[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Thu Dec 6 20:10:35 GMT 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c3ad806e by security tracker role at 2018-12-06T20:10:26Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,69 @@
+CVE-2019-1584
+ RESERVED
+CVE-2019-1583
+ RESERVED
+CVE-2019-1582
+ RESERVED
+CVE-2019-1581
+ RESERVED
+CVE-2019-1580
+ RESERVED
+CVE-2019-1579
+ RESERVED
+CVE-2019-1578
+ RESERVED
+CVE-2019-1577
+ RESERVED
+CVE-2019-1576
+ RESERVED
+CVE-2019-1575
+ RESERVED
+CVE-2019-1574
+ RESERVED
+CVE-2019-1573
+ RESERVED
+CVE-2019-1572
+ RESERVED
+CVE-2019-1571
+ RESERVED
+CVE-2019-1570
+ RESERVED
+CVE-2019-1569
+ RESERVED
+CVE-2019-1568
+ RESERVED
+CVE-2019-1567
+ RESERVED
+CVE-2019-1566
+ RESERVED
+CVE-2019-1565
+ RESERVED
+CVE-2018-19917
+ RESERVED
+CVE-2018-19916
+ RESERVED
+CVE-2018-19915 (DomainMOD through 4.11.01 has XSS via the assets/edit/host.php Web Host ...)
+ TODO: check
+CVE-2018-19914 (DomainMOD through 4.11.01 has XSS via the assets/add/dns.php Profile ...)
+ TODO: check
+CVE-2018-19913 (DomainMOD through 4.11.01 has XSS via the ...)
+ TODO: check
+CVE-2018-19912
+ RESERVED
+CVE-2018-19911 (FreeSWITCH through 1.8.2, when mod_xml_rpc is enabled, allows remote ...)
+ TODO: check
+CVE-2018-19910
+ RESERVED
+CVE-2018-19909
+ RESERVED
+CVE-2018-19908 (An issue was discovered in MISP 2.4.9x before 2.4.99. In ...)
+ TODO: check
+CVE-2018-1000859
+ REJECTED
+ TODO: check
+CVE-2018-1000853
+ REJECTED
+ TODO: check
CVE-2018-19907 (A Server-Side Template Injection issue was discovered in Crafter CMS ...)
NOT-FOR-US: Crafter CMS
CVE-2018-19906
@@ -6758,8 +6824,8 @@ CVE-2018-18364
RESERVED
CVE-2018-18363
RESERVED
-CVE-2018-18362
- RESERVED
+CVE-2018-18362 (Norton Password Manager for Android (formerly Norton Identity Safe) ...)
+ TODO: check
CVE-2018-18361 (An issue was discovered in nc-cms through 2017-03-10. ...)
NOT-FOR-US: nc-cms
CVE-2018-18360
@@ -14448,8 +14514,8 @@ CVE-2018-15334
RESERVED
CVE-2018-15333
RESERVED
-CVE-2018-15332
- RESERVED
+CVE-2018-15332 (The svpn component of the F5 BIG-IP APM client prior to version ...)
+ TODO: check
CVE-2018-15331
RESERVED
CVE-2018-15330
@@ -28122,43 +28188,43 @@ CVE-2018-10165 (Stored Cross-site scripting (XSS) vulnerability in the TP-Link E
CVE-2018-10164 (Stored Cross-site scripting (XSS) vulnerability in the TP-Link EAP ...)
