[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Tue, 15 May 2018 01:10:36 -0700

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
d4336416 by security tracker role at 2018-05-15T08:10:13+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,137 @@
+CVE-2018-11104
+       RESERVED
+CVE-2018-11103
+       RESERVED
+CVE-2018-11102 (An issue was discovered in Libav 12.3. A read access violation 
in the ...)
+       TODO: check
+CVE-2018-11101
+       RESERVED
+CVE-2018-11100 (The decompileSETTARGET function in decompile.c in libming 
through 0.4.8 ...)
+       TODO: check
+CVE-2018-11099
+       RESERVED
+CVE-2018-11098 (An issue was discovered in Frog CMS 0.9.5. There is a file 
upload ...)
+       TODO: check
+CVE-2018-11097 (An issue was discovered in cloudwu/cstring through 2016-11-09. 
There is ...)
+       TODO: check
+CVE-2018-11096
+       RESERVED
+CVE-2018-11095 (The decompileJUMP function in decompile.c in libming through 
0.4.8 ...)
+       TODO: check
+CVE-2018-11094
+       RESERVED
+CVE-2018-11093
+       RESERVED
+CVE-2018-11092
+       RESERVED
+CVE-2018-11091 (An issue was discovered in MyBiz MyProcureNet 5.0.0. A 
malicious file ...)
+       TODO: check
+CVE-2018-11090 (An XSS issue was discovered in MyBiz MyProcureNet 5.0.0. This 
...)
+       TODO: check
+CVE-2018-11089
+       RESERVED
+CVE-2018-11088
+       RESERVED
+CVE-2018-11087
+       RESERVED
+CVE-2018-11086
+       RESERVED
+CVE-2018-11085
+       RESERVED
+CVE-2018-11084
+       RESERVED
+CVE-2018-11083
+       RESERVED
+CVE-2018-11082
+       RESERVED
+CVE-2018-11081
+       RESERVED
+CVE-2018-11080
+       RESERVED
+CVE-2018-11079
+       RESERVED
+CVE-2018-11078
+       RESERVED
+CVE-2018-11077
+       RESERVED
+CVE-2018-11076
+       RESERVED
+CVE-2018-11075
+       RESERVED
+CVE-2018-11074
+       RESERVED
+CVE-2018-11073
+       RESERVED
+CVE-2018-11072
+       RESERVED
+CVE-2018-11071
+       RESERVED
+CVE-2018-11070
+       RESERVED
+CVE-2018-11069
+       RESERVED
+CVE-2018-11068
+       RESERVED
+CVE-2018-11067
+       RESERVED
+CVE-2018-11066
+       RESERVED
+CVE-2018-11065
+       RESERVED
+CVE-2018-11064
+       RESERVED
+CVE-2018-11063
+       RESERVED
+CVE-2018-11062
+       RESERVED
+CVE-2018-11061
+       RESERVED
+CVE-2018-11060
+       RESERVED
+CVE-2018-11059
+       RESERVED
+CVE-2018-11058
+       RESERVED
+CVE-2018-11057
+       RESERVED
+CVE-2018-11056
+       RESERVED
+CVE-2018-11055
+       RESERVED
+CVE-2018-11054
+       RESERVED
+CVE-2018-11053
+       RESERVED
+CVE-2018-11052
+       RESERVED
+CVE-2018-11051
+       RESERVED
+CVE-2018-11050
+       RESERVED
+CVE-2018-11049
+       RESERVED
+CVE-2018-11048
+       RESERVED
+CVE-2018-11047
+       RESERVED
+CVE-2018-11046
+       RESERVED
+CVE-2018-11045
+       RESERVED
+CVE-2018-11044
+       RESERVED
+CVE-2018-11043
+       RESERVED
+CVE-2018-11042
+       RESERVED
+CVE-2018-11041
+       RESERVED
+CVE-2018-11040
+       RESERVED
+CVE-2018-11039
+       RESERVED
+CVE-2017-18268
+       RESERVED
 CVE-2018-11038
        RESERVED
 CVE-2018-11037 (In Exiv2 0.26, the Exiv2::PngImage::printStructure function in 
...)
@@ -89,8 +223,8 @@ CVE-2018-10996 (The weblogin_log function in /htdocs/cgibin 
on D-Link DIR-629-B1
        NOT-FOR-US: D-Link
 CVE-2018-10995
        RESERVED
-CVE-2018-10994
-       RESERVED
+CVE-2018-10994 (js/views/message_view.js in Open Whisper Signal (aka 
Signal-Desktop) ...)
+       TODO: check
 CVE-2018-10993
        RESERVED
 CVE-2018-10991
@@ -456,8 +590,8 @@ CVE-2018-10827 (LiteCart before 2.1.2 allows remote 
attackers to cause a denial 
        NOT-FOR-US: LiteCart
 CVE-2018-10826
        RESERVED
-CVE-2018-10825
-       RESERVED
+CVE-2018-10825 (Mimo Baby 2 devices do not use authentication or encryption 
for the ...)
+       TODO: check
 CVE-2018-10824
        RESERVED
 CVE-2018-10823
@@ -811,7 +945,7 @@ CVE-2018-10684
        RESERVED
 CVE-2018-10683 (** DISPUTED ** An issue was discovered in WildFly 
10.1.2.Final. In the ...)
        - wildfly <itp> (bug #752018)
-CVE-2018-10682 (An issue was discovered in WildFly 10.1.2.Final. It is 
possible for an ...)
+CVE-2018-10682 (** DISPUTED ** An issue was discovered in WildFly 
10.1.2.Final. It is ...)
        - wildfly <itp> (bug #752018)
 CVE-2016-10722 (partclone.fat in Partclone before 0.2.88 is prone to a 
heap-based ...)
        - partclone 0.2.88-1
@@ -5269,8 +5403,8 @@ CVE-2018-8845
        RESERVED
 CVE-2018-8844
        RESERVED
-CVE-2018-8843
-       RESERVED
+CVE-2018-8843 (Rockwell Automation Arena versions 16.10.00 and prior contains 
a use ...)
+       TODO: check
 CVE-2018-8842
        RESERVED
 CVE-2018-8841
@@ -38488,22 +38622,22 @@ CVE-2017-14440 (An exploitable code execution 
vulnerability exists in the ILBM i
        - sdl-image1.2 1.2.12-8
        NOTE: 
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0489
        NOTE: https://hg.libsdl.org/SDL_image/rev/bfa08dc02b3c
-CVE-2017-14439
-       RESERVED
-CVE-2017-14438
-       RESERVED
-CVE-2017-14437
-       RESERVED
-CVE-2017-14436
-       RESERVED
-CVE-2017-14435
-       RESERVED
-CVE-2017-14434
-       RESERVED
-CVE-2017-14433
-       RESERVED
-CVE-2017-14432
-       RESERVED
+CVE-2017-14439 (Exploitable denial of service vulnerabilities exists in the 
Service ...)
+       TODO: check
+CVE-2017-14438 (Exploitable denial of service vulnerabilities exists in the 
Service ...)
+       TODO: check
+CVE-2017-14437 (An exploitable denial of service vulnerability exists in the 
web ...)
+       TODO: check
+CVE-2017-14436 (An exploitable denial of service vulnerability exists in the 
web ...)
+       TODO: check
+CVE-2017-14435 (An exploitable denial of service vulnerability exists in the 
web ...)
+       TODO: check
+CVE-2017-14434 (An exploitable command injection vulnerability exists in the 
web ...)
+       TODO: check
+CVE-2017-14433 (An exploitable command injection vulnerability exists in the 
web ...)
+       TODO: check
+CVE-2017-14432 (An exploitable command injection vulnerability exists in the 
web ...)
+       TODO: check
 CVE-2017-14430 (D-Link DIR-850L REV. A (with firmware through 
FW114WWb07_h2ab_beta1) ...)
        NOT-FOR-US: D-Link
 CVE-2017-14429 (The DHCP client on D-Link DIR-850L REV. A (with firmware 
through ...)
@@ -45436,20 +45570,20 @@ CVE-2017-12131 (The Easy Testimonials plugin 3.0.4 
for WordPress has XSS in ...)
        NOT-FOR-US: Wordpress plugin
 CVE-2017-12130 (An exploitable NULL pointer dereference vulnerability exists 
in the ...)
        NOT-FOR-US: tinysvcmdns
-CVE-2017-12129
-       RESERVED
-CVE-2017-12128
-       RESERVED
-CVE-2017-12127
-       RESERVED
-CVE-2017-12126
-       RESERVED
-CVE-2017-12125
-       RESERVED
-CVE-2017-12124
-       RESERVED
-CVE-2017-12123
-       RESERVED
+CVE-2017-12129 (An exploitable Weak Cryptography for Passwords vulnerability 
exists in ...)
+       TODO: check
+CVE-2017-12128 (An exploitable information disclosure vulnerability exists in 
the ...)
+       TODO: check
+CVE-2017-12127 (A password storage vulnerability exists in the operating 
system ...)
+       TODO: check
+CVE-2017-12126 (An exploitable cross-site request forgery vulnerability exists 
in the ...)
+       TODO: check
+CVE-2017-12125 (An exploitable command injection vulnerability exists in the 
web ...)
+       TODO: check
+CVE-2017-12124 (An exploitable denial of service vulnerability exists in the 
web ...)
+       TODO: check
+CVE-2017-12123 (An exploitable clear text transmission of password 
vulnerability ...)
+       TODO: check
 CVE-2017-12122 (An exploitable code execution vulnerability exists in the ILBM 
image ...)
        {DSA-4184-1 DSA-4177-1 DLA-1341-1}
        - libsdl2-image 2.0.3+dfsg1-1
@@ -45457,10 +45591,10 @@ CVE-2017-12122 (An exploitable code execution 
vulnerability exists in the ILBM i
        NOTE: 
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0488
        NOTE: https://hg.libsdl.org/SDL_image/rev/16772bbb1b09
        NOTE: https://hg.libsdl.org/SDL_image/rev/97f7f01e0665
-CVE-2017-12121
-       RESERVED
-CVE-2017-12120
-       RESERVED
+CVE-2017-12121 (An exploitable command injection vulnerability exists in the 
web ...)
+       TODO: check
+CVE-2017-12120 (An exploitable command injection vulnerability exists in the 
web ...)
+       TODO: check
 CVE-2017-12119 (An exploitable unhandled exception vulnerability exists in 
multiple ...)
        - cpp-ethereum <itp> (bug #860434)
 CVE-2017-12118 (An exploitable improper authorization vulnerability exists in 
...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/d4336416b7d967185c27dbcf653cf1a93f32234e

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/d4336416b7d967185c27dbcf653cf1a93f32234e
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to