[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Mon Feb 26 21:10:26 UTC 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f9432850 by security tracker role at 2018-02-26T21:10:20+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,21 @@
+CVE-2018-7492 (A NULL pointer dereference was found in the net/rds/rdma.c ...)
+	TODO: check
+CVE-2018-7491 (In PrestaShop through 1.7.2.5, a UI-Redressing/Clickjacking ...)
+	TODO: check
+CVE-2018-7490
+	RESERVED
+CVE-2018-7489 (FasterXML jackson-databind before 2.8.11.1 and 2.9.x before 2.9.5 ...)
+	TODO: check
+CVE-2018-7488
+	RESERVED
+CVE-2018-7487 (There is a heap-based buffer overflow in the LoadPCX function of ...)
+	TODO: check
+CVE-2018-7486 (Blue River Mura CMS before v7.0.7029 supports inline function calls ...)
+	TODO: check
+CVE-2018-7485 (The SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c in unixODBC ...)
+	TODO: check
+CVE-2017-18201 (An issue was discovered in GNU libcdio before 2.0.0. There is a double ...)
+	TODO: check
 CVE-2018-7484 (An issue was discovered in PureVPN through 5.19.4.0 on Windows. The ...)
 	NOT-FOR-US: PureVPN on Windows
 CVE-2018-7483
@@ -59,8 +77,8 @@ CVE-2018-7465
 	RESERVED
 CVE-2018-7464
 	RESERVED
-CVE-2018-7463
-	RESERVED
+CVE-2018-7463 (SQL injection vulnerability in files.php in the "files" component in ...)
+	TODO: check
 CVE-2018-7462
 	RESERVED
 CVE-2018-7461
@@ -101,8 +119,8 @@ CVE-2018-7450
 	RESERVED
 CVE-2018-7449
 	RESERVED
-CVE-2018-7448
-	RESERVED
+CVE-2018-7448 (Remote code execution vulnerability in ...)
+	TODO: check
 CVE-2018-7447 (mojoPortal through 2.6.0.0 is prone to multiple persistent cross-site ...)
 	NOT-FOR-US: mojoPortal
 CVE-2018-7446
@@ -153,8 +171,8 @@ CVE-2018-7424
 	RESERVED
 CVE-2018-7423
 	RESERVED
-CVE-2017-18195
-	RESERVED
+CVE-2017-18195 (An issue was discovered in tools/conversations/view_ajax.php in ...)
+	TODO: check
 CVE-2012-6709 (ELinks 0.12 and Twibright Links 2.3 have Missing SSL Certificate ...)
 	- elinks <unfixed> (bug #891575)
 	- links2 2.6-1 (bug #694658; bug #510417)
@@ -780,10 +798,10 @@ CVE-2018-7252
 	RESERVED
 CVE-2018-7251 (An issue was discovered in config/error.php in Anchor 0.12.3. The error ...)
 	NOT-FOR-US: Anchor CMS
-CVE-2018-7250
-	RESERVED
-CVE-2018-7249
-	RESERVED
+CVE-2018-7250 (An issue was discovered in secdrv.sys as shipped in Microsoft Windows ...)
+	TODO: check
+CVE-2018-7249 (An issue was discovered in secdrv.sys as shipped in Microsoft Windows ...)
+	TODO: check
 CVE-2017-18192 (smart/calculator/gallerylock/CalculatorActivity.java in the ...)
 	NOT-FOR-US: "Photo,Video Locker-Calculator" application for Android
 CVE-2015-9256 (Datto ALTO and SIRIS devices allow remote attackers to obtain sensitive ...)
@@ -4883,8 +4901,8 @@ CVE-2018-5764 (The parse_arguments function in options.c in rsyncd in rsync befo
 	NOTE: https://git.samba.org/rsync.git/?p=rsync.git;a=commit;h=7706303828fcde524222babb2833864a4bd09e07
 CVE-2018-5763 (An issue was discovered in OXID eShop Enterprise Edition before 5.3.7 ...)
 	NOT-FOR-US: OXID eShop Enterprise Edition
-CVE-2018-5762
-	RESERVED
+CVE-2018-5762 (The TLS implementation in the TCP/IP networking module in Unisys ...)
+	TODO: check
 CVE-2018-5761 (A man-in-the-middle vulnerability related to vCenter access was found ...)
 	NOT-FOR-US: Rubrik CDM
 CVE-2018-5760
@@ -15552,8 +15570,8 @@ CVE-2018-1379
 	RESERVED
 CVE-2018-1378
 	RESERVED
-CVE-2018-1377
-	RESERVED
+CVE-2018-1377 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 stores user ...)
+	TODO: check
 CVE-2018-1376
 	RESERVED
 CVE-2018-1375
@@ -66326,8 +66344,8 @@ CVE-2017-1776
 	RESERVED
 CVE-2017-1775
 	RESERVED
-CVE-2017-1774
-	RESERVED
+CVE-2017-1774 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 discloses ...)
+	TODO: check
 CVE-2017-1773 (IBM DataPower Gateways 7.1, 7,2, 7.5, and 7.6 could allow an attacker ...)
 	NOT-FOR-US: IBM DataPower Gateways
 CVE-2017-1772



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f943285077b75f07add71bbdd2771449343a13ef

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f943285077b75f07add71bbdd2771449343a13ef
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180226/ead617c6/attachment-0001.html>

More information about the Secure-testing-commits mailing list