Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: f0cce11c by security tracker role at 2018-04-27T08:10:17+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,75 @@ +CVE-2018-10467 + RESERVED +CVE-2018-10466 + RESERVED +CVE-2018-10465 + RESERVED +CVE-2018-10464 + RESERVED +CVE-2018-10463 + RESERVED +CVE-2018-10462 + RESERVED +CVE-2018-10461 + RESERVED +CVE-2018-10460 + RESERVED +CVE-2018-10459 + RESERVED +CVE-2018-10458 + RESERVED +CVE-2018-10457 + RESERVED +CVE-2018-10456 + RESERVED +CVE-2018-10455 + RESERVED +CVE-2018-10454 + RESERVED +CVE-2018-10453 + RESERVED +CVE-2018-10452 + RESERVED +CVE-2018-10451 + RESERVED +CVE-2018-10450 + RESERVED +CVE-2018-10449 + RESERVED +CVE-2018-10448 + RESERVED +CVE-2018-10447 + RESERVED +CVE-2018-10446 + RESERVED +CVE-2018-10445 + RESERVED +CVE-2018-10444 + RESERVED +CVE-2018-10443 + RESERVED +CVE-2018-10442 + RESERVED +CVE-2018-10441 + RESERVED +CVE-2018-10440 + RESERVED +CVE-2018-10439 + RESERVED +CVE-2018-10438 + RESERVED +CVE-2018-10437 + RESERVED +CVE-2018-10436 + RESERVED +CVE-2018-10435 + RESERVED +CVE-2018-10434 + RESERVED +CVE-2018-10433 + RESERVED +CVE-2017-18262 + RESERVED CVE-2018-XXXX [XSA-259: x86: PV guest may crash Xen with XPTI] - xen <unfixed> NOTE: https://xenbits.xen.org/xsa/advisory-259.html @@ -439,8 +511,8 @@ CVE-2018-10239 RESERVED CVE-2018-10238 (bvlc.c in skarg BACnet Protocol Stack 0.8.5 has a buffer overflow in ...) NOT-FOR-US: skarg BACnet Protocol Stack -CVE-2018-10237 - RESERVED +CVE-2018-10237 (Unbounded memory allocation in Google Guava 11.0 through 24.x before ...) + TODO: check CVE-2018-10236 (POSCMS 3.2.18 allows remote attackers to execute arbitrary PHP code via ...) NOT-FOR-US: POSCMS CVE-2018-10235 (POSCMS 3.2.10 allows remote attackers to execute arbitrary PHP code via ...) @@ -7151,8 +7223,8 @@ CVE-2018-7529 (A Deserialization of Untrusted Data issue was discovered in OSIso NOT-FOR-US: OSIsoft PI CVE-2018-7528 (An SQL injection vulnerability has been identified in Geutebruck ...) NOT-FOR-US: IP Geutebruck and Topline IP cameras -CVE-2018-7527 - RESERVED +CVE-2018-7527 (A buffer overflow can be triggered in LeviStudio HMI Editor, Version ...) + TODO: check CVE-2018-7526 RESERVED CVE-2018-7525 (In Omron CX-Supervisor Versions 3.30 and prior, processing a malformed ...) @@ -17177,16 +17249,16 @@ CVE-2018-3857 RESERVED CVE-2018-3856 RESERVED -CVE-2018-3855 - RESERVED +CVE-2018-3855 (In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 ...) + TODO: check CVE-2018-3854 RESERVED CVE-2018-3853 RESERVED CVE-2018-3852 RESERVED -CVE-2018-3851 - RESERVED +CVE-2018-3851 (In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 ...) + TODO: check CVE-2018-3850 (An exploitable use-after-free vulnerability exists in the JavaScript ...) NOT-FOR-US: Foxit PDF Reader CVE-2018-3849 (In the ffghtb function in NASA CFITSIO 3.42, specially crafted images ...) @@ -17209,10 +17281,10 @@ CVE-2018-3846 (In the ffgphd and ffgtkn functions in NASA CFITSIO 3.42, speciall [jessie] - cfitsio <no-dsa> (Minor issue) NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0529 NOTE: Mitigated to a crash due to hardened build flags -CVE-2018-3845 - RESERVED -CVE-2018-3844 - RESERVED +CVE-2018-3845 (In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 ...) + TODO: check +CVE-2018-3844 (In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 ...) + TODO: check CVE-2018-3843 (An exploitable type confusion vulnerability exists in the way Foxit ...) NOT-FOR-US: Foxit PDF Reader CVE-2018-3842 (An exploitable use of an uninitialized pointer vulnerability exists in ...) @@ -24071,8 +24143,8 @@ CVE-2017-17545 RESERVED CVE-2017-17544 RESERVED -CVE-2017-17543 - RESERVED +CVE-2017-17543 (Users' VPN authentication credentials are unsafely encrypted in ...) + TODO: check CVE-2017-17542 RESERVED CVE-2017-17541 @@ -37861,7 +37933,7 @@ CVE-2017-14012 RESERVED CVE-2017-14011 (A Cross-Site Request Forgery issue was discovered in ProMinent ...) NOT-FOR-US: ProMinent MultiFLEX M10a Controller -CVE-2017-14010 (An uncontrolled search path element vulnerability has been identified ...) +CVE-2017-14010 (In SpiderControl MicroBrowser Windows XP, Vista 7, 8 and 10, Versions ...) NOT-FOR-US: SpiderControl CVE-2017-14009 (An Information Exposure issue was discovered in ProMinent MultiFLEX ...) NOT-FOR-US: ProMinent MultiFLEX M10a Controller View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f0cce11c0c57dd3be07566734d6c24c7882a9a7e --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f0cce11c0c57dd3be07566734d6c24c7882a9a7e You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits