Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: e9426be7 by security tracker role at 2018-04-02T20:10:20+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,113 @@ +CVE-2018-9231 + RESERVED +CVE-2018-9230 (In OpenResty before 1.13.6.1, URI parameters were obtained using the ...) + TODO: check +CVE-2018-9229 + RESERVED +CVE-2018-9228 + RESERVED +CVE-2018-9227 + RESERVED +CVE-2018-9226 + RESERVED +CVE-2018-9225 + RESERVED +CVE-2018-9224 + RESERVED +CVE-2018-9223 + RESERVED +CVE-2018-9222 + RESERVED +CVE-2018-9221 + RESERVED +CVE-2018-9220 + RESERVED +CVE-2018-9219 + RESERVED +CVE-2018-9218 + RESERVED +CVE-2018-9217 + RESERVED +CVE-2018-9216 + RESERVED +CVE-2018-9215 + RESERVED +CVE-2018-9214 + RESERVED +CVE-2018-9213 + RESERVED +CVE-2018-9212 + RESERVED +CVE-2018-9211 + RESERVED +CVE-2018-9210 + RESERVED +CVE-2018-9209 + RESERVED +CVE-2018-9208 + RESERVED +CVE-2018-9207 + RESERVED +CVE-2018-9206 + RESERVED +CVE-2018-9205 + RESERVED +CVE-2018-9204 + RESERVED +CVE-2018-9203 + RESERVED +CVE-2018-9202 + RESERVED +CVE-2018-9201 + RESERVED +CVE-2018-9200 + RESERVED +CVE-2018-9199 + RESERVED +CVE-2018-9198 + RESERVED +CVE-2018-9197 + RESERVED +CVE-2018-9196 + RESERVED +CVE-2018-9195 + RESERVED +CVE-2018-9194 + RESERVED +CVE-2018-9193 + RESERVED +CVE-2018-9192 + RESERVED +CVE-2018-9191 + RESERVED +CVE-2018-9190 + RESERVED +CVE-2018-9189 + RESERVED +CVE-2018-9188 + RESERVED +CVE-2018-9187 + RESERVED +CVE-2018-9186 + RESERVED +CVE-2018-9185 + RESERVED +CVE-2018-9184 + RESERVED +CVE-2018-9183 (The Joom Sky JS Jobs extension before 1.2.1 for Joomla! has XSS. ...) + TODO: check +CVE-2018-9182 + RESERVED +CVE-2018-9181 + RESERVED +CVE-2018-9180 + RESERVED +CVE-2018-9179 + RESERVED +CVE-2018-9178 + RESERVED +CVE-2018-9177 + RESERVED CVE-2018-9176 RESERVED CVE-2018-9175 (DedeCMS 5.7 allows remote attackers to execute arbitrary PHP code via ...) @@ -25,8 +135,8 @@ CVE-2018-9165 (The pushdup function in util/decompile.c in libming through 0.4.8 NOTE: https://github.com/libming/libming/issues/121 CVE-2018-9164 RESERVED -CVE-2018-9163 - RESERVED +CVE-2018-9163 (A stored Cross-site scripting (XSS) vulnerability in Zoho ManageEngine ...) + TODO: check CVE-2018-9162 (Contec Smart Home 4.15 devices do not require authentication for ...) NOT-FOR-US: Contec Smart Home CVE-2018-9161 (Prisma Industriale Checkweigher PrismaWEB 1.21 allows remote attackers ...) @@ -124,8 +234,8 @@ CVE-2018-9129 RESERVED CVE-2018-9128 (DVD X Player Standard 5.5.3.9 has a Buffer Overflow via a crafted .plf ...) NOT-FOR-US: DVD X Player Standard -CVE-2018-9127 - RESERVED +CVE-2018-9127 (Botan 2.2.0 - 2.4.0 (fixed in 2.5.0) improperly handled wildcard ...) + TODO: check CVE-2018-9126 RESERVED CVE-2018-9125 @@ -6625,12 +6735,12 @@ CVE-2018-6663 RESERVED CVE-2018-6662 RESERVED -CVE-2018-6661 - RESERVED -CVE-2018-6660 - RESERVED -CVE-2018-6659 - RESERVED +CVE-2018-6661 (DLL Side-Loading vulnerability in Microsoft Windows Client in McAfee ...) + TODO: check +CVE-2018-6660 (Directory Traversal vulnerability in McAfee ePolicy Orchestrator (ePO) ...) + TODO: check +CVE-2018-6659 (Reflected Cross-Site Scripting vulnerability in McAfee ePolicy ...) + TODO: check CVE-2018-6658 RESERVED CVE-2018-6758 (The uwsgi_expand_path function in core/utils.c in Unbit uWSGI through ...) @@ -8004,8 +8114,7 @@ CVE-2018-6255 RESERVED CVE-2018-6254 RESERVED -CVE-2018-6253 - RESERVED +CVE-2018-6253 (NVIDIA GPU Display Driver contains a vulnerability in DirectX and ...) - nvidia-graphics-drivers <unfixed> (bug #894338) [stretch] - nvidia-graphics-drivers <no-dsa> (Non-free