[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Fri Mar 16 09:10:19 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a3be6a2b by security tracker role at 2018-03-16T09:10:13+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,19 @@
+CVE-2018-8738
+ RESERVED
+CVE-2018-8737
+ RESERVED
+CVE-2018-8736
+ RESERVED
+CVE-2018-8735
+ RESERVED
+CVE-2018-8734
+ RESERVED
+CVE-2018-8733
+ RESERVED
+CVE-2018-8732
+ RESERVED
+CVE-2018-8731
+ RESERVED
CVE-2018-8730
RESERVED
CVE-2018-8729 (Multiple cross-site scripting (XSS) vulnerabilities in the Activity Log ...)
@@ -1852,7 +1868,7 @@ CVE-2018-7888
RESERVED
CVE-2018-7887
RESERVED
-CVE-2018-7886 (An issue was discovered in CloudMe 1.11.0. An unauthenticated remote ...)
+CVE-2018-7886 (An issue was discovered in CloudMe 1.11.0. An unauthenticated local ...)
NOT-FOR-US: CloudMe
CVE-2018-7885
RESERVED
@@ -4456,8 +4472,7 @@ CVE-2018-7035
RESERVED
CVE-2018-7034 (TRENDnet TEW-751DR v1.03B03, TEW-752DRU v1.03B01, and TEW733GR v1.03B01 ...)
NOT-FOR-US: TRENDnet devices
-CVE-2018-7033 [Issue in accounting_storage/mysql plugin by always escaping strings within the slurmdbd]
- RESERVED
+CVE-2018-7033 (SchedMD Slurm before 17.02.10 and 17.11.x before 17.11.5 allows SQL ...)
- slurm-llnl <unfixed> (bug #893044)
NOTE: https://bugs.schedmd.com/show_bug.cgi?id=4792 (not yet public)
NOTE: https://github.com/SchedMD/slurm/commit/db468895240ad6817628d07054fe54e71273b2fe
@@ -7496,22 +7511,22 @@ CVE-2017-18071
RESERVED
CVE-2017-18070
RESERVED
-CVE-2017-18069
- RESERVED
-CVE-2017-18068
- RESERVED
-CVE-2017-18067
- RESERVED
+CVE-2017-18069 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+ TODO: check
+CVE-2017-18068 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+ TODO: check
+CVE-2017-18067 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+ TODO: check
CVE-2017-18066
RESERVED
NOT-FOR-US: Qualcomm components for Android
CVE-2017-18065
RESERVED
NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18064
- RESERVED
-CVE-2017-18063
- RESERVED
+CVE-2017-18064 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+ TODO: check
+CVE-2017-18063 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+ TODO: check
CVE-2017-18062
RESERVED
NOT-FOR-US: Qualcomm components for Android
@@ -7530,8 +7545,8 @@ CVE-2017-18058
CVE-2017-18057
RESERVED
NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18056
- RESERVED
+CVE-2017-18056 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+ TODO: check
CVE-2017-18055
RESERVED
NOT-FOR-US: Qualcomm components for Android
@@ -8874,8 +8889,8 @@ CVE-2018-5478
RESERVED
CVE-2018-5477 (An Information Exposure issue was discovered in ABB netCADOPS Web ...)
NOT-FOR-US: ABB netCADOPS Web Application
-CVE-2018-5476
- RESERVED
+CVE-2018-5476 (A Stack-based Buffer Overflow issue was discovered in Delta Electronics ...)
+ TODO: check
CVE-2018-5475 (A Stack-based Buffer Overflow issue was discovered in GE D60 Line ...)
