[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Fri Apr 27 09:10:20 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f0cce11c by security tracker role at 2018-04-27T08:10:17+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,75 @@
+CVE-2018-10467
+	RESERVED
+CVE-2018-10466
+	RESERVED
+CVE-2018-10465
+	RESERVED
+CVE-2018-10464
+	RESERVED
+CVE-2018-10463
+	RESERVED
+CVE-2018-10462
+	RESERVED
+CVE-2018-10461
+	RESERVED
+CVE-2018-10460
+	RESERVED
+CVE-2018-10459
+	RESERVED
+CVE-2018-10458
+	RESERVED
+CVE-2018-10457
+	RESERVED
+CVE-2018-10456
+	RESERVED
+CVE-2018-10455
+	RESERVED
+CVE-2018-10454
+	RESERVED
+CVE-2018-10453
+	RESERVED
+CVE-2018-10452
+	RESERVED
+CVE-2018-10451
+	RESERVED
+CVE-2018-10450
+	RESERVED
+CVE-2018-10449
+	RESERVED
+CVE-2018-10448
+	RESERVED
+CVE-2018-10447
+	RESERVED
+CVE-2018-10446
+	RESERVED
+CVE-2018-10445
+	RESERVED
+CVE-2018-10444
+	RESERVED
+CVE-2018-10443
+	RESERVED
+CVE-2018-10442
+	RESERVED
+CVE-2018-10441
+	RESERVED
+CVE-2018-10440
+	RESERVED
+CVE-2018-10439
+	RESERVED
+CVE-2018-10438
+	RESERVED
+CVE-2018-10437
+	RESERVED
+CVE-2018-10436
+	RESERVED
+CVE-2018-10435
+	RESERVED
+CVE-2018-10434
+	RESERVED
+CVE-2018-10433
+	RESERVED
+CVE-2017-18262
+	RESERVED
 CVE-2018-XXXX [XSA-259: x86: PV guest may crash Xen with XPTI]
 	- xen <unfixed>
 	NOTE: https://xenbits.xen.org/xsa/advisory-259.html
@@ -439,8 +511,8 @@ CVE-2018-10239
 	RESERVED
 CVE-2018-10238 (bvlc.c in skarg BACnet Protocol Stack 0.8.5 has a buffer overflow in ...)
 	NOT-FOR-US: skarg BACnet Protocol Stack
-CVE-2018-10237
-	RESERVED
+CVE-2018-10237 (Unbounded memory allocation in Google Guava 11.0 through 24.x before ...)
+	TODO: check
 CVE-2018-10236 (POSCMS 3.2.18 allows remote attackers to execute arbitrary PHP code via ...)
 	NOT-FOR-US: POSCMS
 CVE-2018-10235 (POSCMS 3.2.10 allows remote attackers to execute arbitrary PHP code via ...)
@@ -7151,8 +7223,8 @@ CVE-2018-7529 (A Deserialization of Untrusted Data issue was discovered in OSIso
 	NOT-FOR-US: OSIsoft PI
 CVE-2018-7528 (An SQL injection vulnerability has been identified in Geutebruck ...)
 	NOT-FOR-US: IP Geutebruck and Topline IP cameras
-CVE-2018-7527
-	RESERVED
+CVE-2018-7527 (A buffer overflow can be triggered in LeviStudio HMI Editor, Version ...)
+	TODO: check
 CVE-2018-7526
 	RESERVED
 CVE-2018-7525 (In Omron CX-Supervisor Versions 3.30 and prior, processing a malformed ...)
@@ -17177,16 +17249,16 @@ CVE-2018-3857
 	RESERVED
 CVE-2018-3856
 	RESERVED
-CVE-2018-3855
-	RESERVED
+CVE-2018-3855 (In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 ...)
+	TODO: check
 CVE-2018-3854
 	RESERVED
 CVE-2018-3853
 	RESERVED
 CVE-2018-3852
 	RESERVED
-CVE-2018-3851
-	RESERVED
+CVE-2018-3851 (In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 ...)
+	TODO: check
 CVE-2018-3850 (An exploitable use-after-free vulnerability exists in the JavaScript ...)
 	NOT-FOR-US: Foxit PDF Reader
 CVE-2018-3849 (In the ffghtb function in NASA CFITSIO 3.42, specially crafted images ...)
@@ -17209,10 +17281,10 @@ CVE-2018-3846 (In the ffgphd and ffgtkn functions in NASA CFITSIO 3.42, speciall
 	[jessie] - cfitsio <no-dsa> (Minor issue)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0529
 	NOTE: Mitigated to a crash due to hardened build flags
-CVE-2018-3845
-	RESERVED
-CVE-2018-3844
-	RESERVED
+CVE-2018-3845 (In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 ...)
+	TODO: check
+CVE-2018-3844 (In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 ...)
+	TODO: check
 CVE-2018-3843 (An exploitable type confusion vulnerability exists in the way Foxit ...)
 	NOT-FOR-US: Foxit PDF Reader
 CVE-2018-3842 (An exploitable use of an uninitialized pointer vulnerability exists in ...)
@@ -24071,8 +24143,8 @@ CVE-2017-17545
 	RESERVED
 CVE-2017-17544
 	RESERVED
-CVE-2017-17543
-	RESERVED
+CVE-2017-17543 (Users' VPN authentication credentials are unsafely encrypted in ...)
+	TODO: check
 CVE-2017-17542
 	RESERVED
 CVE-2017-17541
@@ -37861,7 +37933,7 @@ CVE-2017-14012
 	RESERVED
 CVE-2017-14011 (A Cross-Site Request Forgery issue was discovered in ProMinent ...)
 	NOT-FOR-US: ProMinent MultiFLEX M10a Controller
-CVE-2017-14010 (An uncontrolled search path element vulnerability has been identified ...)
+CVE-2017-14010 (In SpiderControl MicroBrowser Windows XP, Vista 7, 8 and 10, Versions ...)
 	NOT-FOR-US: SpiderControl
 CVE-2017-14009 (An Information Exposure issue was discovered in ProMinent MultiFLEX ...)
 	NOT-FOR-US: ProMinent MultiFLEX M10a Controller



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f0cce11c0c57dd3be07566734d6c24c7882a9a7e

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f0cce11c0c57dd3be07566734d6c24c7882a9a7e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180427/a903f514/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list