Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c3fbfcff by security tracker role at 2018-04-19T08:10:34+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,53 @@
+CVE-2018-10224
+ RESERVED
+CVE-2018-10223
+ RESERVED
+CVE-2018-10222
+ RESERVED
+CVE-2018-10221
+ RESERVED
+CVE-2018-10220
+ RESERVED
+CVE-2018-10219
+ RESERVED
+CVE-2018-10218
+ RESERVED
+CVE-2018-10217
+ RESERVED
+CVE-2018-10216
+ RESERVED
+CVE-2018-10215
+ RESERVED
+CVE-2018-10214
+ RESERVED
+CVE-2018-10213
+ RESERVED
+CVE-2018-10212
+ RESERVED
+CVE-2018-10211
+ RESERVED
+CVE-2018-10210
+ RESERVED
+CVE-2018-10209
+ RESERVED
+CVE-2018-10208
+ RESERVED
+CVE-2018-10207
+ RESERVED
+CVE-2018-10206
+ RESERVED
+CVE-2018-10205
+ RESERVED
+CVE-2018-10204 (PureVPN 6.0.1 for Windows suffers from a SYSTEM privilege
escalation ...)
+ TODO: check
+CVE-2018-10203
+ RESERVED
+CVE-2018-10202
+ RESERVED
+CVE-2018-10201
+ RESERVED
+CVE-2017-18261
+ RESERVED
CVE-2018-10200
RESERVED
CVE-2018-10198
@@ -8,8 +58,7 @@ CVE-2018-10196
RESERVED
CVE-2018-10195
RESERVED
-CVE-2018-10194 [Buffer overflow on pprintg1 due to mishandle postscript file
data to pdf]
- RESERVED
+CVE-2018-10194 (The set_text_distance function in devices/vector/gdevpdts.c in
the ...)
- ghostscript <unfixed> (bug #896069)
NOTE:
http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=39b1e54b2968620723bf32e96764c88797714879
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699255 (not yet
public)
@@ -227,8 +276,8 @@ CVE-2018-10111 (An issue was discovered in GEGL through
0.3.32. The render_recta
[stretch] - gegl <no-dsa> (Minor issue)
[jessie] - gegl <no-dsa> (Minor issue)
NOTE: POC https://github.com/xiaoqx/pocs/tree/master/gegl#2-gegl-dos-1
-CVE-2018-10110
- RESERVED
+CVE-2018-10110 (D-Link DIR-615 T1 devices allow XSS via the Add User feature.
...)
+ TODO: check
CVE-2018-10109 (Monstra CMS 3.0.4 has a stored XSS vulnerability when an
attacker has ...)
NOT-FOR-US: Monstra CMS
CVE-2018-10108 (D-Link DIR-815 REV. B (with firmware through ...)
@@ -3212,8 +3261,8 @@ CVE-2018-8842
RESERVED
CVE-2018-8841
RESERVED
-CVE-2018-8840
- RESERVED
+CVE-2018-8840 (A remote attacker could send a carefully crafted packet in
InduSoft ...)
+ TODO: check
CVE-2018-8839
RESERVED
CVE-2018-8838 (A weakness in access controls in CENTUM CS 1000 all versions,
CENTUM ...)
@@ -5719,16 +5768,16 @@ CVE-2018-7764
RESERVED
CVE-2018-7763
RESERVED
-CVE-2018-7762
- RESERVED
-CVE-2018-7761
- RESERVED
-CVE-2018-7760
- RESERVED
-CVE-2018-7759
- RESERVED
-CVE-2018-7758
- RESERVED
+CVE-2018-7762 (A vulnerability exists in the web services to process SOAP
requests in ...)
+ TODO: check
+CVE-2018-7761 (A vulnerability exists in the HTTP request parser in Schneider
...)
+ TODO: check
+CVE-2018-7760 (An authorization bypass vulnerability exists in Schneider
Electric's ...)
+ TODO: check
+CVE-2018-7759 (A buffer overflow vulnerability exists in Schneider Electric's
Modicon ...)
+ TODO: check
+CVE-2018-7758 (A denial of service vulnerability exists in Schneider
Electric's MiCOM ...)
+ TODO: check
CVE-2018-7757 (Memory leak in the sas_smp_get_phy_events function in ...)
- linux <unfixed>
NOTE: Fixed by:
https://git.kernel.org/linus/4a491b1ab11ca0556d2fda1ff1301e862a2d44c4 (4.16-rc1)
@@ -6908,21 +6957,25 @@ CVE-2018-7421 (In Wireshark 2.2.0 to 2.2.12 and 2.4.0
to 2.4.4, the DMP dissecto
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=e8be5adae469ba563acfad2c2b98673e1afaf901
NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
CVE-2018-7420 (In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the pcapng
file parser ...)
+ {DLA-1353-1}
- wireshark 2.4.5-1
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14403
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=129e41f9f63885ad8224ef413c2860788fb9e849
NOTE: https://www.wireshark.org/security/wnpa-sec-2018-11.html
CVE-2018-7419 (In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the NBAP
dissector ...)
