[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Wed May 16 09:10:19 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
cc0640f2 by security tracker role at 2018-05-16T08:10:13+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,25 @@
+CVE-2018-11141
+ RESERVED
+CVE-2018-11140
+ RESERVED
+CVE-2018-11139
+ RESERVED
+CVE-2018-11138
+ RESERVED
+CVE-2018-11137
+ RESERVED
+CVE-2018-11136
+ RESERVED
+CVE-2018-11135
+ RESERVED
+CVE-2018-11134
+ RESERVED
+CVE-2018-11133
+ RESERVED
+CVE-2018-11132
+ RESERVED
+CVE-2018-11131
+ RESERVED
CVE-2018-11130
RESERVED
CVE-2018-11129
@@ -1202,12 +1224,12 @@ CVE-2018-10593
RESERVED
CVE-2018-10592
RESERVED
-CVE-2018-10591
- RESERVED
-CVE-2018-10590
- RESERVED
-CVE-2018-10589
- RESERVED
+CVE-2018-10591 (In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess ...)
+ TODO: check
+CVE-2018-10590 (In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess ...)
+ TODO: check
+CVE-2018-10589 (In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess ...)
+ TODO: check
CVE-2018-10588
RESERVED
CVE-2018-10587
@@ -5459,16 +5481,16 @@ CVE-2018-8847
RESERVED
CVE-2018-8846
RESERVED
-CVE-2018-8845
- RESERVED
+CVE-2018-8845 (In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess ...)
+ TODO: check
CVE-2018-8844
RESERVED
CVE-2018-8843 (Rockwell Automation Arena versions 16.10.00 and prior contains a use ...)
NOT-FOR-US: Rockwell
CVE-2018-8842
RESERVED
-CVE-2018-8841
- RESERVED
+CVE-2018-8841 (In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess ...)
+ TODO: check
CVE-2018-8840 (A remote attacker could send a carefully crafted packet in InduSoft ...)
NOT-FOR-US: InduSoft
CVE-2018-8839 (Delta PMSoft versions 2.10 and prior have multiple stack-based buffer ...)
@@ -8924,28 +8946,28 @@ CVE-2018-7507 (WPLSoft in Delta Electronics versions 2.45.0 and prior utilizes a
NOT-FOR-US: Delta Electronics
CVE-2018-7506 (The private key of the web server in Moxa MXview versions 2.8 and ...)
NOT-FOR-US: Moxa
-CVE-2018-7505
- RESERVED
+CVE-2018-7505 (In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess ...)
+ TODO: check
CVE-2018-7504 (A Protection Mechanism Failure issue was discovered in OSIsoft PI ...)
NOT-FOR-US: OSIsoft PI
-CVE-2018-7503
- RESERVED
+CVE-2018-7503 (In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess ...)
+ TODO: check
CVE-2018-7502 (Kernel drivers in Beckhoff TwinCAT 3.1 Build 4022.4, TwinCAT 2.11 R3 ...)
NOT-FOR-US: Beckhoff TwinCAT
-CVE-2018-7501
- RESERVED
+CVE-2018-7501 (In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess ...)
+ TODO: check
CVE-2018-7500 (A Permissions, Privileges, and Access Controls issue was discovered in ...)
NOT-FOR-US: OSIsoft PI
-CVE-2018-7499
- RESERVED
+CVE-2018-7499 (In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess ...)
+ TODO: check
CVE-2018-7498 (In Philips Alice 6 System version R8.0.2 or prior, the lack of proper ...)
NOT-FOR-US: Philips Alice 6 System
-CVE-2018-7497
- RESERVED
+CVE-2018-7497 (In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess ...)
+ TODO: check
CVE-2018-7496 (An Information Exposure issue was discovered in OSIsoft PI Vision ...)
NOT-FOR-US: OSIsoft PI
-CVE-2018-7495
- RESERVED
+CVE-2018-7495 (In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess ...)
+ TODO: check
CVE-2018-7494 (WPLSoft in Delta Electronics versions 2.45.0 and prior utilizes a ...)
NOT-FOR-US: Delta Electronics
CVE-2018-7493 (CactusVPN through 6.0 for macOS suffers from a root privilege ...)
@@ -26718,10 +26740,10 @@ CVE-2018-1265
RESERVED
CVE-2018-1264
RESERVED
-CVE-2018-1263
- RESERVED
-CVE-2018-1262
- RESERVED
+CVE-2018-1263 (Addresses partial fix in CVE-2018-1261. Pivotal ...)
+ TODO: check
+CVE-2018-1262 (Cloud Foundry Foundation UAA, versions 4.12.X and 4.13.X, introduced a ...)
+ TODO: check
CVE-2018-1261 (Spring-integration-zip versions prior to 1.0.1 exposes an arbitrary ...)
TODO: check
CVE-2018-1260 (Spring Security OAuth, versions 2.3 prior to 2.3.3, 2.2 prior to ...)
@@ -75216,27 +75238,23 @@ CVE-2017-2615 [display: cirrus: oob access while doing bitblt copy backward mode
CVE-2017-2614
RESERVED
NOT-FOR-US: Red Hat ovirt-aaa-jdbc-tool tools
-CVE-2017-2613
- RESERVED
+CVE-2017-2613 (jenkins before versions 2.44, 2.32.2 is vulnerable to a user creation ...)
- jenkins <removed>
NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2612
- RESERVED
+CVE-2017-2612 (In Jenkins before versions 2.44, 2.32.2 low privilege users were able ...)
- jenkins <removed>
NOTE: https://jenkins.io/security/advisory/2017-02-01/
CVE-2017-2611 (Jenkins before versions 2.44, 2.32.2 is vulnerable to an insufficient ...)
- jenkins <removed>
NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2610
- RESERVED
+CVE-2017-2610 (jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted ...)
- jenkins <removed>
NOTE: https://jenkins.io/security/advisory/2017-02-01/
CVE-2017-2609
RESERVED
- jenkins <removed>
NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2608
- RESERVED
+CVE-2017-2608 (Jenkins before versions 2.44, 2.32.2 is vulnerable to a remote code ...)
- jenkins <removed>
NOTE: https://jenkins.io/security/advisory/2017-02-01/
CVE-2017-2607
@@ -75248,23 +75266,19 @@ CVE-2017-2606 (Jenkins before versions 2.44, 2.32.2 is vulnerable to an informat
NOTE: https://jenkins.io/security/advisory/2017-02-01/
CVE-2017-2605
REJECTED
-CVE-2017-2604
- RESERVED
+CVE-2017-2604 (In Jenkins before versions 2.44, 2.32.2 low privilege users were able ...)
- jenkins <removed>
NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2603
- RESERVED
+CVE-2017-2603 (Jenkins before versions 2.44, 2.32.2 is vulnerable to a user data leak ...)
- jenkins <removed>
NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2602
- RESERVED
+CVE-2017-2602 (jenkins before versions 2.44, 2.32.2 is vulnerable to an improper ...)
- jenkins <removed>
NOTE: https://jenkins.io/security/advisory/2017-02-01/
CVE-2017-2601 (Jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted ...)
- jenkins <removed>
NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2600
- RESERVED
+CVE-2017-2600 (In jenkins before versions 2.44, 2.32.2 node monitor data could be ...)
- jenkins <removed>
NOTE: https://jenkins.io/security/advisory/2017-02-01/
CVE-2017-2599 (Jenkins before versions 2.44 and 2.32.2 is vulnerable to an ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cc0640f2127325e24b8bdcd8edc7faf0e8458e91
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cc0640f2127325e24b8bdcd8edc7faf0e8458e91
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180516/4809c685/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list