Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 7179c6c7 by Moritz Muehlenhoff at 2018-05-03T23:08:35+02:00 NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -3,9 +3,9 @@ CVE-2018-10720 CVE-2018-10719 RESERVED CVE-2018-10718 (Stack-based buffer overflow in Activision Infinity Ward Call of Duty ...) - TODO: check + NOT-FOR-US: Activision CVE-2018-10717 (The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 does not ...) - TODO: check + NOT-FOR-US: ngiflib CVE-2018-10716 (An issue was discovered in Shanghai 2345 Security Guard 3.7.0. ...) NOT-FOR-US: Shanghai 2345 Security Guard CVE-2018-10715 @@ -98,7 +98,7 @@ CVE-2018-10679 CVE-2018-10678 RESERVED CVE-2018-10677 (The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 lacks ...) - TODO: check + NOT-FOR-US: ngiflib CVE-2018-10676 (CeNova, Night OWL, Novo, Pulnix, QSee, Securus, and TBK Vision DVR ...) NOT-FOR-US: CeNova, Night OWL, Novo, Pulnix, QSee, Securus, and TBK Vision DVR devices CVE-2018-10674 @@ -118,7 +118,7 @@ CVE-2018-10668 CVE-2018-10667 RESERVED CVE-2018-10666 (The Owned smart contract implementation for Aurora IDEX Membership ...) - TODO: check + NOT-FOR-US: Aurora IDEX CVE-2018-10665 (ILIAS 5.3.4 has XSS through unsanitized output of PHP_SELF, related to ...) NOT-FOR-US: ILIAS CVE-2018-10664 @@ -1927,7 +1927,7 @@ CVE-2018-9921 (In CMS Made Simple 2.2.7, a Directory Traversal issue makes it po CVE-2018-9920 RESERVED CVE-2018-9919 (A web-accessible backdoor, with resultant SSRF, exists in Tp-shop ...) - TODO: check + NOT-FOR-US: Tp-shop CVE-2018-9918 (libqpdf.a in QPDF through 8.0.2 mishandles certain "expected dictionary ...) - qpdf 8.0.2-3 (bug #895443) [stretch] - qpdf <no-dsa> (Minor issue) @@ -4340,7 +4340,7 @@ CVE-2018-8902 CVE-2018-8901 RESERVED CVE-2018-8900 (The License Manager service of HASP SRM, Sentinel HASP and Sentinel ...) - TODO: check + NOT-FOR-US: HASP SRM CVE-2018-8899 (IdentityServer IdentityServer4 1.x before 1.5.3 and 2.x before 2.1.3 ...) NOT-FOR-US: IdentityServer CVE-2018-8898 @@ -6115,7 +6115,7 @@ CVE-2018-8117 (A security feature bypass vulnerability exists in the Microsoft . CVE-2018-8116 (A denial of service vulnerability exists in the way that Windows ...) NOT-FOR-US: Microsoft CVE-2018-8115 (A remote code execution vulnerability exists when the Windows Host ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2018-8114 RESERVED CVE-2018-8113 @@ -6704,7 +6704,7 @@ CVE-2018-7893 (CMS Made Simple (CMSMS) 2.2.6 has stored XSS in ...) CVE-2018-7892 RESERVED CVE-2018-7891 (The Milestone XProtect Video Management Software (Corporate, Expert, ...) - TODO: check + NOT-FOR-US: Milestone XProtect Video Management Software CVE-2018-7995 (** DISPUTED ** Race condition in the store_int_with_restart() function ...) {DSA-4188-1 DSA-4187-1 DLA-1369-1} - linux 4.15.11-1 @@ -10770,7 +10770,7 @@ CVE-2018-6591 (Converse.js and Inverse.js through 3.3 allow remote attackers to CVE-2018-6590 RESERVED CVE-2018-6589 (CA Spectrum 10.1 prior to 10.01.02.PTF_10.1.239 and 10.2.x prior to ...) - TODO: check + NOT-FOR-US: CA Spectrum CVE-2018-6588 (CA API Developer Portal 3.5 up to and including 3.5 CR5 has a ...) NOT-FOR-US: CA API Developer Portal CVE-2018-6587 (CA API Developer Portal 3.5 up to and including 3.5 CR6 has a ...) @@ -11399,7 +11399,7 @@ CVE-2018-6403 CVE-2018-6402 RESERVED CVE-2018-6401 (Meross MSS110 devices before 1.1.24 contain a TELNET listener providing ...) - TODO: check + NOT-FOR-US: Meross CVE-2018-6400 (Kingsoft WPS Office Free 10.2.0.5978 allows local users to gain ...) NOT-FOR-US: Kingsoft WPS Office Free CVE-2018-6399 @@ -11881,7 +11881,7 @@ CVE-2018-6244 CVE-2018-6243 RESERVED CVE-2018-6242 (Some NVIDIA Tegra mobile processors released prior to 2016 contain a ...) - TODO: check + NOT-FOR-US: NVIDIA CVE-2018-6241 RESERVED CVE-2018-6240 @@ -14854,7 +14854,7 @@ CVE-2018-5236 CVE-2018-5235 RESERVED CVE-2018-5234 (The Norton Core router prior to v237 may be susceptible to a command ...) - TODO: check + NOT-FOR-US: Norton Core router CVE-2017-18022 (In ImageMagick 7.0.7-12 Q16, there are memory leaks in ...) - imagemagick 8:6.9.9.34+dfsg-3 (unimportant) NOTE: https://github.com/ImageMagick/ImageMagick/issues/904 @@ -15975,7 +15975,7 @@ CVE-2018-4851 CVE-2018-4850 RESERVED CVE-2018-4849 (A vulnerability has been identified in Siveillance VMS Video for ...) - TODO: check + NOT-FOR-US: Siveillance VMS Video CVE-2018-4848 RESERVED CVE-2018-4847 (A vulnerability has been identified in SIMATIC WinCC OA Operator iOS ...) @@ -25499,7 +25499,7 @@ CVE-2018-1279 CVE-2018-1278 RESERVED CVE-2018-1277 (Cloud Foundry Garden-runC, versions prior to 1.13.0, does not ...) - TODO: check + NOT-FOR-US: Cloud Foundry CVE-2018-1276 RESERVED CVE-2018-1275 (Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior ...) @@ -25696,7 +25696,7 @@ CVE-2018-1185 (An issue was discovered in EMC RecoverPoint for Virtual Machines CVE-2018-1184 (An issue was discovered in EMC RecoverPoint for Virtual Machines ...) NOT-FOR-US: EMC CVE-2018-1183 (In Dell EMC Unisphere for VMAX Virtual Appliance versions prior to ...) - TODO: check + NOT-FOR-US: EMC CVE-2018-1182 (An issue was discovered in EMC RSA Identity Governance and Lifecycle ...) NOT-FOR-US: EMC CVE-2018-1181 @@ -26527,7 +26527,7 @@ CVE-2017-17320 (Huawei Mate 9 Pro smartphones with software of LON-AL00BC00B139D CVE-2017-17319 (Huawei P9 smartphones with the versions before EVA-AL10C00B399SP02 ...) NOT-FOR-US: Huawei CVE-2017-17318 (Huawei MBB (Mobile Broadband) products E5771h-937 with the versions ...) - TODO: check + NOT-FOR-US: Huawei CVE-2017-17317 RESERVED CVE-2017-17316 @@ -26535,7 +26535,7 @@ CVE-2017-17316 CVE-2017-17315 RESERVED CVE-2017-17314 (Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, ...) - TODO: check + NOT-FOR-US: Huawei CVE-2017-17313 (The inputhub driver of HUAWEI P9 Lite mobile phones with Versions ...) NOT-FOR-US: inputhub driver of HUAWEI P9 Lite mobile phones CVE-2017-17312 @@ -27853,7 +27853,7 @@ CVE-2018-0713 CVE-2018-0712 RESERVED CVE-2018-0711 (Cross-site scripting (XSS) vulnerability in QNAP QTS 4.3.3 build ...) - TODO: check + NOT-FOR-US: QNAP CVE-2018-0710 RESERVED CVE-2018-0709 @@ -28409,7 +28409,7 @@ CVE-2017-17022 CVE-2017-17021 RESERVED CVE-2017-17020 (On D-Link DCS-5009 devices with firmware 1.08.11 and earlier, DCS-5010 ...) - TODO: check + NOT-FOR-US: D-Link CVE-2017-17019 RESERVED CVE-2017-17018 @@ -28891,27 +28891,27 @@ CVE-2018-0290 CVE-2018-0289 RESERVED CVE-2018-0288 (A vulnerability in Cisco WebEx Recording Format (WRF) Player could ...) - TODO: check + NOT-FOR-US: Cisco CVE-2018-0287 (A vulnerability in the Cisco WebEx Network Recording Player for ...) - TODO: check + NOT-FOR-US: Cisco CVE-2018-0286 (A vulnerability in the netconf interface of Cisco IOS XR Software could ...) - TODO: check + NOT-FOR-US: Cisco CVE-2018-0285 (A vulnerability in service logging for Cisco Prime Service Catalog ...) - TODO: check + NOT-FOR-US: Cisco CVE-2018-0284 RESERVED CVE-2018-0283 (A vulnerability in the detection engine of Cisco Firepower System ...) - TODO: check + NOT-FOR-US: Cisco CVE-2018-0282 RESERVED CVE-2018-0281 (A vulnerability in the detection engine of Cisco Firepower System ...) - TODO: check + NOT-FOR-US: Cisco CVE-2018-0280 RESERVED CVE-2018-0279 RESERVED CVE-2018-0278 (A vulnerability in the management console of Cisco Firepower System ...) - TODO: check + NOT-FOR-US: Cisco CVE-2018-0277 RESERVED CVE-2018-0276 (A vulnerability in Cisco WebEx Connect IM could allow an ...) @@ -28939,11 +28939,11 @@ CVE-2018-0266 (A vulnerability in the web framework of Cisco Unified Communicati CVE-2018-0265 RESERVED CVE-2018-0264 (A vulnerability in the Cisco WebEx Network Recording Player for ...) - TODO: check + NOT-FOR-US: Cisco CVE-2018-0263 RESERVED CVE-2018-0262 (A vulnerability in Cisco Meeting Server could allow an unauthenticated, ...) - TODO: check + NOT-FOR-US: Cisco CVE-2018-0261 RESERVED CVE-2018-0260 (A vulnerability in the web interface of Cisco MATE Live could allow an ...) @@ -28951,7 +28951,7 @@ CVE-2018-0260 (A vulnerability in the web interface of Cisco MATE Live could all CVE-2018-0259 (A vulnerability in the web-based management interface of Cisco MATE ...) NOT-FOR-US: Cisco CVE-2018-0258 (A vulnerability in the Cisco Prime File Upload servlet affecting ...) - TODO: check + NOT-FOR-US: Cisco CVE-2018-0257 (A vulnerability in Cisco IOS XE Software running on Cisco cBR Series ...) NOT-FOR-US: Cisco CVE-2018-0256 (A vulnerability in the peer-to-peer message processing functionality of ...) @@ -28961,23 +28961,23 @@ CVE-2018-0255 (A vulnerability in the device manager web interface of Cisco Indu CVE-2018-0254 (A vulnerability in the detection engine of Cisco Firepower System ...) NOT-FOR-US: Cisco CVE-2018-0253 (A vulnerability in the ACS Report component of Cisco Secure Access ...) - TODO: check + NOT-FOR-US: Cisco CVE-2018-0252 (A vulnerability in the IP Version 4 (IPv4) fragment reassembly function ...) - TODO: check + NOT-FOR-US: Cisco CVE-2018-0251 (A vulnerability in the Web Server Authentication Required screen of the ...) NOT-FOR-US: Cisco CVE-2018-0250 (A vulnerability in Central Web Authentication (CWA) with FlexConnect ...) - TODO: check + NOT-FOR-US: Cisco CVE-2018-0249 (A vulnerability when handling incoming 802.11 Association Requests for ...) - TODO: check + NOT-FOR-US: Cisco CVE-2018-0248 RESERVED CVE-2018-0247 (A vulnerability in Web Authentication (WebAuth) clients for the Cisco ...) - TODO: check + NOT-FOR-US: Cisco CVE-2018-0246 RESERVED CVE-2018-0245 (A vulnerability in the REST API of Cisco 5500 and 8500 Series Wireless ...) - TODO: check + NOT-FOR-US: Cisco CVE-2018-0244 (A vulnerability in the detection engine of Cisco Firepower System ...) NOT-FOR-US: Cisco CVE-2018-0243 (A vulnerability in the detection engine of Cisco Firepower System ...) @@ -28997,9 +28997,9 @@ CVE-2018-0237 (A vulnerability in the file type detection mechanism of the Cisco CVE-2018-0236 RESERVED CVE-2018-0235 (A vulnerability in the 802.11 frame validation functionality of the ...) - TODO: check + NOT-FOR-US: Cisco CVE-2018-0234 (A vulnerability in the implementation of Point-to-Point Tunneling ...) - TODO: check + NOT-FOR-US: Cisco CVE-2018-0233 (A vulnerability in the Secure Sockets Layer (SSL) packet reassembly ...) NOT-FOR-US: Cisco CVE-2018-0232 @@ -29015,7 +29015,7 @@ CVE-2018-0228 (A vulnerability in the ingress flow creation functionality of Cis CVE-2018-0227 (A vulnerability in the Secure Sockets Layer (SSL) Virtual Private ...) NOT-FOR-US: Cisco CVE-2018-0226 (A vulnerability in the assignment and management of default user ...) - TODO: check + NOT-FOR-US: Cisco CVE-2018-0225 RESERVED CVE-2018-0224 (A vulnerability in the CLI of the Cisco StarOS operating system for ...) @@ -38746,11 +38746,11 @@ CVE-2017-14016 (A Stack-based Buffer Overflow issue was discovered in Advantech CVE-2017-14015 RESERVED CVE-2017-14014 (Boston Scientific ZOOM LATITUDE PRM Model 3120 uses a hard-coded ...) - TODO: check + NOT-FOR-US: Boston Scientific ZOOM LATITUDE PRM Model 3120 CVE-2017-14013 (A Client-Side Enforcement of Server-Side Security issue was discovered ...) NOT-FOR-US: ProMinent MultiFLEX M10a Controller CVE-2017-14012 (Boston Scientific ZOOM LATITUDE PRM Model 3120 does not encrypt PHI at ...) - TODO: check + NOT-FOR-US: Boston Scientific ZOOM LATITUDE PRM Model 3120 CVE-2017-14011 (A Cross-Site Request Forgery issue was discovered in ProMinent ...) NOT-FOR-US: ProMinent MultiFLEX M10a Controller CVE-2017-14010 (In SpiderControl MicroBrowser Windows XP, Vista 7, 8 and 10, Versions ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7179c6c755ca65291444538089b31ebefb81d6a1 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7179c6c755ca65291444538089b31ebefb81d6a1 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits