[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Thu Mar 29 08:10:30 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
73b62d81 by security tracker role at 2018-03-29T08:10:20+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,21 @@
+CVE-2018-9123 (In Crea8social 2018.2, there is Stored Cross-Site Scripting via a User ...)
+ TODO: check
+CVE-2018-9122 (In Crea8social 2018.2, there is Reflected Cross-Site Scripting via the ...)
+ TODO: check
+CVE-2018-9121 (In Crea8social 2018.2, there is Stored Cross-Site Scripting via a post ...)
+ TODO: check
+CVE-2018-9120 (In Crea8social 2018.2, there is Stored Cross-Site Scripting via a post. ...)
+ TODO: check
+CVE-2018-9119
+ RESERVED
+CVE-2018-9118
+ RESERVED
+CVE-2018-9117 (WireMock before 2.16.0 contains a vulnerability that allows a remote ...)
+ TODO: check
+CVE-2018-9116 (An XXE vulnerability within WireMock before 2.16.0 allows a remote ...)
+ TODO: check
+CVE-2018-9115
+ RESERVED
CVE-2018-9114
RESERVED
CVE-2018-9113
@@ -116,8 +134,8 @@ CVE-2018-9058 (In Long Range Zip (aka lrzip) 0.631, there is an infinite loop in
[jessie] - lrzip <no-dsa> (Minor issue)
[wheezy] - lrzip <ignored> (Minor issue)
NOTE: https://github.com/ckolivas/lrzip/issues/93
-CVE-2018-7600 [SA-CORE-2018-002]
- RESERVED
+CVE-2018-7600 (Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x ...)
+ {DSA-4156-1 DLA-1325-1}
- drupal7 7.58-1 (bug #894259)
NOTE: https://www.drupal.org/sa-core-2018-002
NOTE: https://groups.drupal.org/security/faq-2018-002
@@ -572,8 +590,8 @@ CVE-2018-8887
RESERVED
CVE-2018-8886
RESERVED
-CVE-2018-8885
- RESERVED
+CVE-2018-8885 (screenresolution-mechanism in screen-resolution-extra 0.17.2 does not ...)
+ TODO: check
CVE-2018-1000136 (Electron version 1.7 up to 1.7.12; 1.8 up to 1.8.3 and 2.0.0 up to ...)
- electron <itp> (bug #842420)
CVE-2017-18241 (fs/f2fs/segment.c in the Linux kernel before 4.13 allows local users to ...)
@@ -732,8 +750,8 @@ CVE-2018-1000135 (GNOME NetworkManager version 1.10.2 and earlier contains a Inf
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1553634
CVE-2018-8821 (windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers ...)
NOT-FOR-US: windrvr1260.sys in Jungo DriverWizard WinDriver
-CVE-2018-8820
- RESERVED
+CVE-2018-8820 (An issue was discovered in Square 9 GlobalForms 6.2.x. A Time Based ...)
+ TODO: check
CVE-2018-8819
RESERVED
CVE-2018-8818
@@ -6685,8 +6703,8 @@ CVE-2018-6610 (Information Leakage exists in the jLike 1.0 component for Joomla!
NOT-FOR-US: jLike component for Joomla!
CVE-2018-6609 (SQL Injection exists in the JSP Tickets 1.1 component for Joomla! via ...)
NOT-FOR-US: JSP Tickets component for Joomla!
-CVE-2018-6608
- RESERVED
+CVE-2018-6608 (In the WebRTC component in Opera 51.0.2830.55, after visiting a web ...)
+ TODO: check
CVE-2018-6607
RESERVED
CVE-2018-6606 (An issue was discovered in MalwareFox AntiMalware 2.74.0.150. Improper ...)
@@ -10800,7 +10818,7 @@ CVE-2018-5147 [out-of-bound write]
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-08/
CVE-2018-5146 [out-of-bound write]
RESERVED
- {DSA-4143-1 DSA-4140-1 DLA-1319-1}
+ {DSA-4155-1 DSA-4143-1 DSA-4140-1 DLA-1319-1}
- firefox 59.0.1-1
- firefox-esr 52.7.2esr-1
- thunderbird 1:52.7.0-1
@@ -10810,14 +10828,14 @@ CVE-2018-5146 [out-of-bound write]
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-09/
CVE-2018-5145
RESERVED
- {DSA-4139-1 DLA-1308-1}
+ {DSA-4155-1 DSA-4139-1 DLA-1308-1}
- firefox-esr 52.7.0esr-1
- thunderbird 1:52.7.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-07/
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-09/
CVE-2018-5144
RESERVED
- {DSA-4139-1 DLA-1308-1}
+ {DSA-4155-1 DSA-4139-1 DLA-1308-1}
- firefox-esr 52.7.0esr-1
- thunderbird 1:52.7.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-07/
@@ -10884,7 +10902,7 @@ CVE-2018-5130
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
CVE-2018-5129
RESERVED
- {DSA-4139-1 DLA-1308-1}
+ {DSA-4155-1 DSA-4139-1 DLA-1308-1}
- firefox 59.0-1
- firefox-esr 52.7.0esr-1
- thunderbird 1:52.7.0-1
@@ -10897,7 +10915,7 @@ CVE-2018-5128
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
CVE-2018-5127
RESERVED
- {DSA-4139-1 DLA-1308-1}
+ {DSA-4155-1 DSA-4139-1 DLA-1308-1}
- firefox 59.0-1
- firefox-esr 52.7.0esr-1
- thunderbird 1:52.7.0-1
@@ -10910,7 +10928,7 @@ CVE-2018-5126
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
CVE-2018-5125
RESERVED
- {DSA-4139-1 DLA-1308-1}
+ {DSA-4155-1 DSA-4139-1 DLA-1308-1}
- firefox 59.0-1
- firefox-esr 52.7.0esr-1
- thunderbird 1:52.7.0-1
@@ -24419,100 +24437,100 @@ CVE-2018-0198 (A vulnerability in the web framework of Cisco Unified Communicati
NOT-FOR-US: Cisco
CVE-2018-0197
RESERVED
-CVE-2018-0196
- RESERVED
-CVE-2018-0195
- RESERVED
+CVE-2018-0196 (A vulnerability in the web-based user interface (web UI) of Cisco IOS ...)
+ TODO: check
+CVE-2018-0195 (A vulnerability in the Cisco IOS XE Software REST API could allow an ...)
+ TODO: check
CVE-2018-0194
RESERVED
-CVE-2018-0193
- RESERVED
+CVE-2018-0193 (Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software ...)
+ TODO: check
CVE-2018-0192
RESERVED
CVE-2018-0191
RESERVED
-CVE-2018-0190
- RESERVED
-CVE-2018-0189
- RESERVED
-CVE-2018-0188
- RESERVED
+CVE-2018-0190 (Multiple vulnerabilities in the web-based user interface (web UI) of ...)
+ TODO: check
+CVE-2018-0189 (A vulnerability in the Forwarding Information Base (FIB) code of Cisco ...)
+ TODO: check
+CVE-2018-0188 (Multiple vulnerabilities in the web-based user interface (web UI) of ...)
+ TODO: check
CVE-2018-0187
RESERVED
-CVE-2018-0186
- RESERVED
-CVE-2018-0185
- RESERVED
-CVE-2018-0184
- RESERVED
-CVE-2018-0183
- RESERVED
-CVE-2018-0182
- RESERVED
+CVE-2018-0186 (Multiple vulnerabilities in the web-based user interface (web UI) of ...)
+ TODO: check
+CVE-2018-0185 (Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software ...)
+ TODO: check
+CVE-2018-0184 (A vulnerability in the CLI parser of Cisco IOS XE Software could allow ...)
+ TODO: check
+CVE-2018-0183 (A vulnerability in the CLI parser of Cisco IOS XE Software could allow ...)
+ TODO: check
+CVE-2018-0182 (Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software ...)
+ TODO: check
CVE-2018-0181
RESERVED
-CVE-2018-0180
- RESERVED
-CVE-2018-0179
- RESERVED
+CVE-2018-0180 (Multiple vulnerabilities in the Login Enhancements (Login Block) ...)
+ TODO: check
+CVE-2018-0179 (Multiple vulnerabilities in the Login Enhancements (Login Block) ...)
+ TODO: check
CVE-2018-0178
RESERVED
-CVE-2018-0177
- RESERVED
-CVE-2018-0176
- RESERVED
-CVE-2018-0175
- RESERVED
-CVE-2018-0174
- RESERVED
-CVE-2018-0173
- RESERVED
-CVE-2018-0172
- RESERVED
-CVE-2018-0171
- RESERVED
-CVE-2018-0170
- RESERVED
-CVE-2018-0169
- RESERVED
+CVE-2018-0177 (A vulnerability in the IP Version 4 (IPv4) processing code of Cisco IOS ...)
+ TODO: check
+CVE-2018-0176 (Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software ...)
+ TODO: check
+CVE-2018-0175 (Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery ...)
+ TODO: check
+CVE-2018-0174 (A vulnerability in the DHCP option 82 encapsulation functionality of ...)
+ TODO: check
+CVE-2018-0173 (A vulnerability in the Cisco IOS Software and Cisco IOS XE Software ...)
+ TODO: check
+CVE-2018-0172 (A vulnerability in the DHCP option 82 encapsulation functionality of ...)
+ TODO: check
+CVE-2018-0171 (A vulnerability in the Smart Install feature of Cisco IOS Software and ...)
+ TODO: check
+CVE-2018-0170 (A vulnerability in the Cisco Umbrella Integration feature of Cisco IOS ...)
+ TODO: check
+CVE-2018-0169 (Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software ...)
+ TODO: check
CVE-2018-0168
RESERVED
-CVE-2018-0167
- RESERVED
+CVE-2018-0167 (Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery ...)
+ TODO: check
CVE-2018-0166
RESERVED
-CVE-2018-0165
- RESERVED
-CVE-2018-0164
- RESERVED
-CVE-2018-0163
- RESERVED
+CVE-2018-0165 (A vulnerability in the Internet Group Management Protocol (IGMP) ...)
+ TODO: check
+CVE-2018-0164 (A vulnerability in the Switch Integrated Security Features of Cisco IOS ...)
+ TODO: check
+CVE-2018-0163 (A vulnerability in the 802.1x multiple-authentication (multi-auth) ...)
+ TODO: check
CVE-2018-0162
RESERVED
-CVE-2018-0161
- RESERVED
-CVE-2018-0160
- RESERVED
-CVE-2018-0159
- RESERVED
-CVE-2018-0158
- RESERVED
-CVE-2018-0157
- RESERVED
-CVE-2018-0156
- RESERVED
-CVE-2018-0155
- RESERVED
-CVE-2018-0154
- RESERVED
+CVE-2018-0161 (A vulnerability in the Simple Network Management Protocol (SNMP) ...)
+ TODO: check
+CVE-2018-0160 (A vulnerability in Simple Network Management Protocol (SNMP) subsystem ...)
+ TODO: check
+CVE-2018-0159 (A vulnerability in the implementation of Internet Key Exchange Version ...)
+ TODO: check
+CVE-2018-0158 (A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module ...)
+ TODO: check
+CVE-2018-0157 (A vulnerability in the Zone-Based Firewall code of Cisco IOS XE ...)
+ TODO: check
+CVE-2018-0156 (A vulnerability in the Smart Install feature of Cisco IOS Software and ...)
+ TODO: check
+CVE-2018-0155 (A vulnerability in the Bidirectional Forwarding Detection (BFD) offload ...)
+ TODO: check
+CVE-2018-0154 (A vulnerability in the crypto engine of the Cisco Integrated Services ...)
+ TODO: check
CVE-2018-0153
RESERVED
-CVE-2018-0152
- RESERVED
-CVE-2018-0151
- RESERVED
-CVE-2018-0150
- RESERVED
+CVE-2018-0152 (A vulnerability in the web-based user interface (web UI) of Cisco IOS ...)
+ TODO: check
+CVE-2018-0151 (A vulnerability in the quality of service (QoS) subsystem of Cisco IOS ...)
+ TODO: check
+CVE-2018-0150 (A vulnerability in Cisco IOS XE Software could allow an ...)
+ TODO: check
CVE-2018-0149
RESERVED
CVE-2018-0148 (A vulnerability in the web-based management interface of Cisco UCS ...)
@@ -72727,8 +72745,8 @@ CVE-2017-0938
RESERVED
CVE-2017-0937
RESERVED
-CVE-2017-0936
- RESERVED
+CVE-2017-0936 (Nextcloud Server before 11.0.7 and 12.0.5 suffers from an ...)
+ TODO: check
CVE-2017-0935 (Ubiquiti Networks EdgeOS version 1.9.1.1 and prior suffer from an ...)
NOT-FOR-US: Ubiquiti Networks EdgeOS
CVE-2017-0934 (Ubiquiti Networks EdgeOS version 1.9.1 and prior suffer from an ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/73b62d8114c7f11602dfcca5c1ff86c8f679b054
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/73b62d8114c7f11602dfcca5c1ff86c8f679b054
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180329/4a575626/attachment.html>
More information about the Secure-testing-commits
mailing list