Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6421f7a7 by security tracker role at 2018-09-13T08:10:18Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,35 @@
+CVE-2018-16983 (NoScript Classic before 5.1.8.7, as used in Tor Browser 7.x
and other ...)
+ TODO: check
+CVE-2018-16982 (Open Chinese Convert (OpenCC) 1.0.5 allows attackers to cause
a denial ...)
+ TODO: check
+CVE-2018-16981 (stb stb_image.h 2.19, as used in catimg, Emscripten, and other
...)
+ TODO: check
+CVE-2018-16980 (dotCMS V5.0.1 has XSS in the ...)
+ TODO: check
+CVE-2018-16979 (Monstra CMS V3.0.4 allows HTTP header injection in the ...)
+ TODO: check
+CVE-2018-16978 (Monstra CMS V3.0.4 has XSS when ones tries to register an
account with ...)
+ TODO: check
+CVE-2018-16977 (Monstra CMS V3.0.4 has an information leakage risk (e.g.,
PATH, ...)
+ TODO: check
+CVE-2018-16975 (An issue was discovered in Elefant CMS before 2.0.7. There is
a PHP ...)
+ TODO: check
+CVE-2018-16974 (An issue was discovered in Elefant CMS before 2.0.7. There is
a PHP ...)
+ TODO: check
+CVE-2018-16973
+ RESERVED
+CVE-2018-16972
+ RESERVED
+CVE-2018-16971 (Wisetail Learning Ecosystem (LE) through v4.11.6 allows
insecure direct ...)
+ TODO: check
+CVE-2018-16970 (Wisetail Learning Ecosystem (LE) through v4.11.6 allows
insecure direct ...)
+ TODO: check
+CVE-2018-16969
+ RESERVED
+CVE-2018-16968
+ RESERVED
+CVE-2018-16967
+ RESERVED
CVE-2018-16966
RESERVED
CVE-2018-16965
@@ -6,8 +38,8 @@ CVE-2018-16964
RESERVED
CVE-2018-16963
RESERVED
-CVE-2018-16962
- RESERVED
+CVE-2018-16962 (Webroot SecureAnywhere before 9.0.8.34 on macOS mishandles
access to ...)
+ TODO: check
CVE-2018-16961
RESERVED
CVE-2018-16960
@@ -30,7 +62,7 @@ CVE-2018-16952
RESERVED
CVE-2017-18347 (Incorrect access control in RDP Level 1 on STMicroelectronics
STM32F0 ...)
NOT-FOR-US: STMicroelectronics STM32F0 series devices
-CVE-2018-16976 [prevent access to repos which are in the process of being
migrated]
+CVE-2018-16976 (Gitolite before 3.6.9 does not (in certain configurations
involving ...)
- gitolite3 <unfixed> (bug #908699)
[stretch] - gitolite3 <no-dsa> (Minor issue)
- gitolite <removed>
@@ -3246,8 +3278,8 @@ CVE-2018-15612
RESERVED
CVE-2018-15611
RESERVED
-CVE-2018-15610
- RESERVED
+CVE-2018-15610 (A vulnerability in the one-X Portal component of Avaya IP
Office ...)
+ TODO: check
CVE-2018-15609
RESERVED
CVE-2018-15608 (Zoho ManageEngine ADManager Plus 6.5.7 allows HTML Injection
on the ...)
@@ -21534,128 +21566,128 @@ CVE-2018-8481
RESERVED
CVE-2018-8480
RESERVED
-CVE-2018-8479
- RESERVED
+CVE-2018-8479 (A spoofing vulnerability exists for the Azure IoT Device
Provisioning ...)
+ TODO: check
CVE-2018-8478
RESERVED
CVE-2018-8477
RESERVED
CVE-2018-8476
RESERVED
-CVE-2018-8475
- RESERVED
-CVE-2018-8474
- RESERVED
+CVE-2018-8475 (A remote code execution vulnerability exists when Windows does
not ...)
+ TODO: check
+CVE-2018-8474 (A security feature bypass vulnerability exists when Lync for
Mac 2011 ...)
+ TODO: check
CVE-2018-8473
RESERVED
CVE-2018-8472
RESERVED
CVE-2018-8471
RESERVED
-CVE-2018-8470
- RESERVED
-CVE-2018-8469
- RESERVED
-CVE-2018-8468
- RESERVED
-CVE-2018-8467
- RESERVED
-CVE-2018-8466
- RESERVED
-CVE-2018-8465
- RESERVED
-CVE-2018-8464
- RESERVED
-CVE-2018-8463
- RESERVED
-CVE-2018-8462
- RESERVED
-CVE-2018-8461
- RESERVED
+CVE-2018-8470 (A security feature bypass vulnerability exists in Internet
Explorer ...)
+ TODO: check
+CVE-2018-8469 (An elevation of privilege vulnerability exists in Microsoft
Edge that ...)
+ TODO: check
+CVE-2018-8468 (An elevation of privilege vulnerability exists when Windows,
allowing ...)
+ TODO: check
+CVE-2018-8467 (A remote code execution vulnerability exists in the way that
the ...)
+ TODO: check
+CVE-2018-8466 (A remote code execution vulnerability exists in the way that
the ...)
+ TODO: check
+CVE-2018-8465 (A remote code execution vulnerability exists in the way that
the ...)
+ TODO: check
+CVE-2018-8464 (An remote code execution vulnerability exists when Microsoft
Edge PDF ...)
+ TODO: check
+CVE-2018-8463 (An elevation of privilege vulnerability exists in Microsoft
Edge that ...)
+ TODO: check
+CVE-2018-8462 (An elevation of privilege vulnerability exists when the DirectX
...)
+ TODO: check
+CVE-2018-8461 (A remote code execution vulnerability exists when Internet
Explorer ...)
+ TODO: check
CVE-2018-8460
RESERVED
-CVE-2018-8459
- RESERVED
+CVE-2018-8459 (A remote code execution vulnerability exists in the way that
the ...)
+ TODO: check
CVE-2018-8458
RESERVED
-CVE-2018-8457
- RESERVED
-CVE-2018-8456
- RESERVED
-CVE-2018-8455
- RESERVED
+CVE-2018-8457 (A remote code execution vulnerability exists in the way the
scripting ...)
+ TODO: check
+CVE-2018-8456 (A remote code execution vulnerability exists in the way that
the ...)
+ TODO: check
+CVE-2018-8455 (An elevation of privilege vulnerability exists in the way that
the ...)
+ TODO: check
CVE-2018-8454
RESERVED
CVE-2018-8453
RESERVED
-CVE-2018-8452
- RESERVED
+CVE-2018-8452 (An information disclosure vulnerability exists when the
scripting ...)
+ TODO: check
CVE-2018-8451
RESERVED
CVE-2018-8450
RESERVED
-CVE-2018-8449
- RESERVED
+CVE-2018-8449 (A security feature bypass exists when Device Guard incorrectly
...)
+ TODO: check
CVE-2018-8448
RESERVED
-CVE-2018-8447
- RESERVED
-CVE-2018-8446
- RESERVED
-CVE-2018-8445
- RESERVED
-CVE-2018-8444
- RESERVED
-CVE-2018-8443
- RESERVED
-CVE-2018-8442
- RESERVED
-CVE-2018-8441
- RESERVED
-CVE-2018-8440
- RESERVED
-CVE-2018-8439
- RESERVED
-CVE-2018-8438
- RESERVED
-CVE-2018-8437
- RESERVED
-CVE-2018-8436
- RESERVED
-CVE-2018-8435
- RESERVED
-CVE-2018-8434
- RESERVED
-CVE-2018-8433
- RESERVED
+CVE-2018-8447 (A remote code execution vulnerability exists when Internet
Explorer ...)
+ TODO: check
+CVE-2018-8446 (An information disclosure vulnerability exists when the Windows
kernel ...)
+ TODO: check
+CVE-2018-8445 (An information disclosure vulnerability exists when the Windows
kernel ...)
+ TODO: check
+CVE-2018-8444 (An information disclosure vulnerability exists in the way that
the ...)
+ TODO: check
+CVE-2018-8443 (An information disclosure vulnerability exists when the Windows
kernel ...)
+ TODO: check
+CVE-2018-8442 (An information disclosure vulnerability exists when the Windows
kernel ...)
+ TODO: check
+CVE-2018-8441 (An elevation of privilege vulnerability exists due to an
integer ...)
+ TODO: check
+CVE-2018-8440 (An elevation of privilege vulnerability exists when Windows
improperly ...)
+ TODO: check
+CVE-2018-8439 (A remote code execution vulnerability exists when Windows
Hyper-V on a ...)
+ TODO: check
+CVE-2018-8438 (A denial of service vulnerability exists when Microsoft Hyper-V
...)
+ TODO: check
+CVE-2018-8437 (A denial of service vulnerability exists when Microsoft Hyper-V
...)
+ TODO: check
+CVE-2018-8436 (A denial of service vulnerability exists when Microsoft Hyper-V
...)
+ TODO: check
+CVE-2018-8435 (A security feature bypass vulnerability exists when Windows
Hyper-V ...)
+ TODO: check
+CVE-2018-8434 (An information disclosure vulnerability exists when Windows
Hyper-V on ...)
+ TODO: check
+CVE-2018-8433 (An information disclosure vulnerability exists when the Windows
...)
+ TODO: check
CVE-2018-8432
RESERVED
-CVE-2018-8431
- RESERVED
-CVE-2018-8430
- RESERVED
-CVE-2018-8429
- RESERVED
-CVE-2018-8428
- RESERVED
+CVE-2018-8431 (An elevation of privilege vulnerability exists when Microsoft
...)
+ TODO: check
+CVE-2018-8430 (A remote code execution vulnerability exists in Microsoft Word
if a ...)
+ TODO: check
+CVE-2018-8429 (An information disclosure vulnerability exists when Microsoft
Excel ...)
+ TODO: check
+CVE-2018-8428 (An elevation of privilege vulnerability exists when Microsoft
...)
+ TODO: check
CVE-2018-8427
RESERVED
-CVE-2018-8426
- RESERVED
-CVE-2018-8425
- RESERVED
-CVE-2018-8424
- RESERVED
+CVE-2018-8426 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft ...)
+ TODO: check
+CVE-2018-8425 (A spoofing vulnerability exists when Microsoft Edge improperly
handles ...)
+ TODO: check
+CVE-2018-8424 (An information disclosure vulnerability exists when the Windows
GDI ...)
+ TODO: check
CVE-2018-8423
RESERVED
-CVE-2018-8422
- RESERVED
-CVE-2018-8421
- RESERVED
-CVE-2018-8420
- RESERVED
-CVE-2018-8419
- RESERVED
+CVE-2018-8422 (An information disclosure vulnerability exists when the Windows
GDI ...)
+ TODO: check
+CVE-2018-8421 (A remote code execution vulnerability exists when Microsoft
.NET ...)
+ TODO: check
+CVE-2018-8420 (A remote code execution vulnerability exists when the Microsoft
XML ...)
+ TODO: check
+CVE-2018-8419 (An information disclosure vulnerability exists when the Windows
kernel ...)
+ TODO: check
CVE-2018-8418
RESERVED
CVE-2018-8417
@@ -21672,10 +21704,10 @@ CVE-2018-8412 (An elevation of privilege
vulnerability exists when the Microsoft
NOT-FOR-US: Microsoft
CVE-2018-8411
RESERVED
-CVE-2018-8410
- RESERVED
-CVE-2018-8409
- RESERVED
+CVE-2018-8410 (An elevation of privilege vulnerability exists when the Windows
Kernel ...)
+ TODO: check
+CVE-2018-8409 (A denial of service vulnerability exists when
System.IO.Pipelines ...)
+ TODO: check
CVE-2018-8408
RESERVED
CVE-2018-8407
@@ -21706,12 +21738,12 @@ CVE-2018-8395
RESERVED
CVE-2018-8394 (An information disclosure vulnerability exists when the Windows
GDI ...)
NOT-FOR-US: Microsoft
-CVE-2018-8393
- RESERVED
-CVE-2018-8392
- RESERVED
-CVE-2018-8391
- RESERVED
+CVE-2018-8393 (A buffer overflow vulnerability exists in the Microsoft JET
Database ...)
+ TODO: check
+CVE-2018-8392 (A buffer overflow vulnerability exists in the Microsoft JET
Database ...)
+ TODO: check
+CVE-2018-8391 (A remote code execution vulnerability exists in the way that
the ...)
+ TODO: check
CVE-2018-8390 (A remote code execution vulnerability exists in the way that
the ...)
NOT-FOR-US: Microsoft
CVE-2018-8389 (A remote code execution vulnerability exists in the way that
the ...)
@@ -21758,10 +21790,10 @@ CVE-2018-8369
RESERVED
CVE-2018-8368
RESERVED
-CVE-2018-8367
- RESERVED
-CVE-2018-8366
- RESERVED
+CVE-2018-8367 (A remote code execution vulnerability exists in the way that
the ...)
+ TODO: check
+CVE-2018-8366 (An information disclosure vulnerability exists when the
Microsoft Edge ...)
+ TODO: check
CVE-2018-8365
RESERVED
CVE-2018-8364
@@ -21784,8 +21816,8 @@ CVE-2018-8356 (A security feature bypass vulnerability
exists when Microsoft .NE
NOT-FOR-US: Microsoft .NET, doesn't affect src:mono
CVE-2018-8355 (A remote code execution vulnerability exists in the way the
scripting ...)
NOT-FOR-US: Microsoft
-CVE-2018-8354
- RESERVED
+CVE-2018-8354 (A remote code execution vulnerability exists in the way that
the ...)
+ TODO: check
CVE-2018-8353 (A remote code execution vulnerability exists in the way that
the ...)
NOT-FOR-US: Microsoft
CVE-2018-8352
@@ -21818,20 +21850,20 @@ CVE-2018-8339 (An elevation of privilege
vulnerability exists in the Windows ...
NOT-FOR-US: Microsoft
CVE-2018-8338
RESERVED
-CVE-2018-8337
- RESERVED
-CVE-2018-8336
- RESERVED
-CVE-2018-8335
- RESERVED
+CVE-2018-8337 (A security feature bypass vulnerability exists when Windows
Subsystem ...)
+ TODO: check
+CVE-2018-8336 (An information disclosure vulnerability exists when the Windows
kernel ...)
+ TODO: check
+CVE-2018-8335 (A denial of service vulnerability exists in the Microsoft
Server Block ...)
+ TODO: check
CVE-2018-8334
RESERVED
CVE-2018-8333
RESERVED
-CVE-2018-8332
- RESERVED
-CVE-2018-8331
- RESERVED
+CVE-2018-8332 (A remote code execution vulnerability exists when the Windows
font ...)
+ TODO: check
+CVE-2018-8331 (A remote code execution vulnerability exists in Microsoft Excel
...)
+ TODO: check
CVE-2018-8330
RESERVED
CVE-2018-8329
@@ -21862,8 +21894,8 @@ CVE-2018-8317
RESERVED
CVE-2018-8316 (A remote code execution vulnerability exists when Internet
Explorer ...)
NOT-FOR-US: Microsoft
-CVE-2018-8315
- RESERVED
+CVE-2018-8315 (An information disclosure vulnerability exists when the browser
...)
+ TODO: check
CVE-2018-8314 (An elevation of privilege vulnerability exists when Windows
fails a ...)
NOT-FOR-US: Microsoft
CVE-2018-8313 (An elevation of privilege vulnerability exists in the way that
the ...)
@@ -21950,12 +21982,12 @@ CVE-2018-8273 (A buffer overflow vulnerability exists
in the Microsoft SQL Serve
NOT-FOR-US: Microsoft
CVE-2018-8272
RESERVED
-CVE-2018-8271
- RESERVED
+CVE-2018-8271 (An information disclosure vulnerability exists in Windows when
the ...)
+ TODO: check
CVE-2018-8270
RESERVED
-CVE-2018-8269
- RESERVED
+CVE-2018-8269 (A denial of service vulnerability exists when OData Library
improperly ...)
+ TODO: check
CVE-2018-8268
RESERVED
CVE-2018-8267 (A remote code execution vulnerability exists in the way that
the ...)
@@ -44314,8 +44346,8 @@ CVE-2018-0967 (A denial of service vulnerability exists
in the way that Windows
NOT-FOR-US: Microsoft
CVE-2018-0966 (A security feature bypass exists when Device Guard incorrectly
...)
NOT-FOR-US: Microsoft
-CVE-2018-0965
- RESERVED
+CVE-2018-0965 (A remote code execution vulnerability exists when Windows
Hyper-V on a ...)
+ TODO: check
CVE-2018-0964 (An information disclosure vulnerability exists when Windows
Hyper-V on ...)
NOT-FOR-US: Microsoft
CVE-2018-0963 (An elevation of privilege vulnerability exists in the way that
the ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6421f7a79e3ce1d69ed63084a2ce8eb267b0f2e8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6421f7a79e3ce1d69ed63084a2ce8eb267b0f2e8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
