[Secure-testing-commits] r56897 - data/CVE

security tracker role Fri, 20 Oct 2017 14:10:56 -0700

Author: sectracker
Date: 2017-10-20 21:10:31 +0000 (Fri, 20 Oct 2017)
New Revision: 56897


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-10-20 19:40:58 UTC (rev 56896)
+++ data/CVE/list       2017-10-20 21:10:31 UTC (rev 56897)
@@ -1,3 +1,45 @@
+CVE-2017-15690
+       RESERVED
+CVE-2017-15689
+       RESERVED
+CVE-2017-15688
+       RESERVED
+CVE-2017-15687
+       RESERVED
+CVE-2017-15686
+       RESERVED
+CVE-2017-15685
+       RESERVED
+CVE-2017-15684
+       RESERVED
+CVE-2017-15683
+       RESERVED
+CVE-2017-15682
+       RESERVED
+CVE-2017-15681
+       RESERVED
+CVE-2017-15680
+       RESERVED
+CVE-2017-15679
+       RESERVED
+CVE-2017-15678
+       RESERVED
+CVE-2017-15677
+       RESERVED
+CVE-2017-15676
+       RESERVED
+CVE-2017-15675
+       RESERVED
+CVE-2017-15674
+       RESERVED
+CVE-2017-15673
+       RESERVED
+CVE-2017-15672
+       RESERVED
+CVE-2017-15671 (The glob function in glob.c in the GNU C Library (aka glibc or 
libc6) ...)
+       TODO: check
+CVE-2017-15670 (The GNU C Library (aka glibc or libc6) before 2.27 contains an 
...)
+       TODO: check
 CVE-2017-15669
        RESERVED
 CVE-2017-15668
@@ -845,8 +887,8 @@
        NOT-FOR-US: SAP
 CVE-2017-15292
        RESERVED
-CVE-2017-15291
-       RESERVED
+CVE-2017-15291 (Cross-site scripting (XSS) vulnerability in the Wireless MAC 
Filtering ...)
+       TODO: check
 CVE-2017-15290 (Mirasys Video Management System (VMS) 6.x before 6.4.6, 7.x 
before ...)
        NOT-FOR-US: Mirasys Video Management System
 CVE-2017-15594 (An issue was discovered in Xen through 4.9.x allowing x86 SVM 
PV guest ...)
@@ -1900,8 +1942,8 @@
        NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22166
        NOTE: 
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=bd61e135492ecf624880e6b78e5fcde3c9716df6
        NOTE: 
https://blogs.gentoo.org/ago/2017/09/26/binutils-memory-allocation-failure-in-_bfd_elf_slurp_version_tables-elf-c/
-CVE-2017-14937
-       RESERVED
+CVE-2017-14937 (The airbag detonation algorithm allows injury to passenger-car 
...)
+       TODO: check
 CVE-2017-14936
        RESERVED
 CVE-2016-10512 (MultiTech FaxFinder before 4.1.2 stores Passwords unencrypted 
for ...)
@@ -6588,8 +6630,8 @@
        NOT-FOR-US: ZKTeco ZKTime Web
 CVE-2017-13128
        RESERVED
-CVE-2017-13127
-       RESERVED
+CVE-2017-13127 (The VIP.com application for IOS and Android allows remote 
attackers to ...)
+       TODO: check
 CVE-2017-13126
        RESERVED
 CVE-2017-13125
@@ -8601,8 +8643,7 @@
        NOTE: 
http://lucene.472066.n3.nabble.com/Re-Several-critical-vulnerabilities-discovered-in-Apache-Solr-XXE-amp-RCE-tt4358355.html
        NOTE: Patch removing RunExecutableListener: 
https://github.com/apache/lucene-solr/commit/7b313bb597a6d1f78773dc9c00f484c078a46c25
        NOTE: Patch disallowing XXE: 
https://github.com/apache/lucene-solr/commit/926cc4d65b6d2cc40ff07f76d50ddeda947e3cc4
-CVE-2017-12628
-       RESERVED
+CVE-2017-12628 (The JMX server embedded in Apache James, also used by the 
command line ...)
        NOT-FOR-US: Apache James
 CVE-2017-12627
        RESERVED
@@ -16038,6 +16079,7 @@
        - openjdk-6 <removed>
        [wheezy] - openjdk-6 <end-of-life>
 CVE-2017-10114 (Vulnerability in the Java SE component of Oracle Java SE ...)
+       {DSA-4005-1}
        - openjfx 8u141-b14-1 (low; bug #870860)
 CVE-2017-10113 (Vulnerability in the Oracle Common Applications component of 
Oracle ...)
        NOT-FOR-US: Oracle
@@ -16145,6 +16187,7 @@
        - openjdk-6 <removed>
        [wheezy] - openjdk-6 <end-of-life>
 CVE-2017-10086 (Vulnerability in the Java SE component of Oracle Java SE ...)
+       {DSA-4005-1}
        - openjfx 8u141-b14-1 (low; bug #870860)
 CVE-2017-10085 (Vulnerability in the Oracle FLEXCUBE Universal Banking 
component of ...)
        NOT-FOR-US: Oracle
@@ -27990,8 +28033,8 @@
        RESERVED
 CVE-2017-6166
        RESERVED
-CVE-2017-6165
-       RESERVED
+CVE-2017-6165 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link 
...)
+       TODO: check
 CVE-2017-6164
        RESERVED
 CVE-2017-6163
@@ -28030,16 +28073,16 @@
        NOT-FOR-US: F5 BIG-IP
 CVE-2017-6146
        RESERVED
-CVE-2017-6145
-       RESERVED
-CVE-2017-6144
-       RESERVED
+CVE-2017-6145 (iControl REST in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, 
DNS, ...)
+       TODO: check
+CVE-2017-6144 (In F5 BIG-IP PEM 12.1.0 through 12.1.2 when downloading the 
Type ...)
+       TODO: check
 CVE-2017-6143
        RESERVED
 CVE-2017-6142
        RESERVED
-CVE-2017-6141
-       RESERVED
+CVE-2017-6141 (In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, and 
...)
+       TODO: check
 CVE-2017-6140
        RESERVED
 CVE-2017-6139
@@ -39967,12 +40010,12 @@
        NOT-FOR-US: WP Statistics
 CVE-2017-2134 (Cross-site scripting vulnerability in ASSETBASE 8.0 and earlier 
allows ...)
        NOT-FOR-US: ASSETBASE
-CVE-2017-2133
-       RESERVED
-CVE-2017-2132
-       RESERVED
-CVE-2017-2131
-       RESERVED
+CVE-2017-2133 (SQL injection vulnerability in Panasonic KX-HJB1000 Home unit 
devices ...)
+       TODO: check
+CVE-2017-2132 (Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 
14.50 or ...)
+       TODO: check
+CVE-2017-2131 (Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 
14.50 or ...)
+       TODO: check
 CVE-2017-2130 (Untrusted search path vulnerability in the installer of 
PhishWall ...)
        NOT-FOR-US: installer of PhishWall Client Internet Explorer
 CVE-2017-2129
@@ -129841,8 +129884,7 @@
 CVE-2013-6050 (Integer overflow in Links before 2.8 allows remote attackers to 
cause ...)
        {DSA-2807-1}
        - links2 2.8-1
-CVE-2013-6049 [insecure temporary file creation]
-       RESERVED
+CVE-2013-6049 (apt-listbugs before 0.1.10 creates temporary files insecurely, 
which ...)
        - apt-listbugs 0.1.10 (low)
        [squeeze] - apt-listbugs <no-dsa> (Minor issue)
        [wheezy] - apt-listbugs 0.1.8+deb7u1
@@ -172706,8 +172748,7 @@
        NOT-FOR-US: Webmin
 CVE-2011-1936 (Xen, when using x86 Intel processors and the VMX virtualization 
...)
        - linux-2.6 <not-affected> (Only affected the old Xen kernel patch from 
2.6.18/2.6.26)
-CVE-2011-1935 [packet truncation in libpcap]
-       RESERVED
+CVE-2011-1935 (pcap-linux.c in libpcap 1.1.1 before commit ...)
        - libpcap 1.1.1-4 (low; bug #623868)
        [squeeze] - libpcap 1.1.1-2+squeeze1
        [lenny] - libpcap <not-affected>
@@ -181379,8 +181420,7 @@
        - openslp-dfsg 1.2.1-8 (low; bug #623551)
        [squeeze] - openslp-dfsg <no-dsa> (Minor issue)
        [lenny] - openslp-dfsg <no-dsa> (Minor issue)
-CVE-2010-3659 [Multiple security issues]
-       RESERVED
+CVE-2010-3659 (Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 
CMS 4.1.x ...)
        {DSA-2098-1}
        - typo3-src 4.3.5-1 (bug #590719)
 CVE-2010-3660 [Multiple security issues]


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r56897 - data/CVE

Reply via email to