Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b3fc0e73 by security tracker role at 2018-01-22T21:10:23+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,19 @@
+CVE-2018-6003 (An issue was discovered in the _asn1_decode_simple_ber function
in ...)
+ TODO: check
+CVE-2018-6002 (The Soundy Background Music plugin 3.9 and below for WordPress
has ...)
+ TODO: check
+CVE-2018-6001 (The Soundy Audio Playlist plugin 4.6 and below for WordPress
has ...)
+ TODO: check
+CVE-2018-6000 (An issue was discovered in AsusWRT before 3.0.0.4.384_10007.
The ...)
+ TODO: check
+CVE-2018-5999 (An issue was discovered in AsusWRT before 3.0.0.4.384_10007. In
the ...)
+ TODO: check
+CVE-2018-5998
+ RESERVED
+CVE-2018-5997
+ RESERVED
+CVE-2018-1000007
+ RESERVED
CVE-2018-5996
RESERVED
CVE-2018-5995
@@ -528,8 +544,8 @@ CVE-2018-5763
RESERVED
CVE-2018-5762
RESERVED
-CVE-2018-5761
- RESERVED
+CVE-2018-5761 (A man-in-the-middle vulnerability related to vCenter access was
found ...)
+ TODO: check
CVE-2018-5760
RESERVED
CVE-2018-5759
@@ -692,15 +708,13 @@ CVE-2018-5706 (An issue was discovered in Octopus Deploy
before 4.1.9. Any user
NOT-FOR-US: Octopus Deploy
CVE-2018-5705
RESERVED
-CVE-2018-1000003
- RESERVED
+CVE-2018-1000003 (Improper input validation bugs in DNSSEC validators
components in ...)
- pdns-recursor <unfixed>
[stretch] - pdns-recursor <not-affected> (Only affects 4.1)
[jessie] - pdns-recursor <not-affected> (Only affects 4.1)
[wheezy] - pdns-recursor <not-affected> (Only affects 4.1)
NOTE:
https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-01.html
-CVE-2018-1000002
- RESERVED
+CVE-2018-1000002 (Improper input validation bugs in DNSSEC validators
components in Knot ...)
- knot-recursor 1.5.2-1
CVE-2018-5704 (Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts
to use ...)
{DLA-1253-1}
@@ -1700,7 +1714,7 @@ CVE-2018-5284 (The ImageInject plugin 1.15 for WordPress
has XSS via the flickr_
NOT-FOR-US: ImageInject plugin for WordPress
CVE-2018-5283 (The Photos in Wifi application 1.0.1 for iOS has directory
traversal ...)
NOT-FOR-US: Photos in Wifi application for iOS
-CVE-2018-5282 (Kentico 9.0 through 11.0 has a stack-based buffer overflow via
the ...)
+CVE-2018-5282 (** DISPUTED ** Kentico 9.0 through 11.0 has a stack-based
buffer ...)
NOT-FOR-US: Kentico
CVE-2018-5281 (SonicWall SonicOS on Network Security Appliance (NSA) 2017 Q4
devices ...)
NOT-FOR-US: SonicWall SonicOS
@@ -5789,8 +5803,8 @@ CVE-2017-17860 (In Samsung Gear products, Bluetooth link
key is updated to the .
NOT-FOR-US: Samsung
CVE-2017-17859 (Samsung Internet Browser 6.2.01.12 allows remote attackers to
bypass ...)
NOT-FOR-US: Samsung Internet Browser
-CVE-2017-17858
- RESERVED
+CVE-2017-17858 (Heap-based buffer overflow in the ensure_solid_xref function
in ...)
+ TODO: check
CVE-2017-17851
RESERVED
CVE-2017-17850 (An issue was discovered in Asterisk 13.18.4 and older, 14.7.4
and ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/b3fc0e73e0d65360b3f212019d033cd2b910709b
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/b3fc0e73e0d65360b3f212019d033cd2b910709b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
