Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0c2c9fe9 by security tracker role at 2018-04-17T08:10:18+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,91 @@
+CVE-2018-10181
+ RESERVED
+CVE-2018-10180
+ RESERVED
+CVE-2018-10179
+ RESERVED
+CVE-2018-10178 (The FromDocToPDF extension before 13.611.13.2303 for Chrome
allows ...)
+ TODO: check
+CVE-2018-10177 (In ImageMagick 7.0.7-28, there is an infinite loop in the ...)
+ TODO: check
+CVE-2018-10176
+ RESERVED
+CVE-2018-10175
+ RESERVED
+CVE-2018-10174
+ RESERVED
+CVE-2018-10173
+ RESERVED
+CVE-2018-10172 (7-Zip through 18.01 on Windows implements the "Large
memory pages" ...)
+ TODO: check
+CVE-2018-10171
+ RESERVED
+CVE-2018-10170 (NordVPN 6.12.7.0 for Windows suffers from a SYSTEM privilege
escalation ...)
+ TODO: check
+CVE-2018-10169 (ProtonVPN 1.3.3 for Windows suffers from a SYSTEM privilege
escalation ...)
+ TODO: check
+CVE-2018-10168
+ RESERVED
+CVE-2018-10167
+ RESERVED
+CVE-2018-10166
+ RESERVED
+CVE-2018-10165
+ RESERVED
+CVE-2018-10164
+ RESERVED
+CVE-2018-10163
+ RESERVED
+CVE-2018-10162
+ RESERVED
+CVE-2018-10161
+ RESERVED
+CVE-2018-10160
+ RESERVED
+CVE-2018-10159
+ RESERVED
+CVE-2018-10158
+ RESERVED
+CVE-2018-10157
+ RESERVED
+CVE-2018-10156
+ RESERVED
+CVE-2018-10155
+ RESERVED
+CVE-2018-10154
+ RESERVED
+CVE-2018-10153
+ RESERVED
+CVE-2018-10152
+ RESERVED
+CVE-2018-10151
+ RESERVED
+CVE-2018-10150
+ RESERVED
+CVE-2018-10149
+ RESERVED
+CVE-2018-10148
+ RESERVED
+CVE-2018-10147
+ RESERVED
+CVE-2018-10146
+ RESERVED
+CVE-2018-10145
+ RESERVED
+CVE-2018-10144
+ RESERVED
+CVE-2018-10143
+ RESERVED
+CVE-2018-10142
+ RESERVED
+CVE-2018-10141
+ RESERVED
+CVE-2018-10140
+ RESERVED
+CVE-2018-10139
+ RESERVED
+CVE-2018-10138 (The CATALooK.netStore module through 7.2.8 for DNN (formerly
...)
+ TODO: check
CVE-2018-10137 (iScripts UberforX 2.2 has CSRF in the
"manage_settings" section of the ...)
NOT-FOR-US: iScripts UberforX
CVE-2018-10136 (iScripts UberforX 2.2 has Stored XSS in the
"manage_settings" section ...)
@@ -153,8 +241,8 @@ CVE-2018-10072 (windrvr1260.sys in Jungo DriverWizard
WinDriver 12.6.0 allows at
NOT-FOR-US: WinDriver
CVE-2018-10071 (windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows
attackers ...)
NOT-FOR-US: WinDriver
-CVE-2018-10070
- RESERVED
+CVE-2018-10070 (A vulnerability in MikroTik Version 6.41.4 could allow an ...)
+ TODO: check
CVE-2018-10069
RESERVED
CVE-2018-10068 (The jDownloads extension before 3.2.59 for Joomla! has XSS.
...)
@@ -679,7 +767,7 @@ CVE-2018-9840 (The Open Whisper Signal app before 2.23.2
for iOS allows physical
CVE-2018-9839
RESERVED
CVE-2018-1000166
- RESERVED
+ TODO: check
CVE-2018-1000164 [Improper neutralization of CRLF Sequences
http/wsgi.py:process_headers() can allow an attacker to cause a server to
return arbitrary HTTP headers]
- gunicorn 19.5.0-1
NOTE:
https://epadillas.github.io/2018/04/02/http-header-splitting-in-gunicorn-19.4.5
@@ -24255,6 +24343,7 @@ CVE-2018-1085
RESERVED
NOT-FOR-US: openshift-ansible
CVE-2018-1084 (corosync before version 2.4.4 is vulnerable to an integer
overflow in ...)
+ {DSA-4174-1}
- corosync <unfixed> (bug #895653)
[jessie] - corosync <not-affected> (Vulnerable code introduced later)
[wheezy] - corosync <not-affected> (Vulnerable code introduced later)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0c2c9fe969a8d51a6b8d594f3148e5bf206b5e1f
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0c2c9fe969a8d51a6b8d594f3148e5bf206b5e1f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
