[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Thu Jan 24 08:10:30 GMT 2019 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
054a5fb0 by security tracker role at 2019-01-24T08:10:21Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,39 @@
+CVE-2019-6726
+	RESERVED
+CVE-2019-6725
+	RESERVED
+CVE-2019-6724
+	RESERVED
+CVE-2019-6723
+	RESERVED
+CVE-2019-6722
+	RESERVED
+CVE-2019-6721
+	RESERVED
+CVE-2019-6720
+	RESERVED
+CVE-2019-6719 (An issue has been found in libIEC61850 v1.3.1. There is a ...)
+	TODO: check
+CVE-2019-6718
+	RESERVED
+CVE-2019-6717
+	RESERVED
+CVE-2019-6716
+	RESERVED
+CVE-2019-6715
+	RESERVED
+CVE-2019-6714
+	RESERVED
+CVE-2019-6713 (app\admin\controller\RouteController.php in ThinkCMF 5.0.190111 allows ...)
+	TODO: check
+CVE-2019-6712
+	RESERVED
+CVE-2019-6711
+	RESERVED
+CVE-2019-6710
+	RESERVED
+CVE-2018-20742 (An issue was discovered in UC Berkeley RISE Opaque before 2018-12-01. ...)
+	TODO: check
 CVE-2019-6709
 	RESERVED
 CVE-2019-6708 (PHPSHE 1.7 has SQL injection via the admin.php?mod=order state ...)
@@ -43,7 +79,7 @@ CVE-2019-6691 (phpwind 9.0.2.170426 UTF8 allows SQL Injection via the ...)
 	NOT-FOR-US: phpwind
 CVE-2019-6690
 	RESERVED
-CVE-2018-1000997
+CVE-2018-1000997 (A path traversal vulnerability exists in the Stapler web framework ...)
 	NOT-FOR-US: Jenkins
 CVE-2019-6689
 	RESERVED
@@ -490,8 +526,7 @@ CVE-2019-6488 (The string component in the GNU C Library (aka glibc or libc6) th
 	NOTE: x32 not officially supported
 CVE-2019-6487 (TP-Link WDR Series devices through firmware v3 (such as TL-WDR5620 ...)
 	NOT-FOR-US: TP-Link
-CVE-2019-6486 [crypto/elliptic implementations of P-521 and P-384 elliptic curves allow for denial of service]
-	RESERVED
+CVE-2019-6486 (Go before 1.10.8 and 1.11.x before 1.11.5 mishandles P-521 and P-384 ...)
 	- golang-1.12 <undetermined>
 	- golang-1.11 <unfixed>
 	- golang-1.10 <unfixed>
@@ -12899,24 +12934,24 @@ CVE-2019-1646
 	RESERVED
 CVE-2019-1645
 	RESERVED
-CVE-2019-1644
-	RESERVED
-CVE-2019-1643
-	RESERVED
-CVE-2019-1642
-	RESERVED
-CVE-2019-1641
-	RESERVED
-CVE-2019-1640
-	RESERVED
-CVE-2019-1639
-	RESERVED
-CVE-2019-1638
-	RESERVED
-CVE-2019-1637
-	RESERVED
-CVE-2019-1636
-	RESERVED
+CVE-2019-1644 (A vulnerability in the UDP protocol implementation for Cisco IoT Field ...)
+	TODO: check
+CVE-2019-1643 (A vulnerability in the web-based management interface of Cisco Prime ...)
+	TODO: check
+CVE-2019-1642 (A vulnerability in the web-based management interface of Cisco ...)
+	TODO: check
+CVE-2019-1641 (A vulnerability in the Cisco Webex Network Recording Player for ...)
+	TODO: check
+CVE-2019-1640 (A vulnerability in the Cisco Webex Network Recording Player for ...)
+	TODO: check
+CVE-2019-1639 (A vulnerability in the Cisco Webex Network Recording Player for ...)
+	TODO: check
+CVE-2019-1638 (A vulnerability in the Cisco Webex Network Recording Player for ...)
+	TODO: check
+CVE-2019-1637 (A vulnerability in the Cisco Webex Network Recording Player for ...)
+	TODO: check
+CVE-2019-1636 (A vulnerability in the Cisco Webex Teams client, formerly Cisco Spark, ...)
+	TODO: check
 CVE-2019-1635
 	RESERVED
 CVE-2019-1634
@@ -21857,172 +21892,172 @@ CVE-2018-17709
 	RESERVED
 CVE-2018-17708
 	RESERVED
-CVE-2018-17707
-	RESERVED
+CVE-2018-17707 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
 CVE-2018-17706 (This vulnerability allows remote attackers to execute arbitrary code ...)
 	NOT-FOR-US: Foxit PhantomPDF Phantom PDF
-CVE-2018-17705
-	RESERVED
-CVE-2018-17704
-	RESERVED
-CVE-2018-17703
-	RESERVED
-CVE-2018-17702
-	RESERVED
-CVE-2018-17701
-	RESERVED
-CVE-2018-17700
-	RESERVED
-CVE-2018-17699
-	RESERVED
-CVE-2018-17698
-	RESERVED
-CVE-2018-17697
-	RESERVED
-CVE-2018-17696
-	RESERVED
-CVE-2018-17695
-	RESERVED
-CVE-2018-17694
-	RESERVED
-CVE-2018-17693
-	RESERVED
-CVE-2018-17692
-	RESERVED
-CVE-2018-17691
-	RESERVED
-CVE-2018-17690
-	RESERVED
-CVE-2018-17689
-	RESERVED
-CVE-2018-17688
-	RESERVED
-CVE-2018-17687
-	RESERVED
-CVE-2018-17686
-	RESERVED
-CVE-2018-17685
-	RESERVED
-CVE-2018-17684
-	RESERVED
-CVE-2018-17683
-	RESERVED
-CVE-2018-17682
-	RESERVED
-CVE-2018-17681
-	RESERVED
-CVE-2018-17680
-	RESERVED
-CVE-2018-17679
-	RESERVED
-CVE-2018-17678
-	RESERVED
-CVE-2018-17677
-	RESERVED
-CVE-2018-17676
-	RESERVED
-CVE-2018-17675
-	RESERVED
-CVE-2018-17674
-	RESERVED
-CVE-2018-17673
-	RESERVED
-CVE-2018-17672
-	RESERVED
-CVE-2018-17671
-	RESERVED
-CVE-2018-17670
-	RESERVED
-CVE-2018-17669
-	RESERVED
-CVE-2018-17668
-	RESERVED
-CVE-2018-17667
-	RESERVED
-CVE-2018-17666
-	RESERVED
-CVE-2018-17665
-	RESERVED
-CVE-2018-17664
-	RESERVED
-CVE-2018-17663
-	RESERVED
-CVE-2018-17662
-	RESERVED
-CVE-2018-17661
-	RESERVED
-CVE-2018-17660
-	RESERVED
-CVE-2018-17659
-	RESERVED
-CVE-2018-17658
-	RESERVED
-CVE-2018-17657
-	RESERVED
-CVE-2018-17656
-	RESERVED
-CVE-2018-17655
-	RESERVED
-CVE-2018-17654
-	RESERVED
-CVE-2018-17653
-	RESERVED
-CVE-2018-17652
-	RESERVED
-CVE-2018-17651
-	RESERVED
-CVE-2018-17650
-	RESERVED
-CVE-2018-17649
-	RESERVED
-CVE-2018-17648
-	RESERVED
-CVE-2018-17647
-	RESERVED
-CVE-2018-17646
-	RESERVED
-CVE-2018-17645
-	RESERVED
-CVE-2018-17644
-	RESERVED
-CVE-2018-17643
-	RESERVED
-CVE-2018-17642
-	RESERVED
-CVE-2018-17641
-	RESERVED
-CVE-2018-17640
-	RESERVED
-CVE-2018-17639
-	RESERVED
-CVE-2018-17638
-	RESERVED
-CVE-2018-17637
-	RESERVED
-CVE-2018-17636
-	RESERVED
-CVE-2018-17635
-	RESERVED
-CVE-2018-17634
-	RESERVED
-CVE-2018-17633
-	RESERVED
-CVE-2018-17632
-	RESERVED
-CVE-2018-17631
-	RESERVED
-CVE-2018-17630
-	RESERVED
-CVE-2018-17629
-	RESERVED
-CVE-2018-17628
-	RESERVED
-CVE-2018-17627
-	RESERVED
-CVE-2018-17626
-	RESERVED
-CVE-2018-17625
-	RESERVED
+CVE-2018-17705 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17704 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17703 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17702 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17701 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17700 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17699 (This vulnerability allows remote attackers to disclose sensitive ...)
+	TODO: check
+CVE-2018-17698 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17697 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17696 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17695 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17694 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17693 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17692 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17691 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17690 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17689 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17688 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17687 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17686 (This vulnerability allows remote attackers to disclose sensitive ...)
+	TODO: check
+CVE-2018-17685 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17684 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17683 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17682 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17681 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17680 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17679 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17678 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17677 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17676 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17675 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17674 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17673 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17672 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17671 (This vulnerability allows remote attackers to disclose sensitive ...)
+	TODO: check
+CVE-2018-17670 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17669 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17668 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17667 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17666 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17665 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17664 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17663 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17662 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17661 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17660 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17659 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17658 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17657 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17656 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17655 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17654 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17653 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17652 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17651 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17650 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17649 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17648 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17647 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17646 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17645 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17644 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17643 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17642 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17641 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17640 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17639 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17638 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17637 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17636 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17635 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17634 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17633 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17632 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17631 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17630 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17629 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17628 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17627 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17626 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17625 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
 CVE-2018-17624 (This vulnerability allows remote attackers to execute arbitrary code ...)
 	NOT-FOR-US: Foxit Reader
 CVE-2018-17623 (This vulnerability allows remote attackers to execute arbitrary code ...)
@@ -27619,16 +27654,16 @@ CVE-2018-15461 (A vulnerability in the MyWebex component of Cisco Webex Business
 	NOT-FOR-US: Cisco
 CVE-2018-15460 (A vulnerability in the email message filtering feature of Cisco ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15459
-	RESERVED
+CVE-2018-15459 (A vulnerability in the administrative web interface of Cisco Identity ...)
+	TODO: check
 CVE-2018-15458 (A vulnerability in the Shell Access Filter feature of Cisco Firepower ...)
 	NOT-FOR-US: Cisco
 CVE-2018-15457 (A vulnerability in the web-based management interface of Cisco Prime ...)
 	NOT-FOR-US: Cisco
 CVE-2018-15456 (A vulnerability in the Admin Portal of Cisco Identity Services Engine ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15455
-	RESERVED
+CVE-2018-15455 (A vulnerability in the logging component of Cisco Identity Services ...)
+	TODO: check
 CVE-2018-15454 (A vulnerability in the Session Initiation Protocol (SIP) inspection ...)
 	NOT-FOR-US: Cisco
 CVE-2018-15453 (A vulnerability in the Secure/Multipurpose Internet Mail Extensions ...)
@@ -70944,8 +70979,8 @@ CVE-2018-0189 (A vulnerability in the Forwarding Information Base (FIB) code of
 	NOT-FOR-US: Cisco
 CVE-2018-0188 (Multiple vulnerabilities in the web-based user interface (web UI) of ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0187
-	RESERVED
+CVE-2018-0187 (A vulnerability in the Admin portal of Cisco Identity Services Engine ...)
+	TODO: check
 CVE-2018-0186 (Multiple vulnerabilities in the web-based user interface (web UI) of ...)
 	NOT-FOR-US: Cisco
 CVE-2018-0185 (Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/054a5fb05748ba52f5342179e57ae9edf6dfdeee

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/054a5fb05748ba52f5342179e57ae9edf6dfdeee
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190124/a771cd2c/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list