+ {DLA-1353-1}
- wireshark 2.4.5-1
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14443
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=bebd3a1f50b0a27738d8d3da5b33c1b392eb7273
NOTE: https://www.wireshark.org/security/wnpa-sec-2018-14.html
CVE-2018-7418 (In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the SIGCOMP
dissector ...)
+ {DLA-1353-1}
- wireshark 2.4.5-1
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14410
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=29d920b8309905dda11ad397596fe8aafc9b4bf7
NOTE: https://www.wireshark.org/security/wnpa-sec-2018-13.html
CVE-2018-7417 (In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the IPMI
dissector ...)
+ {DLA-1353-1}
- wireshark 2.4.5-1
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14409
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=81216a176b25dd8a616e11808a951e141a467009
@@ -7143,11 +7196,13 @@ CVE-2018-7338
NOTE:
https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations
NOTE: https://www.kb.cert.org/vuls/id/475445
CVE-2018-7337 (In Wireshark 2.4.0 to 2.4.4, the DOCSIS protocol dissector
could crash. ...)
+ {DLA-1353-1}
- wireshark 2.4.5-1
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14446
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=511a8b0b546d25413e289dc5a7d3a455a33994c2
NOTE: https://www.wireshark.org/security/wnpa-sec-2018-08.html
CVE-2018-7336 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the FCP
protocol ...)
+ {DLA-1353-1}
- wireshark 2.4.5-1 (low)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
@@ -7155,11 +7210,13 @@ CVE-2018-7336 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to
2.2.12, the FCP protocol
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b56f598f1bc04f5d00f13b38c713763928cedb7c
NOTE: https://www.wireshark.org/security/wnpa-sec-2018-09.html
CVE-2018-7335 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the IEEE
802.11 ...)
+ {DLA-1353-1}
- wireshark 2.4.5-1
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14442
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a2901dcf45c9f1b07abfbf2a0b0cd654371d72a4
NOTE: https://www.wireshark.org/security/wnpa-sec-2018-05.html
CVE-2018-7334 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the UMTS MAC
dissector ...)
+ {DLA-1353-1}
- wireshark 2.4.5-1
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14339
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8ed705e1227d3d582e3f0de435bba606d053d686
@@ -7173,6 +7230,7 @@ CVE-2018-7333 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to
2.2.12, ...)
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=bd6313181317bfe83842b27650b65f3c2b8d5dc9
NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
CVE-2018-7332 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, ...)
+ {DLA-1353-1}
- wireshark 2.4.5-1 (low)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
@@ -7236,6 +7294,7 @@ CVE-2018-7325 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to
2.2.12, ...)
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=7be234d06ea39ab6a88115ae41d71060f1f15e3c
NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
CVE-2018-7324 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, ...)
+ {DLA-1353-1}
- wireshark 2.4.5-1 (low)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
@@ -7243,6 +7302,7 @@ CVE-2018-7324 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to
2.2.12, ...)
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=9e7695bbee18525eaa6d12b32230313ae8a36a81
NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
CVE-2018-7323 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, ...)
+ {DLA-1353-1}
- wireshark 2.4.5-1 (low)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
@@ -7251,6 +7311,7 @@ CVE-2018-7323 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to
2.2.12, ...)
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5d45b69b590cabc5127282d1ade3bca1598e5f5c
NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
CVE-2018-7322 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, ...)
+ {DLA-1353-1}
- wireshark 2.4.5-1 (low)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
@@ -7597,20 +7658,20 @@ CVE-2018-7248
CVE-2018-7247 (An issue was discovered in pixHtmlViewer in prog/htmlviewer.c
in ...)
- leptonlib <unfixed> (unimportant)
NOTE:
https://github.com/DanBloomberg/leptonica/commit/c1079bb8e77cdd426759e466729917ca37a3ed9f
-CVE-2018-7246
- RESERVED
-CVE-2018-7245
- RESERVED
-CVE-2018-7244
- RESERVED
-CVE-2018-7243
- RESERVED
-CVE-2018-7242
- RESERVED
-CVE-2018-7241
- RESERVED
-CVE-2018-7240
- RESERVED
+CVE-2018-7246 (A cleartext transmission of sensitive information vulnerability
exists ...)
+ TODO: check
+CVE-2018-7245 (An improper authorization vulnerability exists In Schneider
Electric's ...)
+ TODO: check
+CVE-2018-7244 (An information disclosure vulnerability exists In Schneider
Electric's ...)
+ TODO: check
+CVE-2018-7243 (An authorization bypass vulnerability exists In Schneider
Electric's ...)
+ TODO: check
+CVE-2018-7242 (Vulnerable hash algorithms exists in Schneider Electric's
Modicon ...)
+ TODO: check
+CVE-2018-7241 (Hard coded accounts exist in Schneider Electric's Modicon
Premium, ...)
+ TODO: check
+CVE-2018-7240 (A vulnerability exists in Schneider Electric's Modicon Quantum
in all ...)
+ TODO: check
CVE-2018-7239 (A DLL hijacking vulnerability exists in Schneider Electric's
SoMove ...)
NOT-FOR-US: Schneider Electric
CVE-2018-7238 (A buffer overflow vulnerability exist in the web-based GUI of
...)
@@ -10496,7 +10557,7 @@ CVE-2018-6255
RESERVED
CVE-2018-6254
RESERVED
-CVE-2018-6253 (An exploitable denial-of-service vulnerability exists in the
Nvidia ...)
+CVE-2018-6253 (NVIDIA GPU Display Driver contains a vulnerability in the
DirectX and ...)
- nvidia-graphics-drivers 390.48-1 (bug #894338)
[stretch] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
[jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -10509,7 +10570,7 @@ CVE-2018-6253 (An exploitable denial-of-service
vulnerability exists in the Nvid
NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/4649
CVE-2018-6252 (NVIDIA Windows GPU Display Driver contains a vulnerability in
the ...)
NOT-FOR-US: NVIDIA Windows driver
-CVE-2018-6251 (An exploitable heap memory corruption vulnerability exists in
the ...)
+CVE-2018-6251 (NVIDIA Windows GPU Display Driver contains a vulnerability in
the ...)
NOT-FOR-US: NVIDIA Windows driver
CVE-2018-6250 (NVIDIA Windows GPU Display Driver contains a vulnerability in
the ...)
NOT-FOR-US: NVIDIA Windows driver
@@ -13339,10 +13400,12 @@ CVE-2018-5271 (** DISPUTED ** In Malwarebytes Premium
3.3.1.2183, the driver fil
CVE-2018-5270 (** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver
file ...)
NOT-FOR-US: Malwarebytes Premium
CVE-2018-5269 (In OpenCV 3.3.1, an assertion failure happens in ...)
+ {DLA-1354-1}
- opencv <unfixed> (bug #886675)
NOTE: https://github.com/opencv/opencv/issues/10540
NOTE: 2.4 backport:
https://patch-diff.githubusercontent.com/raw/opencv/opencv/pull/10901.patch
CVE-2018-5268 (In OpenCV 3.3.1, a heap-based buffer overflow happens in ...)
+ {DLA-1354-1}
- opencv <unfixed> (bug #886674)
NOTE: https://github.com/opencv/opencv/issues/10541
NOTE: 2.4 backport:
https://patch-diff.githubusercontent.com/raw/opencv/opencv/pull/10901.patch
@@ -19736,386 +19799,337 @@ CVE-2018-2881
RESERVED
CVE-2018-2880
RESERVED
-CVE-2018-2879
- RESERVED
-CVE-2018-2878
- RESERVED
-CVE-2018-2877
- RESERVED
+CVE-2018-2879 (Vulnerability in the Oracle Access Manager component of Oracle
Fusion ...)
+ TODO: check
+CVE-2018-2878 (Vulnerability in the PeopleSoft Enterprise HCM Shared
Components ...)
+ TODO: check
+CVE-2018-2877 (Vulnerability in the MySQL Cluster component of Oracle MySQL
...)
- mysql-cluster <itp> (bug #833356)
-CVE-2018-2876
- RESERVED
+CVE-2018-2876 (Vulnerability in the Oracle Retail Integration Bus component of
Oracle ...)
+ TODO: check
CVE-2018-2875
RESERVED
-CVE-2018-2874
- RESERVED
-CVE-2018-2873
- RESERVED
-CVE-2018-2872
- RESERVED
-CVE-2018-2871
- RESERVED
-CVE-2018-2870
- RESERVED
-CVE-2018-2869
- RESERVED
-CVE-2018-2868
- RESERVED
-CVE-2018-2867
- RESERVED
-CVE-2018-2866
- RESERVED
-CVE-2018-2865
- RESERVED
-CVE-2018-2864
- RESERVED
-CVE-2018-2863
- RESERVED
-CVE-2018-2862
- RESERVED
-CVE-2018-2861
- RESERVED
-CVE-2018-2860
- RESERVED
+CVE-2018-2874 (Vulnerability in the Oracle Application Object Library
component of ...)
+ TODO: check
+CVE-2018-2873 (Vulnerability in the Oracle General Ledger component of Oracle
...)
+ TODO: check
+CVE-2018-2872 (Vulnerability in the Oracle General Ledger component of Oracle
...)
+ TODO: check
+CVE-2018-2871 (Vulnerability in the Oracle Human Resources component of Oracle
...)
+ TODO: check
+CVE-2018-2870 (Vulnerability in the Oracle Human Resources component of Oracle
...)
+ TODO: check
+CVE-2018-2869 (Vulnerability in the Oracle Human Resources component of Oracle
...)
+ TODO: check
+CVE-2018-2868 (Vulnerability in the Oracle Human Resources component of Oracle
...)
+ TODO: check
+CVE-2018-2867 (Vulnerability in the Oracle Application Object Library
component of ...)
+ TODO: check
+CVE-2018-2866 (Vulnerability in the Oracle General Ledger component of Oracle
...)
+ TODO: check
+CVE-2018-2865 (Vulnerability in the Oracle General Ledger component of Oracle
...)
