Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 0fb3939f by security tracker role at 2018-02-22T09:10:26+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,67 @@ +CVE-2018-7338 + RESERVED +CVE-2018-7337 + RESERVED +CVE-2018-7336 + RESERVED +CVE-2018-7335 + RESERVED +CVE-2018-7334 + RESERVED +CVE-2018-7333 + RESERVED +CVE-2018-7332 + RESERVED +CVE-2018-7331 + RESERVED +CVE-2018-7330 + RESERVED +CVE-2018-7329 + RESERVED +CVE-2018-7328 + RESERVED +CVE-2018-7327 + RESERVED +CVE-2018-7326 + RESERVED +CVE-2018-7325 + RESERVED +CVE-2018-7324 + RESERVED +CVE-2018-7323 + RESERVED +CVE-2018-7322 + RESERVED +CVE-2018-7321 + RESERVED +CVE-2018-7320 + RESERVED +CVE-2018-7319 + RESERVED +CVE-2018-7318 + RESERVED +CVE-2018-7317 + RESERVED +CVE-2018-7316 + RESERVED +CVE-2018-7315 + RESERVED +CVE-2018-7314 + RESERVED +CVE-2018-7313 + RESERVED +CVE-2018-7312 + RESERVED +CVE-2018-7311 (** DISPUTED ** PrivateVPN 2.0.31 for macOS suffers from a root ...) + TODO: check +CVE-2018-7310 + RESERVED +CVE-2018-7309 + RESERVED +CVE-2018-7308 (A CSRF issue was found in var/www/html/files.php in DanWin hosting ...) + TODO: check +CVE-2018-7307 + RESERVED CVE-2018-7306 RESERVED CVE-2018-7305 (MyBB 1.8.14 is not checking for a valid CSRF token, leading to ...) @@ -36,20 +100,20 @@ CVE-2018-7289 (An issue was discovered in armadito-windows-driver/src/communicat NOT-FOR-US: Armadito CVE-2018-7288 RESERVED -CVE-2018-7287 - RESERVED -CVE-2018-7286 - RESERVED -CVE-2018-7285 - RESERVED -CVE-2018-7284 - RESERVED +CVE-2018-7287 (An issue was discovered in res_http_websocket.c in Asterisk 15.x ...) + TODO: check +CVE-2018-7286 (An issue was discovered in Asterisk through 13.19.1, 14.x through ...) + TODO: check +CVE-2018-7285 (A NULL pointer access issue was discovered in Asterisk 15.x through ...) + TODO: check +CVE-2018-7284 (A Buffer Overflow issue was discovered in Asterisk through 13.19.1, ...) + TODO: check CVE-2018-7283 RESERVED CVE-2018-7282 RESERVED -CVE-2018-7281 - RESERVED +CVE-2018-7281 (CactusVPN 5.3.6 for macOS contains a root privilege escalation ...) + TODO: check CVE-2018-7280 (The Ninja Forms plugin before 3.2.14 for WordPress has XSS. ...) NOT-FOR-US: Ninja Forms plugin for WordPress CVE-2018-1000093 @@ -982,8 +1046,8 @@ CVE-2018-6938 RESERVED CVE-2018-6937 RESERVED -CVE-2018-6936 - RESERVED +CVE-2018-6936 (Cross Site Scripting (XSS) exists on the D-Link DIR-600M C1 3.01 via ...) + TODO: check CVE-2018-6935 RESERVED CVE-2018-6934 @@ -19195,22 +19259,22 @@ CVE-2018-0208 RESERVED CVE-2018-0207 RESERVED -CVE-2018-0206 - RESERVED -CVE-2018-0205 - RESERVED -CVE-2018-0204 - RESERVED -CVE-2018-0203 - RESERVED +CVE-2018-0206 (A vulnerability in the web-based management interface of Cisco Unified ...) + TODO: check +CVE-2018-0205 (A vulnerability in the User Provisioning tab in the Cisco Prime ...) + TODO: check +CVE-2018-0204 (A vulnerability in the web portal of the Cisco Prime Collaboration ...) + TODO: check +CVE-2018-0203 (A vulnerability in the SMTP relay of Cisco Unity Connection could allow ...) + TODO: check CVE-2018-0202 RESERVED -CVE-2018-0201 - RESERVED -CVE-2018-0200 - RESERVED -CVE-2018-0199 - RESERVED +CVE-2018-0201 (A vulnerability in Cisco Jabber Client Framework (JCF) could allow an ...) + TODO: check +CVE-2018-0200 (A vulnerability in the web-based interface of Cisco Prime Service ...) + TODO: check +CVE-2018-0199 (A vulnerability in Cisco Jabber Client Framework (JCF) could allow an ...) + TODO: check CVE-2018-0198 RESERVED CVE-2018-0197 @@ -19311,14 +19375,14 @@ CVE-2018-0150 RESERVED CVE-2018-0149 RESERVED -CVE-2018-0148 - RESERVED +CVE-2018-0148 (A vulnerability in the web-based management interface of Cisco UCS ...) + TODO: check CVE-2018-0147 RESERVED -CVE-2018-0146 - RESERVED -CVE-2018-0145 - RESERVED +CVE-2018-0146 (A vulnerability in the Cisco Data Center Analytics Framework ...) + TODO: check +CVE-2018-0145 (A vulnerability in the web-based management interface of the Cisco Data ...) + TODO: check CVE-2018-0144 RESERVED CVE-2018-0143 @@ -19329,8 +19393,8 @@ CVE-2018-0141 RESERVED CVE-2018-0140 (A vulnerability in the spam quarantine of Cisco Email Security ...) NOT-FOR-US: Cisco -CVE-2018-0139 - RESERVED +CVE-2018-0139 (A vulnerability in the Interactive Voice Response (IVR) management ...) + TODO: check CVE-2018-0138 (A vulnerability in the detection engine of Cisco Firepower System ...) NOT-FOR-US: Cisco CVE-2018-0137 (A vulnerability in the TCP throttling process of Cisco Prime Network ...) @@ -19347,8 +19411,8 @@ CVE-2018-0132 (A vulnerability in the forwarding information base (FIB) code of NOT-FOR-US: Cisco CVE-2018-0131 RESERVED -CVE-2018-0130 - RESERVED +CVE-2018-0130 (A vulnerability in the use of JSON web tokens by the web-based service ...) + TODO: check CVE-2018-0129 (A vulnerability in the web-based management interface of Cisco Data ...) NOT-FOR-US: Cisco CVE-2018-0128 (A vulnerability in the web-based management interface of Cisco Data ...) @@ -19359,14 +19423,14 @@ CVE-2018-0126 RESERVED CVE-2018-0125 (A vulnerability in the web interface of the Cisco RV132W ADSL2+ ...) NOT-FOR-US: Cisco -CVE-2018-0124 - RESERVED +CVE-2018-0124 (A vulnerability in Cisco Unified Communications Domain Manager could ...) + TODO: check CVE-2018-0123 (A Path Traversal vulnerability in the diagnostic shell for Cisco IOS ...) NOT-FOR-US: Cisco CVE-2018-0122 (A vulnerability in the CLI of the Cisco StarOS operating system for ...) NOT-FOR-US: Cisco -CVE-2018-0121 - RESERVED +CVE-2018-0121 (A vulnerability in the authentication functionality of the web-based ...) + TODO: check CVE-2018-0120 (A vulnerability in the web framework of Cisco Unified Communications ...) NOT-FOR-US: Cisco CVE-2018-0119 (A vulnerability in certain authentication controls in the account ...) @@ -65745,8 +65809,8 @@ CVE-2017-1760 (IBM WebSphere MQ 7.5, 8.0, and 9.0 could allow a local user to cr NOT-FOR-US: IBM WebSphere MQ CVE-2017-1759 RESERVED -CVE-2017-1758 - RESERVED +CVE-2017-1758 (IBM Financial Transaction Manager for ACH Services for Multi-Platform ...) + TODO: check CVE-2017-1757 (IBM Security Guardium 10.0 is vulnerable to SQL injection. A remote ...) NOT-FOR-US: IBM Security Guardium CVE-2017-1756 @@ -66053,8 +66117,8 @@ CVE-2017-1606 (IBM Financial Transaction Manager (FTM) for Multi-Platform (MP) . NOT-FOR-US: IBM Financial Transaction Manager CVE-2017-1605 RESERVED -CVE-2017-1604 - RESERVED +CVE-2017-1604 (IBM Maximo Anywhere 7.5 and 7.6 is vulnerable to cross-site scripting. ...) + TODO: check CVE-2017-1603 RESERVED CVE-2017-1602 @@ -66338,8 +66402,8 @@ CVE-2017-1464 RESERVED CVE-2017-1463 RESERVED -CVE-2017-1462 - RESERVED +CVE-2017-1462 (IBM Rhapsody DM 5.0 and 6.0 is vulnerable to cross-site scripting. ...) + TODO: check CVE-2017-1461 (IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to ...) NOT-FOR-US: IBM CVE-2017-1460 (IBM i OSPF 6.1, 7.1, 7.2, and 7.3 is vulnerable when a rogue router ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0fb3939f496995afe69d3bb387e8fc1cc512ae88 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0fb3939f496995afe69d3bb387e8fc1cc512ae88 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits