Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 95b95535 by security tracker role at 2018-07-10T08:10:11+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -1,4 +1,42 @@ -CVE-2018-1000622 [rustdoc loads plugins from world writable directory allowing for arbitrary code execution] +CVE-2018-13795 (Gravity before 0.5.1 does not support a maximum recursion depth. ...) + TODO: check +CVE-2018-13794 (A heap-based buffer overflow exists in stbi__bmp_load_cont in ...) + TODO: check +CVE-2018-13793 (Multiple Cross Site Request Forgery (CSRF) vulnerabilities in the HTTP ...) + TODO: check +CVE-2018-13792 + RESERVED +CVE-2018-13791 (The HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 allows ...) + TODO: check +CVE-2018-13790 (A Server Side Request Forgery (SSRF) vulnerability in ...) + TODO: check +CVE-2018-13789 + RESERVED +CVE-2018-13788 + RESERVED +CVE-2018-1000623 (JFrog JFrog Artifactory version Prior to version 6.0.3, since version ...) + TODO: check +CVE-2018-1000621 (Mycroft AI mycroft-core version 18.2.8b and earlier contains a ...) + TODO: check +CVE-2018-1000620 (Eran Hammer cryptiles version 4.1.1 earlier contains a CWE-331: ...) + TODO: check +CVE-2018-1000619 (Ovidentia version 8.4.3 and earlier contains a Unsanitized User Input ...) + TODO: check +CVE-2018-1000618 (EOSIO/eos eos version after commit ...) + TODO: check +CVE-2018-1000617 (Atlassian Floodlight Atlassian Floodlight Controller version 1.2 and ...) + TODO: check +CVE-2018-1000616 (ONOS ONOS controller version 1.13.1 and earlier contains a XML ...) + TODO: check +CVE-2018-1000615 (ONOS ONOS Controller version 1.13.1 and earlier contains a Denial of ...) + TODO: check +CVE-2018-1000614 (ONOS ONOS Controller version 1.13.1 and earlier contains a XML ...) + TODO: check +CVE-2018-1000613 (Legion of the Bouncy Castle Legion of the Bouncy Castle Java ...) + TODO: check +CVE-2018-1000611 (SURFnet OpenConext EngineBlock version 5.7.0 to 5.7.3 contains a Cross ...) + TODO: check +CVE-2018-1000622 (The Rust Programming Language rustdoc version Between 0.8 and 1.27.0 ...) - rustc <unfixed> NOTE: https://groups.google.com/forum/#!topic/rustlang-security-announcements/4ybxYLTtXuM CVE-2018-13787 (Certain Supermicro X11S, X10, X9, X8SI, K1SP, C9X299, C7, B1, A2, and ...) @@ -5730,8 +5768,8 @@ CVE-2018-11452 RESERVED CVE-2018-11451 RESERVED -CVE-2018-11450 - RESERVED +CVE-2018-11450 (A reflected Cross-Site-Scripting (XSS) vulnerability has been ...) + TODO: check CVE-2018-11449 (A vulnerability has been identified in SCALANCE M875 (All versions). ...) NOT-FOR-US: SCALANCE CVE-2018-11448 (A vulnerability has been identified in SCALANCE M875 (All versions). ...) @@ -17606,12 +17644,12 @@ CVE-2018-6969 RESERVED CVE-2018-6968 (The VMware AirWatch Agent for Android prior to 8.2 and AirWatch Agent ...) NOT-FOR-US: VMware AirWatch Agent -CVE-2018-6967 - RESERVED -CVE-2018-6966 - RESERVED -CVE-2018-6965 - RESERVED +CVE-2018-6967 (VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x ...) + TODO: check +CVE-2018-6966 (VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x ...) + TODO: check +CVE-2018-6965 (VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x ...) + TODO: check CVE-2018-6964 (VMware Horizon Client for Linux (4.x before 4.8.0 and prior) contains ...) NOT-FOR-US: VMware CVE-2018-6963 (VMware Workstation (14.x before 14.1.2) and Fusion (10.x before ...) @@ -26784,6 +26822,7 @@ CVE-2018-3762 (Nextcloud Server before 12.0.8 and 13.0.3 suffers from improper c CVE-2018-3761 (Nextcloud Server before 12.0.8 and 13.0.3 suffer from improper ...) - nextcloud <itp> (bug #835086) CVE-2018-3760 (There is an information leak vulnerability in Sprockets. Versions ...) + {DSA-4242-1} - ruby-sprockets 3.7.0-1.1 (bug #901913) NOTE: http://www.openwall.com/lists/oss-security/2018/06/19/2 NOTE: https://github.com/rails/sprockets/commit/c09131cf5b2c479263939c8582e22b98ed616c5f View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/95b95535ae3ab32a499956a6f62b46f2fdbcc6d6 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/95b95535ae3ab32a499956a6f62b46f2fdbcc6d6 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits