[Git][security-tracker-team/security-tracker][master] automatic update

Mon Jun 11 21:10:29 BST 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3479c8d1 by security tracker role at 2018-06-11T20:10:24+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================

--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,275 @@
+CVE-2018-12224
+	RESERVED
+CVE-2018-12223
+	RESERVED
+CVE-2018-12222
+	RESERVED
+CVE-2018-12221
+	RESERVED
+CVE-2018-12220
+	RESERVED
+CVE-2018-12219
+	RESERVED
+CVE-2018-12218
+	RESERVED
+CVE-2018-12217
+	RESERVED
+CVE-2018-12216
+	RESERVED
+CVE-2018-12215
+	RESERVED
+CVE-2018-12214
+	RESERVED
+CVE-2018-12213
+	RESERVED
+CVE-2018-12212
+	RESERVED
+CVE-2018-12211
+	RESERVED
+CVE-2018-12210
+	RESERVED
+CVE-2018-12209
+	RESERVED
+CVE-2018-12208
+	RESERVED
+CVE-2018-12207
+	RESERVED
+CVE-2018-12206
+	RESERVED
+CVE-2018-12205
+	RESERVED
+CVE-2018-12204
+	RESERVED
+CVE-2018-12203
+	RESERVED
+CVE-2018-12202
+	RESERVED
+CVE-2018-12201
+	RESERVED
+CVE-2018-12200
+	RESERVED
+CVE-2018-12199
+	RESERVED
+CVE-2018-12198
+	RESERVED
+CVE-2018-12197
+	RESERVED
+CVE-2018-12196
+	RESERVED
+CVE-2018-12195
+	RESERVED
+CVE-2018-12194
+	RESERVED
+CVE-2018-12193
+	RESERVED
+CVE-2018-12192
+	RESERVED
+CVE-2018-12191
+	RESERVED
+CVE-2018-12190
+	RESERVED
+CVE-2018-12189
+	RESERVED
+CVE-2018-12188
+	RESERVED
+CVE-2018-12187
+	RESERVED
+CVE-2018-12186
+	RESERVED
+CVE-2018-12185
+	RESERVED
+CVE-2018-12184
+	RESERVED
+CVE-2018-12183
+	RESERVED
+CVE-2018-12182
+	RESERVED
+CVE-2018-12181
+	RESERVED
+CVE-2018-12180
+	RESERVED
+CVE-2018-12179
+	RESERVED
+CVE-2018-12178
+	RESERVED
+CVE-2018-12177
+	RESERVED
+CVE-2018-12176
+	RESERVED
+CVE-2018-12175
+	RESERVED
+CVE-2018-12174
+	RESERVED
+CVE-2018-12173
+	RESERVED
+CVE-2018-12172
+	RESERVED
+CVE-2018-12171
+	RESERVED
+CVE-2018-12170
+	RESERVED
+CVE-2018-12169
+	RESERVED
+CVE-2018-12168
+	RESERVED
+CVE-2018-12167
+	RESERVED
+CVE-2018-12166
+	RESERVED
+CVE-2018-12165
+	RESERVED
+CVE-2018-12164
+	RESERVED
+CVE-2018-12163
+	RESERVED
+CVE-2018-12162
+	RESERVED
+CVE-2018-12161
+	RESERVED
+CVE-2018-12160
+	RESERVED
+CVE-2018-12159
+	RESERVED
+CVE-2018-12158
+	RESERVED
+CVE-2018-12157
+	RESERVED
+CVE-2018-12156
+	RESERVED
+CVE-2018-12155
+	RESERVED
+CVE-2018-12154
+	RESERVED
+CVE-2018-12153
+	RESERVED
+CVE-2018-12152
+	RESERVED
+CVE-2018-12151
+	RESERVED
+CVE-2018-12150
+	RESERVED
+CVE-2018-12149
+	RESERVED
+CVE-2018-12148
+	RESERVED
+CVE-2018-12147
+	RESERVED
+CVE-2018-12146
+	RESERVED
+CVE-2018-12145
+	RESERVED
+CVE-2018-12144
+	RESERVED
+CVE-2018-12143
+	RESERVED
+CVE-2018-12142
+	RESERVED
+CVE-2018-12141
+	RESERVED
+CVE-2018-12140
+	RESERVED
+CVE-2018-12139
+	RESERVED
+CVE-2018-12138
+	RESERVED
+CVE-2018-12137
+	RESERVED
+CVE-2018-12136
+	RESERVED
+CVE-2018-12135
+	RESERVED
+CVE-2018-12134
+	RESERVED
+CVE-2018-12133
+	RESERVED
+CVE-2018-12132
+	RESERVED
+CVE-2018-12131
+	RESERVED
+CVE-2018-12130
+	RESERVED
+CVE-2018-12129
+	RESERVED
+CVE-2018-12128
+	RESERVED
+CVE-2018-12127
+	RESERVED
+CVE-2018-12126
+	RESERVED
+CVE-2018-12125
+	RESERVED
+CVE-2018-12124
+	RESERVED
+CVE-2018-12123
+	RESERVED
+CVE-2018-12122
+	RESERVED
+CVE-2018-12121
+	RESERVED
+CVE-2018-12120
+	RESERVED
+CVE-2018-12119
+	RESERVED
+CVE-2018-12118
+	RESERVED
+CVE-2018-12117
+	RESERVED
+CVE-2018-12116
+	RESERVED
+CVE-2018-12115
+	RESERVED
+CVE-2018-12114
+	RESERVED
+CVE-2018-12113
+	RESERVED
+CVE-2018-12112 (md_build_attribute in md4c.c in md4c 0.2.6 allows remote attackers to ...)
+	TODO: check
+CVE-2018-12111 (Cross-site scripting (XSS) vulnerability in the Canon PrintMe EFI ...)
+	TODO: check
+CVE-2018-12110 (portfolioCMS 1.0.5 has SQL Injection via the admin/portfolio.php ...)
+	TODO: check
+CVE-2018-12109 (An issue was discovered in Free Lossless Image Format (FLIF) 0.3. The ...)
+	TODO: check
+CVE-2018-12108 (An issue was discovered in Dropbox Lepton 1.2.1. The ...)
+	TODO: check
+CVE-2018-12107
+	RESERVED
+CVE-2018-12106
+	RESERVED
+CVE-2018-12105
+	RESERVED
+CVE-2018-12104
+	RESERVED
+CVE-2018-12103
+	RESERVED
+CVE-2018-12102 (md4c 0.2.6 has a NULL pointer dereference in the function ...)
+	TODO: check
+CVE-2018-12101
+	RESERVED
+CVE-2018-12100 (Sonatype Nexus Repository Manager before 3.12.0 has XSS in multiple ...)
+	TODO: check
+CVE-2018-12099 (Grafana before 5.2.0-beta1 has XSS vulnerabilities in dashboard links. ...)
+	TODO: check
+CVE-2018-12098
+	RESERVED
+CVE-2018-12097
+	RESERVED
+CVE-2018-12096
+	RESERVED
+CVE-2018-12095 (A Reflected Cross-Site Scripting web vulnerability has been discovered ...)
+	TODO: check
+CVE-2018-12094 (Cross-site scripting (XSS) vulnerability in news.php in Dimofinf CMS ...)
+	TODO: check
+CVE-2018-12093 (tinyexr 0.9.5 has a memory leak in ParseEXRHeaderFromMemory in ...)
+	TODO: check
+CVE-2018-12092 (tinyexr 0.9.5 has a heap-based buffer over-read in ...)
+	TODO: check
+CVE-2018-12091
+	RESERVED
+CVE-2018-12090 (There is unauthenticated reflected cross-site scripting (XSS) in LAMS ...)
+	TODO: check
+CVE-2018-12089 (In Octopus Deploy version 2018.5.1 to 2018.5.7, a user with Task View ...)
+	TODO: check
 CVE-2018-XXXX [bug in the get_missing_events federation API where event visibility rules were not applied correctly]
 	- matrix-synapse 0.31.1+dfsg-1 (bug #901293)
 	NOTE: https://github.com/matrix-org/synapse/pull/3371
@@ -147,8 +419,8 @@ CVE-2018-12027
 	RESERVED
 CVE-2018-12026
 	RESERVED
-CVE-2018-12025
-	RESERVED
+CVE-2018-12025 (The transferFrom function of a smart contract implementation for ...)
+	TODO: check
 CVE-2018-12024
 	RESERVED
 CVE-2018-12023
@@ -4307,8 +4579,8 @@ CVE-2018-10364 (BigTree before 4.2.22 has XSS in the Users management page via t
 	NOT-FOR-US: BigTree CMS
 CVE-2018-10363
 	RESERVED
-CVE-2018-10360
-	RESERVED
+CVE-2018-10360 (The do_core_note function in readelf.c in libmagic.a in file 5.33 ...)
+	TODO: check
 CVE-2018-10359 (A pool corruption privilege escalation vulnerability in Trend Micro ...)
 	NOT-FOR-US: Trend Micro
 CVE-2018-10358 (A pool corruption privilege escalation vulnerability in Trend Micro ...)
@@ -76309,12 +76581,12 @@ CVE-2017-3210
 	RESERVED
 CVE-2017-3209
 	RESERVED
-CVE-2017-3208
-	RESERVED
-CVE-2017-3207
-	RESERVED
-CVE-2017-3206
-	RESERVED
+CVE-2017-3208 (The Java implementation of AMF3 deserializers used by Flamingo ...)
+	TODO: check
+CVE-2017-3207 (The Java implementations of AMF3 deserializers in WebORB for Java by ...)
+	TODO: check
+CVE-2017-3206 (The Java implementation of AMF3 deserializers used by Flamingo ...)
+	TODO: check
 CVE-2017-3205
 	RESERVED
 CVE-2017-3204 (The Go SSH library (x/crypto/ssh) by default does not verify host ...)
@@ -76322,16 +76594,16 @@ CVE-2017-3204 (The Go SSH library (x/crypto/ssh) by default does not verify host
 	[jessie] - golang-go.crypto <no-dsa> (In jessie no rdeps using SSH, that version doesn't even support host key validation)
 	NOTE: https://github.com/golang/crypto/commit/e4e2799dd7aab89f583e1d898300d96367750991
 	NOTE: https://github.com/golang/go/issues/19767
-CVE-2017-3203
-	RESERVED
-CVE-2017-3202
-	RESERVED
-CVE-2017-3201
-	RESERVED
-CVE-2017-3200
-	RESERVED
-CVE-2017-3199
-	RESERVED
+CVE-2017-3203 (The Java implementations of AMF3 deserializers in Pivotal/Spring ...)
+	TODO: check
+CVE-2017-3202 (The Java implementation of AMF3 deserializers used in Flamingo ...)
+	TODO: check
+CVE-2017-3201 (The Java implementation of AMF3 deserializers used in Flamingo ...)
+	TODO: check
+CVE-2017-3200 (The Java implementation of AMF3 deserializers used in GraniteDS, ...)
+	TODO: check
+CVE-2017-3199 (The Java implementation of GraniteDS, version 3.1.1.GA, AMF3 ...)
+	TODO: check
 CVE-2017-3198
 	RESERVED
 CVE-2017-3197
@@ -205173,8 +205445,8 @@ CVE-2011-4183
 	RESERVED
 CVE-2011-4182
 	RESERVED
-CVE-2011-4181
-	RESERVED
+CVE-2011-4181 (A vulnerability in open build service allows remote attackers to gain ...)
+	TODO: check
 CVE-2011-4180
 	RESERVED
 CVE-2011-4179



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3479c8d12eae396bc3d1cc500dd2043d7a581279

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3479c8d12eae396bc3d1cc500dd2043d7a581279
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180611/da984c42/attachment-0001.html>
