[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Thu Mar 22 09:10:33 UTC 2018


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d473e824 by security tracker role at 2018-03-22T09:10:14+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,37 @@
+CVE-2018-8909 (The Wire application before 2018-03-07 for Android allows attackers to ...)
+	TODO: check
+CVE-2018-8908
+	RESERVED
+CVE-2018-8907
+	RESERVED
+CVE-2018-8906 (dsmall v20180320 has XSS via a crafted street address to ...)
+	TODO: check
+CVE-2018-8905 (In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function ...)
+	TODO: check
+CVE-2018-8904 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the ...)
+	TODO: check
+CVE-2018-8903
+	RESERVED
+CVE-2018-8902
+	RESERVED
+CVE-2018-8901
+	RESERVED
+CVE-2018-8900
+	RESERVED
+CVE-2018-8899 (IdentityServer IdentityServer4 1.x before 1.5.3 and 2.x before 2.1.3 ...)
+	TODO: check
+CVE-2018-8898
+	RESERVED
+CVE-2018-8897
+	RESERVED
+CVE-2018-8896 (In 2345 Security Guard 3.6, the driver file (2345DumpBlock.sys) allows ...)
+	TODO: check
+CVE-2018-8895 (In 2345 Security Guard 3.6, the driver file (2345DumpBlock.sys) allows ...)
+	TODO: check
+CVE-2018-8894 (In 2345 Security Guard 3.6, the driver file (2345BdPcSafe.sys) allows ...)
+	TODO: check
+CVE-2018-8893
+	RESERVED
 CVE-2018-8892
 	RESERVED
 CVE-2018-8891
@@ -18,8 +52,8 @@ CVE-2018-1000136
 	RESERVED
 CVE-2017-18241 (fs/f2fs/segment.c in the Linux kernel before 4.13 allows local users to ...)
 	TODO: check
-CVE-2016-10717
-	RESERVED
+CVE-2016-10717 (A vulnerability in the encryption and permission implementation of ...)
+	TODO: check
 CVE-2018-8884
 	RESERVED
 CVE-2018-8883 (Netwide Assembler (NASM) 2.13.02rc2 has a buffer over-read in the ...)
@@ -14713,8 +14747,8 @@ CVE-2017-17745 (Cross-site scripting (XSS) vulnerability in system_name_set.cgi 
 	NOT-FOR-US: TP-Link
 CVE-2017-17744 (A cross-site scripting (XSS) vulnerability in the custom-map plugin ...)
 	NOT-FOR-US: custom-map plugin for WordPress
-CVE-2017-17743
-	RESERVED
+CVE-2017-17743 (Improper input sanitization within the restricted administration shell ...)
+	TODO: check
 CVE-2017-17742
 	RESERVED
 CVE-2017-17741 (The KVM implementation in the Linux kernel through 4.14.7 allows ...)
@@ -143077,8 +143111,8 @@ CVE-2014-4916
 	NOTE: http://mis.fortunecook.ie/misfortune-cookie-tr069-protection-whitepaper.pdf
 CVE-2014-4915
 	RESERVED
-CVE-2014-4912
-	RESERVED
+CVE-2014-4912 (An Arbitrary File Upload issue was discovered in Frog CMS 0.9.5 due to ...)
+	TODO: check
 CVE-2014-4906 (The Brisbane & Queensland Alert (aka com.queensland.alert) application ...)
 	NOT-FOR-US: Brisbane & Queensland Alert (aka com.queensland.alert) application for Android
 CVE-2014-4905 (The Clean Internet Browser (aka com.cleantab.browsesecure) application ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d473e8249311795e3f4f6cd135b126c6f963a07b

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d473e8249311795e3f4f6cd135b126c6f963a07b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180322/ed77ac4e/attachment.html>


More information about the Secure-testing-commits mailing list