NOT-FOR-US: TP-Link
CVE-2018-10163
- RESERVED
+ REJECTED
CVE-2018-10162
- RESERVED
+ REJECTED
CVE-2018-10161
- RESERVED
+ REJECTED
CVE-2018-10160
- RESERVED
+ REJECTED
CVE-2018-10159
- RESERVED
+ REJECTED
CVE-2018-10158
- RESERVED
+ REJECTED
CVE-2018-10157
- RESERVED
+ REJECTED
CVE-2018-10156
- RESERVED
+ REJECTED
CVE-2018-10155
- RESERVED
+ REJECTED
CVE-2018-10154
- RESERVED
+ REJECTED
CVE-2018-10153
- RESERVED
+ REJECTED
CVE-2018-10152
- RESERVED
+ REJECTED
CVE-2018-10151
- RESERVED
+ REJECTED
CVE-2018-10150
- RESERVED
+ REJECTED
CVE-2018-10149
- RESERVED
+ REJECTED
CVE-2018-10148
- RESERVED
+ REJECTED
CVE-2018-10147
- RESERVED
+ REJECTED
CVE-2018-10146
- RESERVED
+ REJECTED
CVE-2018-10145
- RESERVED
+ REJECTED
CVE-2018-10144
RESERVED
CVE-2018-10143
@@ -29516,61 +29582,60 @@ CVE-2018-9570
CVE-2018-9569
RESERVED
NOT-FOR-US: Android libxaac
-CVE-2018-9568 [Memory corruption due to incorrect socket cloning]
- RESERVED
+CVE-2018-9568 (In sk_clone_lock of sock.c, there is a possible memory corruption due ...)
- linux 4.13.10-1
[stretch] - linux 4.9.65-1
[jessie] - linux 3.16.59-1
NOTE: Fixed by: https://git.kernel.org/linus/9d538fa60bad4f7b23193c89e843797a1cf71ef3
-CVE-2018-9567
- RESERVED
-CVE-2018-9566
- RESERVED
-CVE-2018-9565
- RESERVED
+CVE-2018-9567 (On Pixel devices there is a bug causing verified boot to show the same ...)
+ TODO: check
+CVE-2018-9566 (In process_service_search_rsp of sdp_discovery.c, there is a possible ...)
+ TODO: check
+CVE-2018-9565 (In readBytes of xltdecwbxml.c, there is a possible out of bounds read ...)
+ TODO: check
CVE-2018-9564
RESERVED
CVE-2018-9563
RESERVED
-CVE-2018-9562
- RESERVED
+CVE-2018-9562 (In bta_ag_do_disc of bta_ag_sdp.cc, there is a possible out-of-bound ...)
+ TODO: check
CVE-2018-9561
RESERVED
-CVE-2018-9560
- RESERVED
-CVE-2018-9559
- RESERVED
-CVE-2018-9558
- RESERVED
-CVE-2018-9557
- RESERVED
-CVE-2018-9556
- RESERVED
-CVE-2018-9555
- RESERVED
-CVE-2018-9554
- RESERVED
-CVE-2018-9553
- RESERVED
-CVE-2018-9552
- RESERVED
-CVE-2018-9551
- RESERVED
-CVE-2018-9550
- RESERVED
-CVE-2018-9549
- RESERVED
-CVE-2018-9548
- RESERVED
-CVE-2018-9547
- RESERVED
+CVE-2018-9560 (In HID_DevAddRecord of hidd_api.cc, there is a possible out-of-bounds ...)
+ TODO: check
+CVE-2018-9559 (In persist_set_key and other functions of cryptfs.cpp, there is a ...)
+ TODO: check
+CVE-2018-9558 (In rw_t2t_handle_tlv_detect of rw_t2t_ndef.cc, there is a possible ...)
+ TODO: check
+CVE-2018-9557 (In really_install_package of install.cpp, there is a possible free of ...)
+ TODO: check
+CVE-2018-9556 (In ParsePayloadHeader of payload_metadata.cc, there is a possible out ...)
+ TODO: check
+CVE-2018-9555 (In l2c_lcc_proc_pdu of l2c_fcr.cc, there is a possible out of bounds ...)
+ TODO: check
+CVE-2018-9554 (In dumpExtractors of IMediaExtractor.cp, there is a possible ...)
+ TODO: check
+CVE-2018-9553 (In MasteringMetadata::Parse of mkvparser.cc there is a possible double ...)
+ TODO: check
+CVE-2018-9552 (In ihevcd_sao_shift_ctb of ihevcd_sao.c there is a possible out of ...)
+ TODO: check
+CVE-2018-9551 (In CAacDecoder_Init of aacdecoder.cpp, there is a possible ...)
+ TODO: check
+CVE-2018-9550 (In CAacDecoder_Init of aacdecoder.cpp, there is a possible out of ...)
+ TODO: check
+CVE-2018-9549 (In lppTransposer of lpp_tran.cpp there is a possible out of bounds ...)
+ TODO: check
+CVE-2018-9548 (In multiple functions of ContentProvider.java, there is a possible ...)
+ TODO: check
+CVE-2018-9547 (In unflatten of GraphicBuffer.cpp, there is a possible bad fd close ...)
+ TODO: check
CVE-2018-9546
RESERVED
CVE-2018-9545 (In BTA_HdRegisterApp of bta_hd_api.cc, there is a possible ...)
NOT-FOR-US: Android
CVE-2018-9544 (In register_app of btif_hd.cc, there is a possible out-of-bounds read ...)
NOT-FOR-US: Android
-CVE-2018-9543 (In f2fs_format_utils.c WITH_BLKDISCARD is not defined, which may cause ...)
+CVE-2018-9543 (In trim_device of f2fs_format_utils.c, it is possible that the data ...)
NOT-FOR-US: Android
CVE-2018-9542 (In avrc_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible out of ...)
NOT-FOR-US: Android
@@ -29580,8 +29645,8 @@ CVE-2018-9540 (In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.c, there is a possib
NOT-FOR-US: Android
CVE-2018-9539 (In the ClearKey CAS descrambler, there is a possible use after free ...)
NOT-FOR-US: Android Media Framework
-CVE-2018-9538
- RESERVED
+CVE-2018-9538 (In V4L2SliceVideoDecodeAccelerator::Dequeue of ...)
+ TODO: check
CVE-2018-9537 (In CAacDecoder_DecodeFrame of aacdecode.cpp, there is a possible ...)
NOT-FOR-US: Android Media Framework
CVE-2018-9536 (In numerous functions of libFDK, there are possible out of bounds ...)
@@ -51486,8 +51551,8 @@ CVE-2018-1937
RESERVED
CVE-2018-1936
RESERVED
-CVE-2018-1935
- RESERVED
+CVE-2018-1935 (IBM Connections 5.0, 5.5, and 6.0 could allow an authenticated user to ...)
+ TODO: check
CVE-2018-1934
RESERVED
CVE-2018-1933
@@ -51614,8 +51679,8 @@ CVE-2018-1873
RESERVED
CVE-2018-1872 (IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. ...)
NOT-FOR-US: IBM
-CVE-2018-1871
- RESERVED
+CVE-2018-1871 (IBM Financial Transaction Manager for Digital Payments for ...)
+ TODO: check
CVE-2018-1870
RESERVED
CVE-2018-1869
@@ -52306,8 +52371,8 @@ CVE-2018-1527
RESERVED
CVE-2018-1526
RESERVED
-CVE-2018-1525
- RESERVED
+CVE-2018-1525 (IBM i2 Enterprise Insight Analysis 2.1.7 could allow a remote attacker ...)
+ TODO: check
CVE-2018-1524 (IBM Maximo Asset Management 7.6 through 7.6.3 installs with a default ...)
NOT-FOR-US: IBM
CVE-2018-1523 (IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 ...)
@@ -52346,10 +52411,10 @@ CVE-2018-1507 (IBM DOORS Next Generation (DNG/RRC) 6.0.5 is vulnerable to cross-
NOT-FOR-US: IBM
CVE-2018-1506
RESERVED
-CVE-2018-1505
- RESERVED
-CVE-2018-1504
- RESERVED
+CVE-2018-1505 (IBM i2 Enterprise Insight Analysis 2.1.7 allows web pages to be stored ...)
+ TODO: check
+CVE-2018-1504 (IBM i2 Enterprise Insight Analysis 2.1.7 could allow a remote attacker ...)
+ TODO: check
CVE-2018-1503 (IBM WebSphere MQ 7.5, 8.0, and 9.0 could allow a remotely ...)
NOT-FOR-US: IBM
CVE-2018-1502 (IBM Content Manager Enterprise Edition Resource Manager 8.4.3 and 9.5 ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c3ad806e66eea75d555c9ccd93f137220c799d4d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c3ad806e66eea75d555c9ccd93f137220c799d4d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181206/fdf09329/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list