NOT-FOR-US: GE D60 Line Distance Relay devices
CVE-2018-5474
@@ -9752,12 +9767,12 @@ CVE-2018-5146
RESERVED
CVE-2018-5145
RESERVED
- {DLA-1308-1}
+ {DSA-4139-1 DLA-1308-1}
- firefox-esr 52.7.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-07/
CVE-2018-5144
RESERVED
- {DLA-1308-1}
+ {DSA-4139-1 DLA-1308-1}
- firefox-esr 52.7.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-07/
CVE-2018-5143
@@ -9808,21 +9823,21 @@ CVE-2018-5132
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
CVE-2018-5131
RESERVED
- {DLA-1308-1}
+ {DSA-4139-1 DLA-1308-1}
- firefox 59.0-1
- firefox-esr 52.7.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-07/
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
CVE-2018-5130
RESERVED
- {DLA-1308-1}
+ {DSA-4139-1 DLA-1308-1}
- firefox 59.0-1
- firefox-esr 52.7.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-07/
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
CVE-2018-5129
RESERVED
- {DLA-1308-1}
+ {DSA-4139-1 DLA-1308-1}
- firefox 59.0-1
- firefox-esr 52.7.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-07/
@@ -9833,7 +9848,7 @@ CVE-2018-5128
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
CVE-2018-5127
RESERVED
- {DLA-1308-1}
+ {DSA-4139-1 DLA-1308-1}
- firefox 59.0-1
- firefox-esr 52.7.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-07/
@@ -9844,7 +9859,7 @@ CVE-2018-5126
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
CVE-2018-5125
RESERVED
- {DLA-1308-1}
+ {DSA-4139-1 DLA-1308-1}
- firefox 59.0-1
- firefox-esr 52.7.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-07/
@@ -14162,8 +14177,8 @@ CVE-2017-17775 (Piwigo 2.9.2 has XSS via the name parameter in an ...)
- piwigo <removed>
CVE-2017-17774 (admin/configuration.php in Piwigo 2.9.2 has CSRF. ...)
- piwigo <removed>
-CVE-2017-17773
- RESERVED
+CVE-2017-17773 (In Snapdragon Automobile, Snapdragon Wearable and Snapdragon Mobile ...)
+ TODO: check
CVE-2017-17772
RESERVED
CVE-2017-17771
@@ -24653,20 +24668,20 @@ CVE-2017-16753 (An Improper Input Validation issue was discovered in Advantech .
NOT-FOR-US: Advantech WebAccess
CVE-2017-16752
RESERVED
-CVE-2017-16751
- RESERVED
+CVE-2017-16751 (A Stack-based Buffer Overflow issue was discovered in Delta Electronics ...)
+ TODO: check
CVE-2017-16750
RESERVED
-CVE-2017-16749
- RESERVED
+CVE-2017-16749 (A Use-after-Free issue was discovered in Delta Electronics Delta ...)
+ TODO: check
CVE-2017-16748
RESERVED
-CVE-2017-16747
- RESERVED
+CVE-2017-16747 (An Out-of-bounds Write issue was discovered in Delta Electronics Delta ...)
+ TODO: check
CVE-2017-16746
RESERVED
-CVE-2017-16745
- RESERVED
+CVE-2017-16745 (A Type Confusion issue was discovered in Delta Electronics Delta ...)
+ TODO: check
CVE-2017-16744
RESERVED
CVE-2017-16743 (An Improper Authorization issue was discovered in PHOENIX CONTACT FL ...)
@@ -27354,8 +27369,8 @@ CVE-2017-15823
NOT-FOR-US: Qualcomm component for Android
CVE-2017-15822
RESERVED
-CVE-2017-15821
- RESERVED
+CVE-2017-15821 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+ TODO: check
CVE-2017-15820 (In all Qualcomm products with Android releases from CAF using the ...)
NOT-FOR-US: Qualcomm component for Android
CVE-2017-15819
@@ -27366,8 +27381,8 @@ CVE-2017-15817 (In all Qualcomm products with Android releases from CAF using th
NOT-FOR-US: Qualcomm component for Android
CVE-2017-15816
RESERVED
-CVE-2017-15815
- RESERVED
+CVE-2017-15815 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+ TODO: check
CVE-2017-15814
RESERVED
NOT-FOR-US: Qualcomm components for Android
@@ -30253,23 +30268,23 @@ CVE-2017-14887
NOT-FOR-US: Qualcomm components for Android
CVE-2017-14886
RESERVED
-CVE-2017-14885
- RESERVED
+CVE-2017-14885 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+ TODO: check
CVE-2017-14884 (In all Qualcomm products with Android releases from CAF using the ...)
NOT-FOR-US: Qualcomm component for Android
CVE-2017-14883
RESERVED
NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14882
- RESERVED
+CVE-2017-14882 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+ TODO: check
CVE-2017-14881
RESERVED
CVE-2017-14880
RESERVED
CVE-2017-14879 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14878
- RESERVED
+CVE-2017-14878 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+ TODO: check
CVE-2017-14877
RESERVED
NOT-FOR-US: Qualcomm component for Android
@@ -46780,8 +46795,8 @@ CVE-2016-10395 (In FlexNet Publisher versions before Luton SP1 (11.14.1.1) runni
NOT-FOR-US: FlexNet Publisher
CVE-2016-10394
RESERVED
-CVE-2016-10393
- RESERVED
+CVE-2016-10393 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
+ TODO: check
CVE-2016-10392 (In all Qualcomm products with Android releases from CAF using the ...)
NOT-FOR-US: Qualcomm driver for Android
CVE-2016-10391 (In all Qualcomm products with Android releases from CAF using the ...)
@@ -104955,8 +104970,8 @@ CVE-2016-0225 (IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0
NOT-FOR-US: IBM
CVE-2016-0224 (SQL injection vulnerability in IBM Marketing Platform 8.5.x, 8.6.x, ...)
NOT-FOR-US: IBM
-CVE-2016-0223
- RESERVED
+CVE-2016-0223 (Cross-site scripting (XSS) vulnerability in the Webform Framework API ...)
+ TODO: check
CVE-2016-0222 (IBM Maximo Asset Management 7.6 before 7.6.0.3 IFIX001 allows remote ...)
NOT-FOR-US: IBM
CVE-2016-0221 (Cross-site scripting (XSS) vulnerability in IBM Cognos TM1, as used in ...)
@@ -108744,8 +108759,8 @@ CVE-2015-7473 (runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users
NOT-FOR-US: IBM
CVE-2015-7472 (IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 ...)
NOT-FOR-US: IBM
-CVE-2015-7471
- RESERVED
+CVE-2015-7471 (Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative ...)
+ TODO: check
CVE-2015-7470 (Report Builder in IBM Jazz Reporting Service (JRS) 5.x before ...)
NOT-FOR-US: IBM
CVE-2015-7469 (Report Builder in IBM Jazz Reporting Service (JRS) 5.x before ...)
@@ -108760,8 +108775,8 @@ CVE-2015-7465 (Cross-site request forgery (CSRF) vulnerability in Lifecycle Quer
NOT-FOR-US: IBM
CVE-2015-7464 (Report Builder in IBM Jazz Reporting Service (JRS) 5.x before ...)
NOT-FOR-US: IBM
-CVE-2015-7463
- RESERVED
+CVE-2015-7463 (IBM Business Process Manager 7.5.x, 8.0.x, 8.5.0, 8.5.5, and 8.5.6.0 ...)
+ TODO: check
CVE-2015-7462 (IBM WebSphere MQ 8.0.0.4 on IBM i platforms allows local users to ...)
NOT-FOR-US: IBM
CVE-2015-7461
@@ -108780,8 +108795,8 @@ CVE-2015-7455 (IBM WebSphere Portal 7.x through 7.0.0.2 CF29, 8.0.x before 8.0.0
NOT-FOR-US: IBM
CVE-2015-7454 (Business Space in IBM WebSphere Process Server 6.1.2.0 through 7.0.0.5 ...)
NOT-FOR-US: IBM
-CVE-2015-7453
- RESERVED
+CVE-2015-7453 (Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative ...)
+ TODO: check
CVE-2015-7452 (IBM Maximo Asset Management 7.5 before 7.5.0.9 FP9 and 7.6 before ...)
NOT-FOR-US: IBM
CVE-2015-7451 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
@@ -108806,8 +108821,8 @@ CVE-2015-7442 (consoleinst.sh in IBM Installation Manager before 1.7.4.4 and 1.8
NOT-FOR-US: IBM
CVE-2015-7441 (Remote Artifact Loader (RAL) in IBM WebSphere Process Server 7 and ...)
NOT-FOR-US: IBM
-CVE-2015-7440
- RESERVED
+CVE-2015-7440 (IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before ...)
+ TODO: check
CVE-2015-7439 (Cross-site scripting (XSS) vulnerability in InfoSphere Data Architect ...)
NOT-FOR-US: IBM
CVE-2015-7438 (IBM Sterling B2B Integrator 5.2 allows local users to obtain sensitive ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a3be6a2b1f254e710a35807dbc556f772557cbd6
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a3be6a2b1f254e710a35807dbc556f772557cbd6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180316/297dc462/attachment-0001.html>
More information about the Secure-testing-commits
mailing list