsoft Windows 10 Version 1703
allows ...)
NOT-FOR-US: Microsoft
-CVE-2017-8715
- RESERVED
+CVE-2017-8715 (The Microsoft Device Guard on Microsoft Windows 10 Gold, 1511,
1607, ...)
+ TODO: check
CVE-2017-8714 (The Windows Hyper-V component on Microsoft Windows 8.1, Windows
Server ...)
NOT-FOR-US: Microsoft
CVE-2017-8713 (The Windows Hyper-V component on Microsoft Windows Windows 8.1,
...)
@@ -18865,8 +18865,8 @@
RESERVED
CVE-2017-8704 (The Windows Hyper-V component on Microsoft Windows 10 1607 and
Windows ...)
NOT-FOR-US: Microsoft
-CVE-2017-8703
- RESERVED
+CVE-2017-8703 (The Microsoft Windows Subsystem for Linux on Microsoft Windows
10 1703 ...)
+ TODO: check
CVE-2017-8702 (Windows Error Reporting (WER) in Microsoft Windows 10 Gold,
1511, and ...)
NOT-FOR-US: Microsoft
CVE-2017-8701
@@ -18883,18 +18883,18 @@
NOT-FOR-US: Microsoft
CVE-2017-8695 (Windows Uniscribe in Microsoft Windows Server 2008 SP2 and R2
SP1; ...)
NOT-FOR-US: Microsoft
-CVE-2017-8694
- RESERVED
-CVE-2017-8693
- RESERVED
+CVE-2017-8694 (The Microsoft Windows Kernel Mode Driver on Microsoft Windows
Server ...)
+ TODO: check
+CVE-2017-8693 (The Microsoft Graphics Component on Microsoft Windows 10 Gold,
1511, ...)
+ TODO: check
CVE-2017-8692 (The Windows Uniscribe component on Microsoft Windows 8.1,
Windows ...)
NOT-FOR-US: Microsoft
CVE-2017-8691 (Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allow an
...)
NOT-FOR-US: Microsoft Windows
CVE-2017-8690
RESERVED
-CVE-2017-8689
- RESERVED
+CVE-2017-8689 (The Microsoft Windows Kernel Mode Driver on Microsoft Windows
Server ...)
+ TODO: check
CVE-2017-8688 (Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1,
Windows ...)
NOT-FOR-US: Microsoft
CVE-2017-8687 (The Windows kernel component on Microsoft Windows Server 2008
SP2 and ...)
@@ -26744,10 +26744,10 @@
RESERVED
CVE-2017-6225
RESERVED
-CVE-2017-6224
- RESERVED
-CVE-2017-6223
- RESERVED
+CVE-2017-6224 (Ruckus Wireless Zone Director Controller firmware releases
ZD9.x, ...)
+ TODO: check
+CVE-2017-6223 (Ruckus Wireless Zone Director Controller firmware releases
ZD9.9.x, ...)
+ TODO: check
CVE-2017-6222
RESERVED
CVE-2017-6221
@@ -52277,8 +52277,7 @@
NOTE: Fixed by: http://svn.apache.org/r1767653 (8.0.x)
NOTE: Fixed by: http://svn.apache.org/r1767675 (7.0.x)
NOTE: Fixed by: http://svn.apache.org/r1767683 (6.0.x)
-CVE-2016-6815
- RESERVED
+CVE-2016-6815 (In Apache Ranger before 0.6.2, users with "keyadmin"
role should not ...)
NOT-FOR-US: Apache Ranger
CVE-2016-6814
RESERVED
@@ -59508,16 +59507,16 @@
NOT-FOR-US: Juniper
CVE-2016-4926 (Insufficient authentication vulnerability in Junos Space before
15.2R2 ...)
NOT-FOR-US: Juniper
-CVE-2016-4925
- RESERVED
-CVE-2016-4924
- RESERVED
-CVE-2016-4923
- RESERVED
-CVE-2016-4922
- RESERVED
-CVE-2016-4921
- RESERVED
+CVE-2016-4925 (Receipt of a specifically malformed IPv6 packet processed by
the ...)
+ TODO: check
+CVE-2016-4924 (An incorrect permissions vulnerability in Juniper Networks
Junos OS on ...)
+ TODO: check
+CVE-2016-4923 (Insufficient cross site scripting protection in J-Web component
in ...)
+ TODO: check
+CVE-2016-4922 (Certain combinations of Junos OS CLI commands and arguments
have been ...)
+ TODO: check
+CVE-2016-4921 (By flooding a Juniper Networks router running Junos OS with
specially ...)
+ TODO: check
CVE-2016-4920
RESERVED
CVE-2016-4919
@@ -71235,16 +71234,16 @@
NOT-FOR-US: Juniper Junos OS
CVE-2016-1266
RESERVED
-CVE-2016-1265
- RESERVED
+CVE-2016-1265 (A remote unauthenticated network based attacker with access to
Junos ...)
+ TODO: check
CVE-2016-1264 (Race condition in the Op command in Juniper Junos OS before ...)
NOT-FOR-US: Juniper Junos OS
CVE-2016-1263 (Juniper Junos OS before 12.1X46-D45, 12.1X46-D50, 12.1X47
before ...)
NOT-FOR-US: Juniper Junos OS
CVE-2016-1262 (Juniper Junos OS before 12.1X46-D45, 12.1X47 before
12.1X47-D30, ...)
NOT-FOR-US: Juniper
-CVE-2016-1261
- RESERVED
+CVE-2016-1261 (J-Web does not validate certain input that may lead to
cross-site ...)
+ TODO: check
CVE-2016-1260 (Juniper Junos OS before 13.2X51-D36, 14.1X53 before
14.1X53-D25, and ...)
NOT-FOR-US: Juniper
CVE-2016-1259
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
