[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Thu Aug 23 21:10:33 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
06a3e213 by security tracker role at 2018-08-23T20:10:25Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,125 @@
+CVE-2018-15806
+ RESERVED
+CVE-2018-15805
+ RESERVED
+CVE-2018-15804 (An issue was discovered in the MapR File System in MapR Converged Data ...)
+ TODO: check
+CVE-2018-15803
+ RESERVED
+CVE-2018-15802
+ RESERVED
+CVE-2018-15801
+ RESERVED
+CVE-2018-15800
+ RESERVED
+CVE-2018-15799
+ RESERVED
+CVE-2018-15798
+ RESERVED
+CVE-2018-15797
+ RESERVED
+CVE-2018-15796
+ RESERVED
+CVE-2018-15795
+ RESERVED
+CVE-2018-15794
+ RESERVED
+CVE-2018-15793
+ RESERVED
+CVE-2018-15792
+ RESERVED
+CVE-2018-15791
+ RESERVED
+CVE-2018-15790
+ RESERVED
+CVE-2018-15789
+ RESERVED
+CVE-2018-15788
+ RESERVED
+CVE-2018-15787
+ RESERVED
+CVE-2018-15786
+ RESERVED
+CVE-2018-15785
+ RESERVED
+CVE-2018-15784
+ RESERVED
+CVE-2018-15783
+ RESERVED
+CVE-2018-15782
+ RESERVED
+CVE-2018-15781
+ RESERVED
+CVE-2018-15780
+ RESERVED
+CVE-2018-15779
+ RESERVED
+CVE-2018-15778
+ RESERVED
+CVE-2018-15777
+ RESERVED
+CVE-2018-15776
+ RESERVED
+CVE-2018-15775
+ RESERVED
+CVE-2018-15774
+ RESERVED
+CVE-2018-15773
+ RESERVED
+CVE-2018-15772
+ RESERVED
+CVE-2018-15771
+ RESERVED
+CVE-2018-15770
+ RESERVED
+CVE-2018-15769
+ RESERVED
+CVE-2018-15768
+ RESERVED
+CVE-2018-15767
+ RESERVED
+CVE-2018-15766
+ RESERVED
+CVE-2018-15765
+ RESERVED
+CVE-2018-15764
+ RESERVED
+CVE-2018-15763
+ RESERVED
+CVE-2018-15762
+ RESERVED
+CVE-2018-15761
+ RESERVED
+CVE-2018-15760
+ RESERVED
+CVE-2018-15759
+ RESERVED
+CVE-2018-15758
+ RESERVED
+CVE-2018-15757
+ RESERVED
+CVE-2018-15756
+ RESERVED
+CVE-2018-15755
+ RESERVED
+CVE-2018-15754
+ RESERVED
+CVE-2018-15753
+ RESERVED
+CVE-2018-15752
+ RESERVED
+CVE-2018-15751
+ RESERVED
+CVE-2018-15750
+ RESERVED
+CVE-2018-15749
+ RESERVED
+CVE-2018-15748 (On Dell 2335dn printers with Printer Firmware Version 2.70.05.02, ...)
+ TODO: check
+CVE-2018-15747
+ RESERVED
+CVE-2018-15746
+ RESERVED
CVE-2018-15745
RESERVED
CVE-2018-15744
@@ -36,17 +158,17 @@ CVE-2018-15728
RESERVED
CVE-2018-15727
RESERVED
-CVE-2018-1999047
+CVE-2018-1999047 (A improper authorization vulnerability exists in Jenkins 2.137 and ...)
- jenkins <removed>
-CVE-2018-1999046
+CVE-2018-1999046 (A exposure of sensitive information vulnerability exists in Jenkins ...)
- jenkins <removed>
-CVE-2018-1999045
+CVE-2018-1999045 (A improper authentication vulnerability exists in Jenkins 2.137 and ...)
- jenkins <removed>
-CVE-2018-1999044
+CVE-2018-1999044 (A denial of service vulnerability exists in Jenkins 2.137 and earlier, ...)
- jenkins <removed>
-CVE-2018-1999043
+CVE-2018-1999043 (A denial of service vulnerability exists in Jenkins 2.137 and earlier, ...)
- jenkins <removed>
-CVE-2018-1999042
+CVE-2018-1999042 (A vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and ...)
- jenkins <removed>
CVE-2018-15726
RESERVED
@@ -437,8 +559,7 @@ CVE-2018-1000633 (The Open Microscopy Environment OMERO.web version prior to 5.4
NOT-FOR-US: Open Microscopy Environment
CVE-2018-1000632 (dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection ...)
TODO: check
-CVE-2003-1605 [Proxy Authentication Header Information Leakage]
- RESERVED
+CVE-2003-1605 (curl 7.x before 7.10.7 sends CONNECT proxy credentials to the remote ...)
- curl 7.10.7-1
NOTE: https://curl.haxx.se/docs/CVE-2003-1605.html
CVE-2018-15585
@@ -2101,8 +2222,8 @@ CVE-2018-14799 (In Philips PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs,
TODO: check
CVE-2018-14798
RESERVED
-CVE-2018-14797
- RESERVED
+CVE-2018-14797 (Emerson DeltaV DCS versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, R5 allow a ...)
+ TODO: check
CVE-2018-14796
RESERVED
CVE-2018-14795 (DeltaV Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5 is vulnerable ...)
@@ -2113,8 +2234,8 @@ CVE-2018-14793 (DeltaV Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5 is vulner
NOT-FOR-US: DeltaV
CVE-2018-14792
RESERVED
-CVE-2018-14791
- RESERVED
+CVE-2018-14791 (Emerson DeltaV DCS versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, R5 may ...)
+ TODO: check
CVE-2018-14790
RESERVED
CVE-2018-14789 (In Philips' IntelliSpace Cardiovascular (ISCV) products (ISCV Version ...)
@@ -2123,8 +2244,8 @@ CVE-2018-14788
RESERVED
CVE-2018-14787 (In Philips' IntelliSpace Cardiovascular (ISCV) products (ISCV Version ...)
TODO: check
-CVE-2018-14786
- RESERVED
+CVE-2018-14786 (Becton, Dickinson and Company (BD) Alaris Plus medical syringe pumps ...)
+ TODO: check
CVE-2018-14785 (NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with ...)
NOT-FOR-US: NetComm Wireless G LTE Light Industrial M2M Router
CVE-2018-14784 (NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with ...)
@@ -19381,8 +19502,8 @@ CVE-2018-8030 (A Denial of Service vulnerability was found in Apache Qpid Broker
- qpid-java <itp> (bug #840131)
CVE-2018-8029
RESERVED
-CVE-2018-8028
- RESERVED
+CVE-2018-8028 (An authenticated user can execute ALTER TABLE EXCHANGE PARTITIONS ...)
+ TODO: check
CVE-2018-8027 (Apache Camel 2.20.0 to 2.20.3 and 2.21.0 Core is vulnerable to XXE in ...)
NOT-FOR-US: Apache Camel
CVE-2018-8026 (This vulnerability in Apache Solr 6.0.0 to 6.6.4 and 7.0.0 to 7.3.1 ...)
@@ -31449,8 +31570,8 @@ CVE-2018-3927
RESERVED
CVE-2018-3926
RESERVED
-CVE-2018-3925
- RESERVED
+CVE-2018-3925 (An exploitable buffer overflow vulnerability exists in the remote ...)
+ TODO: check
CVE-2018-3924 (An exploitable use-after-free vulnerability exists in the JavaScript ...)
NOT-FOR-US: Foxit PDF Reader
CVE-2018-3923 (A memory corruption vulnerability exists in the PCX-parsing ...)
@@ -31461,12 +31582,12 @@ CVE-2018-3921 (A memory corruption vulnerability exists in the PSD-parsing ...)
NOT-FOR-US: Computerinsel Photoline
CVE-2018-3920
RESERVED
-CVE-2018-3919
- RESERVED
+CVE-2018-3919 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
+ TODO: check
CVE-2018-3918
RESERVED
-CVE-2018-3917
- RESERVED
+CVE-2018-3917 (On Samsung SmartThings Hub STH-ETH-250 devices with firmware version ...)
+ TODO: check
CVE-2018-3916
RESERVED
CVE-2018-3915
@@ -31475,8 +31596,8 @@ CVE-2018-3914
RESERVED
CVE-2018-3913
RESERVED
-CVE-2018-3912
- RESERVED
+CVE-2018-3912 (On Samsung SmartThings Hub STH-ETH-250 devices with firmware version ...)
+ TODO: check
CVE-2018-3911
RESERVED
CVE-2018-3910
@@ -31489,14 +31610,14 @@ CVE-2018-3907
RESERVED
CVE-2018-3906
RESERVED
-CVE-2018-3905
- RESERVED
+CVE-2018-3905 (An exploitable buffer overflow vulnerability exists in the camera ...)
+ TODO: check
CVE-2018-3904
RESERVED
-CVE-2018-3903
- RESERVED
-CVE-2018-3902
- RESERVED
+CVE-2018-3903 (On Samsung SmartThings Hub STH-ETH-250 devices with firmware version ...)
+ TODO: check
+CVE-2018-3902 (An exploitable buffer overflow vulnerability exists in the camera ...)
+ TODO: check
CVE-2018-3901
RESERVED
CVE-2018-3900
@@ -31541,10 +31662,10 @@ CVE-2018-3881 (An exploitable unauthenticated XML external injection vulnerabili
NOT-FOR-US: FocalScope
CVE-2018-3880
RESERVED
-CVE-2018-3879
- RESERVED
-CVE-2018-3878
- RESERVED
+CVE-2018-3879 (An exploitable JSON injection vulnerability exists in the credentials ...)
