Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
26b47f41 by security tracker role at 2018-08-07T20:10:19Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,15 @@
+CVE-2018-15134
+ RESERVED
+CVE-2018-15133
+ RESERVED
+CVE-2018-15132 (An issue was discovered in ext/standard/link_win32.c in PHP
before ...)
+ TODO: check
+CVE-2018-15131
+ RESERVED
+CVE-2018-15130 (ThinkSAAS through 2018-07-25 has XSS via the ...)
+ TODO: check
+CVE-2013-7464
+ RESERVED
CVE-2018-15129 (ThinkSAAS through 2018-07-25 has XSS via the ...)
NOT-FOR-US: ThinkSAAS
CVE-2018-15128
@@ -5297,8 +5309,8 @@ CVE-2018-12887
RESERVED
CVE-2018-12886
RESERVED
-CVE-2018-12885
- RESERVED
+CVE-2018-12885 (The randMod() function of the smart contract implementation
for ...)
+ TODO: check
CVE-2018-12884 (In Octopus Deploy 3.0 onwards (before 2018.6.7), an
authenticated user ...)
NOT-FOR-US: Octopus Deploy
CVE-2018-1000205 (U-Boot contains a CWE-20: Improper Input Validation
vulnerability in ...)
@@ -9152,14 +9164,14 @@ CVE-2018-11458
RESERVED
CVE-2018-11457
RESERVED
-CVE-2018-11456
- RESERVED
-CVE-2018-11455
- RESERVED
-CVE-2018-11454
- RESERVED
-CVE-2018-11453
- RESERVED
+CVE-2018-11456 (A vulnerability has been identified in Automation License
Manager 5 ...)
+ TODO: check
+CVE-2018-11455 (A vulnerability has been identified in Automation License
Manager 5 ...)
+ TODO: check
+CVE-2018-11454 (A vulnerability has been identified in SIMATIC STEP 7 (TIA
Portal) and ...)
+ TODO: check
+CVE-2018-11453 (A vulnerability has been identified in SIMATIC STEP 7 (TIA
Portal) and ...)
+ TODO: check
CVE-2018-11452 (A vulnerability has been identified in Firmware variant IEC
61850 for ...)
NOT-FOR-US: Siemens
CVE-2018-11451 (A vulnerability has been identified in Firmware variant IEC
61850 for ...)
@@ -24686,8 +24698,8 @@ CVE-2018-5996 (Insufficient exception handling in the
method ...)
[jessie] - p7zip-rar <no-dsa> (Non-free not supported)
[wheezy] - p7zip-rar <no-dsa> (Non-free not supported)
NOTE:
https://landave.io/2018/01/7-zip-multiple-memory-corruptions-via-rar-and-zip/
-CVE-2018-5995
- RESERVED
+CVE-2018-5995 (The pcpu_embed_first_chunk function in mm/percpu.c in the Linux
kernel ...)
+ TODO: check
CVE-2018-5994 (SQL Injection exists in the JS Jobs 1.1.9 component for Joomla!
via the ...)
NOT-FOR-US: JS Jobs component for Joomla!
CVE-2018-5993 (SQL Injection exists in the Aist through 2.0 component for
Joomla! via ...)
@@ -24786,8 +24798,8 @@ CVE-2016-10708 (sshd in OpenSSH before 7.4 allows
remote attackers to cause a de
NOTE: Flaw is not crashing the whole sshd daemon, rather the privsep
process
CVE-2018-5954 (phpFreeChat 1.7 and earlier allows remote attackers to cause a
denial ...)
NOT-FOR-US: phpFreeChat
-CVE-2018-5953
- RESERVED
+CVE-2018-5953 (The swiotlb_print_info function in lib/swiotlb.c in the Linux
kernel ...)
+ TODO: check
CVE-2018-5952
RESERVED
CVE-2018-5951
@@ -36074,8 +36086,8 @@ CVE-2018-1692
RESERVED
CVE-2018-1691
RESERVED
-CVE-2018-1690
- RESERVED
+CVE-2018-1690 (IBM Rhapsody Model Manager 6.0.6 is vulnerable to cross-site
...)
+ TODO: check
CVE-2018-1689
RESERVED
CVE-2018-1688
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/26b47f41077388df283e28fc84d4eb789faef50e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/26b47f41077388df283e28fc84d4eb789faef50e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
