Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
cc0640f2 by security tracker role at 2018-05-16T08:10:13+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,25 @@
+CVE-2018-11141
+       RESERVED
+CVE-2018-11140
+       RESERVED
+CVE-2018-11139
+       RESERVED
+CVE-2018-11138
+       RESERVED
+CVE-2018-11137
+       RESERVED
+CVE-2018-11136
+       RESERVED
+CVE-2018-11135
+       RESERVED
+CVE-2018-11134
+       RESERVED
+CVE-2018-11133
+       RESERVED
+CVE-2018-11132
+       RESERVED
+CVE-2018-11131
+       RESERVED
 CVE-2018-11130
        RESERVED
 CVE-2018-11129
@@ -1202,12 +1224,12 @@ CVE-2018-10593
        RESERVED
 CVE-2018-10592
        RESERVED
-CVE-2018-10591
-       RESERVED
-CVE-2018-10590
-       RESERVED
-CVE-2018-10589
-       RESERVED
+CVE-2018-10591 (In Advantech WebAccess versions V8.2_20170817 and prior, 
WebAccess ...)
+       TODO: check
+CVE-2018-10590 (In Advantech WebAccess versions V8.2_20170817 and prior, 
WebAccess ...)
+       TODO: check
+CVE-2018-10589 (In Advantech WebAccess versions V8.2_20170817 and prior, 
WebAccess ...)
+       TODO: check
 CVE-2018-10588
        RESERVED
 CVE-2018-10587
@@ -5459,16 +5481,16 @@ CVE-2018-8847
        RESERVED
 CVE-2018-8846
        RESERVED
-CVE-2018-8845
-       RESERVED
+CVE-2018-8845 (In Advantech WebAccess versions V8.2_20170817 and prior, 
WebAccess ...)
+       TODO: check
 CVE-2018-8844
        RESERVED
 CVE-2018-8843 (Rockwell Automation Arena versions 16.10.00 and prior contains 
a use ...)
        NOT-FOR-US: Rockwell
 CVE-2018-8842
        RESERVED
-CVE-2018-8841
-       RESERVED
+CVE-2018-8841 (In Advantech WebAccess versions V8.2_20170817 and prior, 
WebAccess ...)
+       TODO: check
 CVE-2018-8840 (A remote attacker could send a carefully crafted packet in 
InduSoft ...)
        NOT-FOR-US: InduSoft
 CVE-2018-8839 (Delta PMSoft versions 2.10 and prior have multiple stack-based 
buffer ...)
@@ -8924,28 +8946,28 @@ CVE-2018-7507 (WPLSoft in Delta Electronics versions 
2.45.0 and prior utilizes a
        NOT-FOR-US: Delta Electronics
 CVE-2018-7506 (The private key of the web server in Moxa MXview versions 2.8 
and ...)
        NOT-FOR-US: Moxa
-CVE-2018-7505
-       RESERVED
+CVE-2018-7505 (In Advantech WebAccess versions V8.2_20170817 and prior, 
WebAccess ...)
+       TODO: check
 CVE-2018-7504 (A Protection Mechanism Failure issue was discovered in OSIsoft 
PI ...)
        NOT-FOR-US: OSIsoft PI
-CVE-2018-7503
-       RESERVED
+CVE-2018-7503 (In Advantech WebAccess versions V8.2_20170817 and prior, 
WebAccess ...)
+       TODO: check
 CVE-2018-7502 (Kernel drivers in Beckhoff TwinCAT 3.1 Build 4022.4, TwinCAT 
2.11 R3 ...)
        NOT-FOR-US: Beckhoff TwinCAT
-CVE-2018-7501
-       RESERVED
+CVE-2018-7501 (In Advantech WebAccess versions V8.2_20170817 and prior, 
WebAccess ...)
+       TODO: check
 CVE-2018-7500 (A Permissions, Privileges, and Access Controls issue was 
discovered in ...)
        NOT-FOR-US: OSIsoft PI
-CVE-2018-7499
-       RESERVED
+CVE-2018-7499 (In Advantech WebAccess versions V8.2_20170817 and prior, 
WebAccess ...)
+       TODO: check
 CVE-2018-7498 (In Philips Alice 6 System version R8.0.2 or prior, the lack of 
proper ...)
        NOT-FOR-US: Philips Alice 6 System
-CVE-2018-7497
-       RESERVED
+CVE-2018-7497 (In Advantech WebAccess versions V8.2_20170817 and prior, 
WebAccess ...)
+       TODO: check
 CVE-2018-7496 (An Information Exposure issue was discovered in OSIsoft PI 
Vision ...)
        NOT-FOR-US: OSIsoft PI
-CVE-2018-7495
-       RESERVED
+CVE-2018-7495 (In Advantech WebAccess versions V8.2_20170817 and prior, 
WebAccess ...)
+       TODO: check
 CVE-2018-7494 (WPLSoft in Delta Electronics versions 2.45.0 and prior utilizes 
a ...)
        NOT-FOR-US: Delta Electronics
 CVE-2018-7493 (CactusVPN through 6.0 for macOS suffers from a root privilege 
...)
@@ -26718,10 +26740,10 @@ CVE-2018-1265
        RESERVED
 CVE-2018-1264
        RESERVED
-CVE-2018-1263
-       RESERVED
-CVE-2018-1262
-       RESERVED
+CVE-2018-1263 (Addresses partial fix in CVE-2018-1261. Pivotal ...)
+       TODO: check
+CVE-2018-1262 (Cloud Foundry Foundation UAA, versions 4.12.X and 4.13.X, 
introduced a ...)
+       TODO: check
 CVE-2018-1261 (Spring-integration-zip versions prior to 1.0.1 exposes an 
arbitrary ...)
        TODO: check
 CVE-2018-1260 (Spring Security OAuth, versions 2.3 prior to 2.3.3, 2.2 prior 
to ...)
@@ -75216,27 +75238,23 @@ CVE-2017-2615 [display: cirrus: oob access while 
doing bitblt copy backward mode
 CVE-2017-2614
        RESERVED
        NOT-FOR-US: Red Hat ovirt-aaa-jdbc-tool tools
-CVE-2017-2613
-       RESERVED
+CVE-2017-2613 (jenkins before versions 2.44, 2.32.2 is vulnerable to a user 
creation ...)
        - jenkins <removed>
        NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2612
-       RESERVED
+CVE-2017-2612 (In Jenkins before versions 2.44, 2.32.2 low privilege users 
were able ...)
        - jenkins <removed>
        NOTE: https://jenkins.io/security/advisory/2017-02-01/
 CVE-2017-2611 (Jenkins before versions 2.44, 2.32.2 is vulnerable to an 
insufficient ...)
        - jenkins <removed>
        NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2610
-       RESERVED
+CVE-2017-2610 (jenkins before versions 2.44, 2.32.2 is vulnerable to a 
persisted ...)
        - jenkins <removed>
        NOTE: https://jenkins.io/security/advisory/2017-02-01/
 CVE-2017-2609
        RESERVED
        - jenkins <removed>
        NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2608
-       RESERVED
+CVE-2017-2608 (Jenkins before versions 2.44, 2.32.2 is vulnerable to a remote 
code ...)
        - jenkins <removed>
        NOTE: https://jenkins.io/security/advisory/2017-02-01/
 CVE-2017-2607
@@ -75248,23 +75266,19 @@ CVE-2017-2606 (Jenkins before versions 2.44, 2.32.2 
is vulnerable to an informat
        NOTE: https://jenkins.io/security/advisory/2017-02-01/
 CVE-2017-2605
        REJECTED
-CVE-2017-2604
-       RESERVED
+CVE-2017-2604 (In Jenkins before versions 2.44, 2.32.2 low privilege users 
were able ...)
        - jenkins <removed>
        NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2603
-       RESERVED
+CVE-2017-2603 (Jenkins before versions 2.44, 2.32.2 is vulnerable to a user 
data leak ...)
        - jenkins <removed>
        NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2602
-       RESERVED
+CVE-2017-2602 (jenkins before versions 2.44, 2.32.2 is vulnerable to an 
improper ...)
        - jenkins <removed>
        NOTE: https://jenkins.io/security/advisory/2017-02-01/
 CVE-2017-2601 (Jenkins before versions 2.44, 2.32.2 is vulnerable to a 
persisted ...)
        - jenkins <removed>
        NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2600
-       RESERVED
+CVE-2017-2600 (In jenkins before versions 2.44, 2.32.2 node monitor data could 
be ...)
        - jenkins <removed>
        NOTE: https://jenkins.io/security/advisory/2017-02-01/
 CVE-2017-2599 (Jenkins before versions 2.44 and 2.32.2 is vulnerable to an ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/cc0640f2127325e24b8bdcd8edc7faf0e8458e91

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/cc0640f2127325e24b8bdcd8edc7faf0e8458e91
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to