[Git][security-tracker-team/security-tracker][master] automatic update

Fri Aug 24 09:10:27 BST 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
554418d6 by security tracker role at 2018-08-24T08:10:18Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================

--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,119 @@
+CVE-2018-15864
+	RESERVED
+CVE-2018-15863
+	RESERVED
+CVE-2018-15862
+	RESERVED
+CVE-2018-15861
+	RESERVED
+CVE-2018-15860
+	RESERVED
+CVE-2018-15859
+	RESERVED
+CVE-2018-15858
+	RESERVED
+CVE-2018-15857
+	RESERVED
+CVE-2018-15856
+	RESERVED
+CVE-2018-15855
+	RESERVED
+CVE-2018-15854
+	RESERVED
+CVE-2018-15853
+	RESERVED
+CVE-2018-15852
+	RESERVED
+CVE-2018-15851
+	RESERVED
+CVE-2018-15850
+	RESERVED
+CVE-2018-15849
+	RESERVED
+CVE-2018-15848
+	RESERVED
+CVE-2018-15847
+	RESERVED
+CVE-2018-15846
+	RESERVED
+CVE-2018-15845
+	RESERVED
+CVE-2018-15844
+	RESERVED
+CVE-2018-15843
+	RESERVED
+CVE-2018-15842
+	RESERVED
+CVE-2018-15841
+	RESERVED
+CVE-2018-15840
+	RESERVED
+CVE-2018-15839
+	RESERVED
+CVE-2018-15838
+	RESERVED
+CVE-2018-15837
+	RESERVED
+CVE-2018-15836
+	RESERVED
+CVE-2018-15835
+	RESERVED
+CVE-2018-15834
+	RESERVED
+CVE-2018-15833
+	RESERVED
+CVE-2018-15832
+	RESERVED
+CVE-2018-15831
+	RESERVED
+CVE-2018-15830
+	RESERVED
+CVE-2018-15829
+	RESERVED
+CVE-2018-15828
+	RESERVED
+CVE-2018-15827
+	RESERVED
+CVE-2018-15826
+	RESERVED
+CVE-2018-15825
+	RESERVED
+CVE-2018-15824
+	RESERVED
+CVE-2018-15823
+	RESERVED
+CVE-2018-15822 (The flv_write_packet function in libavformat/flvenc.c in FFmpeg through ...)
+	TODO: check
+CVE-2018-15821
+	RESERVED
+CVE-2018-15820
+	RESERVED
+CVE-2018-15819
+	RESERVED
+CVE-2018-15818
+	RESERVED
+CVE-2018-15817
+	RESERVED
+CVE-2018-15816
+	RESERVED
+CVE-2018-15815
+	RESERVED
+CVE-2018-15814
+	RESERVED
+CVE-2018-15813
+	RESERVED
+CVE-2018-15812
+	RESERVED
+CVE-2018-15811
+	RESERVED
+CVE-2018-15810
+	RESERVED
+CVE-2018-15809 (AccuPOS 2017.8 is installed with the insecure "Authenticated Users: ...)
+	TODO: check
+CVE-2018-15808 (POSIM EVO 15.13 for Windows includes hardcoded database credentials for ...)
+	TODO: check
+CVE-2018-15807 (POSIM EVO 15.13 for Windows includes an "Emergency Override" ...)
+	TODO: check
 CVE-2018-15806
 	RESERVED
 CVE-2018-15805
@@ -24131,8 +24247,7 @@ CVE-2018-6560 (In dbus-proxy/flatpak-proxy.c in Flatpak before 0.8.9, and 0.9.x 
 	NOTE: https://github.com/flatpak/flatpak/commit/52346bf187b5a7f1c0fe9075b328b7ad6abe78f6
 CVE-2018-6559
 	RESERVED
-CVE-2018-6558 [privilege escalation]
-	RESERVED
+CVE-2018-6558 (The pam_fscrypt module in fscrypt before 0.2.4 may incorrectly restore ...)
 	- fscrypt 0.2.4-1 (bug #907074)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/fscrypt/+bug/1787548
 	NOTE: https://github.com/google/fscrypt/issues/77
@@ -31607,16 +31722,16 @@ CVE-2018-3913
 	RESERVED
 CVE-2018-3912 (On Samsung SmartThings Hub STH-ETH-250 devices with firmware version ...)
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3911
-	RESERVED
+CVE-2018-3911 (An exploitable HTTP header injection vulnerability exists in the ...)
+	TODO: check
 CVE-2018-3910
 	RESERVED
-CVE-2018-3909
-	RESERVED
+CVE-2018-3909 (An exploitable vulnerability exists in the REST parser of video-core's ...)
+	TODO: check
 CVE-2018-3908
 	RESERVED
-CVE-2018-3907
-	RESERVED
+CVE-2018-3907 (An exploitable vulnerability exists in the REST parser of video-core's ...)
+	TODO: check
 CVE-2018-3906
 	RESERVED
 CVE-2018-3905 (An exploitable buffer overflow vulnerability exists in the camera ...)
@@ -31669,8 +31784,8 @@ CVE-2018-3882
 	RESERVED
 CVE-2018-3881 (An exploitable unauthenticated XML external injection vulnerability ...)
 	NOT-FOR-US: FocalScope
-CVE-2018-3880
-	RESERVED
+CVE-2018-3880 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
+	TODO: check
 CVE-2018-3879 (An exploitable JSON injection vulnerability exists in the credentials ...)
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
 CVE-2018-3878 (Multiple exploitable buffer overflow vulnerabilities exist in the ...)
@@ -31685,8 +31800,8 @@ CVE-2018-3874
 	RESERVED
 CVE-2018-3873
 	RESERVED
-CVE-2018-3872
-	RESERVED
+CVE-2018-3872 (An exploitable buffer overflow vulnerability exists in the credentials ...)
+	TODO: check
 CVE-2018-3871 (An exploitable out-of-bounds write exists in the PCX parsing ...)
 	NOT-FOR-US: Canvas Draw
 CVE-2018-3870 (An exploitable out-of-bounds write exists in the PCX parsing ...)
@@ -31697,8 +31812,8 @@ CVE-2018-3868 (A specially crafted TIFF image processed via the application can 
 	NOT-FOR-US: Computerinsel Photoline
 CVE-2018-3867 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3866
-	RESERVED
+CVE-2018-3866 (An exploitable buffer overflow vulnerability exists in the ...)
+	TODO: check
 CVE-2018-3865
 	RESERVED
 CVE-2018-3864
@@ -31717,8 +31832,8 @@ CVE-2018-3858 (An exploitable heap overflow exists in the TIFF parsing functiona
 	NOT-FOR-US: Canvas Draw
 CVE-2018-3857 (An exploitable heap overflow exists in the TIFF parsing functionality ...)
 	NOT-FOR-US: Canvas Draw
-CVE-2018-3856
-	RESERVED
+CVE-2018-3856 (An exploitable vulnerability exists in the smart cameras RTSP ...)
+	TODO: check
 CVE-2018-3855 (In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 ...)
 	NOT-FOR-US: Hyland Perceptive Document Filters
 CVE-2018-3854



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/554418d68d46923feb982ee4c09184edddbfb382

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/554418d68d46923feb982ee4c09184edddbfb382
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180824/a39f8448/attachment-0001.html>
