[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Wed Aug 15 21:10:34 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b3785198 by security tracker role at 2018-08-15T20:10:19Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,29 @@
+CVE-2018-15362
+ RESERVED
+CVE-2018-15361
+ RESERVED
+CVE-2018-15360
+ RESERVED
+CVE-2018-15359
+ RESERVED
+CVE-2018-15358
+ RESERVED
+CVE-2018-15357
+ RESERVED
+CVE-2018-15356
+ RESERVED
+CVE-2018-15355
+ RESERVED
+CVE-2018-15354
+ RESERVED
+CVE-2018-15353
+ RESERVED
+CVE-2018-15352
+ RESERVED
+CVE-2018-15351
+ RESERVED
+CVE-2018-15350
+ RESERVED
CVE-2018-XXXX [openssh username enumeration]
- openssh <unfixed> (bug #906236)
NOTE: http://www.openwall.com/lists/oss-security/2018/08/15/5
@@ -379,8 +405,8 @@ CVE-2018-15174 (XnView 2.45 allows remote attackers to cause a denial of service
CVE-2018-15173 (Nmap through 7.70, when the -sV option is used, allows remote attackers ...)
- nmap <unfixed> (unimportant)
NOTE: No security impact
-CVE-2018-15172
- RESERVED
+CVE-2018-15172 (TP-Link WR840N devices have a buffer overflow via a long Authorization ...)
+ TODO: check
CVE-2018-15171
RESERVED
CVE-2018-15170
@@ -411,28 +437,28 @@ CVE-2018-15158
RESERVED
CVE-2018-15157
RESERVED
-CVE-2018-15156
- RESERVED
-CVE-2018-15155
- RESERVED
-CVE-2018-15154
- RESERVED
-CVE-2018-15153
- RESERVED
-CVE-2018-15152
- RESERVED
-CVE-2018-15151
- RESERVED
-CVE-2018-15150
- RESERVED
-CVE-2018-15149
- RESERVED
-CVE-2018-15148
- RESERVED
-CVE-2018-15147
- RESERVED
-CVE-2018-15146
- RESERVED
+CVE-2018-15156 (OS command injection occurring in versions of OpenEMR before 5.0.1.4 ...)
+ TODO: check
+CVE-2018-15155 (OS command injection occurring in versions of OpenEMR before 5.0.1.4 ...)
+ TODO: check
+CVE-2018-15154 (OS command injection occurring in versions of OpenEMR before 5.0.1.4 ...)
+ TODO: check
+CVE-2018-15153 (OS command injection occurring in versions of OpenEMR before 5.0.1.4 ...)
+ TODO: check
+CVE-2018-15152 (Authentication bypass vulnerability in portal/account/register.php in ...)
+ TODO: check
+CVE-2018-15151 (SQL injection vulnerability in ...)
+ TODO: check
+CVE-2018-15150 (SQL injection vulnerability in ...)
+ TODO: check
+CVE-2018-15149 (SQL injection vulnerability in ...)
+ TODO: check
+CVE-2018-15148 (SQL injection vulnerability in ...)
+ TODO: check
+CVE-2018-15147 (SQL injection vulnerability in interface/forms_admin/forms_admin.php ...)
+ TODO: check
+CVE-2018-15146 (SQL injection vulnerability in ...)
+ TODO: check
CVE-2018-15145 (Multiple SQL injection vulnerabilities in ...)
NOT-FOR-US: OpenEMR
CVE-2018-15144 (SQL injection vulnerability in ...)
@@ -447,8 +473,8 @@ CVE-2018-15140 (Directory traversal in portal/import_template.php in versions of
NOT-FOR-US: OpenEMR
CVE-2018-15139 (Unrestricted file upload in interface/super/manage_site_files.php in ...)
NOT-FOR-US: OpenEMR
-CVE-2018-15138
- RESERVED
+CVE-2018-15138 (Ericsson-LG iPECS NMS 30M allows directory traversal via ...)
