[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Thu Sep 13 09:10:26 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6421f7a7 by security tracker role at 2018-09-13T08:10:18Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,35 @@
+CVE-2018-16983 (NoScript Classic before 5.1.8.7, as used in Tor Browser 7.x and other ...)
+ TODO: check
+CVE-2018-16982 (Open Chinese Convert (OpenCC) 1.0.5 allows attackers to cause a denial ...)
+ TODO: check
+CVE-2018-16981 (stb stb_image.h 2.19, as used in catimg, Emscripten, and other ...)
+ TODO: check
+CVE-2018-16980 (dotCMS V5.0.1 has XSS in the ...)
+ TODO: check
+CVE-2018-16979 (Monstra CMS V3.0.4 allows HTTP header injection in the ...)
+ TODO: check
+CVE-2018-16978 (Monstra CMS V3.0.4 has XSS when ones tries to register an account with ...)
+ TODO: check
+CVE-2018-16977 (Monstra CMS V3.0.4 has an information leakage risk (e.g., PATH, ...)
+ TODO: check
+CVE-2018-16975 (An issue was discovered in Elefant CMS before 2.0.7. There is a PHP ...)
+ TODO: check
+CVE-2018-16974 (An issue was discovered in Elefant CMS before 2.0.7. There is a PHP ...)
+ TODO: check
+CVE-2018-16973
+ RESERVED
+CVE-2018-16972
+ RESERVED
+CVE-2018-16971 (Wisetail Learning Ecosystem (LE) through v4.11.6 allows insecure direct ...)
+ TODO: check
+CVE-2018-16970 (Wisetail Learning Ecosystem (LE) through v4.11.6 allows insecure direct ...)
+ TODO: check
+CVE-2018-16969
+ RESERVED
+CVE-2018-16968
+ RESERVED
+CVE-2018-16967
+ RESERVED
CVE-2018-16966
RESERVED
CVE-2018-16965
@@ -6,8 +38,8 @@ CVE-2018-16964
RESERVED
CVE-2018-16963
RESERVED
-CVE-2018-16962
- RESERVED
+CVE-2018-16962 (Webroot SecureAnywhere before 9.0.8.34 on macOS mishandles access to ...)
+ TODO: check
CVE-2018-16961
RESERVED
CVE-2018-16960
@@ -30,7 +62,7 @@ CVE-2018-16952
RESERVED
CVE-2017-18347 (Incorrect access control in RDP Level 1 on STMicroelectronics STM32F0 ...)
NOT-FOR-US: STMicroelectronics STM32F0 series devices
-CVE-2018-16976 [prevent access to repos which are in the process of being migrated]
+CVE-2018-16976 (Gitolite before 3.6.9 does not (in certain configurations involving ...)
- gitolite3 <unfixed> (bug #908699)
[stretch] - gitolite3 <no-dsa> (Minor issue)
- gitolite <removed>
@@ -3246,8 +3278,8 @@ CVE-2018-15612
RESERVED
CVE-2018-15611
RESERVED
-CVE-2018-15610
- RESERVED
+CVE-2018-15610 (A vulnerability in the one-X Portal component of Avaya IP Office ...)
+ TODO: check
CVE-2018-15609
RESERVED
CVE-2018-15608 (Zoho ManageEngine ADManager Plus 6.5.7 allows HTML Injection on the ...)
@@ -21534,128 +21566,128 @@ CVE-2018-8481
RESERVED
CVE-2018-8480
RESERVED
-CVE-2018-8479
- RESERVED
+CVE-2018-8479 (A spoofing vulnerability exists for the Azure IoT Device Provisioning ...)
+ TODO: check
CVE-2018-8478
RESERVED
CVE-2018-8477
RESERVED
CVE-2018-8476
RESERVED
-CVE-2018-8475
- RESERVED
-CVE-2018-8474
- RESERVED
+CVE-2018-8475 (A remote code execution vulnerability exists when Windows does not ...)
+ TODO: check
+CVE-2018-8474 (A security feature bypass vulnerability exists when Lync for Mac 2011 ...)
+ TODO: check
CVE-2018-8473
RESERVED
CVE-2018-8472
RESERVED
CVE-2018-8471
RESERVED
-CVE-2018-8470
- RESERVED
-CVE-2018-8469
- RESERVED
-CVE-2018-8468
- RESERVED
-CVE-2018-8467
- RESERVED
-CVE-2018-8466
- RESERVED
-CVE-2018-8465
- RESERVED
-CVE-2018-8464
- RESERVED
-CVE-2018-8463
- RESERVED
-CVE-2018-8462
- RESERVED
-CVE-2018-8461
- RESERVED
+CVE-2018-8470 (A security feature bypass vulnerability exists in Internet Explorer ...)
+ TODO: check
+CVE-2018-8469 (An elevation of privilege vulnerability exists in Microsoft Edge that ...)
+ TODO: check
+CVE-2018-8468 (An elevation of privilege vulnerability exists when Windows, allowing ...)
+ TODO: check
+CVE-2018-8467 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
+CVE-2018-8466 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
+CVE-2018-8465 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
+CVE-2018-8464 (An remote code execution vulnerability exists when Microsoft Edge PDF ...)
+ TODO: check
+CVE-2018-8463 (An elevation of privilege vulnerability exists in Microsoft Edge that ...)
+ TODO: check
+CVE-2018-8462 (An elevation of privilege vulnerability exists when the DirectX ...)
+ TODO: check
+CVE-2018-8461 (A remote code execution vulnerability exists when Internet Explorer ...)
+ TODO: check
CVE-2018-8460
RESERVED
-CVE-2018-8459
- RESERVED
+CVE-2018-8459 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
CVE-2018-8458
RESERVED
-CVE-2018-8457
- RESERVED
-CVE-2018-8456
- RESERVED
-CVE-2018-8455
- RESERVED
+CVE-2018-8457 (A remote code execution vulnerability exists in the way the scripting ...)
+ TODO: check
+CVE-2018-8456 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
+CVE-2018-8455 (An elevation of privilege vulnerability exists in the way that the ...)
+ TODO: check
CVE-2018-8454
RESERVED
CVE-2018-8453
RESERVED
-CVE-2018-8452
- RESERVED
+CVE-2018-8452 (An information disclosure vulnerability exists when the scripting ...)
+ TODO: check
CVE-2018-8451
RESERVED
CVE-2018-8450
RESERVED
-CVE-2018-8449
- RESERVED
+CVE-2018-8449 (A security feature bypass exists when Device Guard incorrectly ...)
+ TODO: check
CVE-2018-8448
RESERVED
-CVE-2018-8447
- RESERVED
-CVE-2018-8446
- RESERVED
-CVE-2018-8445
- RESERVED
-CVE-2018-8444
- RESERVED
-CVE-2018-8443
- RESERVED
-CVE-2018-8442
- RESERVED
-CVE-2018-8441
- RESERVED
-CVE-2018-8440
- RESERVED
-CVE-2018-8439
- RESERVED
-CVE-2018-8438
- RESERVED
-CVE-2018-8437
- RESERVED
-CVE-2018-8436
- RESERVED
-CVE-2018-8435
- RESERVED
-CVE-2018-8434
- RESERVED
-CVE-2018-8433
- RESERVED
+CVE-2018-8447 (A remote code execution vulnerability exists when Internet Explorer ...)
+ TODO: check
+CVE-2018-8446 (An information disclosure vulnerability exists when the Windows kernel ...)
+ TODO: check
+CVE-2018-8445 (An information disclosure vulnerability exists when the Windows kernel ...)
+ TODO: check
+CVE-2018-8444 (An information disclosure vulnerability exists in the way that the ...)
+ TODO: check
+CVE-2018-8443 (An information disclosure vulnerability exists when the Windows kernel ...)
+ TODO: check
+CVE-2018-8442 (An information disclosure vulnerability exists when the Windows kernel ...)
+ TODO: check
+CVE-2018-8441 (An elevation of privilege vulnerability exists due to an integer ...)
+ TODO: check
+CVE-2018-8440 (An elevation of privilege vulnerability exists when Windows improperly ...)
+ TODO: check
+CVE-2018-8439 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
+ TODO: check
+CVE-2018-8438 (A denial of service vulnerability exists when Microsoft Hyper-V ...)
+ TODO: check
+CVE-2018-8437 (A denial of service vulnerability exists when Microsoft Hyper-V ...)
+ TODO: check
+CVE-2018-8436 (A denial of service vulnerability exists when Microsoft Hyper-V ...)
+ TODO: check
+CVE-2018-8435 (A security feature bypass vulnerability exists when Windows Hyper-V ...)
+ TODO: check
+CVE-2018-8434 (An information disclosure vulnerability exists when Windows Hyper-V on ...)
+ TODO: check
+CVE-2018-8433 (An information disclosure vulnerability exists when the Windows ...)
+ TODO: check
CVE-2018-8432
RESERVED
-CVE-2018-8431
- RESERVED
-CVE-2018-8430
- RESERVED
-CVE-2018-8429
- RESERVED
-CVE-2018-8428
- RESERVED
+CVE-2018-8431 (An elevation of privilege vulnerability exists when Microsoft ...)
+ TODO: check
+CVE-2018-8430 (A remote code execution vulnerability exists in Microsoft Word if a ...)
+ TODO: check
+CVE-2018-8429 (An information disclosure vulnerability exists when Microsoft Excel ...)
+ TODO: check
+CVE-2018-8428 (An elevation of privilege vulnerability exists when Microsoft ...)
+ TODO: check
CVE-2018-8427
RESERVED
-CVE-2018-8426
- RESERVED
-CVE-2018-8425
- RESERVED
-CVE-2018-8424
- RESERVED
+CVE-2018-8426 (A cross-site-scripting (XSS) vulnerability exists when Microsoft ...)
+ TODO: check
+CVE-2018-8425 (A spoofing vulnerability exists when Microsoft Edge improperly handles ...)
+ TODO: check
+CVE-2018-8424 (An information disclosure vulnerability exists when the Windows GDI ...)
+ TODO: check
CVE-2018-8423
RESERVED
-CVE-2018-8422
- RESERVED
-CVE-2018-8421
- RESERVED
-CVE-2018-8420
- RESERVED
-CVE-2018-8419
- RESERVED
+CVE-2018-8422 (An information disclosure vulnerability exists when the Windows GDI ...)
+ TODO: check
+CVE-2018-8421 (A remote code execution vulnerability exists when Microsoft .NET ...)
+ TODO: check
+CVE-2018-8420 (A remote code execution vulnerability exists when the Microsoft XML ...)
+ TODO: check
+CVE-2018-8419 (An information disclosure vulnerability exists when the Windows kernel ...)
+ TODO: check
CVE-2018-8418
RESERVED
CVE-2018-8417
@@ -21672,10 +21704,10 @@ CVE-2018-8412 (An elevation of privilege vulnerability exists when the Microsoft
NOT-FOR-US: Microsoft
CVE-2018-8411
RESERVED
-CVE-2018-8410
- RESERVED
-CVE-2018-8409
- RESERVED
+CVE-2018-8410 (An elevation of privilege vulnerability exists when the Windows Kernel ...)
+ TODO: check
+CVE-2018-8409 (A denial of service vulnerability exists when System.IO.Pipelines ...)
+ TODO: check
CVE-2018-8408
RESERVED
CVE-2018-8407
@@ -21706,12 +21738,12 @@ CVE-2018-8395
RESERVED
CVE-2018-8394 (An information disclosure vulnerability exists when the Windows GDI ...)
NOT-FOR-US: Microsoft
-CVE-2018-8393
- RESERVED
-CVE-2018-8392
- RESERVED
-CVE-2018-8391
- RESERVED
+CVE-2018-8393 (A buffer overflow vulnerability exists in the Microsoft JET Database ...)
+ TODO: check
+CVE-2018-8392 (A buffer overflow vulnerability exists in the Microsoft JET Database ...)
+ TODO: check
+CVE-2018-8391 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
CVE-2018-8390 (A remote code execution vulnerability exists in the way that the ...)
NOT-FOR-US: Microsoft
CVE-2018-8389 (A remote code execution vulnerability exists in the way that the ...)
