[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Tue, 24 Jul 2018 01:10:42 -0700

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
33eccdb7 by security tracker role at 2018-07-24T08:10:11+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,21 @@
+CVE-2018-14577
+       RESERVED
+CVE-2018-14576
+       RESERVED
+CVE-2018-14575
+       RESERVED
+CVE-2018-14574
+       RESERVED
+CVE-2018-14573 (A Local File Inclusion (LFI) vulnerability exists in the Web 
Interface ...)
+       TODO: check
+CVE-2018-14572
+       RESERVED
+CVE-2018-14571
+       RESERVED
+CVE-2018-14570 (A file upload vulnerability in 
application/shop/controller/member.php ...)
+       TODO: check
+CVE-2018-14569
+       RESERVED
 CVE-2018-1999024 (MathJax version prior to version 2.7.4 contains a Cross Site 
Scripting ...)
        - mathjax 2.7.4+dfsg-1
        NOTE: 
https://github.com/mathjax/MathJax/commit/a55da396c18cafb767a26aa9ad96f6f4199852f1
@@ -41,8 +59,8 @@ CVE-2018-1999009 (October CMS version prior to Build 437 
contains a Local File I
        NOT-FOR-US: October CMS
 CVE-2018-1999008 (October CMS version prior to build 437 contains a Cross Site 
Scripting ...)
        NOT-FOR-US: October CMS
-CVE-2018-14568
-       RESERVED
+CVE-2018-14568 (Suricata before 4.0.5 stops TCP stream inspection upon a TCP 
RST from a ...)
+       TODO: check
 CVE-2018-14567
        RESERVED
 CVE-2018-14566
@@ -73,8 +91,8 @@ CVE-2018-14554
        RESERVED
 CVE-2018-14553
        RESERVED
-CVE-2016-10728
-       RESERVED
+CVE-2016-10728 (An issue was discovered in Suricata before 3.1.2. If an ICMPv4 
error ...)
+       TODO: check
 CVE-2018-14552
        RESERVED
 CVE-2018-14551 (The ReadMATImageV4 function in coders/mat.c in ImageMagick 
7.0.8-7 uses ...)
@@ -217,7 +235,7 @@ CVE-2018-14493
        RESERVED
 CVE-2018-14492 (Tenda AC7 through V15.03.06.44_CN, AC9 through 
V15.03.05.19(6318)_CN, ...)
        NOT-FOR-US: Tenda devices
-CVE-2018-1999022 [CIVI-SA-2018-07: Remote code execution in QuickForm]
+CVE-2018-1999022 (PEAR HTML_QuickForm version 3.2.14 contains an eval 
injection (CWE-95) ...)
        - civicrm 5.3.1+dfsg-1 (bug #904215)
        NOTE: 
https://civicrm.org/advisory/civi-sa-2018-07-remote-code-execution-in-quickform
 CVE-2018-14491
@@ -721,8 +739,8 @@ CVE-2018-14329 (In HTSlib 1.8, a race condition in 
cram/cram_io.c might allow lo
        - htslib <unfixed> (unimportant)
        NOTE: https://github.com/samtools/htslib/issues/736
        NOTE: Neutralised by kernel hardening
-CVE-2018-14328
-       RESERVED
+CVE-2018-14328 (Brynamics &quot;Online Trade - Online trading and 
cryptocurrency investment ...)
+       TODO: check
 CVE-2018-14327
        RESERVED
 CVE-2018-14324 (The demo feature in Oracle GlassFish Open Source Edition 5.0 
has TCP ...)
@@ -7734,10 +7752,10 @@ CVE-2018-11454
        RESERVED
 CVE-2018-11453
        RESERVED
-CVE-2018-11452
-       RESERVED
-CVE-2018-11451
-       RESERVED
+CVE-2018-11452 (A vulnerability has been identified in Firmware variant IEC 
61850 for ...)
+       TODO: check
+CVE-2018-11451 (A vulnerability has been identified in Firmware variant IEC 
61850 for ...)
+       TODO: check
 CVE-2018-11450 (A reflected Cross-Site-Scripting (XSS) vulnerability has been 
...)
        NOT-FOR-US: Siemens PLM Software TEAMCENTER
 CVE-2018-11449 (A vulnerability has been identified in SCALANCE M875 (All 
versions). ...)
@@ -9158,8 +9176,7 @@ CVE-2018-10914
        RESERVED
 CVE-2018-10913
        RESERVED
-CVE-2018-10912
-       RESERVED
+CVE-2018-10912 (keycloak before version 4.0.0.final is vulnerable to a 
infinite loop ...)
        NOT-FOR-US: Keycloak
 CVE-2018-10911
        RESERVED
@@ -9197,6 +9214,7 @@ CVE-2018-10901
        RESERVED
 CVE-2018-10900 [local privilege escalation]
        RESERVED
+       {DSA-4253-1}
        - network-manager-vpnc <unfixed> (bug #904255)
        NOTE: http://www.openwall.com/lists/oss-security/2018/07/20/3
        NOTE: 
https://gitlab.gnome.org/GNOME/NetworkManager-vpnc/commit/07ac18a32b4e361a27ef48ac757d36cbb46e8e12
@@ -16403,8 +16421,8 @@ CVE-2018-8033
        RESERVED
 CVE-2018-8032
        RESERVED
-CVE-2018-8031
-       RESERVED
+CVE-2018-8031 (The TomEE console (tomee-webapp) has a XSS vulnerability which 
could ...)
+       TODO: check
 CVE-2018-8030 (A Denial of Service vulnerability was found in Apache Qpid 
Broker-J ...)
        - qpid-java <itp> (bug #840131)
 CVE-2018-8029



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/33eccdb71885f9ad965c192d7df609677ba43abd

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/33eccdb71885f9ad965c192d7df609677ba43abd
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to