[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Tue, 18 Sep 2018 01:11:17 -0700

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
51a48bcb by security tracker role at 2018-09-18T08:10:12Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,23 @@
+CVE-2018-17153
+       RESERVED
+CVE-2018-17152
+       RESERVED
+CVE-2018-17151
+       RESERVED
+CVE-2018-17150
+       RESERVED
+CVE-2018-17149
+       RESERVED
+CVE-2018-17148
+       RESERVED
+CVE-2018-17147
+       RESERVED
+CVE-2018-17146
+       RESERVED
+CVE-2018-17145
+       RESERVED
+CVE-2018-17144
+       RESERVED
 CVE-2018-17143 (The html package (aka x/net/html) through 2018-09-17 in Go 
mishandles ...)
        TODO: check
 CVE-2018-17142 (The html package (aka x/net/html) through 2018-09-17 in Go 
mishandles ...)
@@ -403,22 +423,22 @@ CVE-2018-16961
        RESERVED
 CVE-2018-16960
        RESERVED
-CVE-2018-16959
-       RESERVED
-CVE-2018-16958
-       RESERVED
-CVE-2018-16957
-       RESERVED
-CVE-2018-16956
-       RESERVED
-CVE-2018-16955
-       RESERVED
-CVE-2018-16954
-       RESERVED
-CVE-2018-16953
-       RESERVED
-CVE-2018-16952
-       RESERVED
+CVE-2018-16959 (An issue was discovered in Oracle WebCenter Interaction Portal 
10.3.3. ...)
+       TODO: check
+CVE-2018-16958 (An issue was discovered in Oracle WebCenter Interaction Portal 
10.3.3. ...)
+       TODO: check
+CVE-2018-16957 (The Oracle WebCenter Interaction 10.3.3 search service 
queryd.exe ...)
+       TODO: check
+CVE-2018-16956 (The AjaxControl component of Oracle WebCenter Interaction 
Portal 10.3.3 ...)
+       TODO: check
+CVE-2018-16955 (The login function of Oracle WebCenter Interaction Portal 
10.3.3 is ...)
+       TODO: check
+CVE-2018-16954 (An issue was discovered in Oracle WebCenter Interaction Portal 
10.3.3. ...)
+       TODO: check
+CVE-2018-16953 (The AjaxView::DisplayResponse() function of the 
portalpages.dll ...)
+       TODO: check
+CVE-2018-16952 (The Oracle WebCenter Interaction Portal 10.3.3 does not 
implement ...)
+       TODO: check
 CVE-2017-18347 (Incorrect access control in RDP Level 1 on STMicroelectronics 
STM32F0 ...)
        NOT-FOR-US: STMicroelectronics STM32F0 series devices
 CVE-2018-16976 (Gitolite before 3.6.9 does not (in certain configurations 
involving ...)
@@ -5941,8 +5961,7 @@ CVE-2018-14633
        RESERVED
 CVE-2018-14632 (An out of bound write can occur when patching an Openshift 
object ...)
        NOT-FOR-US: OpenShift
-CVE-2018-14631
-       RESERVED
+CVE-2018-14631 (moodle before versions 3.5.2, 3.4.5, 3.3.8 is vulnerable to a 
boost ...)
        - moodle <removed>
 CVE-2018-14630 (moodle before versions 3.5.2, 3.4.5, 3.3.8, 3.1.14 is 
vulnerable to an ...)
        - moodle <removed>
@@ -90845,8 +90864,8 @@ CVE-2017-2874 (An information disclosure vulnerability 
exists in the Multi-Camer
        TODO: check
 CVE-2017-2873
        RESERVED
-CVE-2017-2872
-       RESERVED
+CVE-2017-2872 (Insufficient security checks exist in the recovery procedure 
used by ...)
+       TODO: check
 CVE-2017-2871 (Insufficient security checks exist in the recovery procedure 
used by ...)
        NOT-FOR-US: Foscam C1 Indoor HD Camera
 CVE-2017-2870 (An exploitable integer overflow vulnerability exists in the ...)
@@ -90884,14 +90903,14 @@ CVE-2017-2859
        RESERVED
 CVE-2017-2858 (An exploitable denial-of-service vulnerability exists in the 
traversal ...)
        NOT-FOR-US: Natus Xltek NeuroWorks
-CVE-2017-2857
-       RESERVED
-CVE-2017-2856
-       RESERVED
+CVE-2017-2857 (An exploitable buffer overflow vulnerability exists in the DDNS 
client ...)
+       TODO: check
+CVE-2017-2856 (An exploitable buffer overflow vulnerability exists in the DDNS 
client ...)
+       TODO: check
 CVE-2017-2855
        RESERVED
-CVE-2017-2854
-       RESERVED
+CVE-2017-2854 (An exploitable buffer overflow vulnerability exists in the DDNS 
client ...)
+       TODO: check
 CVE-2017-2853 (An exploitable Code Execution vulnerability exists in the ...)
        NOT-FOR-US: Natus Xltek NeuroWorks
 CVE-2017-2852 (An exploitable denial-of-service vulnerability exists in the 
...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/51a48bcb093b2e9a2b1560ec4a1771d0fe94b2c6

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/51a48bcb093b2e9a2b1560ec4a1771d0fe94b2c6
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to