[Git][security-tracker-team/security-tracker][master] Add CVE-2018-8791 - CVE-2018-8800, CVE-2018-20174 - CVE-2018-20182/rdesktop
László Böszörményi
gcs at debian.org
Tue Jan 8 00:14:15 GMT 2019
László Böszörményi pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2be01f6f by Laszlo Boszormenyi (GCS) at 2019-01-08T00:11:53Z
Add CVE-2018-8791 - CVE-2018-8800, CVE-2018-20174 - CVE-2018-20182/rdesktop
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5939,24 +5939,24 @@ CVE-2018-20184 (In GraphicsMagick 1.4 snapshot-20181209 Q8, there is a heap-base
NOTE: https://sourceforge.net/p/graphicsmagick/bugs/583/
CVE-2018-20183
RESERVED
-CVE-2018-20182
- RESERVED
-CVE-2018-20181
- RESERVED
-CVE-2018-20180
- RESERVED
-CVE-2018-20179
- RESERVED
-CVE-2018-20178
- RESERVED
-CVE-2018-20177
- RESERVED
-CVE-2018-20176
- RESERVED
-CVE-2018-20175
- RESERVED
-CVE-2018-20174
- RESERVED
+CVE-2018-20182 [Remote code execution in seamless_process_line()]
+ - rdesktop <unfixed>
+CVE-2018-20181 [Remote code execution in seamless_process()]
+ - rdesktop <unfixed>
+CVE-2018-20180 [Remote code execution in rdpsnddbg_process()]
+ - rdesktop <unfixed>
+CVE-2018-20179 [Remote code execution in lspci_process()]
+ - rdesktop <unfixed>
+CVE-2018-20178 [DoS in process_demand_active()]
+ - rdesktop <unfixed>
+CVE-2018-20177 [Memory corruption in rdp_in_unistr()]
+ - rdesktop <unfixed>
+CVE-2018-20176 [DoS in sec_parse_crypt_info() and in sec_recv()]
+ - rdesktop <unfixed>
+CVE-2018-20175 [DoS in mcs_recv_connect_response() and in mcs_parse_domain_params()]
+ - rdesktop <unfixed>
+CVE-2018-20174 [Major information leak in ui_clip_handle_data()]
+ - rdesktop <unfixed>
CVE-2018-20173 (Zoho ManageEngine OpManager 12.3 before 123238 allows SQL injection via ...)
NOT-FOR-US: Zoho ManageEngine OpManager
CVE-2018-20346 (SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an ...)
@@ -42228,26 +42228,26 @@ CVE-2018-8802 (SQL injection vulnerability in the management interface in ePorta
CVE-2018-8801 (GitLab Community and Enterprise Editions version 8.3 up to 10.x before ...)
- gitlab 10.5.6+dfsg-1 (bug #893905)
NOTE: https://about.gitlab.com/2018/03/20/critical-security-release-gitlab-10-dot-5-dot-6-released/
-CVE-2018-8800
- RESERVED
-CVE-2018-8799
- RESERVED
-CVE-2018-8798
- RESERVED
-CVE-2018-8797
- RESERVED
-CVE-2018-8796
- RESERVED
-CVE-2018-8795
- RESERVED
-CVE-2018-8794
- RESERVED
-CVE-2018-8793
- RESERVED
-CVE-2018-8792
- RESERVED
-CVE-2018-8791
- RESERVED
+CVE-2018-8800 [Remote code execution in ui_clip_handle_data()]
+ - rdesktop <unfixed>
+CVE-2018-8799 [DoS in process_secondary_order()
+ - rdesktop <unfixed>
+CVE-2018-8798 [Minor information leak in rdpsnd_process_ping()]
+ - rdesktop <unfixed>
+CVE-2018-8797 [Remote code execution in process_plane()]
+ - rdesktop <unfixed>
+CVE-2018-8796 [DoS in process_bitmap_data()]
+ - rdesktop <unfixed>
+CVE-2018-8795 [Remote code execution in process_bitmap_data()]
+ - rdesktop <unfixed>
+CVE-2018-8794 [Memory corruption in process_bitmap_data()]
+ - rdesktop <unfixed>
+CVE-2018-8793 [Remote code execution in cssp_read_tsrequest()]
+ - rdesktop <unfixed>
+CVE-2018-8792 [DoS in cssp_read_tsrequest()]
+ - rdesktop <unfixed>
+CVE-2018-8791 [Minor information leak in rdpdr_process()]
+ - rdesktop <unfixed>
CVE-2018-8790
RESERVED
CVE-2018-8789 (FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2be01f6f3920270a2e3c0405b6b9df9c51e61b10
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2be01f6f3920270a2e3c0405b6b9df9c51e61b10
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190108/9000fa0a/attachment.html>
More information about the debian-security-tracker-commits
mailing list