Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 87baaf23 by security tracker role at 2018-02-07T09:10:17+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -1,8 +1,101 @@ -CVE-2018-6767 [wavpack: stack buffer overflow via crafted wav file] +CVE-2018-6807 + RESERVED +CVE-2018-6806 (Marked 2 through 2.5.11 allows remote attackers to read arbitrary files ...) + TODO: check +CVE-2018-6805 + RESERVED +CVE-2018-6804 + RESERVED +CVE-2018-6803 + RESERVED +CVE-2018-6802 + RESERVED +CVE-2018-6801 + RESERVED +CVE-2018-6800 + RESERVED +CVE-2018-6799 (The AcquireCacheNexus function in magick/pixel_cache.c in ...) + TODO: check +CVE-2018-6798 + RESERVED +CVE-2018-6797 + RESERVED +CVE-2018-6796 + RESERVED +CVE-2018-6795 + RESERVED +CVE-2018-6794 (Suricata before 4.1 is prone to an HTTP detection bypass vulnerability ...) + TODO: check +CVE-2018-6793 + RESERVED +CVE-2018-6792 (Multiple SQL injection vulnerabilities in Saifor CVMS HUB 1.3.1 allow ...) + TODO: check +CVE-2018-6791 (An issue was discovered in soliduiserver/deviceserviceaction.cpp in KDE ...) + TODO: check +CVE-2018-6790 (An issue was discovered in KDE Plasma Workspace before 5.12.0. ...) + TODO: check +CVE-2018-6789 + RESERVED +CVE-2018-6788 (In Jiangmin Antivirus 16.0.0.100, the driver file (KVFG.sys) allows ...) + TODO: check +CVE-2018-6787 (In Jiangmin Antivirus 16.0.0.100, the driver file (KVFG.sys) allows ...) + TODO: check +CVE-2018-6786 (In Jiangmin Antivirus 16.0.0.100, the driver file (KVFG.sys) allows ...) + TODO: check +CVE-2018-6785 (In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows ...) + TODO: check +CVE-2018-6784 (In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows ...) + TODO: check +CVE-2018-6783 (In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows ...) + TODO: check +CVE-2018-6782 (In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows ...) + TODO: check +CVE-2018-6781 (In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows ...) + TODO: check +CVE-2018-6780 (In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows ...) + TODO: check +CVE-2018-6779 (In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows ...) + TODO: check +CVE-2018-6778 (In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows ...) + TODO: check +CVE-2018-6777 (In Jiangmin Antivirus 16.0.0.100, the driver file (KVFG.sys) allows ...) + TODO: check +CVE-2018-6776 (In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows ...) + TODO: check +CVE-2018-6775 (In Jiangmin Antivirus 16.0.0.100, the driver file (KrnlCall.sys) allows ...) + TODO: check +CVE-2018-6774 (In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows ...) + TODO: check +CVE-2018-6773 (In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows ...) + TODO: check +CVE-2018-6772 (In Jiangmin Antivirus 16.0.0.100, the driver file (KrnlCall.sys) allows ...) + TODO: check +CVE-2018-6771 (In Jiangmin Antivirus 16.0.0.100, the driver file (KrnlCall.sys) allows ...) + TODO: check +CVE-2018-6770 (In Jiangmin Antivirus 16.0.0.100, the driver file (KrnlCall.sys) allows ...) + TODO: check +CVE-2018-6769 (In Jiangmin Antivirus 16.0.0.100, the driver file (KrnlCall.sys) allows ...) + TODO: check +CVE-2018-6768 (In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows ...) + TODO: check +CVE-2018-6766 + RESERVED +CVE-2018-6765 + RESERVED +CVE-2018-6763 + RESERVED +CVE-2018-6762 + RESERVED +CVE-2018-6761 + RESERVED +CVE-2018-6760 + RESERVED +CVE-2018-6767 (A stack-based buffer over-read in the ParseRiffHeaderConfig function of ...) - wavpack <unfixed> (bug #889276) NOTE: https://github.com/dbry/WavPack/issues/27 NOTE: https://github.com/dbry/WavPack/commit/d5bf76b5a88d044a1be1d5656698e3ba737167e5 CVE-2018-6764 [guest could inject executable code via libnss_dns.so loaded by libvirt_lxc before init] + RESERVED - libvirt <undetermined> NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1541444 TODO: check, Red Hat does not provide much references @@ -469,8 +562,8 @@ CVE-2018-6605 (SQL Injection exists in the Zh BaiduMap 3.0.0.1 component for Joo NOT-FOR-US: Zh BaiduMap component for Joomla! CVE-2018-6604 (SQL Injection exists in the Zh YandexMap 6.2.1.0 component for Joomla! ...) NOT-FOR-US: Zh YandexMap component for Joomla! -CVE-2018-6603 - RESERVED +CVE-2018-6603 (Promise Technology WebPam Pro-E devices allow remote attackers to ...) + TODO: check CVE-2018-6602 RESERVED CVE-2018-6601 @@ -1229,6 +1322,7 @@ CVE-2018-6362 CVE-2018-6361 RESERVED CVE-2018-6360 (mpv through 0.28.0 allows remote attackers to execute arbitrary code ...) + {DSA-4105-1} - mpv 0.27.0-3 (bug #888654) [jessie] - mpv <not-affected> (Vulnerable code not present, youtube-dl hook script added in 0.7.0) NOTE: https://github.com/mpv-player/mpv/issues/5456 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/87baaf23091d0e75766c5784099ec5c1779e8af9 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/87baaf23091d0e75766c5784099ec5c1779e8af9 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits