[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Thu Feb 22 09:10:46 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0fb3939f by security tracker role at 2018-02-22T09:10:26+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,67 @@
+CVE-2018-7338
+ RESERVED
+CVE-2018-7337
+ RESERVED
+CVE-2018-7336
+ RESERVED
+CVE-2018-7335
+ RESERVED
+CVE-2018-7334
+ RESERVED
+CVE-2018-7333
+ RESERVED
+CVE-2018-7332
+ RESERVED
+CVE-2018-7331
+ RESERVED
+CVE-2018-7330
+ RESERVED
+CVE-2018-7329
+ RESERVED
+CVE-2018-7328
+ RESERVED
+CVE-2018-7327
+ RESERVED
+CVE-2018-7326
+ RESERVED
+CVE-2018-7325
+ RESERVED
+CVE-2018-7324
+ RESERVED
+CVE-2018-7323
+ RESERVED
+CVE-2018-7322
+ RESERVED
+CVE-2018-7321
+ RESERVED
+CVE-2018-7320
+ RESERVED
+CVE-2018-7319
+ RESERVED
+CVE-2018-7318
+ RESERVED
+CVE-2018-7317
+ RESERVED
+CVE-2018-7316
+ RESERVED
+CVE-2018-7315
+ RESERVED
+CVE-2018-7314
+ RESERVED
+CVE-2018-7313
+ RESERVED
+CVE-2018-7312
+ RESERVED
+CVE-2018-7311 (** DISPUTED ** PrivateVPN 2.0.31 for macOS suffers from a root ...)
+ TODO: check
+CVE-2018-7310
+ RESERVED
+CVE-2018-7309
+ RESERVED
+CVE-2018-7308 (A CSRF issue was found in var/www/html/files.php in DanWin hosting ...)
+ TODO: check
+CVE-2018-7307
+ RESERVED
CVE-2018-7306
RESERVED
CVE-2018-7305 (MyBB 1.8.14 is not checking for a valid CSRF token, leading to ...)
@@ -36,20 +100,20 @@ CVE-2018-7289 (An issue was discovered in armadito-windows-driver/src/communicat
NOT-FOR-US: Armadito
CVE-2018-7288
RESERVED
-CVE-2018-7287
- RESERVED
-CVE-2018-7286
- RESERVED
-CVE-2018-7285
- RESERVED
-CVE-2018-7284
- RESERVED
+CVE-2018-7287 (An issue was discovered in res_http_websocket.c in Asterisk 15.x ...)
+ TODO: check
+CVE-2018-7286 (An issue was discovered in Asterisk through 13.19.1, 14.x through ...)
+ TODO: check
+CVE-2018-7285 (A NULL pointer access issue was discovered in Asterisk 15.x through ...)
+ TODO: check
+CVE-2018-7284 (A Buffer Overflow issue was discovered in Asterisk through 13.19.1, ...)
+ TODO: check
CVE-2018-7283
RESERVED
CVE-2018-7282
RESERVED
-CVE-2018-7281
- RESERVED
+CVE-2018-7281 (CactusVPN 5.3.6 for macOS contains a root privilege escalation ...)
+ TODO: check
CVE-2018-7280 (The Ninja Forms plugin before 3.2.14 for WordPress has XSS. ...)
NOT-FOR-US: Ninja Forms plugin for WordPress
CVE-2018-1000093
@@ -982,8 +1046,8 @@ CVE-2018-6938
RESERVED
CVE-2018-6937
RESERVED
-CVE-2018-6936
- RESERVED
+CVE-2018-6936 (Cross Site Scripting (XSS) exists on the D-Link DIR-600M C1 3.01 via ...)
+ TODO: check
CVE-2018-6935
RESERVED
CVE-2018-6934
@@ -19195,22 +19259,22 @@ CVE-2018-0208
RESERVED
CVE-2018-0207
RESERVED
-CVE-2018-0206
- RESERVED
-CVE-2018-0205
- RESERVED
-CVE-2018-0204
- RESERVED
-CVE-2018-0203
- RESERVED
+CVE-2018-0206 (A vulnerability in the web-based management interface of Cisco Unified ...)
+ TODO: check
+CVE-2018-0205 (A vulnerability in the User Provisioning tab in the Cisco Prime ...)
+ TODO: check
+CVE-2018-0204 (A vulnerability in the web portal of the Cisco Prime Collaboration ...)
+ TODO: check
+CVE-2018-0203 (A vulnerability in the SMTP relay of Cisco Unity Connection could allow ...)
+ TODO: check
CVE-2018-0202
RESERVED
-CVE-2018-0201
- RESERVED
-CVE-2018-0200
- RESERVED
-CVE-2018-0199
- RESERVED
+CVE-2018-0201 (A vulnerability in Cisco Jabber Client Framework (JCF) could allow an ...)
+ TODO: check
+CVE-2018-0200 (A vulnerability in the web-based interface of Cisco Prime Service ...)
+ TODO: check
+CVE-2018-0199 (A vulnerability in Cisco Jabber Client Framework (JCF) could allow an ...)
+ TODO: check
CVE-2018-0198
RESERVED
CVE-2018-0197
@@ -19311,14 +19375,14 @@ CVE-2018-0150
RESERVED
CVE-2018-0149
RESERVED
-CVE-2018-0148
- RESERVED
+CVE-2018-0148 (A vulnerability in the web-based management interface of Cisco UCS ...)
+ TODO: check
CVE-2018-0147
RESERVED
-CVE-2018-0146
- RESERVED
-CVE-2018-0145
- RESERVED
+CVE-2018-0146 (A vulnerability in the Cisco Data Center Analytics Framework ...)
+ TODO: check
+CVE-2018-0145 (A vulnerability in the web-based management interface of the Cisco Data ...)
+ TODO: check
CVE-2018-0144
RESERVED
CVE-2018-0143
@@ -19329,8 +19393,8 @@ CVE-2018-0141
RESERVED
CVE-2018-0140 (A vulnerability in the spam quarantine of Cisco Email Security ...)
NOT-FOR-US: Cisco
-CVE-2018-0139
- RESERVED
+CVE-2018-0139 (A vulnerability in the Interactive Voice Response (IVR) management ...)
+ TODO: check
CVE-2018-0138 (A vulnerability in the detection engine of Cisco Firepower System ...)
NOT-FOR-US: Cisco
CVE-2018-0137 (A vulnerability in the TCP throttling process of Cisco Prime Network ...)
@@ -19347,8 +19411,8 @@ CVE-2018-0132 (A vulnerability in the forwarding information base (FIB) code of
NOT-FOR-US: Cisco
CVE-2018-0131
RESERVED
-CVE-2018-0130
- RESERVED
+CVE-2018-0130 (A vulnerability in the use of JSON web tokens by the web-based service ...)
+ TODO: check
CVE-2018-0129 (A vulnerability in the web-based management interface of Cisco Data ...)
NOT-FOR-US: Cisco
CVE-2018-0128 (A vulnerability in the web-based management interface of Cisco Data ...)
@@ -19359,14 +19423,14 @@ CVE-2018-0126
RESERVED
CVE-2018-0125 (A vulnerability in the web interface of the Cisco RV132W ADSL2+ ...)
NOT-FOR-US: Cisco
-CVE-2018-0124
- RESERVED
+CVE-2018-0124 (A vulnerability in Cisco Unified Communications Domain Manager could ...)
+ TODO: check
CVE-2018-0123 (A Path Traversal vulnerability in the diagnostic shell for Cisco IOS ...)
NOT-FOR-US: Cisco
CVE-2018-0122 (A vulnerability in the CLI of the Cisco StarOS operating system for ...)
NOT-FOR-US: Cisco
-CVE-2018-0121
- RESERVED
+CVE-2018-0121 (A vulnerability in the authentication functionality of the web-based ...)
+ TODO: check
CVE-2018-0120 (A vulnerability in the web framework of Cisco Unified Communications ...)
NOT-FOR-US: Cisco
CVE-2018-0119 (A vulnerability in certain authentication controls in the account ...)
@@ -65745,8 +65809,8 @@ CVE-2017-1760 (IBM WebSphere MQ 7.5, 8.0, and 9.0 could allow a local user to cr
NOT-FOR-US: IBM WebSphere MQ
CVE-2017-1759
RESERVED
-CVE-2017-1758
- RESERVED
+CVE-2017-1758 (IBM Financial Transaction Manager for ACH Services for Multi-Platform ...)
+ TODO: check
CVE-2017-1757 (IBM Security Guardium 10.0 is vulnerable to SQL injection. A remote ...)
NOT-FOR-US: IBM Security Guardium
CVE-2017-1756
@@ -66053,8 +66117,8 @@ CVE-2017-1606 (IBM Financial Transaction Manager (FTM) for Multi-Platform (MP) .
NOT-FOR-US: IBM Financial Transaction Manager
CVE-2017-1605
RESERVED
-CVE-2017-1604
- RESERVED
+CVE-2017-1604 (IBM Maximo Anywhere 7.5 and 7.6 is vulnerable to cross-site scripting. ...)
+ TODO: check
CVE-2017-1603
RESERVED
CVE-2017-1602
@@ -66338,8 +66402,8 @@ CVE-2017-1464
RESERVED
CVE-2017-1463
RESERVED
-CVE-2017-1462
- RESERVED
+CVE-2017-1462 (IBM Rhapsody DM 5.0 and 6.0 is vulnerable to cross-site scripting. ...)
+ TODO: check
CVE-2017-1461 (IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to ...)
NOT-FOR-US: IBM
CVE-2017-1460 (IBM i OSPF 6.1, 7.1, 7.2, and 7.3 is vulnerable when a rogue router ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0fb3939f496995afe69d3bb387e8fc1cc512ae88
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0fb3939f496995afe69d3bb387e8fc1cc512ae88
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180222/995a0e20/attachment-0001.html>
More information about the Secure-testing-commits
mailing list