[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Tue, 29 May 2018 13:11:12 -0700

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
2ff9d579 by security tracker role at 2018-05-29T20:10:25+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,11 @@
+CVE-2018-11540
+       RESERVED
+CVE-2018-11539
+       RESERVED
+CVE-2018-11538
+       RESERVED
+CVE-2018-11537
+       RESERVED
 CVE-2018-11536 (md4c before 0.2.5 has a heap-based buffer overflow because ...)
        NOT-FOR-US: md4c
 CVE-2018-11535 (An issue was discovered in SITEMAKIN SLAC (Site Login and 
Access ...)
@@ -5941,9 +5949,9 @@ CVE-2018-9112 (A low privileged admin account with a weak 
default password of ad
        NOT-FOR-US: Foxconn FEMTO AP-FC4064-T AP_GT_B38_5.8.3lb15-W47 LTE
 CVE-2018-9111 (Cross Site Scripting (XSS) exists on the Foxconn FEMTO 
AP-FC4064-T ...)
        NOT-FOR-US: Foxconn FEMTO AP-FC4064-T AP_GT_B38_5.8.3lb15-W47 LTE
-CVE-2018-9110 (Studio 42 elFinder before 2.1.37 on Windows has Directory 
Traversal via ...)
+CVE-2018-9110 (Studio 42 elFinder before 2.1.37 has a directory traversal ...)
        NOT-FOR-US: Studio 42 elFinder
-CVE-2018-9109 (Studio 42 elFinder before 2.1.36 has Directory Traversal via 
the ...)
+CVE-2018-9109 (Studio 42 elFinder before 2.1.36 has a directory traversal ...)
        NOT-FOR-US: Studio 42 elFinder
 CVE-2018-9108 (CSRF in /admin/user/manage/add in QuickAppsCMS 2.0.0-beta2 
allows an ...)
        NOT-FOR-US: QuickAppsCMS
@@ -10336,7 +10344,7 @@ CVE-2018-7451
        RESERVED
 CVE-2018-7450
        RESERVED
-CVE-2018-7449 (Free SEGGER embOS/IP FTP Server Utility 3.22 (not to be 
mistaken with the embOS/IP FTP Server add-on that is used by the utility) 
allows remote attackers to cause a denial of service (daemon crash) via an 
invalid LIST, STOR, or RETR command. ...)
+CVE-2018-7449 (SEGGER FTP Server for Windows before 3.22a allows remote 
attackers to ...)
        NOT-FOR-US: SEGGER embOS/IP FTP Server
 CVE-2018-7448 (Remote code execution vulnerability in ...)
        NOT-FOR-US: CMS Made Simple
@@ -17127,8 +17135,8 @@ CVE-2018-5243
        RESERVED
 CVE-2018-5242
        RESERVED
-CVE-2018-5241
-       RESERVED
+CVE-2018-5241 (Symantec Advanced Secure Gateway (ASG) 6.6 and 6.7, and ProxySG 
6.5, ...)
+       TODO: check
 CVE-2018-5240
        RESERVED
 CVE-2018-5239
@@ -26770,8 +26778,8 @@ CVE-2018-1497
        RESERVED
 CVE-2018-1496
        RESERVED
-CVE-2018-1495
-       RESERVED
+CVE-2018-1495 (IBM FlashSystem V840 and V900 products could allow an 
authenticated ...)
+       TODO: check
 CVE-2018-1494
        RESERVED
 CVE-2018-1493
@@ -27008,10 +27016,10 @@ CVE-2018-1378
        RESERVED
 CVE-2018-1377 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 stores 
user ...)
        NOT-FOR-US: IBM Security Guardium Big Data Intelligence
-CVE-2018-1376
-       RESERVED
-CVE-2018-1375
-       RESERVED
+CVE-2018-1376 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 is 
vulnerable ...)
+       TODO: check
+CVE-2018-1375 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 does 
not ...)
+       TODO: check
 CVE-2018-1374
        RESERVED
 CVE-2018-1373 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 uses 
an ...)
@@ -27020,10 +27028,10 @@ CVE-2018-1372 (IBM Security Guardium Big Data 
Intelligence (SonarG) 3.1 does not
        NOT-FOR-US: IBM Security Guardium Big Data Intelligence
 CVE-2018-1371 (An IBM WebSphere MQ 8.0.0.8, 9.0.0.2, and 9.0.4 Client 
connecting to a ...)
        NOT-FOR-US: IBM WebSphere MQ
-CVE-2018-1370
-       RESERVED
-CVE-2018-1369
-       RESERVED
+CVE-2018-1370 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 
specifies ...)
+       TODO: check
+CVE-2018-1369 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 stores 
...)
+       TODO: check
 CVE-2018-1368 (IBM Security Guardium Database Activity Monitor 9.0, 9.1, and 
9.5 ...)
        NOT-FOR-US: IBM Security Guardium Database Activity Monitor
 CVE-2018-1367
@@ -28066,10 +28074,10 @@ CVE-2018-1244
        RESERVED
 CVE-2018-1243
        RESERVED
-CVE-2018-1242
-       RESERVED
-CVE-2018-1241
-       RESERVED
+CVE-2018-1242 (Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint 
for VMs ...)
+       TODO: check
+CVE-2018-1241 (Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint 
for VMs ...)
+       TODO: check
 CVE-2018-1240 (Dell EMC ViPR Controller, versions after 3.0.0.38, contain an 
...)
        NOT-FOR-US: EMC ViPR Controller
 CVE-2018-1239 (Dell EMC Unity Operating Environment (OE) versions prior to ...)
@@ -28080,8 +28088,8 @@ CVE-2018-1237 (Dell EMC ScaleIO versions prior to 2.5, 
contain improper restrict
        NOT-FOR-US: EMC ScaleIO
 CVE-2018-1236
        RESERVED
-CVE-2018-1235
-       RESERVED
+CVE-2018-1235 (Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint 
for VMs ...)
+       TODO: check
 CVE-2018-1234 (RSA Authentication Agent version 8.0.1 and earlier for Web for 
IIS is ...)
        NOT-FOR-US: RSA Authentication Agent
 CVE-2018-1233 (RSA Authentication Agent version 8.0.1 and earlier for Web for 
both ...)
@@ -70128,7 +70136,7 @@ CVE-2017-4954
        RESERVED
 CVE-2017-4953
        RESERVED
-CVE-2017-4952 (VMware Xenon 1.x prior to 1.5.7, 1.5.4, 1.3.7, and 1.1.0 
contains an ...)
+CVE-2017-4952 (VMware Xenon 1.x, prior to 1.5.4-CR7_1, 1.5.7_7, 1.5.4-CR6_2, 
...)
        NOT-FOR-US: VMware Xenon
 CVE-2017-4951 (VMware AirWatch Console (9.2.x before 9.2.2 and 9.1.x before 
9.1.5) ...)
        NOT-FOR-US: VMware AirWatch Console
@@ -78413,8 +78421,8 @@ CVE-2017-1770
        RESERVED
 CVE-2017-1769 (IBM Business Process Manager 8.6 is vulnerable to cross-site 
request ...)
        NOT-FOR-US: IBM Business Process Manager
-CVE-2017-1768
-       RESERVED
+CVE-2017-1768 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 
generates an ...)
+       TODO: check
 CVE-2017-1767 (IBM Business Process Manager 8.6 is vulnerable to cross-site 
...)
        NOT-FOR-US: IBM
 CVE-2017-1766 (Due to incorrect authorization in IBM Business Process Manager 
8.6 an ...)
@@ -90433,8 +90441,7 @@ CVE-2016-7077
        RESERVED
        - foreman <itp> (bug #663101)
        NOTE: http://projects.theforeman.org/issues/16971
-CVE-2016-7076 [noexec bypass via wordexp()]
-       RESERVED
+CVE-2016-7076 (sudo before version 1.8.18p1 is vulnerable to a bypass in the 
sudo ...)
        {DLA-707-1}
        - sudo 1.8.18p1-1 (bug #842507)
        [jessie] - sudo <no-dsa> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/2ff9d57967062c11e50ae7916b37831fe0258f7a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/2ff9d57967062c11e50ae7916b37831fe0258f7a
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to