[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Fri Oct 12 09:10:32 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
606480c6 by security tracker role at 2018-10-12T08:10:19Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,33 @@
+CVE-2018-18265
+ RESERVED
+CVE-2018-18264
+ RESERVED
+CVE-2018-18263
+ RESERVED
+CVE-2018-18262
+ RESERVED
+CVE-2018-18261
+ RESERVED
+CVE-2018-18260
+ RESERVED
+CVE-2018-18259
+ RESERVED
+CVE-2018-18258 (An issue was discovered in BageCMS 3.1.3. The attacker can execute ...)
+ TODO: check
+CVE-2018-18257 (An issue was discovered in BageCMS 3.1.3. An attacker can delete any ...)
+ TODO: check
+CVE-2018-18256
+ RESERVED
+CVE-2018-18255
+ RESERVED
+CVE-2018-18254
+ RESERVED
+CVE-2018-18253
+ RESERVED
+CVE-2018-18252
+ RESERVED
+CVE-2018-18251
+ RESERVED
CVE-2019-0085
RESERVED
CVE-2019-0084
@@ -214,12 +244,12 @@ CVE-2018-18229
RESERVED
CVE-2018-18228
RESERVED
-CVE-2018-18227
- RESERVED
-CVE-2018-18226
- RESERVED
-CVE-2018-18225
- RESERVED
+CVE-2018-18227 (In Wireshark 2.6.0 to 2.6.3 and 2.4.0 to 2.4.9, the MS-WSP protocol ...)
+ TODO: check
+CVE-2018-18226 (In Wireshark 2.6.0 to 2.6.3, the Steam IHS Discovery dissector could ...)
+ TODO: check
+CVE-2018-18225 (In Wireshark 2.6.0 to 2.6.3, the CoAP dissector could crash. This was ...)
+ TODO: check
CVE-2018-18224
RESERVED
CVE-2018-18223
@@ -917,12 +947,12 @@ CVE-2018-17931
RESERVED
CVE-2018-17930
RESERVED
-CVE-2018-17929
- RESERVED
+CVE-2018-17929 (In Delta Industrial Automation TPEditor, TPEditor Versions 1.90 and ...)
+ TODO: check
CVE-2018-17928
RESERVED
-CVE-2018-17927
- RESERVED
+CVE-2018-17927 (In Delta Industrial Automation TPEditor, TPEditor Versions 1.90 and ...)
+ TODO: check
CVE-2018-17926
RESERVED
CVE-2018-17925 (Multiple instances of this vulnerability (Unsafe ActiveX Control ...)
@@ -14238,8 +14268,8 @@ CVE-2018-12443
RESERVED
CVE-2018-12442
RESERVED
-CVE-2018-12441
- RESERVED
+CVE-2018-12441 (The CorsairService Service in Corsair Utility Engine is installed with ...)
+ TODO: check
CVE-2017-18341
RESERVED
CVE-2017-18340
@@ -17278,6 +17308,7 @@ CVE-2018-11361 (In Wireshark 2.6.0, the IEEE 802.11 protocol dissector could cra
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=1b52f9929238ce3948ec924ae4f9456b5e9df558
NOTE: https://www.wireshark.org/security/wnpa-sec-2018-32.html
CVE-2018-11360 (In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM A DTAP ...)
+ {DSA-4217-1}
- wireshark 2.6.1-1 (bug #900708)
[jessie] - wireshark <not-affected> (vulnerable code not present (uses static a_bigbuf instead))
[wheezy] - wireshark <not-affected> (vulnerable code not present (uses static a_bigbuf instead))
@@ -22704,6 +22735,7 @@ CVE-2018-9274 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, ui/failure_messa
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f38e895dfc0d97bce64f73ce99df706911d9aa07
NOTE: https://www.wireshark.org/security/wnpa-sec-2018-24.html
CVE-2018-9273 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, ...)
+ {DSA-4217-1}
- wireshark 2.4.6-1
[jessie] - wireshark <not-affected> (Vulnerable code not present)
[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -22767,6 +22799,7 @@ CVE-2018-9265 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, ...)
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b12cc581cd4878d74b6116ca02c7dbe650c1f242
NOTE: https://www.wireshark.org/security/wnpa-sec-2018-24.html
CVE-2018-9264 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the ADB dissector ...)
+ {DSA-4217-1}
- wireshark 2.4.6-1
[jessie] - wireshark <not-affected> (Vulnerable code not present (only adb_cs available))
[wheezy] - wireshark <not-affected> (Vulnerable code not present (only adb_cs available))
@@ -28131,6 +28164,7 @@ CVE-2018-7321 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, ...)
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c784d551ad50864de1035ce54e72837301cf6aca
NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
CVE-2018-7320 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the SIGCOMP protocol ...)
+ {DSA-4217-1}
- wireshark 2.4.5-1
[jessie] - wireshark <not-affected> (Vulnerable code introduced later)
[wheezy] - wireshark <not-affected> (Vulnerable code introduced later)
@@ -43954,8 +43988,8 @@ CVE-2018-1840
RESERVED
CVE-2018-1839
RESERVED
-CVE-2018-1838
- RESERVED
+CVE-2018-1838 (IBM WebSphere Application Server 8.5 and 9.0 in IBM Cloud could allow ...)
+ TODO: check
CVE-2018-1837
RESERVED
CVE-2018-1836
@@ -44284,8 +44318,8 @@ CVE-2018-1675
RESERVED
CVE-2018-1674 (IBM Business Process Manager 8.5 through 8.6 and 18.0.0.0 through ...)
NOT-FOR-US: IBM
-CVE-2018-1673
- RESERVED
+CVE-2018-1673 (IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to ...)
+ TODO: check
CVE-2018-1672 (IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 may fail to set the ...)
NOT-FOR-US: IBM
CVE-2018-1671
@@ -59931,6 +59965,7 @@ CVE-2017-13767 (In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the MSD
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6f18ace2a2683418a9368a8dfd92da6bd8213e15
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-38.html
CVE-2017-13766 (In Wireshark 2.4.0 and 2.2.0 to 2.2.8, the Profinet I/O dissector could ...)
+ {DSA-4060-1}
- wireshark 2.4.1-1
[jessie] - wireshark <not-affected> (Vulnerable code not present)
[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -97355,8 +97390,8 @@ CVE-2017-1233 (IBM Remote Control v9 could allow a local user to use the compone
NOT-FOR-US: IBM Remote Control
CVE-2017-1232 (IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) ...)
NOT-FOR-US: IBM Tivoli Endpoint Manager
-CVE-2017-1231
- RESERVED
+CVE-2017-1231 (IBM BigFix Platform 9.5 - 9.5.9 stores user credentials in plain in ...)
+ TODO: check
CVE-2017-1230 (IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) uses ...)
NOT-FOR-US: IBM Tivoli Endpoint Manager
CVE-2017-1229 (IBM Tivoli Endpoint Manager (IBM BigFix 9.2 and 9.5) could allow a ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/606480c63349cf69a85bd55928cfead4ac069e41
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/606480c63349cf69a85bd55928cfead4ac069e41
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181012/332e0a8a/attachment.html>
More information about the debian-security-tracker-commits
mailing list