not supported) [jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported) @@ -8016,14 +8125,13 @@ CVE-2018-6253 [stretch] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not supported) [jessie] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not supported) NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/4649 -CVE-2018-6252 - RESERVED -CVE-2018-6251 - RESERVED -CVE-2018-6250 - RESERVED -CVE-2018-6249 - RESERVED +CVE-2018-6252 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...) + TODO: check +CVE-2018-6251 (NVIDIA Windows GPU Display Driver contains a vulnerability in DirectX ...) + TODO: check +CVE-2018-6250 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...) + TODO: check +CVE-2018-6249 (NVIDIA GPU Display Driver contains a vulnerability in kernel mode ...) - nvidia-graphics-drivers <unfixed> (bug #894338) [stretch] - nvidia-graphics-drivers <no-dsa> (Non-free not supported) [jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported) @@ -8034,10 +8142,10 @@ CVE-2018-6249 [stretch] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not supported) [jessie] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not supported) NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/4649 -CVE-2018-6248 - RESERVED -CVE-2018-6247 - RESERVED +CVE-2018-6248 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...) + TODO: check +CVE-2018-6247 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...) + TODO: check CVE-2018-6246 RESERVED CVE-2018-6245 @@ -21108,8 +21216,8 @@ CVE-2018-1297 (When using Distributed Test only (RMI based), Apache JMeter 2.x a NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=62039 CVE-2018-1296 RESERVED -CVE-2018-1295 - RESERVED +CVE-2018-1295 (In Apache Ignite 2.3 or earlier, the serialization mechanism does not ...) + TODO: check CVE-2018-1294 (If a user of Commons-Email (typically an application programmer) ...) - commons-email <not-affected> (Fixed with first upload to Debian) NOTE: https://marc.info/?i=CAF8HOZ+J3NkaywfbHuQpHxK9ZXeT4=4vs9rowcdiudnt1qa...@mail.gmail.com @@ -22610,8 +22718,8 @@ CVE-2018-1040 RESERVED CVE-2018-1039 RESERVED -CVE-2018-1038 - RESERVED +CVE-2018-1038 (The Windows kernel in Windows 7 SP1 and Windows Server 2008 R2 SP1 ...) + TODO: check CVE-2018-1037 RESERVED CVE-2018-1036 @@ -24657,8 +24765,8 @@ CVE-2018-0196 (A vulnerability in the web-based user interface (web UI) of Cisco NOT-FOR-US: Cisco CVE-2018-0195 (A vulnerability in the Cisco IOS XE Software REST API could allow an ...) NOT-FOR-US: Cisco -CVE-2018-0194 - RESERVED +CVE-2018-0194 (Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software ...) + TODO: check CVE-2018-0193 (Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software ...) NOT-FOR-US: Cisco CVE-2018-0192 @@ -77863,8 +77971,8 @@ CVE-2016-8719 (An exploitable reflected Cross-Site Scripting vulnerability exist NOT-FOR-US: Moxa CVE-2016-8718 (An exploitable Cross-Site Request Forgery vulnerability exists in the ...) NOT-FOR-US: Moxa -CVE-2016-8717 - RESERVED +CVE-2016-8717 (An exploitable Use of Hard-coded Credentials vulnerability exists in ...) + TODO: check CVE-2016-8716 (An exploitable Cleartext Transmission of Password vulnerability exists ...) NOT-FOR-US: Moxa CVE-2016-8715 (An exploitable heap corruption vulnerability exists in the loadTrailer ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e9426be748b5c9fa20475bfc5cd8df432601aad6 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e9426be748b5c9fa20475bfc5cd8df432601aad6 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits