Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e9426be7 by security tracker role at 2018-04-02T20:10:20+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,113 @@
+CVE-2018-9231
+ RESERVED
+CVE-2018-9230 (In OpenResty before 1.13.6.1, URI parameters were obtained
using the ...)
+ TODO: check
+CVE-2018-9229
+ RESERVED
+CVE-2018-9228
+ RESERVED
+CVE-2018-9227
+ RESERVED
+CVE-2018-9226
+ RESERVED
+CVE-2018-9225
+ RESERVED
+CVE-2018-9224
+ RESERVED
+CVE-2018-9223
+ RESERVED
+CVE-2018-9222
+ RESERVED
+CVE-2018-9221
+ RESERVED
+CVE-2018-9220
+ RESERVED
+CVE-2018-9219
+ RESERVED
+CVE-2018-9218
+ RESERVED
+CVE-2018-9217
+ RESERVED
+CVE-2018-9216
+ RESERVED
+CVE-2018-9215
+ RESERVED
+CVE-2018-9214
+ RESERVED
+CVE-2018-9213
+ RESERVED
+CVE-2018-9212
+ RESERVED
+CVE-2018-9211
+ RESERVED
+CVE-2018-9210
+ RESERVED
+CVE-2018-9209
+ RESERVED
+CVE-2018-9208
+ RESERVED
+CVE-2018-9207
+ RESERVED
+CVE-2018-9206
+ RESERVED
+CVE-2018-9205
+ RESERVED
+CVE-2018-9204
+ RESERVED
+CVE-2018-9203
+ RESERVED
+CVE-2018-9202
+ RESERVED
+CVE-2018-9201
+ RESERVED
+CVE-2018-9200
+ RESERVED
+CVE-2018-9199
+ RESERVED
+CVE-2018-9198
+ RESERVED
+CVE-2018-9197
+ RESERVED
+CVE-2018-9196
+ RESERVED
+CVE-2018-9195
+ RESERVED
+CVE-2018-9194
+ RESERVED
+CVE-2018-9193
+ RESERVED
+CVE-2018-9192
+ RESERVED
+CVE-2018-9191
+ RESERVED
+CVE-2018-9190
+ RESERVED
+CVE-2018-9189
+ RESERVED
+CVE-2018-9188
+ RESERVED
+CVE-2018-9187
+ RESERVED
+CVE-2018-9186
+ RESERVED
+CVE-2018-9185
+ RESERVED
+CVE-2018-9184
+ RESERVED
+CVE-2018-9183 (The Joom Sky JS Jobs extension before 1.2.1 for Joomla! has
XSS. ...)
+ TODO: check
+CVE-2018-9182
+ RESERVED
+CVE-2018-9181
+ RESERVED
+CVE-2018-9180
+ RESERVED
+CVE-2018-9179
+ RESERVED
+CVE-2018-9178
+ RESERVED
+CVE-2018-9177
+ RESERVED
CVE-2018-9176
RESERVED
CVE-2018-9175 (DedeCMS 5.7 allows remote attackers to execute arbitrary PHP
code via ...)
@@ -25,8 +135,8 @@ CVE-2018-9165 (The pushdup function in util/decompile.c in
libming through 0.4.8
NOTE: https://github.com/libming/libming/issues/121
CVE-2018-9164
RESERVED
-CVE-2018-9163
- RESERVED
+CVE-2018-9163 (A stored Cross-site scripting (XSS) vulnerability in Zoho
ManageEngine ...)
+ TODO: check
CVE-2018-9162 (Contec Smart Home 4.15 devices do not require authentication
for ...)
NOT-FOR-US: Contec Smart Home
CVE-2018-9161 (Prisma Industriale Checkweigher PrismaWEB 1.21 allows remote
attackers ...)
@@ -124,8 +234,8 @@ CVE-2018-9129
RESERVED
CVE-2018-9128 (DVD X Player Standard 5.5.3.9 has a Buffer Overflow via a
crafted .plf ...)
NOT-FOR-US: DVD X Player Standard
-CVE-2018-9127
- RESERVED
+CVE-2018-9127 (Botan 2.2.0 - 2.4.0 (fixed in 2.5.0) improperly handled
wildcard ...)
+ TODO: check
CVE-2018-9126
RESERVED
CVE-2018-9125
@@ -6625,12 +6735,12 @@ CVE-2018-6663
RESERVED
CVE-2018-6662
RESERVED
-CVE-2018-6661
- RESERVED
-CVE-2018-6660
- RESERVED
-CVE-2018-6659
- RESERVED
+CVE-2018-6661 (DLL Side-Loading vulnerability in Microsoft Windows Client in
McAfee ...)
+ TODO: check
+CVE-2018-6660 (Directory Traversal vulnerability in McAfee ePolicy
Orchestrator (ePO) ...)
+ TODO: check
+CVE-2018-6659 (Reflected Cross-Site Scripting vulnerability in McAfee ePolicy
...)
+ TODO: check
CVE-2018-6658
RESERVED
CVE-2018-6758 (The uwsgi_expand_path function in core/utils.c in Unbit uWSGI
through ...)
@@ -8004,8 +8114,7 @@ CVE-2018-6255
RESERVED
CVE-2018-6254
RESERVED
-CVE-2018-6253
- RESERVED
+CVE-2018-6253 (NVIDIA GPU Display Driver contains a vulnerability in DirectX
and ...)
- nvidia-graphics-drivers <unfixed> (bug #894338)
[stretch] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
[jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -8016,14 +8125,13 @@ CVE-2018-6253
[stretch] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not
supported)
[jessie] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not
supported)
NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/4649
-CVE-2018-6252
- RESERVED
-CVE-2018-6251
- RESERVED
-CVE-2018-6250
- RESERVED
-CVE-2018-6249
- RESERVED
+CVE-2018-6252 (NVIDIA Windows GPU Display Driver contains a vulnerability in
the ...)
+ TODO: check
+CVE-2018-6251 (NVIDIA Windows GPU Display Driver contains a vulnerability in
DirectX ...)
+ TODO: check
+CVE-2018-6250 (NVIDIA Windows GPU Display Driver contains a vulnerability in
the ...)
+ TODO: check
+CVE-2018-6249 (NVIDIA GPU Display Driver contains a vulnerability in kernel
mode ...)
- nvidia-graphics-drivers <unfixed> (bug #894338)
[stretch] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
[jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -8034,10 +8142,10 @@ CVE-2018-6249
[stretch] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not
supported)
[jessie] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not
supported)
NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/4649
-CVE-2018-6248
- RESERVED
-CVE-2018-6247
- RESERVED
+CVE-2018-6248 (NVIDIA Windows GPU Display Driver contains a vulnerability in
the ...)
+ TODO: check
+CVE-2018-6247 (NVIDIA Windows GPU Display Driver contains a vulnerability in
the ...)
+ TODO: check
CVE-2018-6246
RESERVED
CVE-2018-6245
@@ -21108,8 +21216,8 @@ CVE-2018-1297 (When using Distributed Test only (RMI
based), Apache JMeter 2.x a
NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=62039
CVE-2018-1296
RESERVED
-CVE-2018-1295
- RESERVED
+CVE-2018-1295 (In Apache Ignite 2.3 or earlier, the serialization mechanism
does not ...)
+ TODO: check
CVE-2018-1294 (If a user of Commons-Email (typically an application
programmer) ...)
- commons-email <not-affected> (Fixed with first upload to Debian)
NOTE:
https://marc.info/?i=CAF8HOZ+J3NkaywfbHuQpHxK9ZXeT4=4vs9rowcdiudnt1qa...@mail.gmail.com
@@ -22610,8 +22718,8 @@ CVE-2018-1040
RESERVED
CVE-2018-1039
RESERVED
-CVE-2018-1038
- RESERVED
+CVE-2018-1038 (The Windows kernel in Windows 7 SP1 and Windows Server 2008 R2
SP1 ...)
+ TODO: check
CVE-2018-1037
RESERVED
CVE-2018-1036
@@ -24657,8 +24765,8 @@ CVE-2018-0196 (A vulnerability in the web-based user
interface (web UI) of Cisco
NOT-FOR-US: Cisco
CVE-2018-0195 (A vulnerability in the Cisco IOS XE Software REST API could
allow an ...)
NOT-FOR-US: Cisco
-CVE-2018-0194
- RESERVED
+CVE-2018-0194 (Multiple vulnerabilities in the CLI parser of Cisco IOS XE
Software ...)
+ TODO: check
CVE-2018-0193 (Multiple vulnerabilities in the CLI parser of Cisco IOS XE
Software ...)
NOT-FOR-US: Cisco
CVE-2018-0192
@@ -77863,8 +77971,8 @@ CVE-2016-8719 (An exploitable reflected Cross-Site
Scripting vulnerability exist
NOT-FOR-US: Moxa
CVE-2016-8718 (An exploitable Cross-Site Request Forgery vulnerability exists
in the ...)
NOT-FOR-US: Moxa
-CVE-2016-8717
- RESERVED
+CVE-2016-8717 (An exploitable Use of Hard-coded Credentials vulnerability
exists in ...)
+ TODO: check
CVE-2016-8716 (An exploitable Cleartext Transmission of Password vulnerability
exists ...)
NOT-FOR-US: Moxa
CVE-2016-8715 (An exploitable heap corruption vulnerability exists in the
loadTrailer ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/e9426be748b5c9fa20475bfc5cd8df432601aad6
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/e9426be748b5c9fa20475bfc5cd8df432601aad6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
