Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fe264251 by security tracker role at 2018-08-30T08:10:19Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,61 @@
+CVE-2018-16158 (Eaton Power Xpert Meter 4000, 6000, and 8000 devices before
13.4.0.10 ...)
+ TODO: check
+CVE-2018-16157
+ RESERVED
+CVE-2018-16156
+ RESERVED
+CVE-2018-16155
+ RESERVED
+CVE-2018-16154
+ RESERVED
+CVE-2018-16153
+ RESERVED
+CVE-2018-16152
+ RESERVED
+CVE-2018-16151
+ RESERVED
+CVE-2018-16150
+ RESERVED
+CVE-2018-16149
+ RESERVED
+CVE-2018-16148
+ RESERVED
+CVE-2018-16147
+ RESERVED
+CVE-2018-16146
+ RESERVED
+CVE-2018-16145
+ RESERVED
+CVE-2018-16144
+ RESERVED
+CVE-2018-16143
+ RESERVED
+CVE-2018-16142 (PHPOK 4.8.278 has a Reflected XSS vulnerability in ...)
+ TODO: check
+CVE-2018-16141 (ThinkCMF X2.2.3 has an arbitrary file deletion vulnerability
in ...)
+ TODO: check
+CVE-2018-16140 (A buffer underwrite vulnerability in get_line() (read.c) in
fig2dev ...)
+ TODO: check
+CVE-2018-16139
+ RESERVED
+CVE-2018-16138
+ RESERVED
+CVE-2018-16137
+ RESERVED
+CVE-2018-16136
+ RESERVED
+CVE-2018-16135
+ RESERVED
+CVE-2018-16134 (Cybrotech CyBroHttpServer 1.0.3 allows XSS via a URI. ...)
+ TODO: check
+CVE-2018-16133 (Cybrotech CyBroHttpServer 1.0.3 allows Directory Traversal via
a ../ in ...)
+ TODO: check
+CVE-2018-16132 (The image rendering component (createGenericPreview) of the
Open ...)
+ TODO: check
+CVE-2018-16131
+ RESERVED
+CVE-2018-16130
+ RESERVED
CVE-2018-558213
REJECTED
CVE-2018-16129
@@ -28,8 +86,8 @@ CVE-2018-16117
RESERVED
CVE-2018-16116
RESERVED
-CVE-2018-16115
- RESERVED
+CVE-2018-16115 (Lightbend Akka 2.5.x before 2.5.16 allows message disclosure
and ...)
+ TODO: check
CVE-2018-16114
RESERVED
CVE-2018-16113
@@ -145,12 +203,12 @@ CVE-2018-16060
RESERVED
CVE-2018-16059
RESERVED
-CVE-2018-16058
- RESERVED
-CVE-2018-16057
- RESERVED
-CVE-2018-16056
- RESERVED
+CVE-2018-16058 (In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to
2.2.16, the ...)
+ TODO: check
+CVE-2018-16057 (In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to
2.2.16, the ...)
+ TODO: check
+CVE-2018-16056 (In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to
2.2.16, the ...)
+ TODO: check
CVE-2018-16055
RESERVED
CVE-2018-16054
@@ -1010,7 +1068,8 @@ CVE-2018-15674
RESERVED
CVE-2018-15673
RESERVED
-CVE-2018-15672 (An issue was discovered in the HDF HDF5 1.10.2 library. A
SIGFPE is ...)
+CVE-2018-15672
+ REJECTED
- hdf5 <undetermined>
NOTE:
https://github.com/SegfaultMasters/covering360/tree/master/HDF5#divided-by-zero---divbyzero__h5d_chunk_poc
CVE-2018-15671 (An issue was discovered in the HDF HDF5 1.10.2 library.
Excessive stack ...)
@@ -3484,16 +3543,19 @@ CVE-2018-14608 (Thomson Reuters UltraTax CS 2017 on
Windows has a password prote
CVE-2018-14607 (Thomson Reuters UltraTax CS 2017 on Windows, in a
client/server ...)
NOT-FOR-US: Thomson Reuters UltraTax CS 2017
CVE-2018-14600 (An issue was discovered in libX11 through 1.6.5. The function
...)
+ {DLA-1482-1}
- libx11 2:1.6.6-1 (low)
[stretch] - libx11 <no-dsa> (Minor issue)
[wheezy] - libx11 <no-dsa> (Minor issue)
NOTE:
https://gitlab.freedesktop.org/xorg/lib/libx11/commit/dbf72805fd9d7b1846fe9a11b46f3994bfc27fea
CVE-2018-14599 (An issue was discovered in libX11 through 1.6.5. The function
...)
+ {DLA-1482-1}
- libx11 2:1.6.6-1 (low)
[stretch] - libx11 <no-dsa> (Minor issue)
[wheezy] - libx11 <no-dsa> (Minor issue)
NOTE:
https://gitlab.freedesktop.org/xorg/lib/libx11/commit/b469da1430cdcee06e31c6251b83aede072a1ff0
CVE-2018-14598 (An issue was discovered in XListExtensions in ListExt.c in
libX11 ...)
+ {DLA-1482-1}
- libx11 2:1.6.6-1 (low)
[stretch] - libx11 <no-dsa> (Minor issue)
[wheezy] - libx11 <no-dsa> (Minor issue)
@@ -5088,7 +5150,8 @@ CVE-2018-14034 (An issue was discovered in the HDF HDF5
1.8.20 library. There is
CVE-2018-14033 (An issue was discovered in the HDF HDF5 1.8.20 library. There
is a ...)
- hdf5 <undetermined>
NOTE: https://github.com/TeamSeri0us/pocs/blob/master/hdf5/README2.md
-CVE-2018-14032 (An issue was discovered in the HDF HDF5 1.8.20 library. There
is a ...)
+CVE-2018-14032
+ REJECTED
- hdf5 <undetermined>
NOTE: https://github.com/TeamSeri0us/pocs/blob/master/hdf5/README2.md
CVE-2018-14031 (An issue was discovered in the HDF HDF5 1.8.20 library. There
is a ...)
@@ -9531,8 +9594,8 @@ CVE-2018-12242
RESERVED
CVE-2018-12241
RESERVED
-CVE-2018-12240
- RESERVED
+CVE-2018-12240 (The Norton Identity Safe product prior to 5.3.0.976 may be
susceptible ...)
+ TODO: check
CVE-2018-12239
RESERVED
CVE-2018-12238
@@ -12254,7 +12317,7 @@ CVE-2018-11207 (A division by zero was discovered in
H5D__chunk_init in H5Dchunk
[stretch] - hdf5 <no-dsa> (Minor issue)
[jessie] - hdf5 <no-dsa> (Minor issue)
[wheezy] - hdf5 <no-dsa> (Minor issue)
-CVE-2018-11206 (A out of bounds read was discovered in H5O_fill_new_decode and
...)
+CVE-2018-11206 (An out of bounds read was discovered in H5O_fill_new_decode
and ...)
- hdf5 <unfixed> (low)
[stretch] - hdf5 <no-dsa> (Minor issue)
[jessie] - hdf5 <no-dsa> (Minor issue)
@@ -20897,20 +20960,20 @@ CVE-2018-7797
RESERVED
CVE-2018-7796
RESERVED
-CVE-2018-7795
- RESERVED
+CVE-2018-7795 (A Cross Protocol Injection vulnerability exists in Schneider
...)
+ TODO: check
CVE-2018-7794
RESERVED
CVE-2018-7793
RESERVED
-CVE-2018-7792
- RESERVED
-CVE-2018-7791
- RESERVED
-CVE-2018-7790
- RESERVED
-CVE-2018-7789
- RESERVED
+CVE-2018-7792 (A Permissions, Privileges, and Access Control vulnerability
exists in ...)
+ TODO: check
+CVE-2018-7791 (A Permissions, Privileges, and Access Control vulnerability
exists in ...)
+ TODO: check
+CVE-2018-7790 (An Information Management Error vulnerability exists in
Schneider ...)
+ TODO: check
+CVE-2018-7789 (An Improper Check for Unusual or Exceptional Conditions
vulnerability ...)
+ TODO: check
CVE-2018-7788
RESERVED
CVE-2018-7787 (In Schneider Electric U.motion Builder software versions prior
to ...)
@@ -63747,25 +63810,25 @@ CVE-2017-10661 (Race condition in fs/timerfd.c in the
Linux kernel before 4.10.1
[jessie] - linux 3.16.43-2+deb8u5
NOTE: Fixed by:
https://git.kernel.org/linus/1e38da300e1e395a15048b0af1e5305bd91402f6
(v4.11-rc1)
CVE-2017-10660
- RESERVED
+ REJECTED
CVE-2017-10659
- RESERVED
+ REJECTED
CVE-2017-10658
- RESERVED
+ REJECTED
CVE-2017-10657
- RESERVED
+ REJECTED
CVE-2017-10656
- RESERVED
+ REJECTED
CVE-2017-10655
- RESERVED
+ REJECTED
CVE-2017-10654
- RESERVED
+ REJECTED
CVE-2017-10653
- RESERVED
+ REJECTED
CVE-2017-10652
- RESERVED
+ REJECTED
CVE-2017-10651
- RESERVED
+ REJECTED
CVE-2017-10650
RESERVED
CVE-2017-10649
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/fe2642516338bbe88a538fbcb1f055acc7b7b2de
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/fe2642516338bbe88a538fbcb1f055acc7b7b2de
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
