[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Wed May 9 21:10:33 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8afb7b0d by security tracker role at 2018-05-09T20:10:25+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,217 @@
+CVE-2018-10945
+ RESERVED
+CVE-2018-10944
+ RESERVED
+CVE-2018-10943
+ RESERVED
+CVE-2018-10942
+ RESERVED
+CVE-2018-10941
+ RESERVED
+CVE-2018-10940 (The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the ...)
+ TODO: check
+CVE-2018-10939
+ RESERVED
+CVE-2018-10938
+ RESERVED
+CVE-2018-10937
+ RESERVED
+CVE-2018-10936
+ RESERVED
+CVE-2018-10935
+ RESERVED
+CVE-2018-10934
+ RESERVED
+CVE-2018-10933
+ RESERVED
+CVE-2018-10932
+ RESERVED
+CVE-2018-10931
+ RESERVED
+CVE-2018-10930
+ RESERVED
+CVE-2018-10929
+ RESERVED
+CVE-2018-10928
+ RESERVED
+CVE-2018-10927
+ RESERVED
+CVE-2018-10926
+ RESERVED
+CVE-2018-10925
+ RESERVED
+CVE-2018-10924
+ RESERVED
+CVE-2018-10923
+ RESERVED
+CVE-2018-10922
+ RESERVED
+CVE-2018-10921
+ RESERVED
+CVE-2018-10920
+ RESERVED
+CVE-2018-10919
+ RESERVED
+CVE-2018-10918
+ RESERVED
+CVE-2018-10917
+ RESERVED
+CVE-2018-10916
+ RESERVED
+CVE-2018-10915
+ RESERVED
+CVE-2018-10914
+ RESERVED
+CVE-2018-10913
+ RESERVED
+CVE-2018-10912
+ RESERVED
+CVE-2018-10911
+ RESERVED
+CVE-2018-10910
+ RESERVED
+CVE-2018-10909
+ RESERVED
+CVE-2018-10908
+ RESERVED
+CVE-2018-10907
+ RESERVED
+CVE-2018-10906
+ RESERVED
+CVE-2018-10905
+ RESERVED
+CVE-2018-10904
+ RESERVED
+CVE-2018-10903
+ RESERVED
+CVE-2018-10902
+ RESERVED
+CVE-2018-10901
+ RESERVED
+CVE-2018-10900
+ RESERVED
+CVE-2018-10899
+ RESERVED
+CVE-2018-10898
+ RESERVED
+CVE-2018-10897
+ RESERVED
+CVE-2018-10896
+ RESERVED
+CVE-2018-10895
+ RESERVED
+CVE-2018-10894
+ RESERVED
+CVE-2018-10893
+ RESERVED
+CVE-2018-10892
+ RESERVED
+CVE-2018-10891
+ RESERVED
+CVE-2018-10890
+ RESERVED
+CVE-2018-10889
+ RESERVED
+CVE-2018-10888
+ RESERVED
+CVE-2018-10887
+ RESERVED
+CVE-2018-10886
+ RESERVED
+CVE-2018-10885
+ RESERVED
+CVE-2018-10884
+ RESERVED
+CVE-2018-10883
+ RESERVED
+CVE-2018-10882
+ RESERVED
+CVE-2018-10881
+ RESERVED
+CVE-2018-10880
+ RESERVED
+CVE-2018-10879
+ RESERVED
+CVE-2018-10878
+ RESERVED
+CVE-2018-10877
+ RESERVED
+CVE-2018-10876
+ RESERVED
+CVE-2018-10875
+ RESERVED
+CVE-2018-10874
+ RESERVED
+CVE-2018-10873
+ RESERVED
+CVE-2018-10872
+ RESERVED
+CVE-2018-10871
+ RESERVED
+CVE-2018-10870
+ RESERVED
+CVE-2018-10869
+ RESERVED
+CVE-2018-10868
+ RESERVED
+CVE-2018-10867
+ RESERVED
+CVE-2018-10866
+ RESERVED
+CVE-2018-10865
+ RESERVED
+CVE-2018-10864
+ RESERVED
+CVE-2018-10863
+ RESERVED
+CVE-2018-10862
+ RESERVED
+CVE-2018-10861
+ RESERVED
+CVE-2018-10860
+ RESERVED
+CVE-2018-10859
+ RESERVED
+CVE-2018-10858
+ RESERVED
+CVE-2018-10857
+ RESERVED
+CVE-2018-10856
+ RESERVED
+CVE-2018-10855
+ RESERVED
+CVE-2018-10854
+ RESERVED
+CVE-2018-10853
+ RESERVED
+CVE-2018-10852
+ RESERVED
+CVE-2018-10851
+ RESERVED
+CVE-2018-10850
+ RESERVED
+CVE-2018-10849
+ RESERVED
+CVE-2018-10848
+ RESERVED
+CVE-2018-10847
+ RESERVED
+CVE-2018-10846
+ RESERVED
+CVE-2018-10845
+ RESERVED
+CVE-2018-10844
+ RESERVED
+CVE-2018-10843
+ RESERVED
+CVE-2018-10842
+ RESERVED
+CVE-2018-10841
+ RESERVED
+CVE-2018-10840
+ RESERVED
+CVE-2018-10839
+ RESERVED
CVE-2018-10838
RESERVED
CVE-2018-10837
@@ -18,8 +232,8 @@ CVE-2018-10830 (In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X
NOT-FOR-US: 2345 Security Guard
CVE-2018-10829
RESERVED
-CVE-2018-10828
- RESERVED
+CVE-2018-10828 (An issue was discovered in Alps Pointing-device Driver 10.1.101.207. ...)
+ TODO: check
CVE-2018-10827 (LiteCart 2.1.2 allows remote attackers to cause a denial of service ...)
NOT-FOR-US: LiteCart
CVE-2018-10826
@@ -105,7 +319,8 @@ CVE-2018-10796 (In 2345 Security Guard 3.7, the driver file (2345NetFirewall.sys
NOT-FOR-US: 2345 Security Guard
CVE-2018-10795 (Liferay 6.2.x and before has an FCKeditor configuration that allows an ...)
NOT-FOR-US: Liferay
-CVE-2017-18265 [prosody crashed on error handling for stream errors]
+CVE-2017-18265 (Prosody before 0.10.0 allows remote attackers to cause a denial of ...)
+ {DSA-4198-1}
- prosody 0.10.0-1 (bug #875829)
NOTE: https://prosody.im/issues/issue/987
CVE-2018-10794
@@ -169,8 +384,8 @@ CVE-2018-10771 (Stack-based buffer overflow in the get_key function in parse.c i
NOTE: https://github.com/leesavide/abcm2ps/issues/17
NOTE: https://github.com/leesavide/abcm2ps/commit/dc0372993674d0b50fedfbf7b9fad1239b8efc5f
NOTE: Crash in CLI tool (neutralised by toolchain hardening), no security impact
-CVE-2018-10770
- RESERVED
+CVE-2018-10770 (download.rsp on ShenZhen Anni "5 in 1 XVR" devices allows remote ...)
+ TODO: check
CVE-2018-10769
RESERVED
CVE-2018-10768 (There is a NULL pointer dereference in the AnnotPath::getCoordsLength ...)
@@ -372,10 +587,10 @@ CVE-2018-10685 (In Long Range Zip (aka lrzip) 0.631, there is a use-after-free i
NOTE: https://github.com/ckolivas/lrzip/issues/95
CVE-2018-10684
RESERVED
-CVE-2018-10683
- RESERVED
-CVE-2018-10682
- RESERVED
+CVE-2018-10683 (** DISPUTED ** An issue was discovered in WildFly 10.1.2.Final. In the ...)
+ TODO: check
+CVE-2018-10682 (An issue was discovered in WildFly 10.1.2.Final. It is possible for an ...)
+ TODO: check
CVE-2016-10722 (partclone.fat in Partclone before 0.2.88 is prone to a heap-based ...)
- partclone 0.2.88-1
[jessie] - partclone <no-dsa> (Minor issue)
@@ -674,6 +889,7 @@ CVE-2018-10549 (An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.3
NOTE: Fixed in 5.6.36, 7.0.30, 7.1.17, 7.2.5
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=76130
CVE-2018-10548 (An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, ...)
+ {DLA-1373-1}
- php7.2 <unfixed>
- php7.1 <unfixed>
- php7.0 <unfixed>
@@ -681,6 +897,7 @@ CVE-2018-10548 (An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.3
NOTE: Fixed in 5.6.36, 7.0.30, 7.1.17, 7.2.5
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=76248
CVE-2018-10547 (An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, ...)
+ {DLA-1373-1}
- php7.2 <unfixed>
- php7.1 <unfixed>
- php7.0 <unfixed>
@@ -696,6 +913,7 @@ CVE-2018-10546 (An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.3
NOTE: Fixed in 5.6.36, 7.0.30, 7.1.17, 7.2.5
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=76249
CVE-2018-10545 (An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, ...)
+ {DLA-1373-1}
- php7.2 7.2.4-1
- php7.1 7.1.16-1
- php7.0 7.0.29-1
@@ -711,24 +929,28 @@ CVE-2018-10542
CVE-2018-10541
RESERVED
CVE-2018-10540 (An issue was discovered in WavPack 5.1.0 and earlier for W64 input. ...)
+ {DSA-4197-1}
- wavpack 5.1.0-3 (bug #897271)
[jessie] - wavpack <not-affected> (Vulnerable code not present, introduced in 5.0.0)
[wheezy] - wavpack <not-affected> (Vulnerable code not present, introduced in 5.0.0)
NOTE: https://github.com/dbry/WavPack/commit/6f8bb34c2993a48ab9afbe353e6d0cff7c8d821d
NOTE: https://github.com/dbry/WavPack/issues/33
CVE-2018-10539 (An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. ...)
+ {DSA-4197-1}
- wavpack 5.1.0-3 (bug #897271)
[jessie] - wavpack <not-affected> (Vulnerable code not present, introduced in 5.0.0)
[wheezy] - wavpack <not-affected> (Vulnerable code not present, introduced in 5.0.0)
NOTE: https://github.com/dbry/WavPack/commit/6f8bb34c2993a48ab9afbe353e6d0cff7c8d821d
NOTE: https://github.com/dbry/WavPack/issues/33
CVE-2018-10538 (An issue was discovered in WavPack 5.1.0 and earlier for WAV input. ...)
+ {DSA-4197-1}
- wavpack 5.1.0-3 (bug #897271)
[jessie] - wavpack <not-affected> (Vulnerable code not present, introduced in 5.0.0)
[wheezy] - wavpack <not-affected> (Vulnerable code not present, introduced in 5.0.0)
NOTE: https://github.com/dbry/WavPack/commit/6f8bb34c2993a48ab9afbe353e6d0cff7c8d821d
NOTE: https://github.com/dbry/WavPack/issues/33
CVE-2018-10537 (An issue was discovered in WavPack 5.1.0 and earlier. The W64 parser ...)
+ {DSA-4197-1}
- wavpack 5.1.0-3 (bug #897271)
[jessie] - wavpack <not-affected> (Vulnerable code not present, introduced in 5.0.0)
[wheezy] - wavpack <not-affected> (Vulnerable code not present, introduced in 5.0.0)
@@ -737,6 +959,7 @@ CVE-2018-10537 (An issue was discovered in WavPack 5.1.0 and earlier. The W64 pa
NOTE: https://github.com/dbry/WavPack/issues/31
NOTE: https://github.com/dbry/WavPack/issues/32
CVE-2018-10536 (An issue was discovered in WavPack 5.1.0 and earlier. The WAV parser ...)
+ {DSA-4197-1}
- wavpack 5.1.0-3 (bug #897271)
[jessie] - wavpack <not-affected> (Vulnerable code not present, introduced in 5.0.0)
[wheezy] - wavpack <not-affected> (Vulnerable code not present, introduced in 5.0.0)
@@ -4632,10 +4855,10 @@ CVE-2018-8914
RESERVED
CVE-2018-8913
RESERVED
-CVE-2018-8912
- RESERVED
-CVE-2018-8911
- RESERVED
+CVE-2018-8912 (Cross-site scripting (XSS) vulnerability in SYNO.NoteStation.Note in ...)
+ TODO: check
+CVE-2018-8911 (Cross-site scripting (XSS) vulnerability in Attachment Preview in ...)
+ TODO: check
CVE-2018-8910
RESERVED
CVE-2018-8909 (The Wire application before 2018-03-07 for Android allows attackers to ...)
@@ -4755,8 +4978,8 @@ CVE-2018-8868
RESERVED
CVE-2018-8867
RESERVED
-CVE-2018-8866
- RESERVED
+CVE-2018-8866 (In Vecna VGo Robot versions prior to 3.0.3.52164, an attacker on an ...)
+ TODO: check
CVE-2018-8865 (In Lantech IDS 2102 2.0 and prior, a stack-based buffer overflow ...)
NOT-FOR-US: Lantech
CVE-2018-8864
@@ -6312,128 +6535,128 @@ CVE-2018-8181
RESERVED
CVE-2018-8180
RESERVED
-CVE-2018-8179
- RESERVED
-CVE-2018-8178
- RESERVED
-CVE-2018-8177
- RESERVED
+CVE-2018-8179 (A remote code execution vulnerability exists when Microsoft Edge ...)
+ TODO: check
+CVE-2018-8178 (A remote code execution vulnerability exists in the way that Microsoft ...)
+ TODO: check
+CVE-2018-8177 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
CVE-2018-8176
RESERVED
CVE-2018-8175
RESERVED
-CVE-2018-8174
- RESERVED
-CVE-2018-8173
- RESERVED
+CVE-2018-8174 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
+CVE-2018-8173 (A remote code execution vulnerability exists in Microsoft InfoPath ...)
+ TODO: check
CVE-2018-8172
RESERVED
CVE-2018-8171
RESERVED
-CVE-2018-8170
- RESERVED
+CVE-2018-8170 (An elevation of privilege vulnerability exists in the way that the ...)
+ TODO: check
CVE-2018-8169
RESERVED
-CVE-2018-8168
- RESERVED
-CVE-2018-8167
- RESERVED
-CVE-2018-8166
- RESERVED
-CVE-2018-8165
- RESERVED
-CVE-2018-8164
- RESERVED
-CVE-2018-8163
- RESERVED
-CVE-2018-8162
- RESERVED
-CVE-2018-8161
- RESERVED
-CVE-2018-8160
- RESERVED
-CVE-2018-8159
- RESERVED
-CVE-2018-8158
- RESERVED
-CVE-2018-8157
- RESERVED
-CVE-2018-8156
- RESERVED
-CVE-2018-8155
- RESERVED
-CVE-2018-8154
- RESERVED
-CVE-2018-8153
- RESERVED
-CVE-2018-8152
- RESERVED
-CVE-2018-8151
- RESERVED
-CVE-2018-8150
- RESERVED
-CVE-2018-8149
- RESERVED
-CVE-2018-8148
- RESERVED
-CVE-2018-8147
- RESERVED
+CVE-2018-8168 (An elevation of privilege vulnerability exists when Microsoft ...)
+ TODO: check
+CVE-2018-8167 (An elevation of privilege vulnerability exists when the Windows Common ...)
+ TODO: check
+CVE-2018-8166 (An elevation of privilege vulnerability exists in Windows when the ...)
+ TODO: check
+CVE-2018-8165 (An elevation of privilege vulnerability exists when the DirectX ...)
+ TODO: check
+CVE-2018-8164 (An elevation of privilege vulnerability exists in Windows when the ...)
+ TODO: check
+CVE-2018-8163 (An information disclosure vulnerability exists when Microsoft Excel ...)
+ TODO: check
+CVE-2018-8162 (A remote code execution vulnerability exists in Microsoft Excel ...)
+ TODO: check
+CVE-2018-8161 (A remote code execution vulnerability exists in Microsoft Office ...)
+ TODO: check
+CVE-2018-8160 (An information disclosure vulnerability exists in Outlook when a ...)
+ TODO: check
+CVE-2018-8159 (An elevation of privilege vulnerability exists when Microsoft Exchange ...)
+ TODO: check
+CVE-2018-8158 (A remote code execution vulnerability exists in Microsoft Office ...)
+ TODO: check
+CVE-2018-8157 (A remote code execution vulnerability exists in Microsoft Office ...)
+ TODO: check
+CVE-2018-8156 (An elevation of privilege vulnerability exists when Microsoft ...)
+ TODO: check
+CVE-2018-8155 (An elevation of privilege vulnerability exists when Microsoft ...)
+ TODO: check
+CVE-2018-8154 (A remote code execution vulnerability exists in Microsoft Exchange ...)
+ TODO: check
+CVE-2018-8153 (A spoofing vulnerability exists in Microsoft Exchange Server when ...)
+ TODO: check
+CVE-2018-8152 (An elevation of privilege vulnerability exists when Microsoft Exchange ...)
+ TODO: check
+CVE-2018-8151 (An information disclosure vulnerability exists when Microsoft Exchange ...)
+ TODO: check
+CVE-2018-8150 (A security feature bypass vulnerability exists when the Microsoft ...)
+ TODO: check
+CVE-2018-8149 (An elevation of privilege vulnerability exists when Microsoft ...)
+ TODO: check
+CVE-2018-8148 (A remote code execution vulnerability exists in Microsoft Excel ...)
+ TODO: check
+CVE-2018-8147 (A remote code execution vulnerability exists in Microsoft Excel ...)
+ TODO: check
CVE-2018-8146
RESERVED
-CVE-2018-8145
- RESERVED
+CVE-2018-8145 (An information disclosure vulnerability exists when Chakra improperly ...)
+ TODO: check
CVE-2018-8144
RESERVED
CVE-2018-8143
RESERVED
CVE-2018-8142
RESERVED
-CVE-2018-8141
- RESERVED
+CVE-2018-8141 (An information disclosure vulnerability exists when the Windows kernel ...)
+ TODO: check
CVE-2018-8140
RESERVED
-CVE-2018-8139
- RESERVED
+CVE-2018-8139 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
CVE-2018-8138
RESERVED
-CVE-2018-8137
- RESERVED
-CVE-2018-8136
- RESERVED
+CVE-2018-8137 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
+CVE-2018-8136 (A remote code execution vulnerability exists in the way that Windows ...)
+ TODO: check
CVE-2018-8135
RESERVED
-CVE-2018-8134
- RESERVED
-CVE-2018-8133
- RESERVED
-CVE-2018-8132
- RESERVED
+CVE-2018-8134 (An elevation of privilege vulnerability exists in the way that the ...)
+ TODO: check
+CVE-2018-8133 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
+CVE-2018-8132 (A security feature bypass vulnerability exists in Windows which could ...)
+ TODO: check
CVE-2018-8131
RESERVED
-CVE-2018-8130
- RESERVED
-CVE-2018-8129
- RESERVED
-CVE-2018-8128
- RESERVED
-CVE-2018-8127
- RESERVED
-CVE-2018-8126
- RESERVED
+CVE-2018-8130 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
+CVE-2018-8129 (A security feature bypass vulnerability exists in Windows which could ...)
+ TODO: check
+CVE-2018-8128 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
+CVE-2018-8127 (An information disclosure vulnerability exists when the Windows kernel ...)
+ TODO: check
+CVE-2018-8126 (A security feature bypass vulnerability exists when Internet Explorer ...)
+ TODO: check
CVE-2018-8125
RESERVED
-CVE-2018-8124
- RESERVED
-CVE-2018-8123
- RESERVED
-CVE-2018-8122
- RESERVED
+CVE-2018-8124 (An elevation of privilege vulnerability exists in Windows when the ...)
+ TODO: check
+CVE-2018-8123 (An information disclosure vulnerability exists when Microsoft Edge ...)
+ TODO: check
+CVE-2018-8122 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
CVE-2018-8121
RESERVED
-CVE-2018-8120
- RESERVED
-CVE-2018-8119
- RESERVED
+CVE-2018-8120 (An elevation of privilege vulnerability exists in Windows when the ...)
+ TODO: check
+CVE-2018-8119 (A spoofing vulnerability exists when the Azure IoT Device Provisioning ...)
+ TODO: check
CVE-2018-8118 (A remote code execution vulnerability exists when Internet Explorer ...)
NOT-FOR-US: Microsoft
CVE-2018-8117 (A security feature bypass vulnerability exists in the Microsoft ...)
@@ -6442,12 +6665,12 @@ CVE-2018-8116 (A denial of service vulnerability exists in the way that Windows
NOT-FOR-US: Microsoft
CVE-2018-8115 (A remote code execution vulnerability exists when the Windows Host ...)
NOT-FOR-US: Microsoft
-CVE-2018-8114
- RESERVED
+CVE-2018-8114 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
CVE-2018-8113
RESERVED
-CVE-2018-8112
- RESERVED
+CVE-2018-8112 (A security feature bypass vulnerability exists when Microsoft Edge ...)
+ TODO: check
CVE-2018-8111
RESERVED
CVE-2018-8110
@@ -25941,7 +26164,7 @@ CVE-2018-1230 (Pivotal Spring Batch Admin, all versions, does not contain cross
CVE-2018-1229 (Pivotal Spring Batch Admin, all versions, contains a stored XSS ...)
NOT-FOR-US: Pivotal
CVE-2018-1228
- RESERVED
+ REJECTED
CVE-2018-1227 (Pivotal Concourse after 2018-03-05 might allow remote attackers to ...)
NOT-FOR-US: Pivotal
CVE-2018-1226
@@ -26492,8 +26715,7 @@ CVE-2018-1091 (In the flush_tmregs_to_thread function in arch/powerpc/kernel/ptr
CVE-2018-1090
RESERVED
NOT-FOR-US: Pulp (Red Hat)
-CVE-2018-1089 [unauthenticated ns-slapd crash via largefilter value in ldapsearch]
- RESERVED
+CVE-2018-1089 (389-ds-base before versions 1.4.0.9, 1.3.8.1, 1.3.6.15 did not ...)
- 389-ds-base <unfixed> (bug #898138)
NOTE: http://www.openwall.com/lists/oss-security/2018/05/07/2
CVE-2018-1088 (A privilege escalation flaw was found in gluster 3.x snapshot ...)
@@ -27372,8 +27594,8 @@ CVE-2017-17090 (An issue was discovered in chan_skinny.c in Asterisk Open Source
NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27452
CVE-2018-1040
RESERVED
-CVE-2018-1039
- RESERVED
+CVE-2018-1039 (A security feature bypass vulnerability exists in .Net Framework which ...)
+ TODO: check
CVE-2018-1038 (The Windows kernel in Windows 7 SP1 and Windows Server 2008 R2 SP1 ...)
NOT-FOR-US: Microsoft
CVE-2018-1037 (An information disclosure vulnerability exists when Visual Studio ...)
@@ -27400,16 +27622,16 @@ CVE-2018-1027 (A remote code execution vulnerability exists in Microsoft Excel .
NOT-FOR-US: Microsoft
CVE-2018-1026 (A remote code execution vulnerability exists in Microsoft Office ...)
NOT-FOR-US: Microsoft
-CVE-2018-1025
- RESERVED
+CVE-2018-1025 (An information disclosure vulnerability exists when affected Microsoft ...)
+ TODO: check
CVE-2018-1024
RESERVED
CVE-2018-1023 (A remote code execution vulnerability exists in the way that Microsoft ...)
NOT-FOR-US: Microsoft
-CVE-2018-1022
- RESERVED
-CVE-2018-1021
- RESERVED
+CVE-2018-1022 (A remote code execution vulnerability exists in the way the scripting ...)
+ TODO: check
+CVE-2018-1021 (An information disclosure vulnerability exists when Microsoft Edge ...)
+ TODO: check
CVE-2018-1020 (A remote code execution vulnerability exists when Internet Explorer ...)
NOT-FOR-US: Microsoft
CVE-2018-1019 (A remote code execution vulnerability exists in the way that the ...)
@@ -27528,28 +27750,28 @@ CVE-2018-0963 (An elevation of privilege vulnerability exists in the way that th
NOT-FOR-US: Microsoft
CVE-2018-0962
RESERVED
-CVE-2018-0961
- RESERVED
+CVE-2018-0961 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
+ TODO: check
CVE-2018-0960 (An information disclosure vulnerability exists when the Windows kernel ...)
NOT-FOR-US: Microsoft
-CVE-2018-0959
- RESERVED
-CVE-2018-0958
- RESERVED
+CVE-2018-0959 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
+ TODO: check
+CVE-2018-0958 (A security feature bypass vulnerability exists in Windows which could ...)
+ TODO: check
CVE-2018-0957 (An information disclosure vulnerability exists when Windows Hyper-V on ...)
NOT-FOR-US: Microsoft
CVE-2018-0956 (A denial of service vulnerability exists in the HTTP 2.0 protocol ...)
NOT-FOR-US: Microsoft
-CVE-2018-0955
- RESERVED
-CVE-2018-0954
- RESERVED
-CVE-2018-0953
- RESERVED
+CVE-2018-0955 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
+CVE-2018-0954 (A remote code execution vulnerability exists in the way the scripting ...)
+ TODO: check
+CVE-2018-0953 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
CVE-2018-0952
RESERVED
-CVE-2018-0951
- RESERVED
+CVE-2018-0951 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
CVE-2018-0950 (An information disclosure vulnerability exists when Office renders ...)
NOT-FOR-US: Microsoft
CVE-2018-0949
@@ -27558,14 +27780,14 @@ CVE-2018-0948
RESERVED
CVE-2018-0947 (Microsoft SharePoint Foundation 2013 SP1 and Microsoft SharePoint ...)
NOT-FOR-US: Microsoft
-CVE-2018-0946
- RESERVED
-CVE-2018-0945
- RESERVED
+CVE-2018-0946 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
+CVE-2018-0945 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
CVE-2018-0944 (Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise ...)
NOT-FOR-US: Microsoft
-CVE-2018-0943
- RESERVED
+CVE-2018-0943 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
CVE-2018-0942 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 ...)
NOT-FOR-US: Microsoft
CVE-2018-0941 (Microsoft Exchange Server 2016 Cumulative Update 7 and Microsoft ...)
@@ -27742,8 +27964,8 @@ CVE-2018-0856 (Microsoft Edge and ChakraCore in Microsoft Windows 10 1703 and 17
NOT-FOR-US: Microsoft
CVE-2018-0855 (The Microsoft Windows Embedded OpenType (EOT) font engine in Microsoft ...)
NOT-FOR-US: Microsoft
-CVE-2018-0854
- RESERVED
+CVE-2018-0854 (A security feature bypass vulnerability exists in Windows Scripting ...)
+ TODO: check
CVE-2018-0853 (Microsoft Office 2010 SP2, Microsoft Office 2013 SP1 and RT SP1, ...)
NOT-FOR-US: Microsoft
CVE-2018-0852 (Microsoft Outlook 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft ...)
@@ -27802,8 +28024,8 @@ CVE-2018-0826 (Windows Storage Services in Windows 10 versions 1511, 1607, 1703
NOT-FOR-US: Microsoft
CVE-2018-0825 (StructuredQuery in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows ...)
NOT-FOR-US: Microsoft
-CVE-2018-0824
- RESERVED
+CVE-2018-0824 (A remote code execution vulnerability exists in "Microsoft COM for ...)
+ TODO: check
CVE-2018-0823 (The Named Pipe File System in Windows 10 version 1709 and Windows ...)
NOT-FOR-US: Microsoft
CVE-2018-0822 (NTFS in Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server ...)
@@ -27920,8 +28142,8 @@ CVE-2018-0767 (Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, 1709, an
NOT-FOR-US: Microsoft
CVE-2018-0766 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, ...)
NOT-FOR-US: Microsoft
-CVE-2018-0765
- RESERVED
+CVE-2018-0765 (A denial of service vulnerability exists when .NET and .NET Core ...)
+ TODO: check
CVE-2018-0764 (Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, ...)
NOT-FOR-US: Microsoft
CVE-2018-0763 (Microsoft Edge in Microsoft Windows 10 1703 and 1709 allows ...)
@@ -66888,8 +67110,8 @@ CVE-2017-5177 (A Stack Buffer Overflow issue was discovered in VIPA Controls Win
NOT-FOR-US: VIPA Controls WinPLC7
CVE-2017-5176 (A DLL Hijack issue was discovered in Rockwell Automation Connected ...)
NOT-FOR-US: Rockwell Automation Connected Components Workbench
-CVE-2017-5175
- RESERVED
+CVE-2017-5175 (Advantech WebAccess 8.1 and earlier contains a DLL hijacking ...)
+ TODO: check
CVE-2017-5174 (An Authentication Bypass issue was discovered in Geutebruck IP Camera ...)
NOT-FOR-US: Geutebruck IP Camera G-Cam/EFD-2250
CVE-2017-5173 (An Improper Neutralization of Special Elements (in an OS command) issue ...)
@@ -80719,8 +80941,8 @@ CVE-2016-9337 (An issue was discovered in Tesla Motors Model S automobile, all .
NOT-FOR-US: Tesla car
CVE-2016-9336
REJECTED
-CVE-2016-9335
- RESERVED
+CVE-2016-9335 (A hard-coded cryptographic key vulnerability was identified in Red ...)
+ TODO: check
CVE-2016-9334 (An issue was discovered in Rockwell Automation Allen-Bradley MicroLogix ...)
NOT-FOR-US: Rockwell
CVE-2016-9333 (An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8afb7b0ddbd57e428372ab35c416c3a2e04fbb60
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8afb7b0ddbd57e428372ab35c416c3a2e04fbb60
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180509/3d890291/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list