[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Thu Oct 4 09:10:33 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0e868201 by security tracker role at 2018-10-04T08:10:23Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,22 @@
-CVE-2018-17972 [Information leak via /proc/$pid/stack]
+CVE-2018-17979
+ RESERVED
+CVE-2018-17978
+ RESERVED
+CVE-2018-17977
+ RESERVED
+CVE-2018-17976
+ RESERVED
+CVE-2018-17975
+ RESERVED
+CVE-2018-17974 (An issue was discovered in Tcpreplay 4.3.0 beta1. A heap-based buffer ...)
+ TODO: check
+CVE-2018-17973
+ RESERVED
+CVE-2018-17971
+ RESERVED
+CVE-2018-17970
+ RESERVED
+CVE-2018-17972 (An issue was discovered in the proc_pid_stack function in ...)
- linux <unfixed>
NOTE: https://marc.info/?l=linux-fsdevel&m=153806242024956&w=2
CVE-2018-17969 (Samsung SCX-6545X V2.00.03.01 03-23-2012 devices allows remote ...)
@@ -185,10 +203,10 @@ CVE-2018-17884 (XSS exists in admin/gb-dashboard-widget.php in the Gwolle Guestb
NOT-FOR-US: WordPress plugin gwolle-gb
CVE-2018-17882
RESERVED
-CVE-2018-17881
- RESERVED
-CVE-2018-17880
- RESERVED
+CVE-2018-17881 (On D-Link DIR-823G 2018-09-19 devices, the GoAhead configuration ...)
+ TODO: check
+CVE-2018-17880 (On D-Link DIR-823G 2018-09-19 devices, the GoAhead configuration ...)
+ TODO: check
CVE-2018-17879
RESERVED
CVE-2018-17878
@@ -806,7 +824,7 @@ CVE-2018-17584
RESERVED
CVE-2018-17583
RESERVED
-CVE-2018-17582 (tcpreplay v4.3.0 contains a heap-based buffer over-read. The ...)
+CVE-2018-17582 (Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The ...)
TODO: check
CVE-2018-17581 (CiffDirectory::readDirectory() at crwimage_int.cpp in Exiv2 0.26 has ...)
- exiv2 <unfixed> (low; bug #910060)
@@ -850,8 +868,8 @@ CVE-2018-17564
RESERVED
CVE-2018-17563
RESERVED
-CVE-2018-17562
- RESERVED
+CVE-2018-17562 (Multi-Tech FaxFinder before 5.1.6 has SQL Injection via a ...)
+ TODO: check
CVE-2018-17561
RESERVED
CVE-2018-17560
@@ -868,10 +886,10 @@ CVE-2018-17555 (The web component on ARRIS TG2492LG-NA 061213 devices allows rem
NOT-FOR-US: ARRIS TG2492LG-NA 061213 devices
CVE-2018-17554
RESERVED
-CVE-2018-17553
- RESERVED
-CVE-2018-17552
- RESERVED
+CVE-2018-17553 (An "Unrestricted Upload of File with Dangerous Type" issue with ...)
+ TODO: check
+CVE-2018-17552 (SQL Injection in login.php in Naviwebs Navigate CMS 2.8 allows remote ...)
+ TODO: check
CVE-2018-17551
RESERVED
CVE-2018-17550
@@ -894,8 +912,7 @@ CVE-2018-17542
RESERVED
CVE-2018-17541
RESERVED
-CVE-2018-17540 [denial-of-service vulnerability in the gmp plugin]
- RESERVED
+CVE-2018-17540 (The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a ...)
{DSA-4309-1 DLA-1528-1}
- strongswan 5.7.1-1
NOTE: https://www.strongswan.org/blog/2018/10/01/strongswan-vulnerability-(cve-2018-17540).html
@@ -1150,8 +1167,8 @@ CVE-2018-17430
RESERVED
CVE-2018-17429
RESERVED
-CVE-2018-17428
- RESERVED
+CVE-2018-17428 (An issue was discovered in OPAC EasyWeb Five 5.7. There is SQL ...)
+ TODO: check
CVE-2018-17427 (SIMDComp before 0.1.0 allows remote attackers to cause a denial of ...)
NOT-FOR-US: SIMDComp
CVE-2018-17426
@@ -1190,8 +1207,8 @@ CVE-2018-17410 (Horus CMS allows SQL Injection, as demonstrated by a request to
NOT-FOR-US: Horus CMS
CVE-2018-17409
RESERVED
-CVE-2018-17408
- RESERVED
+CVE-2018-17408 (Stack-based buffer overflows in Zahir Accounting Enterprise Plus 6 ...)
+ TODO: check
CVE-2018-17406
RESERVED
CVE-2018-17405
@@ -11559,7 +11576,7 @@ CVE-2018-13114
RESERVED
CVE-2018-13113 (The transfer and transferFrom functions of a smart contract ...)
NOT-FOR-US: smart contract implementation for Easy Trading Token and Ethereum token
-CVE-2018-13112 (get_l2len in common/get.c in Tcpreplay 4.3.0 beta 1 allows remote ...)
+CVE-2018-13112 (get_l2len in common/get.c in Tcpreplay 4.3.0 beta1 allows remote ...)
- tcpreplay <unfixed> (low; bug #902952)
[stretch] - tcpreplay <no-dsa> (Minor issue)
[jessie] - tcpreplay <no-dsa> (Minor issue)
@@ -29084,8 +29101,8 @@ CVE-2018-6697
RESERVED
CVE-2018-6696
RESERVED
-CVE-2018-6695
- RESERVED
+CVE-2018-6695 (SSH host keys generation vulnerability in the server in McAfee Threat ...)
+ TODO: check
CVE-2018-6694
RESERVED
CVE-2018-6693 (An unprivileged user can delete arbitrary files on a Linux system ...)
@@ -31986,8 +32003,8 @@ CVE-2018-5923
RESERVED
CVE-2018-5922
RESERVED
-CVE-2018-5921
- RESERVED
+CVE-2018-5921 (A potential security vulnerability has been identified with certain HP ...)
+ TODO: check
CVE-2018-5920
RESERVED
CVE-2018-5919
@@ -93209,8 +93226,8 @@ CVE-2017-2753
RESERVED
CVE-2017-2752
RESERVED
-CVE-2017-2751
- RESERVED
+CVE-2017-2751 (A BIOS password extraction vulnerability has been reported on certain ...)
+ TODO: check
CVE-2017-2750 (Insufficient Solution DLL Signature Validation allows potential ...)
NOT-FOR-US: HP printers
CVE-2017-2749
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0e868201b8d327066cb1fd869a7b4b04a4f4ced3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0e868201b8d327066cb1fd869a7b4b04a4f4ced3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181004/81f2f3ed/attachment.html>
More information about the debian-security-tracker-commits
mailing list