+ TODO: check
+CVE-2018-3878 (Multiple exploitable buffer overflow vulnerabilities exist in the ...)
+ TODO: check
CVE-2018-3877
RESERVED
CVE-2018-3876
@@ -31565,16 +31686,16 @@ CVE-2018-3869
RESERVED
CVE-2018-3868 (A specially crafted TIFF image processed via the application can lead ...)
NOT-FOR-US: Computerinsel Photoline
-CVE-2018-3867
- RESERVED
+CVE-2018-3867 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
+ TODO: check
CVE-2018-3866
RESERVED
CVE-2018-3865
RESERVED
CVE-2018-3864
RESERVED
-CVE-2018-3863
- RESERVED
+CVE-2018-3863 (On Samsung SmartThings Hub STH-ETH-250 devices with firmware version ...)
+ TODO: check
CVE-2018-3862 (A specially crafted TIFF image processed via the application can lead ...)
NOT-FOR-US: Computerinsel Photoline
CVE-2018-3861 (A specially crafted TIFF image processed via the application can lead ...)
@@ -31691,10 +31812,10 @@ CVE-2018-3835 (An exploitable out of bounds write vulnerability exists in versio
NOT-FOR-US: Per Face Texture (PTEX)
CVE-2018-3834 (An exploitable permanent denial of service vulnerability exists in ...)
NOT-FOR-US: Insteon Hub
-CVE-2018-3833
- RESERVED
-CVE-2018-3832
- RESERVED
+CVE-2018-3833 (An exploitable firmware downgrade vulnerability exists in Insteon Hub ...)
+ TODO: check
+CVE-2018-3832 (An exploitable firmware update vulnerability exists in Insteon Hub ...)
+ TODO: check
CVE-2018-3831
RESERVED
CVE-2018-3830
@@ -39661,14 +39782,14 @@ CVE-2018-1161 (This vulnerability allows remote attackers to execute arbitrary c
NOT-FOR-US: Quest NetVault Backup
CVE-2018-1160
RESERVED
-CVE-2018-1159
- RESERVED
-CVE-2018-1158
- RESERVED
-CVE-2018-1157
- RESERVED
-CVE-2018-1156
- RESERVED
+CVE-2018-1159 (Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a memory ...)
+ TODO: check
+CVE-2018-1158 (Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a stack ...)
+ TODO: check
+CVE-2018-1157 (Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a memory ...)
+ TODO: check
+CVE-2018-1156 (Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to stack ...)
+ TODO: check
CVE-2018-1155 (In SecurityCenter versions prior to 5.7.0, a cross-site scripting ...)
NOT-FOR-US: SecurityCenter
CVE-2018-1154 (In SecurityCenter versions prior to 5.7.0, a username enumeration ...)
@@ -45537,8 +45658,8 @@ CVE-2017-16350
RESERVED
CVE-2017-16349 (An exploitable XML external entity vulnerability exists in the ...)
NOT-FOR-US: SAP
-CVE-2017-16348
- RESERVED
+CVE-2017-16348 (An exploitable denial of service vulnerability exists in Insteon Hub ...)
+ TODO: check
CVE-2017-16347 (An attacker could send an authenticated HTTP request to trigger this ...)
NOT-FOR-US: Insteon Hub
CVE-2017-16346 (An attacker could send an authenticated HTTP request to trigger this ...)
@@ -45559,8 +45680,8 @@ CVE-2017-16339 (An attacker could send an authenticated HTTP request to trigger
NOT-FOR-US: Insteon Hub
CVE-2017-16338 (An attacker could send an authenticated HTTP request to trigger this ...)
NOT-FOR-US: Insteon Hub
-CVE-2017-16337
- RESERVED
+CVE-2017-16337 (On Insteon Hub 2245-222 devices with firmware version 1012, specially ...)
+ TODO: check
CVE-2017-16336
RESERVED
CVE-2017-16335
@@ -51451,14 +51572,14 @@ CVE-2017-14457 (An exploitable information leak/denial of service vulnerability
- cpp-etherum <itp> (bug #860434)
CVE-2017-14456
RESERVED
-CVE-2017-14455
- RESERVED
+CVE-2017-14455 (On Insteon Hub 2245-222 devices with firmware version 1012, specially ...)
+ TODO: check
CVE-2017-14454
RESERVED
-CVE-2017-14453
- RESERVED
-CVE-2017-14452
- RESERVED
+CVE-2017-14453 (On Insteon Hub 2245-222 devices with firmware version 1012, specially ...)
+ TODO: check
+CVE-2017-14452 (An exploitable buffer overflow vulnerability exists in the PubNub ...)
+ TODO: check
CVE-2017-14451
RESERVED
CVE-2017-14450 (A buffer overflow vulnerability exists in the GIF image parsing ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/06a3e213dcaee386aeca15f557b5ba2ab8f817e8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/06a3e213dcaee386aeca15f557b5ba2ab8f817e8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180823/cecaed93/attachment.html>
More information about the debian-security-tracker-commits
mailing list