+ TODO: check
+CVE-2018-2864 (Vulnerability in the Oracle Application Object Library
component of ...)
+ TODO: check
+CVE-2018-2863 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK)
component of ...)
+ TODO: check
+CVE-2018-2862 (Vulnerability in the Oracle Retail Point-of-Service component
of ...)
+ TODO: check
+CVE-2018-2861 (Vulnerability in the Oracle Retail Back Office component of
Oracle ...)
+ TODO: check
+CVE-2018-2860 (Vulnerability in the Oracle VM VirtualBox component of Oracle
...)
- virtualbox <unfixed>
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2859
- RESERVED
-CVE-2018-2858
- RESERVED
-CVE-2018-2857
- RESERVED
-CVE-2018-2856
- RESERVED
-CVE-2018-2855
- RESERVED
-CVE-2018-2854
- RESERVED
-CVE-2018-2853
- RESERVED
-CVE-2018-2852
- RESERVED
-CVE-2018-2851
- RESERVED
-CVE-2018-2850
- RESERVED
-CVE-2018-2849
- RESERVED
-CVE-2018-2848
- RESERVED
-CVE-2018-2847
- RESERVED
-CVE-2018-2846
- RESERVED
+CVE-2018-2859 (Vulnerability in the Oracle Financial Services Basel Regulatory
...)
+ TODO: check
+CVE-2018-2858 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK)
component of ...)
+ TODO: check
+CVE-2018-2857 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK)
component of ...)
+ TODO: check
+CVE-2018-2856 (Vulnerability in the Oracle Financial Services Basel Regulatory
...)
+ TODO: check
+CVE-2018-2855 (Vulnerability in the Oracle Financial Services Basel Regulatory
...)
+ TODO: check
+CVE-2018-2854 (Vulnerability in the Oracle Financial Services Basel Regulatory
...)
+ TODO: check
+CVE-2018-2853 (Vulnerability in the Oracle Hospitality Simphony First Edition
...)
+ TODO: check
+CVE-2018-2852 (Vulnerability in the Oracle Hospitality Guest Access component
of ...)
+ TODO: check
+CVE-2018-2851 (Vulnerability in the Oracle Hospitality Simphony First Edition
...)
+ TODO: check
+CVE-2018-2850 (Vulnerability in the Oracle Hospitality Cruise Fleet Management
System ...)
+ TODO: check
+CVE-2018-2849 (Vulnerability in the Primavera P6 Enterprise Project Portfolio
...)
+ TODO: check
+CVE-2018-2848 (Vulnerability in the Oracle Hospitality Simphony First Edition
...)
+ TODO: check
+CVE-2018-2847 (Vulnerability in the Oracle Hospitality Simphony First Edition
...)
+ TODO: check
+CVE-2018-2846 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- mysql-5.7 <unfixed> (bug #895997)
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2845
- RESERVED
+CVE-2018-2845 (Vulnerability in the Oracle VM VirtualBox component of Oracle
...)
- virtualbox <unfixed>
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2844
- RESERVED
+CVE-2018-2844 (Vulnerability in the Oracle VM VirtualBox component of Oracle
...)
- virtualbox <unfixed>
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2843
- RESERVED
+CVE-2018-2843 (Vulnerability in the Oracle VM VirtualBox component of Oracle
...)
- virtualbox <unfixed>
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2842
- RESERVED
+CVE-2018-2842 (Vulnerability in the Oracle VM VirtualBox component of Oracle
...)
- virtualbox <unfixed>
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2841
- RESERVED
-CVE-2018-2840
- RESERVED
-CVE-2018-2839
- RESERVED
+CVE-2018-2841 (Vulnerability in the Java VM component of Oracle Database
Server. ...)
+ TODO: check
+CVE-2018-2840 (Vulnerability in the Oracle Retail Xstore Point of Service
component ...)
+ TODO: check
+CVE-2018-2839 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- mysql-5.7 <unfixed> (bug #895997)
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2838
- RESERVED
-CVE-2018-2837
- RESERVED
+CVE-2018-2838 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub
...)
+ TODO: check
+CVE-2018-2837 (Vulnerability in the Oracle VM VirtualBox component of Oracle
...)
- virtualbox <unfixed>
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2836
- RESERVED
+CVE-2018-2836 (Vulnerability in the Oracle VM VirtualBox component of Oracle
...)
- virtualbox <unfixed>
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2835
- RESERVED
+CVE-2018-2835 (Vulnerability in the Oracle VM VirtualBox component of Oracle
...)
- virtualbox <unfixed>
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2834
- RESERVED
-CVE-2018-2833
- RESERVED
-CVE-2018-2832
- RESERVED
-CVE-2018-2831
- RESERVED
+CVE-2018-2834 (Vulnerability in the Oracle Data Visualization Desktop
component of ...)
+ TODO: check
+CVE-2018-2833 (Vulnerability in the Oracle Hospitality Simphony component of
Oracle ...)
+ TODO: check
+CVE-2018-2832 (Vulnerability in the Oracle GoldenGate component of Oracle
GoldenGate. ...)
+ TODO: check
+CVE-2018-2831 (Vulnerability in the Oracle VM VirtualBox component of Oracle
...)
- virtualbox <unfixed>
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2830
- RESERVED
+CVE-2018-2830 (Vulnerability in the Oracle VM VirtualBox component of Oracle
...)
- virtualbox <unfixed>
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2829
- RESERVED
-CVE-2018-2828
- RESERVED
-CVE-2018-2827
- RESERVED
-CVE-2018-2826
- RESERVED
+CVE-2018-2829 (Vulnerability in the Oracle Hospitality Simphony component of
Oracle ...)
+ TODO: check
+CVE-2018-2828 (Vulnerability in the Oracle WebCenter Content component of
Oracle ...)
+ TODO: check
+CVE-2018-2827 (Vulnerability in the Oracle Hospitality Suite8 component of
Oracle ...)
+ TODO: check
+CVE-2018-2826 (Vulnerability in the Java SE component of Oracle Java SE ...)
- openjdk-10 <unfixed>
-CVE-2018-2825
- RESERVED
+CVE-2018-2825 (Vulnerability in the Java SE component of Oracle Java SE ...)
- openjdk-10 <unfixed>
-CVE-2018-2824
- RESERVED
-CVE-2018-2823
- RESERVED
-CVE-2018-2822
- RESERVED
-CVE-2018-2821
- RESERVED
-CVE-2018-2820
- RESERVED
-CVE-2018-2819
- RESERVED
+CVE-2018-2824 (Vulnerability in the Oracle Hospitality Simphony component of
Oracle ...)
+ TODO: check
+CVE-2018-2823 (Vulnerability in the Oracle Transportation Management component
of ...)
+ TODO: check
+CVE-2018-2822 (Vulnerability in the Solaris Cluster component of Oracle Sun
Systems ...)
+ TODO: check
+CVE-2018-2821 (Vulnerability in the PeopleSoft Enterprise PeopleTools
component of ...)
+ TODO: check
+CVE-2018-2820 (Vulnerability in the PeopleSoft Enterprise PeopleTools
component of ...)
+ TODO: check
+CVE-2018-2819 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- mysql-5.7 <unfixed> (bug #895997)
- mysql-5.5 <removed>
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2818
- RESERVED
+CVE-2018-2818 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- mysql-5.7 <unfixed> (bug #895997)
- mysql-5.5 <removed>
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2817
- RESERVED
+CVE-2018-2817 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- mysql-5.7 <unfixed> (bug #895997)
- mysql-5.5 <removed>
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2816
- RESERVED
+CVE-2018-2816 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- mysql-5.7 <unfixed> (bug #895997)
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2815
- RESERVED
+CVE-2018-2815 (Vulnerability in the Java SE, Java SE Embedded, JRockit
component of ...)
- openjdk-10 <unfixed>
- openjdk-8 <unfixed>
- openjdk-7 <removed>
- openjdk-6 <removed>
[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2814
- RESERVED
+CVE-2018-2814 (Vulnerability in the Java SE, Java SE Embedded component of
Oracle ...)
- openjdk-10 <unfixed>
- openjdk-8 <unfixed>
- openjdk-7 <removed>
- openjdk-6 <removed>
[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2813
- RESERVED
+CVE-2018-2813 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- mysql-5.7 <unfixed> (bug #895997)
- mysql-5.5 <removed>
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2812
- RESERVED
+CVE-2018-2812 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- mysql-5.7 <unfixed> (bug #895997)
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2811
- RESERVED
+CVE-2018-2811 (Vulnerability in the Java SE component of Oracle Java SE ...)
TODO: probably specific to Oracle Java
-CVE-2018-2810
- RESERVED
+CVE-2018-2810 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- mysql-5.7 <unfixed> (bug #895997)
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2809
- RESERVED
-CVE-2018-2808
- RESERVED
-CVE-2018-2807
- RESERVED
-CVE-2018-2806
- RESERVED
-CVE-2018-2805
- RESERVED
+CVE-2018-2809 (Vulnerability in the PeopleSoft Enterprise PeopleTools
component of ...)
+ TODO: check
+CVE-2018-2808 (Vulnerability in the Solaris component of Oracle Sun Systems
Products ...)
+ TODO: check
+CVE-2018-2807 (Vulnerability in the Oracle FLEXCUBE Core Banking component of
Oracle ...)
+ TODO: check
+CVE-2018-2806 (Vulnerability in the Oracle Outside In Technology component of
Oracle ...)
+ TODO: check
+CVE-2018-2805 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- mysql-5.7 <not-affected> (Only affects GIS Extension in Oracle MySQL
5.6)
- mysql-5.5 <not-affected> (Only affects GIS Extension in Oracle MySQL
5.6)
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2804
- RESERVED
-CVE-2018-2803
- RESERVED
-CVE-2018-2802
- RESERVED
-CVE-2018-2801
- RESERVED
-CVE-2018-2800
- RESERVED
+CVE-2018-2804 (Vulnerability in the Oracle Application Object Library
component of ...)
+ TODO: check
+CVE-2018-2803 (Vulnerability in the Oracle Hospitality Reporting and Analytics
...)
+ TODO: check
+CVE-2018-2802 (Vulnerability in the Oracle Hospitality Simphony component of
Oracle ...)
+ TODO: check
+CVE-2018-2801 (Vulnerability in the Oracle Outside In Technology component of
Oracle ...)
+ TODO: check
+CVE-2018-2800 (Vulnerability in the Java SE, JRockit component of Oracle Java
SE ...)
- openjdk-8 <unfixed>
- openjdk-7 <removed>
- openjdk-6 <removed>
[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2799
- RESERVED
+CVE-2018-2799 (Vulnerability in the Java SE, Java SE Embedded, JRockit
component of ...)
- openjdk-10 <unfixed>
- openjdk-8 <unfixed>
- openjdk-7 <removed>
-CVE-2018-2798
- RESERVED
+CVE-2018-2798 (Vulnerability in the Java SE, Java SE Embedded, JRockit
component of ...)
- openjdk-10 <unfixed>
- openjdk-8 <unfixed>
- openjdk-7 <removed>
- openjdk-6 <removed>
[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2797
- RESERVED
+CVE-2018-2797 (Vulnerability in the Java SE, Java SE Embedded, JRockit
component of ...)
- openjdk-10 <unfixed>
- openjdk-8 <unfixed>
- openjdk-7 <removed>
- openjdk-6 <removed>
[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2796
- RESERVED
+CVE-2018-2796 (Vulnerability in the Java SE, Java SE Embedded, JRockit
component of ...)
- openjdk-10 <unfixed>
- openjdk-8 <unfixed>
- openjdk-7 <removed>
-CVE-2018-2795
- RESERVED
+CVE-2018-2795 (Vulnerability in the Java SE, Java SE Embedded, JRockit
component of ...)
- openjdk-10 <unfixed>
- openjdk-8 <unfixed>
- openjdk-7 <removed>
- openjdk-6 <removed>
[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2794
- RESERVED
+CVE-2018-2794 (Vulnerability in the Java SE, JRockit component of Oracle Java
SE ...)
- openjdk-10 <unfixed>
- openjdk-8 <unfixed>
- openjdk-7 <removed>
- openjdk-6 <removed>
[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2793
- RESERVED
-CVE-2018-2792
- RESERVED
-CVE-2018-2791
- RESERVED
-CVE-2018-2790
- RESERVED
+CVE-2018-2793 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools
component of ...)
+ TODO: check
+CVE-2018-2792 (Vulnerability in the Hardware Management Pack component of
Oracle Sun ...)
+ TODO: check
+CVE-2018-2791 (Vulnerability in the Oracle WebCenter Sites component of Oracle
Fusion ...)
+ TODO: check
+CVE-2018-2790 (Vulnerability in the Java SE, Java SE Embedded component of
Oracle ...)
- openjdk-10 <unfixed>
- openjdk-8 <unfixed>
- openjdk-7 <removed>
- openjdk-6 <removed>
[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2789
- RESERVED
-CVE-2018-2788
- RESERVED
-CVE-2018-2787
- RESERVED
+CVE-2018-2789 (Vulnerability in the Siebel Core - Server Framework component
of ...)
+ TODO: check
+CVE-2018-2788 (Vulnerability in the PeopleSoft Enterprise PeopleTools
component of ...)
+ TODO: check
+CVE-2018-2787 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- mysql-5.7 <unfixed> (bug #895997)
- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2786
- RESERVED
+CVE-2018-2786 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- mysql-5.7 <unfixed> (bug #895997)
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2785
- RESERVED
-CVE-2018-2784
- RESERVED
+CVE-2018-2785 (Vulnerability in the PeopleSoft Enterprise PeopleTools
component of ...)
+ TODO: check
+CVE-2018-2784 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- mysql-5.7 <unfixed> (bug #895997)
- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2783
- RESERVED
+CVE-2018-2783 (Vulnerability in the Java SE, Java SE Embedded, JRockit
component of ...)
- openjdk-10 <unfixed>
- openjdk-8 <unfixed>
- openjdk-7 <removed>
- openjdk-6 <removed>
[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2782
- RESERVED
+CVE-2018-2782 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- mysql-5.7 <unfixed> (bug #895997)
- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2781
- RESERVED
+CVE-2018-2781 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- mysql-5.7 <unfixed> (bug #895997)
- mysql-5.5 <removed>
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2780
- RESERVED
+CVE-2018-2780 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- mysql-5.7 <unfixed> (bug #895997)
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2779
- RESERVED
+CVE-2018-2779 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- mysql-5.7 <unfixed> (bug #895997)
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2778
- RESERVED
+CVE-2018-2778 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- mysql-5.7 <unfixed> (bug #895997)
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2777
- RESERVED
+CVE-2018-2777 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- mysql-5.7 <unfixed> (bug #895997)
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2776
- RESERVED
+CVE-2018-2776 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- mysql-5.7 <unfixed> (bug #895997)
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2775
- RESERVED
+CVE-2018-2775 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- mysql-5.7 <unfixed> (bug #895997)
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2774
- RESERVED
-CVE-2018-2773
- RESERVED
+CVE-2018-2774 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools
component of ...)
+ TODO: check
+CVE-2018-2773 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- mysql-5.7 <unfixed> (bug #895997)
- mysql-5.5 <removed>
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2772
- RESERVED
-CVE-2018-2771
- RESERVED
+CVE-2018-2772 (Vulnerability in the PeopleSoft Enterprise PeopleTools
component of ...)
+ TODO: check
+CVE-2018-2771 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- mysql-5.7 <unfixed> (bug #895997)
- mysql-5.5 <removed>
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2770
- RESERVED
-CVE-2018-2769
- RESERVED
+CVE-2018-2770 (Vulnerability in the Oracle Adaptive Access Manager component
of ...)
+ TODO: check
+CVE-2018-2769 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- mysql-5.7 <unfixed> (bug #895997)
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2768
- RESERVED
+CVE-2018-2768 (Vulnerability in the Oracle Outside In Technology component of
Oracle ...)
+ TODO: check
CVE-2018-2767 [Use of SSL/TLS not enforced in client library (Return of
BACKRONYM)]
RESERVED
- mariadb-10.2 <unfixed>
@@ -20130,84 +20144,78 @@ CVE-2018-2767 [Use of SSL/TLS not enforced in client
library (Return of BACKRONY
NOTE: http://www.openwall.com/lists/oss-security/2018/04/08/2
NOTE: Result from an incomplete fix for CVE-2015-3152 and related CVE
for
NOTE: Oracle products.
-CVE-2018-2766
- RESERVED
+CVE-2018-2766 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- mysql-5.7 <unfixed> (bug #895997)
- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2765
- RESERVED
-CVE-2018-2764
- RESERVED
-CVE-2018-2763
- RESERVED
-CVE-2018-2762
- RESERVED
+CVE-2018-2765 (Vulnerability in the Oracle Security Service component of
Oracle ...)
+ TODO: check
+CVE-2018-2764 (Vulnerability in the Solaris component of Oracle Sun Systems
Products ...)
+ TODO: check
+CVE-2018-2763 (Vulnerability in the Solaris component of Oracle Sun Systems
Products ...)
+ TODO: check
+CVE-2018-2762 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- mysql-5.7 <unfixed> (bug #895997)
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2761
- RESERVED
+CVE-2018-2761 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- mysql-5.7 <unfixed> (bug #895997)
- mysql-5.5 <removed>
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2760
- RESERVED
-CVE-2018-2759
- RESERVED
+CVE-2018-2760 (Vulnerability in the Oracle HTTP Server component of Oracle
Fusion ...)
+ TODO: check
+CVE-2018-2759 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- mysql-5.7 <unfixed> (bug #895997)
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2758
- RESERVED
+CVE-2018-2758 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- mysql-5.7 <unfixed> (bug #895997)
- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
CVE-2018-2757
RESERVED
-CVE-2018-2756
- RESERVED
-CVE-2018-2755
- RESERVED
+CVE-2018-2756 (Vulnerability in the Oracle Communications Order and Service
...)
+ TODO: check
+CVE-2018-2755 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- mysql-5.7 <unfixed> (bug #895997)
- mysql-5.5 <removed>
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2754
- RESERVED
-CVE-2018-2753
- RESERVED
-CVE-2018-2752
- RESERVED
+CVE-2018-2754 (Vulnerability in the Solaris component of Oracle Sun Systems
Products ...)
+ TODO: check
+CVE-2018-2753 (Vulnerability in the Solaris component of Oracle Sun Systems
Products ...)
+ TODO: check
+CVE-2018-2752 (Vulnerability in the PeopleSoft Enterprise HCM component of
Oracle ...)
+ TODO: check
CVE-2018-2751
RESERVED
-CVE-2018-2750
- RESERVED
-CVE-2018-2749
- RESERVED
-CVE-2018-2748
- RESERVED
-CVE-2018-2747
- RESERVED
-CVE-2018-2746
- RESERVED
+CVE-2018-2750 (Vulnerability in the Enterprise Manager Base Platform component
of ...)
+ TODO: check
+CVE-2018-2749 (Vulnerability in the Oracle Banking Corporate Lending component
of ...)
+ TODO: check
+CVE-2018-2748 (Vulnerability in the Oracle Banking Corporate Lending component
of ...)
+ TODO: check
+CVE-2018-2747 (Vulnerability in the Oracle Banking Corporate Lending component
of ...)
+ TODO: check
+CVE-2018-2746 (Vulnerability in the Oracle Banking Corporate Lending component
of ...)
+ TODO: check
CVE-2018-2745
RESERVED
CVE-2018-2744
RESERVED
CVE-2018-2743
RESERVED
-CVE-2018-2742
- RESERVED
+CVE-2018-2742 (Vulnerability in the Enterprise Manager Ops Center component of
Oracle ...)
+ TODO: check
CVE-2018-2741
RESERVED
CVE-2018-2740
RESERVED
-CVE-2018-2739
- RESERVED
-CVE-2018-2738
- RESERVED
-CVE-2018-2737
- RESERVED
+CVE-2018-2739 (Vulnerability in the Oracle Access Manager component of Oracle
Fusion ...)
+ TODO: check
+CVE-2018-2738 (Vulnerability in the Oracle Retail Central Office component of
Oracle ...)
+ TODO: check
+CVE-2018-2737 (Vulnerability in the Oracle Retail Returns Management component
of ...)
+ TODO: check
CVE-2018-2736
RESERVED
CVE-2018-2735
@@ -20244,8 +20252,8 @@ CVE-2018-2720 (Vulnerability in the Oracle Financial
Services Liquidity Risk ...
NOT-FOR-US: Oracle
CVE-2018-2719 (Vulnerability in the Oracle Financial Services Hedge Management
and ...)
NOT-FOR-US: Oracle
-CVE-2018-2718
- RESERVED
+CVE-2018-2718 (Vulnerability in the Solaris component of Oracle Sun Systems
Products ...)
+ TODO: check
CVE-2018-2717 (Vulnerability in the Solaris component of Oracle Sun Systems
Products ...)
NOT-FOR-US: Oracle
CVE-2018-2716 (Vulnerability in the Oracle Financial Services Market Risk
Measurement ...)
@@ -20518,8 +20526,8 @@ CVE-2018-2629 (Vulnerability in the Java SE, Java SE
Embedded, JRockit component
- openjdk-7 <removed>
- openjdk-6 <removed>
[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2628
- RESERVED
+CVE-2018-2628 (Vulnerability in the Oracle WebLogic Server component of Oracle
Fusion ...)
+ TODO: check
CVE-2018-2627 (Vulnerability in the Java SE component of Oracle Java SE ...)
- openjdk-9 <not-affected> (Specific to installer for Windows)
- openjdk-8 <not-affected> (Specific to installer for Windows)
@@ -20642,8 +20650,8 @@ CVE-2018-2588 (Vulnerability in the Java SE, Java SE
Embedded, JRockit component
- openjdk-7 <removed>
- openjdk-6 <removed>
[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2587
- RESERVED
+CVE-2018-2587 (Vulnerability in the Oracle Access Manager component of Oracle
Fusion ...)
+ TODO: check
CVE-2018-2586 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
- mysql-5.7 5.7.21-1 (bug #887477)
- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
@@ -20693,8 +20701,8 @@ CVE-2018-2573 (Vulnerability in the MySQL Server
component of Oracle MySQL ...)
- mysql-5.7 5.7.21-1 (bug #887477)
- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2572
- RESERVED
+CVE-2018-2572 (Vulnerability in the Oracle Agile Product Lifecycle Management
for ...)
+ TODO: check
CVE-2018-2571 (Vulnerability in the Oracle Communications Unified Inventory
...)
NOT-FOR-US: Oracle
CVE-2018-2570 (Vulnerability in the Oracle Communications Unified Inventory
...)
@@ -20713,8 +20721,8 @@ CVE-2018-2565 (Vulnerability in the MySQL Server
component of Oracle MySQL ...)
NOTE:
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
CVE-2018-2564 (Vulnerability in the Oracle WebCenter Content component of
Oracle ...)
NOT-FOR-US: Oracle
-CVE-2018-2563
- RESERVED
+CVE-2018-2563 (Vulnerability in the Solaris component of Oracle Sun Systems
Products ...)
+ TODO: check
CVE-2018-2562 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
{DSA-4091-1 DLA-1250-1}
- mysql-5.7 5.7.20-1
@@ -24425,8 +24433,8 @@ CVE-2018-1169 (This vulnerability allows remote
attackers to execute arbitrary c
NOT-FOR-US: Amazon Music Player
CVE-2018-1168 (This vulnerability allows local attackers to escalate
privileges on ...)
NOT-FOR-US: ABB MicroSCADA
-CVE-2018-1167
- RESERVED
+CVE-2018-1167 (This vulnerability allows remote attackers to execute arbitrary
code ...)
+ TODO: check
CVE-2018-1166 (This vulnerability allows local attackers to escalate
privileges on ...)
NOT-FOR-US: Joyent SmartOS
CVE-2018-1165 (This vulnerability allows local attackers to escalate
privileges on ...)
@@ -25587,8 +25595,8 @@ CVE-2018-1037 (An information disclosure vulnerability
exists when Visual Studio
NOT-FOR-US: Microsoft
CVE-2018-1036
RESERVED
-CVE-2018-1035
- RESERVED
+CVE-2018-1035 (A security feature bypass vulnerability exists in Windows which
could ...)
+ TODO: check
CVE-2018-1034 (An elevation of privilege vulnerability exists when Microsoft
...)
NOT-FOR-US: Microsoft
CVE-2018-1033
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/c3fbfcff1f5f93a52ad41abb9b11be5a4908edae
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/c3fbfcff1f5f93a52ad41abb9b11be5a4908edae
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
