[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3500f3fe by security tracker role at 2018-06-05T08:10:13+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,51 @@
+CVE-2018-11736 (An issue was discovered in Pluck before 4.7.7-dev2. ...)
+	TODO: check
+CVE-2018-11735 (index.php?action=createaccount in Ximdex 4.0 has XSS via the sname or ...)
+	TODO: check
+CVE-2018-11734
+	RESERVED
+CVE-2018-11733
+	RESERVED
+CVE-2018-11732
+	RESERVED
+CVE-2018-11731
+	RESERVED
+CVE-2018-11730
+	RESERVED
+CVE-2018-11729
+	RESERVED
+CVE-2018-11728
+	RESERVED
+CVE-2018-11727
+	RESERVED
+CVE-2018-11726
+	RESERVED
+CVE-2018-11725
+	RESERVED
+CVE-2018-11724
+	RESERVED
+CVE-2018-11723
+	RESERVED
+CVE-2018-11722
+	RESERVED
+CVE-2018-11721
+	RESERVED
+CVE-2018-11720
+	RESERVED
+CVE-2018-11719
+	RESERVED
+CVE-2018-11718
+	RESERVED
+CVE-2017-18286 (nZEDb v0.7.3.3 has XSS in the 404 error page. ...)
+	TODO: check
+CVE-2016-1000352 (In the Bouncy Castle JCE Provider version 1.55 and earlier the ECIES ...)
+	TODO: check
+CVE-2016-1000346 (In the Bouncy Castle JCE Provider version 1.55 and earlier the other ...)
+	TODO: check
+CVE-2016-1000345 (In the Bouncy Castle JCE Provider version 1.55 and earlier the ...)
+	TODO: check
+CVE-2016-1000344 (In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES ...)
+	TODO: check
 CVE-2018-11717
 	RESERVED
 CVE-2018-11716
@@ -21011,8 +21059,8 @@ CVE-2018-3855 (In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 ...)
 	NOT-FOR-US: Hyland Perceptive Document Filters
 CVE-2018-3854
 	RESERVED
-CVE-2018-3853
-	RESERVED
+CVE-2018-3853 (An exploitable use-after-free vulnerability exists in the JavaScript ...)
+	TODO: check
 CVE-2018-3852
 	RESERVED
 CVE-2018-3851 (In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 ...)
@@ -47718,8 +47766,8 @@ CVE-2017-12094 (An exploitable vulnerability exists in the WiFi Channel parsing 
 	NOT-FOR-US: Circle with Disney
 CVE-2017-12093 (An exploitable insufficient resource pool vulnerability exists in the ...)
 	NOT-FOR-US: Allen Bradley Micrologix
-CVE-2017-12092
-	RESERVED
+CVE-2017-12092 (An exploitable file write vulnerability exists in the memory module ...)
+	TODO: check
 CVE-2017-12091
 	REJECTED
 CVE-2017-12090 (An exploitable denial of service vulnerability exists in the ...)
@@ -84834,8 +84882,7 @@ CVE-2016-9044
 	RESERVED
 CVE-2016-9043 (An out of bound write vulnerability exists in the EMF parsing ...)
 	NOT-FOR-US: CorelDRAW X8
-CVE-2016-9042
-	RESERVED
+CVE-2016-9042 (An exploitable denial of service vulnerability exists in the origin ...)
 	- ntp 1:4.2.8p10+dfsg-1
 	[jessie] - ntp <not-affected> (Doesn't use the affected upstream patch)
 	[wheezy] - ntp <not-affected> (Doesn't use the affected upstream patch)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3500f3fe5bb90848cb8222161e1c1c1755e4babf

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3500f3fe5bb90848cb8222161e1c1c1755e4babf
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180605/70e1c88c/attachment.html>