[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4ca1dfdf by security tracker role at 2018-05-04T08:10:23+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,7 @@
+CVE-2018-10722 (In Cylance CylancePROTECT before 1470, an unprivileged local user can ...)
+	TODO: check
+CVE-2018-10721
+	RESERVED
 CVE-2018-10720
 	RESERVED
 CVE-2018-10719
@@ -175,8 +179,8 @@ CVE-2018-10643
 	RESERVED
 CVE-2018-10642 (Command injection vulnerability in Combodo iTop 2.4.1 allows remote ...)
 	NOT-FOR-US: Combodo iTop
-CVE-2018-10641
-	RESERVED
+CVE-2018-10641 (D-Link DIR-601 A1 1.02NA devices do not require the old password for a ...)
+	TODO: check
 CVE-2018-10640
 	RESERVED
 CVE-2018-10639
@@ -341,10 +345,10 @@ CVE-2018-10564 (XSS exists in Flexense DiskPulse Enterprise from v10.4 to v10.7.
 	NOT-FOR-US: Flexense DiskPulse Enterprise
 CVE-2018-10563 (An XSS in Flexense SyncBreeze affects all versions (tested from ...)
 	NOT-FOR-US: Flexense SyncBreeze
-CVE-2018-10562
-	RESERVED
-CVE-2018-10561
-	RESERVED
+CVE-2018-10562 (An issue was discovered on Dasan GPON home routers. Command Injection ...)
+	TODO: check
+CVE-2018-10561 (An issue was discovered on Dasan GPON home routers. It is possible to ...)
+	TODO: check
 CVE-2018-10560
 	RESERVED
 CVE-2018-10559
@@ -1716,7 +1720,7 @@ CVE-2018-9996 (An issue was discovered in cplus-dem.c in GNU libiberty, as ...)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85304
-CVE-2018-9995 (TBK DVR4104 and DVR4216 devices allow remote attackers to bypass ...)
+CVE-2018-9995 (TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, ...)
 	NOT-FOR-US: TBK DVR4104 and DVR4216 devices
 CVE-2018-9994
 	RESERVED
@@ -6467,8 +6471,8 @@ CVE-2018-8005
 	RESERVED
 CVE-2018-8004
 	RESERVED
-CVE-2018-8003
-	RESERVED
+CVE-2018-8003 (Apache Ambari, versions 1.4.0 to 2.6.1, is susceptible to a directory ...)
+	TODO: check
 CVE-2018-8002 (In PoDoFo 0.9.5, there exists an infinite loop vulnerability in ...)
 	- libpodofo <unfixed> (low; bug #892557)
 	[stretch] - libpodofo <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/4ca1dfdf55fefdbb58a88b877aa833390a01036b

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/4ca1dfdf55fefdbb58a88b877aa833390a01036b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180504/4c75c723/attachment-0001.html>