[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Thu Feb 8 21:10:24 UTC 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fe3bff06 by security tracker role at 2018-02-08T21:10:20+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,45 @@
+CVE-2018-6865
+	RESERVED
+CVE-2018-6864
+	RESERVED
+CVE-2018-6863
+	RESERVED
+CVE-2018-6862
+	RESERVED
+CVE-2018-6861
+	RESERVED
+CVE-2018-6860
+	RESERVED
+CVE-2018-6859
+	RESERVED
+CVE-2018-6858
+	RESERVED
+CVE-2018-6857
+	RESERVED
+CVE-2018-6856
+	RESERVED
+CVE-2018-6855
+	RESERVED
+CVE-2018-6854
+	RESERVED
+CVE-2018-6853
+	RESERVED
+CVE-2018-6852
+	RESERVED
+CVE-2018-6851
+	RESERVED
+CVE-2018-6850
+	RESERVED
+CVE-2018-6849
+	RESERVED
+CVE-2018-6848
+	RESERVED
+CVE-2018-6847
+	RESERVED
+CVE-2018-6846 (Z-BlogPHP 1.5.1 allows remote attackers to discover the full path via a ...)
+	TODO: check
+CVE-2018-6845
+	RESERVED
 CVE-2018-6844 (MyBB 1.8.14 has XSS via the Title or Description field on the Edit ...)
 	NOT-FOR-US: MyBB
 CVE-2018-6843
@@ -1363,7 +1405,7 @@ CVE-2018-6377 (In Joomla! before 3.8.4, inadequate input filtering in com_fields
 	NOT-FOR-US: Joomla!
 CVE-2018-6376 (In Joomla! before 3.8.4, the lack of type casting of a variable in a ...)
 	NOT-FOR-US: Joomla!
-CVE-2018-1000030 [Heap-Buffer-Overflow and Heap-Use-After-Free in Objects/fileobject.c]
+CVE-2018-1000030 (Python 2.7.14 is vulnerable to a Heap-Buffer-Overflow as well as a ...)
 	- python3.7 <not-affected> (Reading ahead of file objects implemented differently)
 	- python3.6 <not-affected> (Reading ahead of file objects implemented differently)
 	- python3.5 <not-affected> (Reading ahead of file objects implemented differently)
@@ -3547,8 +3589,8 @@ CVE-2018-5552
 	RESERVED
 CVE-2018-5551
 	RESERVED
-CVE-2018-5550
-	RESERVED
+CVE-2018-5550 (Versions of Epson AirPrint released prior to January 19, 2018 contain ...)
+	TODO: check
 CVE-2015-9250 (An issue was discovered in Skybox Platform before 7.5.201. Directory ...)
 	NOT-FOR-US: Skybox Platform
 CVE-2015-9249 (An issue was discovered in Skybox Platform before 7.5.201. SQL ...)
@@ -13742,22 +13784,22 @@ CVE-2017-17661
 	RESERVED
 CVE-2017-17660
 	RESERVED
-CVE-2017-17659
-	RESERVED
-CVE-2017-17658
-	RESERVED
-CVE-2017-17657
-	RESERVED
-CVE-2017-17656
-	RESERVED
-CVE-2017-17655
-	RESERVED
-CVE-2017-17654
-	RESERVED
-CVE-2017-17653
-	RESERVED
-CVE-2017-17652
-	RESERVED
+CVE-2017-17659 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2017-17658 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2017-17657 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2017-17656 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2017-17655 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2017-17654 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2017-17653 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2017-17652 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
 CVE-2017-17651 (Paid To Read Script 2.0.5 has SQL Injection via the admin/userview.php ...)
 	NOT-FOR-US: Paid To Read Script
 CVE-2017-17650
@@ -14855,12 +14897,12 @@ CVE-2018-1165
 	RESERVED
 CVE-2018-1164
 	RESERVED
-CVE-2018-1163
-	RESERVED
-CVE-2018-1162
-	RESERVED
-CVE-2018-1161
-	RESERVED
+CVE-2018-1163 (This vulnerability allows remote attackers to bypass authentication on ...)
+	TODO: check
+CVE-2018-1162 (This vulnerability allows remote attackers to create a ...)
+	TODO: check
+CVE-2018-1161 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
 CVE-2018-1160
 	RESERVED
 CVE-2018-1159
@@ -14901,34 +14943,34 @@ CVE-2018-1142
 	RESERVED
 CVE-2018-1141
 	RESERVED
-CVE-2017-17425
-	RESERVED
-CVE-2017-17424
-	RESERVED
-CVE-2017-17423
-	RESERVED
-CVE-2017-17422
-	RESERVED
-CVE-2017-17421
-	RESERVED
-CVE-2017-17420
-	RESERVED
-CVE-2017-17419
-	RESERVED
-CVE-2017-17418
-	RESERVED
-CVE-2017-17417
-	RESERVED
-CVE-2017-17416
-	RESERVED
-CVE-2017-17415
-	RESERVED
-CVE-2017-17414
-	RESERVED
-CVE-2017-17413
-	RESERVED
-CVE-2017-17412
-	RESERVED
+CVE-2017-17425 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2017-17424 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2017-17423 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2017-17422 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2017-17421 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2017-17420 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2017-17419 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2017-17418 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2017-17417 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2017-17416 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2017-17415 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2017-17414 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2017-17413 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2017-17412 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
 CVE-2017-17411 (This vulnerability allows remote attackers to execute arbitrary code ...)
 	NOT-FOR-US: web management portal of Linksys WVBR0 WVBR0
 CVE-2017-17410 (This vulnerability allows remote attackers to execute arbitrary code ...)
@@ -17108,18 +17150,18 @@ CVE-2018-0519
 	RESERVED
 CVE-2018-0518
 	RESERVED
-CVE-2018-0517
-	RESERVED
+CVE-2018-0517 (Untrusted search path vulnerability in Anshin net security for Windows ...)
+	TODO: check
 CVE-2018-0516
 	RESERVED
 CVE-2018-0515
 	RESERVED
-CVE-2018-0514
-	RESERVED
-CVE-2018-0513
-	RESERVED
-CVE-2018-0512
-	RESERVED
+CVE-2018-0514 (MP Form Mail CGI eCommerce Edition Ver 2.0.13 and earlier allows ...)
+	TODO: check
+CVE-2018-0513 (Cross-site scripting vulnerability in MTS Simple Booking C, MTS Simple ...)
+	TODO: check
+CVE-2018-0512 (Devices with IP address setting tool "MagicalFinder" provided by I-O ...)
+	TODO: check
 CVE-2018-0511 (Cross-site scripting vulnerability in WP Retina 2x prior to version ...)
 	NOT-FOR-US: WP Retina
 CVE-2018-0510 (Buffer overflow in epg search result viewer (kkcald) 0.7.19 and ...)
@@ -47778,8 +47820,8 @@ CVE-2017-7353
 	RESERVED
 CVE-2017-7352 (Stored Cross-site scripting (XSS) vulnerability in Pure Storage Purity ...)
 	NOT-FOR-US: Pure Storage Purity
-CVE-2017-7351
-	RESERVED
+CVE-2017-7351 (A SQL injection issue exists in a file upload handler in REDCap 7.x ...)
+	TODO: check
 CVE-2017-7350
 	RESERVED
 CVE-2017-7349



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fe3bff061ed41ac8b2d6b9f35774404d76db931b

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fe3bff061ed41ac8b2d6b9f35774404d76db931b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180208/dbb4c6fe/attachment.html>

More information about the Secure-testing-commits mailing list