@@ -21758,10 +21790,10 @@ CVE-2018-8369
RESERVED
CVE-2018-8368
RESERVED
-CVE-2018-8367
- RESERVED
-CVE-2018-8366
- RESERVED
+CVE-2018-8367 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
+CVE-2018-8366 (An information disclosure vulnerability exists when the Microsoft Edge ...)
+ TODO: check
CVE-2018-8365
RESERVED
CVE-2018-8364
@@ -21784,8 +21816,8 @@ CVE-2018-8356 (A security feature bypass vulnerability exists when Microsoft .NE
NOT-FOR-US: Microsoft .NET, doesn't affect src:mono
CVE-2018-8355 (A remote code execution vulnerability exists in the way the scripting ...)
NOT-FOR-US: Microsoft
-CVE-2018-8354
- RESERVED
+CVE-2018-8354 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
CVE-2018-8353 (A remote code execution vulnerability exists in the way that the ...)
NOT-FOR-US: Microsoft
CVE-2018-8352
@@ -21818,20 +21850,20 @@ CVE-2018-8339 (An elevation of privilege vulnerability exists in the Windows ...
NOT-FOR-US: Microsoft
CVE-2018-8338
RESERVED
-CVE-2018-8337
- RESERVED
-CVE-2018-8336
- RESERVED
-CVE-2018-8335
- RESERVED
+CVE-2018-8337 (A security feature bypass vulnerability exists when Windows Subsystem ...)
+ TODO: check
+CVE-2018-8336 (An information disclosure vulnerability exists when the Windows kernel ...)
+ TODO: check
+CVE-2018-8335 (A denial of service vulnerability exists in the Microsoft Server Block ...)
+ TODO: check
CVE-2018-8334
RESERVED
CVE-2018-8333
RESERVED
-CVE-2018-8332
- RESERVED
-CVE-2018-8331
- RESERVED
+CVE-2018-8332 (A remote code execution vulnerability exists when the Windows font ...)
+ TODO: check
+CVE-2018-8331 (A remote code execution vulnerability exists in Microsoft Excel ...)
+ TODO: check
CVE-2018-8330
RESERVED
CVE-2018-8329
@@ -21862,8 +21894,8 @@ CVE-2018-8317
RESERVED
CVE-2018-8316 (A remote code execution vulnerability exists when Internet Explorer ...)
NOT-FOR-US: Microsoft
-CVE-2018-8315
- RESERVED
+CVE-2018-8315 (An information disclosure vulnerability exists when the browser ...)
+ TODO: check
CVE-2018-8314 (An elevation of privilege vulnerability exists when Windows fails a ...)
NOT-FOR-US: Microsoft
CVE-2018-8313 (An elevation of privilege vulnerability exists in the way that the ...)
@@ -21950,12 +21982,12 @@ CVE-2018-8273 (A buffer overflow vulnerability exists in the Microsoft SQL Serve
NOT-FOR-US: Microsoft
CVE-2018-8272
RESERVED
-CVE-2018-8271
- RESERVED
+CVE-2018-8271 (An information disclosure vulnerability exists in Windows when the ...)
+ TODO: check
CVE-2018-8270
RESERVED
-CVE-2018-8269
- RESERVED
+CVE-2018-8269 (A denial of service vulnerability exists when OData Library improperly ...)
+ TODO: check
CVE-2018-8268
RESERVED
CVE-2018-8267 (A remote code execution vulnerability exists in the way that the ...)
@@ -44314,8 +44346,8 @@ CVE-2018-0967 (A denial of service vulnerability exists in the way that Windows
NOT-FOR-US: Microsoft
CVE-2018-0966 (A security feature bypass exists when Device Guard incorrectly ...)
NOT-FOR-US: Microsoft
-CVE-2018-0965
- RESERVED
+CVE-2018-0965 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
+ TODO: check
CVE-2018-0964 (An information disclosure vulnerability exists when Windows Hyper-V on ...)
NOT-FOR-US: Microsoft
CVE-2018-0963 (An elevation of privilege vulnerability exists in the way that the ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6421f7a79e3ce1d69ed63084a2ce8eb267b0f2e8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6421f7a79e3ce1d69ed63084a2ce8eb267b0f2e8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180913/905bbd07/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list