Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 2ff9d579 by security tracker role at 2018-05-29T20:10:25+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,11 @@ +CVE-2018-11540 + RESERVED +CVE-2018-11539 + RESERVED +CVE-2018-11538 + RESERVED +CVE-2018-11537 + RESERVED CVE-2018-11536 (md4c before 0.2.5 has a heap-based buffer overflow because ...) NOT-FOR-US: md4c CVE-2018-11535 (An issue was discovered in SITEMAKIN SLAC (Site Login and Access ...) @@ -5941,9 +5949,9 @@ CVE-2018-9112 (A low privileged admin account with a weak default password of ad NOT-FOR-US: Foxconn FEMTO AP-FC4064-T AP_GT_B38_5.8.3lb15-W47 LTE CVE-2018-9111 (Cross Site Scripting (XSS) exists on the Foxconn FEMTO AP-FC4064-T ...) NOT-FOR-US: Foxconn FEMTO AP-FC4064-T AP_GT_B38_5.8.3lb15-W47 LTE -CVE-2018-9110 (Studio 42 elFinder before 2.1.37 on Windows has Directory Traversal via ...) +CVE-2018-9110 (Studio 42 elFinder before 2.1.37 has a directory traversal ...) NOT-FOR-US: Studio 42 elFinder -CVE-2018-9109 (Studio 42 elFinder before 2.1.36 has Directory Traversal via the ...) +CVE-2018-9109 (Studio 42 elFinder before 2.1.36 has a directory traversal ...) NOT-FOR-US: Studio 42 elFinder CVE-2018-9108 (CSRF in /admin/user/manage/add in QuickAppsCMS 2.0.0-beta2 allows an ...) NOT-FOR-US: QuickAppsCMS @@ -10336,7 +10344,7 @@ CVE-2018-7451 RESERVED CVE-2018-7450 RESERVED -CVE-2018-7449 (Free SEGGER embOS/IP FTP Server Utility 3.22 (not to be mistaken with the embOS/IP FTP Server add-on that is used by the utility) allows remote attackers to cause a denial of service (daemon crash) via an invalid LIST, STOR, or RETR command. ...) +CVE-2018-7449 (SEGGER FTP Server for Windows before 3.22a allows remote attackers to ...) NOT-FOR-US: SEGGER embOS/IP FTP Server CVE-2018-7448 (Remote code execution vulnerability in ...) NOT-FOR-US: CMS Made Simple @@ -17127,8 +17135,8 @@ CVE-2018-5243 RESERVED CVE-2018-5242 RESERVED -CVE-2018-5241 - RESERVED +CVE-2018-5241 (Symantec Advanced Secure Gateway (ASG) 6.6 and 6.7, and ProxySG 6.5, ...) + TODO: check CVE-2018-5240 RESERVED CVE-2018-5239 @@ -26770,8 +26778,8 @@ CVE-2018-1497 RESERVED CVE-2018-1496 RESERVED -CVE-2018-1495 - RESERVED +CVE-2018-1495 (IBM FlashSystem V840 and V900 products could allow an authenticated ...) + TODO: check CVE-2018-1494 RESERVED CVE-2018-1493 @@ -27008,10 +27016,10 @@ CVE-2018-1378 RESERVED CVE-2018-1377 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 stores user ...) NOT-FOR-US: IBM Security Guardium Big Data Intelligence -CVE-2018-1376 - RESERVED -CVE-2018-1375 - RESERVED +CVE-2018-1376 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 is vulnerable ...) + TODO: check +CVE-2018-1375 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 does not ...) + TODO: check CVE-2018-1374 RESERVED CVE-2018-1373 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 uses an ...) @@ -27020,10 +27028,10 @@ CVE-2018-1372 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 does not NOT-FOR-US: IBM Security Guardium Big Data Intelligence CVE-2018-1371 (An IBM WebSphere MQ 8.0.0.8, 9.0.0.2, and 9.0.4 Client connecting to a ...) NOT-FOR-US: IBM WebSphere MQ -CVE-2018-1370 - RESERVED -CVE-2018-1369 - RESERVED +CVE-2018-1370 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 specifies ...) + TODO: check +CVE-2018-1369 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 stores ...) + TODO: check CVE-2018-1368 (IBM Security Guardium Database Activity Monitor 9.0, 9.1, and 9.5 ...) NOT-FOR-US: IBM Security Guardium Database Activity Monitor CVE-2018-1367 @@ -28066,10 +28074,10 @@ CVE-2018-1244 RESERVED CVE-2018-1243 RESERVED -CVE-2018-1242 - RESERVED -CVE-2018-1241 - RESERVED +CVE-2018-1242 (Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs ...) + TODO: check +CVE-2018-1241 (Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs ...) + TODO: check CVE-2018-1240 (Dell EMC ViPR Controller, versions after 3.0.0.38, contain an ...) NOT-FOR-US: EMC ViPR Controller CVE-2018-1239 (Dell EMC Unity Operating Environment (OE) versions prior to ...) @@ -28080,8 +28088,8 @@ CVE-2018-1237 (Dell EMC ScaleIO versions prior to 2.5, contain improper restrict NOT-FOR-US: EMC ScaleIO CVE-2018-1236 RESERVED -CVE-2018-1235 - RESERVED +CVE-2018-1235 (Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs ...) + TODO: check CVE-2018-1234 (RSA Authentication Agent version 8.0.1 and earlier for Web for IIS is ...) NOT-FOR-US: RSA Authentication Agent CVE-2018-1233 (RSA Authentication Agent version 8.0.1 and earlier for Web for both ...) @@ -70128,7 +70136,7 @@ CVE-2017-4954 RESERVED CVE-2017-4953 RESERVED -CVE-2017-4952 (VMware Xenon 1.x prior to 1.5.7, 1.5.4, 1.3.7, and 1.1.0 contains an ...) +CVE-2017-4952 (VMware Xenon 1.x, prior to 1.5.4-CR7_1, 1.5.7_7, 1.5.4-CR6_2, ...) NOT-FOR-US: VMware Xenon CVE-2017-4951 (VMware AirWatch Console (9.2.x before 9.2.2 and 9.1.x before 9.1.5) ...) NOT-FOR-US: VMware AirWatch Console @@ -78413,8 +78421,8 @@ CVE-2017-1770 RESERVED CVE-2017-1769 (IBM Business Process Manager 8.6 is vulnerable to cross-site request ...) NOT-FOR-US: IBM Business Process Manager -CVE-2017-1768 - RESERVED +CVE-2017-1768 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 generates an ...) + TODO: check CVE-2017-1767 (IBM Business Process Manager 8.6 is vulnerable to cross-site ...) NOT-FOR-US: IBM CVE-2017-1766 (Due to incorrect authorization in IBM Business Process Manager 8.6 an ...) @@ -90433,8 +90441,7 @@ CVE-2016-7077 RESERVED - foreman <itp> (bug #663101) NOTE: http://projects.theforeman.org/issues/16971 -CVE-2016-7076 [noexec bypass via wordexp()] - RESERVED +CVE-2016-7076 (sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo ...) {DLA-707-1} - sudo 1.8.18p1-1 (bug #842507) [jessie] - sudo <no-dsa> (Minor issue) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2ff9d57967062c11e50ae7916b37831fe0258f7a -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2ff9d57967062c11e50ae7916b37831fe0258f7a You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits