Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: b3fc0e73 by security tracker role at 2018-01-22T21:10:23+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,19 @@ +CVE-2018-6003 (An issue was discovered in the _asn1_decode_simple_ber function in ...) + TODO: check +CVE-2018-6002 (The Soundy Background Music plugin 3.9 and below for WordPress has ...) + TODO: check +CVE-2018-6001 (The Soundy Audio Playlist plugin 4.6 and below for WordPress has ...) + TODO: check +CVE-2018-6000 (An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The ...) + TODO: check +CVE-2018-5999 (An issue was discovered in AsusWRT before 3.0.0.4.384_10007. In the ...) + TODO: check +CVE-2018-5998 + RESERVED +CVE-2018-5997 + RESERVED +CVE-2018-1000007 + RESERVED CVE-2018-5996 RESERVED CVE-2018-5995 @@ -528,8 +544,8 @@ CVE-2018-5763 RESERVED CVE-2018-5762 RESERVED -CVE-2018-5761 - RESERVED +CVE-2018-5761 (A man-in-the-middle vulnerability related to vCenter access was found ...) + TODO: check CVE-2018-5760 RESERVED CVE-2018-5759 @@ -692,15 +708,13 @@ CVE-2018-5706 (An issue was discovered in Octopus Deploy before 4.1.9. Any user NOT-FOR-US: Octopus Deploy CVE-2018-5705 RESERVED -CVE-2018-1000003 - RESERVED +CVE-2018-1000003 (Improper input validation bugs in DNSSEC validators components in ...) - pdns-recursor <unfixed> [stretch] - pdns-recursor <not-affected> (Only affects 4.1) [jessie] - pdns-recursor <not-affected> (Only affects 4.1) [wheezy] - pdns-recursor <not-affected> (Only affects 4.1) NOTE: https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-01.html -CVE-2018-1000002 - RESERVED +CVE-2018-1000002 (Improper input validation bugs in DNSSEC validators components in Knot ...) - knot-recursor 1.5.2-1 CVE-2018-5704 (Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use ...) {DLA-1253-1} @@ -1700,7 +1714,7 @@ CVE-2018-5284 (The ImageInject plugin 1.15 for WordPress has XSS via the flickr_ NOT-FOR-US: ImageInject plugin for WordPress CVE-2018-5283 (The Photos in Wifi application 1.0.1 for iOS has directory traversal ...) NOT-FOR-US: Photos in Wifi application for iOS -CVE-2018-5282 (Kentico 9.0 through 11.0 has a stack-based buffer overflow via the ...) +CVE-2018-5282 (** DISPUTED ** Kentico 9.0 through 11.0 has a stack-based buffer ...) NOT-FOR-US: Kentico CVE-2018-5281 (SonicWall SonicOS on Network Security Appliance (NSA) 2017 Q4 devices ...) NOT-FOR-US: SonicWall SonicOS @@ -5789,8 +5803,8 @@ CVE-2017-17860 (In Samsung Gear products, Bluetooth link key is updated to the . NOT-FOR-US: Samsung CVE-2017-17859 (Samsung Internet Browser 6.2.01.12 allows remote attackers to bypass ...) NOT-FOR-US: Samsung Internet Browser -CVE-2017-17858 - RESERVED +CVE-2017-17858 (Heap-based buffer overflow in the ensure_solid_xref function in ...) + TODO: check CVE-2017-17851 RESERVED CVE-2017-17850 (An issue was discovered in Asterisk 13.18.4 and older, 14.7.4 and ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b3fc0e73e0d65360b3f212019d033cd2b910709b --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b3fc0e73e0d65360b3f212019d033cd2b910709b You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits