[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Sat Jan 13 09:10:25 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3bac9aff by security tracker role at 2018-01-13T09:10:20+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,279 @@
+CVE-2018-5682 (PrestaShop 1.7.2.4 allow user enumeration via the Reset Password ...)
+ TODO: check
+CVE-2018-5681 (PrestaShop 1.7.2.4 has XSS via source-code editing on the "Pages > Edit ...)
+ TODO: check
+CVE-2018-5680
+ RESERVED
+CVE-2018-5679
+ RESERVED
+CVE-2018-5678
+ RESERVED
+CVE-2018-5677
+ RESERVED
+CVE-2018-5676
+ RESERVED
+CVE-2018-5675
+ RESERVED
+CVE-2018-5674
+ RESERVED
+CVE-2018-5673 (An issue was discovered in the booking-calendar plugin 2.1.7 for ...)
+ TODO: check
+CVE-2018-5672 (An issue was discovered in the booking-calendar plugin 2.1.7 for ...)
+ TODO: check
+CVE-2018-5671 (An issue was discovered in the booking-calendar plugin 2.1.7 for ...)
+ TODO: check
+CVE-2018-5670 (An issue was discovered in the booking-calendar plugin 2.1.7 for ...)
+ TODO: check
+CVE-2018-5669 (An issue was discovered in the read-and-understood plugin 2.1 for ...)
+ TODO: check
+CVE-2018-5668 (An issue was discovered in the read-and-understood plugin 2.1 for ...)
+ TODO: check
+CVE-2018-5667 (An issue was discovered in the read-and-understood plugin 2.1 for ...)
+ TODO: check
+CVE-2018-5666 (An issue was discovered in the responsive-coming-soon-page plugin ...)
+ TODO: check
+CVE-2018-5665 (An issue was discovered in the responsive-coming-soon-page plugin ...)
+ TODO: check
+CVE-2018-5664 (An issue was discovered in the responsive-coming-soon-page plugin ...)
+ TODO: check
+CVE-2018-5663 (An issue was discovered in the responsive-coming-soon-page plugin ...)
+ TODO: check
+CVE-2018-5662 (An issue was discovered in the responsive-coming-soon-page plugin ...)
+ TODO: check
+CVE-2018-5661 (An issue was discovered in the responsive-coming-soon-page plugin ...)
+ TODO: check
+CVE-2018-5660 (An issue was discovered in the responsive-coming-soon-page plugin ...)
+ TODO: check
+CVE-2018-5659 (An issue was discovered in the responsive-coming-soon-page plugin ...)
+ TODO: check
+CVE-2018-5658 (An issue was discovered in the responsive-coming-soon-page plugin ...)
+ TODO: check
+CVE-2018-5657 (An issue was discovered in the responsive-coming-soon-page plugin ...)
+ TODO: check
+CVE-2018-5656 (An issue was discovered in the weblizar-pinterest-feeds plugin 1.1.1 ...)
+ TODO: check
+CVE-2018-5655 (An issue was discovered in the weblizar-pinterest-feeds plugin 1.1.1 ...)
+ TODO: check
+CVE-2018-5654 (An issue was discovered in the weblizar-pinterest-feeds plugin 1.1.1 ...)
+ TODO: check
+CVE-2018-5653 (An issue was discovered in the weblizar-pinterest-feeds plugin 1.1.1 ...)
+ TODO: check
+CVE-2018-5652 (An issue was discovered in the dark-mode plugin 1.6 for WordPress. XSS ...)
+ TODO: check
+CVE-2018-5651 (An issue was discovered in the dark-mode plugin 1.6 for WordPress. XSS ...)
+ TODO: check
+CVE-2018-5650 (In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and ...)
+ TODO: check
+CVE-2018-5649
+ RESERVED
+CVE-2018-5648
+ RESERVED
+CVE-2018-5647
+ RESERVED
+CVE-2018-5646
+ RESERVED
+CVE-2018-5645
+ RESERVED
+CVE-2018-5644
+ RESERVED
+CVE-2018-5643
+ RESERVED
+CVE-2018-5642
+ RESERVED
+CVE-2018-5641
+ RESERVED
+CVE-2018-5640
+ RESERVED
+CVE-2018-5639
+ RESERVED
+CVE-2018-5638
+ RESERVED
+CVE-2018-5637
+ RESERVED
+CVE-2018-5636
+ RESERVED
+CVE-2018-5635
+ RESERVED
+CVE-2018-5634
+ RESERVED
+CVE-2018-5633
+ RESERVED
+CVE-2018-5632
+ RESERVED
+CVE-2018-5631
+ RESERVED
+CVE-2018-5630
+ RESERVED
+CVE-2018-5629
+ RESERVED
+CVE-2018-5628
+ RESERVED
+CVE-2018-5627
+ RESERVED
+CVE-2018-5626
+ RESERVED
+CVE-2018-5625
+ RESERVED
+CVE-2018-5624
+ RESERVED
+CVE-2018-5623
+ RESERVED
+CVE-2018-5622
+ RESERVED
+CVE-2018-5621
+ RESERVED
+CVE-2018-5620
+ RESERVED
+CVE-2018-5619
+ RESERVED
+CVE-2018-5618
+ RESERVED
+CVE-2018-5617
+ RESERVED
+CVE-2018-5616
+ RESERVED
+CVE-2018-5615
+ RESERVED
+CVE-2018-5614
+ RESERVED
+CVE-2018-5613
+ RESERVED
+CVE-2018-5612
+ RESERVED
+CVE-2018-5611
+ RESERVED
+CVE-2018-5610
+ RESERVED
+CVE-2018-5609
+ RESERVED
+CVE-2018-5608
+ RESERVED
+CVE-2018-5607
+ RESERVED
+CVE-2018-5606
+ RESERVED
+CVE-2018-5605
+ RESERVED
+CVE-2018-5604
+ RESERVED
+CVE-2018-5603
+ RESERVED
+CVE-2018-5602
+ RESERVED
+CVE-2018-5601
+ RESERVED
+CVE-2018-5600
+ RESERVED
+CVE-2018-5599
+ RESERVED
+CVE-2018-5598
+ RESERVED
+CVE-2018-5597
+ RESERVED
+CVE-2018-5596
+ RESERVED
+CVE-2018-5595
+ RESERVED
+CVE-2018-5594
+ RESERVED
+CVE-2018-5593
+ RESERVED
+CVE-2018-5592
+ RESERVED
+CVE-2018-5591
+ RESERVED
+CVE-2018-5590
+ RESERVED
+CVE-2018-5589
+ RESERVED
+CVE-2018-5588
+ RESERVED
+CVE-2018-5587
+ RESERVED
+CVE-2018-5586
+ RESERVED
+CVE-2018-5585
+ RESERVED
+CVE-2018-5584
+ RESERVED
+CVE-2018-5583
+ RESERVED
+CVE-2018-5582
+ RESERVED
+CVE-2018-5581
+ RESERVED
+CVE-2018-5580
+ RESERVED
+CVE-2018-5579
+ RESERVED
+CVE-2018-5578
+ RESERVED
+CVE-2018-5577
+ RESERVED
+CVE-2018-5576
+ RESERVED
+CVE-2018-5575
+ RESERVED
+CVE-2018-5574
+ RESERVED
+CVE-2018-5573
+ RESERVED
+CVE-2018-5572
+ RESERVED
+CVE-2018-5571
+ RESERVED
+CVE-2018-5570
+ RESERVED
+CVE-2018-5569
+ RESERVED
+CVE-2018-5568
+ RESERVED
+CVE-2018-5567
+ RESERVED
+CVE-2018-5566
+ RESERVED
+CVE-2018-5565
+ RESERVED
+CVE-2018-5564
+ RESERVED
+CVE-2018-5563
+ RESERVED
+CVE-2018-5562
+ RESERVED
+CVE-2018-5561
+ RESERVED
+CVE-2018-5560
+ RESERVED
+CVE-2018-5559
+ RESERVED
+CVE-2018-5558
+ RESERVED
+CVE-2018-5557
+ RESERVED
+CVE-2018-5556
+ RESERVED
+CVE-2018-5555
+ RESERVED
+CVE-2018-5554
+ RESERVED
+CVE-2018-5553
+ RESERVED
+CVE-2018-5552
+ RESERVED
+CVE-2018-5551
+ RESERVED
+CVE-2018-5550
+ RESERVED
+CVE-2015-9250 (An issue was discovered in Skybox Platform before 7.5.401. Directory ...)
+ TODO: check
+CVE-2015-9249 (An issue was discovered in Skybox Platform before 7.5.401. SQL ...)
+ TODO: check
+CVE-2015-9248 (An issue was discovered in Skybox Platform before 7.5.401. Stored ...)
+ TODO: check
+CVE-2015-9247 (An issue was discovered in Skybox Platform before 7.5.401. Reflected ...)
+ TODO: check
+CVE-2015-9246 (An issue was discovered in Skybox Platform before 7.5.401. Remote ...)
+ TODO: check
CVE-2018-5549
RESERVED
CVE-2018-5548
@@ -13182,6 +13458,7 @@ CVE-2018-0487
RESERVED
CVE-2018-0486
RESERVED
+ {DSA-4085-1}
- xmltooling <unfixed>
[stretch] - xmltooling <not-affected> (Xerces is configured to disallow DTD use)
NOTE: https://shibboleth.net/community/advisories/secadv_20180112.txt
@@ -25273,108 +25550,108 @@ CVE-2017-13228
RESERVED
CVE-2017-13227
RESERVED
-CVE-2017-13226
- RESERVED
-CVE-2017-13225
- RESERVED
+CVE-2017-13226 (An elevation of privilege vulnerability in the MediaTek mtk. Product: ...)
+ TODO: check
+CVE-2017-13225 (In libMtkOmxVdec.so there is a possible heap buffer overflow. This ...)
+ TODO: check
CVE-2017-13224
RESERVED
CVE-2017-13223
RESERVED
-CVE-2017-13222
- RESERVED
-CVE-2017-13221
- RESERVED
-CVE-2017-13220
- RESERVED
-CVE-2017-13219
- RESERVED
-CVE-2017-13218
- RESERVED
-CVE-2017-13217
- RESERVED
-CVE-2017-13216
- RESERVED
-CVE-2017-13215
- RESERVED
-CVE-2017-13214
- RESERVED
-CVE-2017-13213
- RESERVED
-CVE-2017-13212
- RESERVED
-CVE-2017-13211
- RESERVED
-CVE-2017-13210
- RESERVED
-CVE-2017-13209
- RESERVED
-CVE-2017-13208
- RESERVED
-CVE-2017-13207
- RESERVED
-CVE-2017-13206
- RESERVED
-CVE-2017-13205
- RESERVED
-CVE-2017-13204
- RESERVED
-CVE-2017-13203
- RESERVED
-CVE-2017-13202
- RESERVED
-CVE-2017-13201
- RESERVED
-CVE-2017-13200
- RESERVED
-CVE-2017-13199
- RESERVED
-CVE-2017-13198
- RESERVED
-CVE-2017-13197
- RESERVED
-CVE-2017-13196
- RESERVED
-CVE-2017-13195
- RESERVED
-CVE-2017-13194
- RESERVED
-CVE-2017-13193
- RESERVED
-CVE-2017-13192
- RESERVED
-CVE-2017-13191
- RESERVED
-CVE-2017-13190
- RESERVED
-CVE-2017-13189
- RESERVED
-CVE-2017-13188
- RESERVED
-CVE-2017-13187
- RESERVED
-CVE-2017-13186
- RESERVED
-CVE-2017-13185
- RESERVED
-CVE-2017-13184
- RESERVED
-CVE-2017-13183
- RESERVED
-CVE-2017-13182
- RESERVED
-CVE-2017-13181
- RESERVED
-CVE-2017-13180
- RESERVED
-CVE-2017-13179
- RESERVED
-CVE-2017-13178
- RESERVED
-CVE-2017-13177
- RESERVED
-CVE-2017-13176
- RESERVED
+CVE-2017-13222 (An information disclosure vulnerability in the Upstream kernel kernel. ...)
+ TODO: check
+CVE-2017-13221 (An elevation of privilege vulnerability in the Upstream kernel wifi ...)
+ TODO: check
+CVE-2017-13220 (An elevation of privilege vulnerability in the Upstream kernel bluez. ...)
+ TODO: check
+CVE-2017-13219 (A denial of service vulnerability in the Upstream kernel synaptics ...)
+ TODO: check
+CVE-2017-13218 (Access to CNTVCT_EL0 could be used for side channel attacks. This ...)
+ TODO: check
+CVE-2017-13217 (In DisplayFtmItem in the bootloader, there is an out-of-bounds write ...)
+ TODO: check
+CVE-2017-13216 (In ashmem_ioctl of ashmem.c, there is an out-of-bounds write due to ...)
+ TODO: check
+CVE-2017-13215 (A elevation of privilege vulnerability in the Upstream kernel ...)
+ TODO: check
+CVE-2017-13214 (In the hardware HEVC decoder, some media files could cause a page ...)
+ TODO: check
+CVE-2017-13213 (An elevation of privilege vulnerability in the Broadcom bcmdhd driver. ...)
+ TODO: check
+CVE-2017-13212 (An elevation of privilege vulnerability in the Android system ...)
+ TODO: check
+CVE-2017-13211 (In bta_scan_results_cb_impl of btif_ble_scanner.cc, there is possible ...)
+ TODO: check
+CVE-2017-13210 (In CameraDeviceClient::submitRequestList of CameraDeviceClient.cpp, ...)
+ TODO: check
+CVE-2017-13209 (In the ServiceManager::add function in the hardware service manager, ...)
+ TODO: check
+CVE-2017-13208 (In receive_packet of libnetutils/packet.c, there is a possible ...)
+ TODO: check
+CVE-2017-13207 (An information disclosure vulnerability in the Android media framework ...)
+ TODO: check
+CVE-2017-13206 (An information disclosure vulnerability in the Android media framework ...)
+ TODO: check
+CVE-2017-13205 (An information disclosure vulnerability in the Android media framework ...)
+ TODO: check
+CVE-2017-13204 (An information disclosure vulnerability in the Android media framework ...)
+ TODO: check
+CVE-2017-13203 (An information disclosure vulnerability in the Android media framework ...)
+ TODO: check
+CVE-2017-13202 (An information disclosure vulnerability in the Android media framework ...)
+ TODO: check
+CVE-2017-13201 (An information disclosure vulnerability in the Android media framework ...)
+ TODO: check
+CVE-2017-13200 (An information disclosure vulnerability in the Android media framework ...)
+ TODO: check
+CVE-2017-13199 (In Bitmap.ccp if Bitmap.nativeCreate fails an out of memory exception ...)
+ TODO: check
+CVE-2017-13198 (A vulnerability in the Android media framework (ex) related to ...)
+ TODO: check
+CVE-2017-13197 (In the ihevcd_parse_slice.c function, slave threads are not joined if ...)
+ TODO: check
+CVE-2017-13196 (In several places in ihevcd_decode.c, a dead loop could occur due to ...)
+ TODO: check
+CVE-2017-13195 (In the ihevcd_parse_sps function of ihevcd_parse_headers.c, several ...)
+ TODO: check
+CVE-2017-13194 (A vulnerability in the Android media framework (libvpx) related to odd ...)
+ TODO: check
+CVE-2017-13193 (In ihevcd_decode.c there is a possible infinite loop due to bytes for ...)
+ TODO: check
+CVE-2017-13192 (In the ihevcd_parse_slice_header function of ...)
+ TODO: check
+CVE-2017-13191 (In the ihevcd_decode function of ihevcd_decode.c, there is an infinite ...)
+ TODO: check
+CVE-2017-13190 (A vulnerability in the Android media framework (libhevc) related to ...)
+ TODO: check
+CVE-2017-13189 (A vulnerability in the Android media framework (libavc) related to ...)
+ TODO: check
+CVE-2017-13188 (An information disclosure vulnerability in the Android media framework ...)
+ TODO: check
+CVE-2017-13187 (An information disclosure vulnerability in the Android media framework ...)
+ TODO: check
+CVE-2017-13186 (A vulnerability in the Android media framework (libavc) related to ...)
+ TODO: check
+CVE-2017-13185 (An information disclosure vulnerability in the Android media framework ...)
+ TODO: check
+CVE-2017-13184 (In the enableVSyncInjections function of SurfaceFlinger, there is a ...)
+ TODO: check
+CVE-2017-13183 (In the OMXNodeInstance::useBuffer and IOMX::freeBuffer functions, ...)
+ TODO: check
+CVE-2017-13182 (In the sendFormatChange function of ACodec, there is a possible ...)
+ TODO: check
+CVE-2017-13181 (In the doGetThumb and getThumbnail functions of MtpServer, there is a ...)
+ TODO: check
+CVE-2017-13180 (In the onQueueFilled function of SoftAVCDec, there is a possible ...)
+ TODO: check
+CVE-2017-13179 (In the ihevcd_allocate_static_bufs and ihevcd_create functions of ...)
+ TODO: check
+CVE-2017-13178 (In the initDecoder function of SoftAVCDec, there is a possible ...)
+ TODO: check
+CVE-2017-13177 (In several functions of libhevc, NEON registers are not preserved. ...)
+ TODO: check
+CVE-2017-13176 (In the parseURL function of URLStreamHandler, there is improper input ...)
+ TODO: check
CVE-2017-13175 (An information disclosure vulnerability in the NVIDIA libwilhelm. ...)
NOT-FOR-US: NVIDIA driver for Android
CVE-2017-13174 (An elevation of privilege vulnerability in the kernel edl. Product: ...)
@@ -62196,8 +62473,8 @@ CVE-2017-0857 (Another vulnerability in the Android media framework (n/a). Produ
NOT-FOR-US: Android media framework
CVE-2017-0856
RESERVED
-CVE-2017-0855
- RESERVED
+CVE-2017-0855 (In MPEG4Extractor.cpp, there are several places where functions return ...)
+ TODO: check
CVE-2017-0854 (An information disclosure vulnerability in the Android media framework ...)
NOT-FOR-US: Android media framework
CVE-2017-0853 (An information disclosure vulnerability in the Android media framework ...)
@@ -62214,8 +62491,8 @@ CVE-2017-0848 (An information disclosure vulnerability in the Android media fram
NOT-FOR-US: Android media framework
CVE-2017-0847 (An elevation of privilege vulnerability in the Android media framework ...)
NOT-FOR-US: Android media framework
-CVE-2017-0846
- RESERVED
+CVE-2017-0846 (An information disclosure vulnerability in the Android framework ...)
+ TODO: check
CVE-2017-0845 (A denial of service vulnerability in the Android framework ...)
TODO: check
CVE-2017-0844
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3bac9aff8f9d072c03a652630a23c9357d5f27e4
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3bac9aff8f9d072c03a652630a23c9357d5f27e4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180113/40d1aca2/attachment-0001.html>
More information about the Secure-testing-commits
mailing list