+ TODO: check
CVE-2018-15137 (CeLa Link CLR-M20 devices allow unauthorized users to upload any file ...)
NOT-FOR-US: CeLa Link CLR-M20 devices
CVE-2018-15136
@@ -1205,13 +1231,11 @@ CVE-2018-14782 (NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with
NOT-FOR-US: NetComm Wireless G LTE Light Industrial M2M Router
CVE-2018-14781 (Medtronic MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm ...)
NOT-FOR-US: Medtronic
-CVE-2018-14780
- RESERVED
+CVE-2018-14780 (An out-of-bounds read issue was discovered in the Yubico-Piv 1.5.0 ...)
- yubico-piv-tool <unfixed> (low; bug #906128)
[stretch] - yubico-piv-tool <no-dsa> (Minor issue)
NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-001-Yubico-Piv/
-CVE-2018-14779
- RESERVED
+CVE-2018-14779 (A buffer overflow issue was discovered in the Yubico-Piv 1.5.0 ...)
- yubico-piv-tool <unfixed> (low; bug #906128)
[stretch] - yubico-piv-tool <no-dsa> (Minor issue)
NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-001-Yubico-Piv/
@@ -1407,8 +1431,7 @@ CVE-2018-14724
RESERVED
CVE-2018-14723
RESERVED
-CVE-2018-14722 [Code execution]
- RESERVED
+CVE-2018-14722 (An issue was discovered in evaluate_auto_mountpoint in ...)
- btrfsmaintenance 0.4.1-2 (bug #906131)
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1102721
CVE-2018-14721
@@ -1949,7 +1972,7 @@ CVE-2018-14526 (An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0
NOTE: https://w1.fi/security/2018-1/rebased-v2.6-0001-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch
CVE-2018-14525
RESERVED
-CVE-2018-14524 (dwg_decode_eed in decode.c in GNU LibreDWG 0.5.1048 leads to a double ...)
+CVE-2018-14524 (dwg_decode_eed in decode.c in GNU LibreDWG before 0.6 leads to a ...)
- libredwg <itp> (bug #595191)
CVE-2018-14523 (An issue was discovered in aubio 0.4.6. A buffer over-read can occur in ...)
- aubio <unfixed> (bug #904906)
@@ -3317,8 +3340,7 @@ CVE-2018-14009 (Codiad through 2.8.4 allows Remote Code Execution, a different .
NOT-FOR-US: Codiad
CVE-2018-14008
RESERVED
-CVE-2018-14007 [XAPI HTTP directory traversal]
- RESERVED
+CVE-2018-14007 (Citrix XenServer 7.1 and newer allows Directory Traversal. ...)
NOT-FOR-US: xapi
CVE-2018-14006 (An integer overflow vulnerability exists in the function ...)
NOT-FOR-US: Neo Genesis Token (NGT)
@@ -4648,10 +4670,10 @@ CVE-2018-13396
RESERVED
CVE-2018-13395
RESERVED
-CVE-2018-13394
- RESERVED
-CVE-2018-13393
- RESERVED
+CVE-2018-13394 (The acceptAnswer resource in Atlassian Confluence Questions before ...)
+ TODO: check
+CVE-2018-13393 (The convertCommentToAnswer resource in Atlassian Confluence Questions ...)
+ TODO: check
CVE-2018-13392 (Several resources in Atlassian Fisheye and Crucible before version ...)
NOT-FOR-US: Atlassian
CVE-2018-13391
@@ -6409,6 +6431,7 @@ CVE-2018-1000546 (Triplea version <= 1.9.0.0.10291 contains a XML External En
CVE-2018-1000545
REJECTED
CVE-2018-1000544 (rubyzip gem rubyzip version 1.2.1 and earlier contains a Directory ...)
+ {DLA-1467-1}
- ruby-zip 1.2.1-1.1 (bug #902720)
NOTE: https://github.com/rubyzip/rubyzip/issues/369
CVE-2018-1000543 (Akiee version 0.0.3 contains a XSS leading to code execution due to ...)
@@ -8103,8 +8126,8 @@ CVE-2018-12058
RESERVED
CVE-2018-12057
RESERVED
-CVE-2018-12056
- RESERVED
+CVE-2018-12056 (The maxRandom function of a smart contract implementation for All For ...)
+ TODO: check
CVE-2018-12055 (Multiple SQL Injections exist in PHP Scripts Mall Schools Alert ...)
NOT-FOR-US: PHP Scripts Mall Schools Alert Management Script
CVE-2018-12054 (Arbitrary File Read exists in PHP Scripts Mall Schools Alert Management ...)
@@ -9059,8 +9082,8 @@ CVE-2018-11689 (Smart Viewer in Samsung Web Viewer for Samsung DVR is vulnerable
NOT-FOR-US: Smart Viewer in Samsung Web Viewer for Samsung DVR
CVE-2018-11688 (Ignite Realtime Openfire 3.7.1 is vulnerable to cross-site scripting, ...)
NOT-FOR-US: Ignite Realtime Openfire
-CVE-2018-11687
- RESERVED
+CVE-2018-11687 (An integer overflow in the distributeBTR function of a smart contract ...)
+ TODO: check
CVE-2018-11686
RESERVED
CVE-2018-11685 (Liblouis 3.5.0 has a stack-based Buffer Overflow in the function ...)
@@ -10261,8 +10284,8 @@ CVE-2018-11249
RESERVED
CVE-2018-11248 (util/FileDownloadUtils.java in FileDownloader 1.7.3 does not check an ...)
NOT-FOR-US: FileDownloader
-CVE-2018-11247
- RESERVED
+CVE-2018-11247 (The JMX/RMI interface in Nasdaq BWise 5.0 does not require ...)
+ TODO: check
CVE-2018-11246
RESERVED
CVE-2018-11245 (app/webroot/js/misp.js in MISP 2.4.91 has a DOM based XSS with cortex ...)
@@ -11114,8 +11137,7 @@ CVE-2018-10918
[stretch] - samba <not-affected> (Only affects Samba 4.7.0 onwards)
[jessie] - samba <not-affected> (Only affects Samba 4.7.0 onwards)
NOTE: https://www.samba.org/samba/security/CVE-2018-10918.html
-CVE-2018-10917
- RESERVED
+CVE-2018-10917 (pulp 2.16.x and possibly older is vulnerable to an improper path ...)
NOT-FOR-US: Pulp (Red Hat)
CVE-2018-10916 (It has been discovered that lftp up to and including version 4.8.3 ...)
- lftp 4.8.4-1 (bug #905163)
@@ -12285,12 +12307,12 @@ CVE-2018-10514
RESERVED
CVE-2018-10513
RESERVED
-CVE-2018-10512
- RESERVED
-CVE-2018-10511
- RESERVED
-CVE-2018-10510
- RESERVED
+CVE-2018-10512 (A vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) ...)
+ TODO: check
+CVE-2018-10511 (A vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) ...)
+ TODO: check
+CVE-2018-10510 (A Directory Traversal Remote Code Execution vulnerability in Trend ...)
+ TODO: check
CVE-2018-10509 (A vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow ...)
NOT-FOR-US: Trend Micro
CVE-2018-10508 (A vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow ...)
@@ -12622,8 +12644,8 @@ CVE-2018-1000179 (A NULL Pointer Dereference of CWE-476 exists in quassel versio
NOTE: http://www.openwall.com/lists/oss-security/2018/04/27/1
CVE-2018-10370
RESERVED
-CVE-2018-10369
- RESERVED
+CVE-2018-10369 (A Cross-site scripting (XSS) vulnerability was discovered on Intelbras ...)
+ TODO: check
CVE-2018-10368 (An issue was discovered in WUZHI CMS 4.1.0. The "Extension Module -> ...)
NOT-FOR-US: WUZHI CMS
CVE-2018-10367 (An issue was discovered in WUZHI CMS 4.1.0. The content-management ...)
@@ -15713,8 +15735,8 @@ CVE-2018-9131
REJECTED
CVE-2018-9130 (IBOS 4.4.3 has XSS via a company full name. ...)
NOT-FOR-US: IBOS
-CVE-2018-9129
- RESERVED
+CVE-2018-9129 (ZyXEL ZyWALL/USG series devices have a Bleichenbacher vulnerability in ...)
+ TODO: check
CVE-2018-9128 (DVD X Player Standard 5.5.3.9 has a Buffer Overflow via a crafted .plf ...)
NOT-FOR-US: DVD X Player Standard
CVE-2018-9127 (Botan 2.2.0 - 2.4.0 (fixed in 2.5.0) improperly handled wildcard ...)
@@ -16730,8 +16752,8 @@ CVE-2018-8754 (The libevt_record_values_read_event() function in ...)
- libevt 20180317-1 (bug #893431)
NOTE: https://github.com/libyal/libevt/commit/444ca3ce7853538c577e0ec3f6146d2d65780734
NOTE: Impact limited to OOB read, not write
-CVE-2018-8753
- RESERVED
+CVE-2018-8753 (The IKEv1 implementation in Clavister cOS Core before 11.00.11, ...)
+ TODO: check
CVE-2018-8752
RESERVED
CVE-2018-8751
@@ -17492,12 +17514,12 @@ CVE-2018-8416
RESERVED
CVE-2018-8415
RESERVED
-CVE-2018-8414
- RESERVED
+CVE-2018-8414 (A remote code execution vulnerability exists when the Windows Shell ...)
+ TODO: check
CVE-2018-8413
RESERVED
-CVE-2018-8412
- RESERVED
+CVE-2018-8412 (An elevation of privilege vulnerability exists when the Microsoft ...)
+ TODO: check
CVE-2018-8411
RESERVED
CVE-2018-8410
@@ -17508,80 +17530,80 @@ CVE-2018-8408
RESERVED
CVE-2018-8407
RESERVED
-CVE-2018-8406
- RESERVED
-CVE-2018-8405
- RESERVED
-CVE-2018-8404
- RESERVED
-CVE-2018-8403
- RESERVED
+CVE-2018-8406 (An elevation of privilege vulnerability exists when the DirectX ...)
+ TODO: check
+CVE-2018-8405 (An elevation of privilege vulnerability exists when the DirectX ...)
+ TODO: check
+CVE-2018-8404 (An elevation of privilege vulnerability exists in Windows when the ...)
+ TODO: check
+CVE-2018-8403 (A remote code execution vulnerability exists in the way that Microsoft ...)
+ TODO: check
CVE-2018-8402
RESERVED
-CVE-2018-8401
- RESERVED
-CVE-2018-8400
- RESERVED
-CVE-2018-8399
- RESERVED
-CVE-2018-8398
- RESERVED
-CVE-2018-8397
- RESERVED
-CVE-2018-8396
- RESERVED
+CVE-2018-8401 (An elevation of privilege vulnerability exists when the DirectX ...)
+ TODO: check
+CVE-2018-8400 (An elevation of privilege vulnerability exists when the DirectX ...)
+ TODO: check
+CVE-2018-8399 (An elevation of privilege vulnerability exists in Windows when the ...)
+ TODO: check
+CVE-2018-8398 (An information disclosure vulnerability exists when the Windows GDI ...)
+ TODO: check
+CVE-2018-8397 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
+CVE-2018-8396 (An information disclosure vulnerability exists when the Windows GDI ...)
+ TODO: check
CVE-2018-8395
RESERVED
-CVE-2018-8394
- RESERVED
+CVE-2018-8394 (An information disclosure vulnerability exists when the Windows GDI ...)
+ TODO: check
CVE-2018-8393
RESERVED
CVE-2018-8392
RESERVED
CVE-2018-8391
RESERVED
-CVE-2018-8390
- RESERVED
-CVE-2018-8389
- RESERVED
-CVE-2018-8388
- RESERVED
-CVE-2018-8387
- RESERVED
+CVE-2018-8390 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
+CVE-2018-8389 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
+CVE-2018-8388 (A spoofing vulnerability exists when Microsoft Edge improperly handles ...)
+ TODO: check
+CVE-2018-8387 (A remote code execution vulnerability exists when Microsoft Edge ...)
+ TODO: check
CVE-2018-8386
RESERVED
-CVE-2018-8385
- RESERVED
-CVE-2018-8384
- RESERVED
-CVE-2018-8383
- RESERVED
-CVE-2018-8382
- RESERVED
-CVE-2018-8381
- RESERVED
-CVE-2018-8380
- RESERVED
-CVE-2018-8379
- RESERVED
-CVE-2018-8378
- RESERVED
-CVE-2018-8377
- RESERVED
-CVE-2018-8376
- RESERVED
-CVE-2018-8375
- RESERVED
-CVE-2018-8374
- RESERVED
-CVE-2018-8373
- RESERVED
-CVE-2018-8372
- RESERVED
-CVE-2018-8371
- RESERVED
-CVE-2018-8370
- RESERVED
+CVE-2018-8385 (A remote code execution vulnerability exists in the way the scripting ...)
+ TODO: check
+CVE-2018-8384 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
+CVE-2018-8383 (A spoofing vulnerability exists when Microsoft Edge does not properly ...)
+ TODO: check
+CVE-2018-8382 (An information disclosure vulnerability exists when Microsoft Excel ...)
+ TODO: check
+CVE-2018-8381 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
+CVE-2018-8380 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
+CVE-2018-8379 (A remote code execution vulnerability exists in Microsoft Excel ...)
+ TODO: check
+CVE-2018-8378 (An information disclosure vulnerability exists when Microsoft Office ...)
+ TODO: check
+CVE-2018-8377 (A remote code execution vulnerability exists when Microsoft Edge ...)
+ TODO: check
+CVE-2018-8376 (A remote code execution vulnerability exists in Microsoft PowerPoint ...)
+ TODO: check
+CVE-2018-8375 (A remote code execution vulnerability exists in Microsoft Excel ...)
+ TODO: check
+CVE-2018-8374 (A tampering vulnerability exists when Microsoft Exchange Server fails ...)
+ TODO: check
+CVE-2018-8373 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
+CVE-2018-8372 (A remote code execution vulnerability exists in the way the scripting ...)
+ TODO: check
+CVE-2018-8371 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
+CVE-2018-8370 (A information disclosure vulnerability exists when WebAudio Library ...)
+ TODO: check
CVE-2018-8369
RESERVED
CVE-2018-8368
@@ -17600,50 +17622,50 @@ CVE-2018-8362
RESERVED
CVE-2018-8361
RESERVED
-CVE-2018-8360
- RESERVED
-CVE-2018-8359
- RESERVED
-CVE-2018-8358
- RESERVED
-CVE-2018-8357
- RESERVED
+CVE-2018-8360 (An information disclosure vulnerability exists in Microsoft .NET ...)
+ TODO: check
+CVE-2018-8359 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
+CVE-2018-8358 (A security feature bypass vulnerability exists when Microsoft Edge ...)
+ TODO: check
+CVE-2018-8357 (An elevation of privilege vulnerability exists in Microsoft browsers ...)
+ TODO: check
CVE-2018-8356 (A security feature bypass vulnerability exists when Microsoft .NET ...)
NOT-FOR-US: Microsoft .NET, doesn't affect src:mono
-CVE-2018-8355
- RESERVED
+CVE-2018-8355 (A remote code execution vulnerability exists in the way the scripting ...)
+ TODO: check
CVE-2018-8354
RESERVED
-CVE-2018-8353
- RESERVED
+CVE-2018-8353 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
CVE-2018-8352
RESERVED
-CVE-2018-8351
- RESERVED
-CVE-2018-8350
- RESERVED
-CVE-2018-8349
- RESERVED
-CVE-2018-8348
- RESERVED
-CVE-2018-8347
- RESERVED
-CVE-2018-8346
- RESERVED
-CVE-2018-8345
- RESERVED
-CVE-2018-8344
- RESERVED
-CVE-2018-8343
- RESERVED
-CVE-2018-8342
- RESERVED
-CVE-2018-8341
- RESERVED
-CVE-2018-8340
- RESERVED
-CVE-2018-8339
- RESERVED
+CVE-2018-8351 (An information disclosure vulnerability exists when affected Microsoft ...)
+ TODO: check
+CVE-2018-8350 (A remote code execution vulnerability exists when Microsoft Windows ...)
+ TODO: check
+CVE-2018-8349 (A remote code execution vulnerability exists in "Microsoft COM for ...)
+ TODO: check
+CVE-2018-8348 (An information disclosure vulnerability exists when the Windows kernel ...)
+ TODO: check
+CVE-2018-8347 (An elevation of privilege vulnerability exists in Microsoft Windows ...)
+ TODO: check
+CVE-2018-8346 (A remote code execution vulnerability exists in Microsoft Windows that ...)
+ TODO: check
+CVE-2018-8345 (A remote code execution vulnerability exists in Microsoft Windows that ...)
+ TODO: check
+CVE-2018-8344 (A remote code execution vulnerability exists when the Windows font ...)
+ TODO: check
+CVE-2018-8343 (An elevation of privilege vulnerability exists in the Network Driver ...)
+ TODO: check
+CVE-2018-8342 (An elevation of privilege vulnerability exists in the Network Driver ...)
+ TODO: check
+CVE-2018-8341 (An information disclosure vulnerability exists when the Windows kernel ...)
+ TODO: check
+CVE-2018-8340 (A security feature bypass vulnerability exists when Active Directory ...)
+ TODO: check
+CVE-2018-8339 (An elevation of privilege vulnerability exists in the Windows ...)
+ TODO: check
CVE-2018-8338
RESERVED
CVE-2018-8337
@@ -17688,8 +17710,8 @@ CVE-2018-8318
RESERVED
CVE-2018-8317
RESERVED
-CVE-2018-8316
- RESERVED
+CVE-2018-8316 (A remote code execution vulnerability exists when Internet Explorer ...)
+ TODO: check
CVE-2018-8315
RESERVED
CVE-2018-8314 (An elevation of privilege vulnerability exists when Windows fails a ...)
@@ -17716,8 +17738,8 @@ CVE-2018-8304 (A denial of service vulnerability exists in Windows Domain Name S
NOT-FOR-US: Microsoft
CVE-2018-8303
RESERVED
-CVE-2018-8302
- RESERVED
+CVE-2018-8302 (A remote code execution vulnerability exists in Microsoft Exchange ...)
+ TODO: check
CVE-2018-8301 (A remote code execution vulnerability exists when Microsoft Edge ...)
NOT-FOR-US: Microsoft
CVE-2018-8300 (A remote code execution vulnerability exists in Microsoft SharePoint ...)
@@ -17774,8 +17796,8 @@ CVE-2018-8275 (A remote code execution vulnerability exists when Microsoft Edge
NOT-FOR-US: Microsoft
CVE-2018-8274 (A remote code execution vulnerability exists when Microsoft Edge ...)
NOT-FOR-US: Microsoft
-CVE-2018-8273
- RESERVED
+CVE-2018-8273 (A buffer overflow vulnerability exists in the Microsoft SQL Server ...)
+ TODO: check
CVE-2018-8272
RESERVED
CVE-2018-8271
@@ -17788,8 +17810,8 @@ CVE-2018-8268
RESERVED
CVE-2018-8267 (A remote code execution vulnerability exists in the way that the ...)
NOT-FOR-US: Microsoft
-CVE-2018-8266
- RESERVED
+CVE-2018-8266 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
CVE-2018-8265
RESERVED
CVE-2018-8264
@@ -17814,8 +17836,8 @@ CVE-2018-8255
RESERVED
CVE-2018-8254 (An elevation of privilege vulnerability exists when Microsoft ...)
NOT-FOR-US: Microsoft
-CVE-2018-8253
- RESERVED
+CVE-2018-8253 (An elevation of privilege vulnerability exists when Microsoft Cortana ...)
+ TODO: check
CVE-2018-8252 (An elevation of privilege vulnerability exists when Microsoft ...)
NOT-FOR-US: Microsoft
CVE-2018-8251 (A memory corruption vulnerability exists when Windows Media Foundation ...)
@@ -17912,16 +17934,16 @@ CVE-2018-8206 (A denial of service vulnerability exists when Windows improperly
NOT-FOR-US: Microsoft
CVE-2018-8205 (A denial of service vulnerability exists when Windows improperly ...)
NOT-FOR-US: Microsoft
-CVE-2018-8204
- RESERVED
+CVE-2018-8204 (A security feature bypass vulnerability exists in Device Guard that ...)
+ TODO: check
CVE-2018-8203
RESERVED
CVE-2018-8202 (An elevation of privilege vulnerability exists in .NET Framework which ...)
NOT-FOR-US: Microsoft
CVE-2018-8201 (A security feature bypass vulnerability exists in Device Guard that ...)
NOT-FOR-US: Microsoft
-CVE-2018-8200
- RESERVED
+CVE-2018-8200 (A security feature bypass vulnerability exists in Device Guard that ...)
+ TODO: check
CVE-2018-8199
RESERVED
CVE-2018-8198
@@ -21709,8 +21731,8 @@ CVE-2018-6975
RESERVED
CVE-2018-6974
RESERVED
-CVE-2018-6973
- RESERVED
+CVE-2018-6973 (VMware Workstation (14.x before 14.1.3) and Fusion (10.x before ...)
+ TODO: check
CVE-2018-6972 (VMware ESXi (6.7 before ESXi670-201806401-BG, 6.5 before ...)
NOT-FOR-US: VMware
CVE-2018-6971 (VMware Horizon View Agents (7.x.x before 7.5.1) contain a local ...)
@@ -37141,8 +37163,8 @@ CVE-2018-1457 (An undisclosed vulnerability in IBM Rational DOORS 9.5.1 through
NOT-FOR-US: IBM
CVE-2018-1456 (IBM Rhapsody DM 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable ...)
NOT-FOR-US: IBM
-CVE-2018-1455
- RESERVED
+CVE-2018-1455 (IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 is ...)
+ TODO: check
CVE-2018-1454 (IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow a ...)
NOT-FOR-US: IBM InfoSphere Information Server
CVE-2018-1453 (IBM Security Identity Manager Virtual Appliance 7.0 allows an ...)
@@ -40075,8 +40097,8 @@ CVE-2018-0954 (A remote code execution vulnerability exists in the way the scrip
NOT-FOR-US: Microsoft
CVE-2018-0953 (A remote code execution vulnerability exists in the way that the ...)
NOT-FOR-US: Microsoft
-CVE-2018-0952
- RESERVED
+CVE-2018-0952 (An Elevation of Privilege vulnerability exists when Diagnostics Hub ...)
+ TODO: check
CVE-2018-0951 (A remote code execution vulnerability exists in the way that the ...)
NOT-FOR-US: Microsoft
CVE-2018-0950 (An information disclosure vulnerability exists when Office renders ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b378519817f9a0a627b033b2d52dd5190a4303a6
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b378519817f9a0a627b033b2d52dd5190a4303a6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180815/260c4c7d/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list