Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0b5daf78 by security tracker role at 2018-09-19T20:10:24Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,66 @@
-CVE-2018-17182 [mm: get rid of vmacache_flush_all() entirely]
+CVE-2018-17214
+ RESERVED
+CVE-2018-17213
+ RESERVED
+CVE-2018-17212
+ RESERVED
+CVE-2018-17211
+ RESERVED
+CVE-2018-17210
+ RESERVED
+CVE-2018-17209
+ RESERVED
+CVE-2018-17208 (Linksys Velop 1.1.2.187020 devices allow unauthenticated
command ...)
+ TODO: check
+CVE-2018-17207 (An issue was discovered in Snap Creek Duplicator before
1.2.42. By ...)
+ TODO: check
+CVE-2018-17206 (An issue was discovered in Open vSwitch (OvS) 2.7.x through
2.7.6. The ...)
+ TODO: check
+CVE-2018-17205 (An issue was discovered in Open vSwitch (OvS) 2.7.x through
2.7.6, ...)
+ TODO: check
+CVE-2018-17204 (An issue was discovered in Open vSwitch (OvS) 2.7.x through
2.7.6, ...)
+ TODO: check
+CVE-2018-17203
+ RESERVED
+CVE-2018-17202
+ RESERVED
+CVE-2018-17201
+ RESERVED
+CVE-2018-17200
+ RESERVED
+CVE-2018-17199
+ RESERVED
+CVE-2018-17198
+ RESERVED
+CVE-2018-17197
+ RESERVED
+CVE-2018-17196
+ RESERVED
+CVE-2018-17195
+ RESERVED
+CVE-2018-17194
+ RESERVED
+CVE-2018-17193
+ RESERVED
+CVE-2018-17192
+ RESERVED
+CVE-2018-17191
+ RESERVED
+CVE-2018-17190
+ RESERVED
+CVE-2018-17189
+ RESERVED
+CVE-2018-17188
+ RESERVED
+CVE-2018-17187
+ RESERVED
+CVE-2018-17186
+ RESERVED
+CVE-2018-17185
+ RESERVED
+CVE-2018-17184
+ RESERVED
+CVE-2018-17182 (An issue was discovered in the Linux kernel through 4.18.8.
The ...)
- linux <unfixed>
NOTE:
https://git.kernel.org/linus/7a9cdebdcc17e426fb5287e4a82db1dfe86339b2
CVE-2018-17181
@@ -78,8 +140,8 @@ CVE-2018-17146
RESERVED
CVE-2018-17145
RESERVED
-CVE-2018-17144
- RESERVED
+CVE-2018-17144 (Bitcoin Core 0.14.x before 0.14.3, 0.15.x before 0.15.2, and
0.16.x ...)
+ TODO: check
CVE-2018-17143 (The html package (aka x/net/html) through 2018-09-17 in Go
mishandles ...)
TODO: check, in golang-golang-x-net-dev?
CVE-2018-17142 (The html package (aka x/net/html) through 2018-09-17 in Go
mishandles ...)
@@ -195,7 +257,8 @@ CVE-2018-17096 (The BPMDetect class in BPMDetect.cpp in
libSoundTouch.a in Olli
[stretch] - soundtouch <no-dsa> (Minor issue)
[jessie] - soundtouch <ignored> (Minor issue)
NOTE: https://gitlab.com/soundtouch/soundtouch/issues/14
-CVE-2018-17183 [gs 699708: 'Hide' non-replaceable error handlers for SAFER]
+CVE-2018-17183 (Artifex Ghostscript before 9.25 allowed a user-writable error
exception ...)
+ {DSA-4294-1}
- ghostscript 9.25~dfsg-1
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699708
NOTE:
http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=fb713b3818b52d8a6cf62c951eba2e1795ff9624
@@ -894,8 +957,8 @@ CVE-2018-16787
RESERVED
CVE-2018-16786
RESERVED
-CVE-2018-16785
- RESERVED
+CVE-2018-16785 (XML injection vulnerability exists in the file of DedeCMS V5.7
SP2 ...)
+ TODO: check
CVE-2018-16784
RESERVED
CVE-2018-16783
@@ -1307,8 +1370,8 @@ CVE-2018-16609
RESERVED
CVE-2018-16608 (In Monstra CMS 3.0.4, an attacker with 'Editor' privileges can
change ...)
NOT-FOR-US: Monstra CMS
-CVE-2018-16607
- RESERVED
+CVE-2018-16607 (Cross-site scripting (XSS) vulnerability in the Orgs Page in
...)
+ TODO: check
CVE-2018-16606 (In ProConf before 6.1, an Insecure Direct Object Reference
(IDOR) ...)
NOT-FOR-US: ProConf
CVE-2018-16605 (D-Link DIR-600M devices allow XSS via the Hostname and
Username fields ...)
@@ -5605,8 +5668,8 @@ CVE-2018-14794
RESERVED
CVE-2018-14793 (DeltaV Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5 is
vulnerable ...)
NOT-FOR-US: DeltaV
-CVE-2018-14792
- RESERVED
+CVE-2018-14792 (WECON PLC Editor version 1.3.3U may allow an attacker to
execute code ...)
+ TODO: check
CVE-2018-14791 (Emerson DeltaV DCS versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, R5
may ...)
NOT-FOR-US: Emerson DeltaV DCS
CVE-2018-14790
@@ -12247,10 +12310,10 @@ CVE-2018-12245
RESERVED
CVE-2018-12244
RESERVED
-CVE-2018-12243
- RESERVED
-CVE-2018-12242
- RESERVED
+CVE-2018-12243 (The Symantec Messaging Gateway product prior to 10.6.6 may be
...)
+ TODO: check
+CVE-2018-12242 (The Symantec Messaging Gateway product prior to 10.6.6 may be
...)
+ TODO: check
CVE-2018-12241
RESERVED
CVE-2018-12240 (The Norton Identity Safe product prior to 5.3.0.976 may be
susceptible ...)
@@ -13028,51 +13091,50 @@ CVE-2018-11906
RESERVED
CVE-2018-11905
RESERVED
-CVE-2018-11904
- RESERVED
-CVE-2018-11903
- RESERVED
-CVE-2018-11902
- RESERVED
+CVE-2018-11904 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
+ TODO: check
+CVE-2018-11903 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
+ TODO: check
+CVE-2018-11902 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
+ TODO: check
CVE-2018-11901
RESERVED
CVE-2018-11900
RESERVED
CVE-2018-11899
RESERVED
-CVE-2018-11898
- RESERVED
+CVE-2018-11898 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11897
- RESERVED
+CVE-2018-11897 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
+ TODO: check
CVE-2018-11896
RESERVED
-CVE-2018-11895
- RESERVED
-CVE-2018-11894
- RESERVED
-CVE-2018-11893
- RESERVED
+CVE-2018-11895 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
+ TODO: check
+CVE-2018-11894 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
+ TODO: check
+CVE-2018-11893 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
+ TODO: check
CVE-2018-11892
RESERVED
-CVE-2018-11891
- RESERVED
+CVE-2018-11891 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
+ TODO: check
CVE-2018-11890
RESERVED
-CVE-2018-11889
- RESERVED
+CVE-2018-11889 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
+ TODO: check
CVE-2018-11888
RESERVED
CVE-2018-11887
RESERVED
-CVE-2018-11886
- RESERVED
+CVE-2018-11886 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
+ TODO: check
CVE-2018-11885
RESERVED
CVE-2018-11884
RESERVED
-CVE-2018-11883
- RESERVED
+CVE-2018-11883 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
+ TODO: check
CVE-2018-11882
RESERVED
CVE-2018-11881
@@ -13081,8 +13143,8 @@ CVE-2018-11880
RESERVED
CVE-2018-11879
RESERVED
-CVE-2018-11878
- RESERVED
+CVE-2018-11878 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
+ TODO: check
CVE-2018-11877
RESERVED
CVE-2018-11876
@@ -13099,9 +13161,9 @@ CVE-2018-11871
RESERVED
CVE-2018-11870
RESERVED
-CVE-2018-11869 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2018-11869 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
TODO: check
-CVE-2018-11868 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2018-11868 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
TODO: check
CVE-2018-11867
RESERVED
@@ -13113,13 +13175,13 @@ CVE-2018-11865
NOT-FOR-US: Qualcomm components for Android
CVE-2018-11864
RESERVED
-CVE-2018-11863 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2018-11863 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
TODO: check
CVE-2018-11862
RESERVED
CVE-2018-11861
RESERVED
-CVE-2018-11860 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2018-11860 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
TODO: check
CVE-2018-11859
RESERVED
@@ -13138,9 +13200,9 @@ CVE-2018-11854
RESERVED
CVE-2018-11853
RESERVED
-CVE-2018-11852 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2018-11852 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
TODO: check
-CVE-2018-11851 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2018-11851 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
TODO: check
CVE-2018-11850
RESERVED
@@ -13157,13 +13219,13 @@ CVE-2018-11845
RESERVED
CVE-2018-11844
RESERVED
-CVE-2018-11843 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2018-11843 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
TODO: check
-CVE-2018-11842 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2018-11842 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2018-11841
RESERVED
-CVE-2018-11840 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2018-11840 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
TODO: check
CVE-2018-11839
RESERVED
@@ -13171,7 +13233,7 @@ CVE-2018-11838
RESERVED
CVE-2018-11837
RESERVED
-CVE-2018-11836 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2018-11836 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2018-11835
RESERVED
@@ -13179,7 +13241,7 @@ CVE-2018-11834
RESERVED
CVE-2018-11833
RESERVED
-CVE-2018-11832 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2018-11832 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
TODO: check
CVE-2018-11831
RESERVED
@@ -13189,9 +13251,9 @@ CVE-2018-11829
RESERVED
CVE-2018-11828
RESERVED
-CVE-2018-11827 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2018-11827 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
TODO: check
-CVE-2018-11826 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2018-11826 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
TODO: check
CVE-2018-11825
RESERVED
@@ -13208,7 +13270,7 @@ CVE-2018-11820
RESERVED
CVE-2018-11819
RESERVED
-CVE-2018-11818 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2018-11818 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
TODO: check
CVE-2018-11817
RESERVED
@@ -13406,11 +13468,11 @@ CVE-2018-11764
RESERVED
CVE-2018-11763
RESERVED
-CVE-2018-11762 [Zip Slip Vulnerability in Apache Tika's tika-app]
+CVE-2018-11762 (In Apache Tika 0.9 to 1.18, in a rare edge case where a user
does not ...)
- tika <unfixed>
[jessie] - tika <ignored> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2018/09/19/5
-CVE-2018-11761 [Denial of Service via XML Entity Expansion Vulnerability]
+CVE-2018-11761 (In Apache Tika 0.1 to 1.18, the XML parsers were not
configured to ...)
- tika <unfixed>
[jessie] - tika <ignored> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2018/09/19/4
@@ -14707,25 +14769,25 @@ CVE-2018-11304 (Possible buffer overflow in
msm_adsp_stream_callback_put due to
NOT-FOR-US: Qualcomm components for Android
CVE-2018-11303
RESERVED
-CVE-2018-11302 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2018-11302 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
TODO: check
-CVE-2018-11301 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2018-11301 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11300 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2018-11300 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11299 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2018-11299 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
TODO: check
-CVE-2018-11298 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2018-11298 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11297 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2018-11297 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11296 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2018-11296 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11295 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2018-11295 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11294 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2018-11294 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
TODO: check
-CVE-2018-11293 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2018-11293 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2018-11292
RESERVED
@@ -14743,7 +14805,7 @@ CVE-2018-11288
CVE-2018-11287
RESERVED
NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11286 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2018-11286 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
TODO: check
CVE-2018-11285
RESERVED
@@ -14754,29 +14816,29 @@ CVE-2018-11283
RESERVED
CVE-2018-11282
RESERVED
-CVE-2018-11281 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2018-11281 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11280 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2018-11280 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
TODO: check
CVE-2018-11279
RESERVED
-CVE-2018-11278 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2018-11278 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
TODO: check
CVE-2018-11277
RESERVED
-CVE-2018-11276 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2018-11276 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11275 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2018-11275 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
TODO: check
-CVE-2018-11274 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2018-11274 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
TODO: check
-CVE-2018-11273 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2018-11273 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2018-11272
RESERVED
CVE-2018-11271
RESERVED
-CVE-2018-11270 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2018-11270 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2018-11269
RESERVED
@@ -14786,7 +14848,7 @@ CVE-2018-11267
RESERVED
CVE-2018-11266
RESERVED
-CVE-2018-11265 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2018-11265 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2018-11264
RESERVED
@@ -23157,8 +23219,7 @@ CVE-2018-8019 (When using an OCSP responder Apache
Tomcat Native 1.2.0 to 1.2.16
NOTE: https://svn.apache.org/r1832832
CVE-2018-8018 (Apache Ignite 2.5 and earlier serialization mechanism does not
have a ...)
NOT-FOR-US: Apache Ignite
-CVE-2018-8017 [Potential Infinite Loop in IptcAnpaParser]
- RESERVED
+CVE-2018-8017 (In Apache Tika 1.2 to 1.18, a carefully crafted file can
trigger an ...)
- tika <unfixed>
[jessie] - tika <ignored> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2018/09/19/6
@@ -30193,8 +30254,8 @@ CVE-2018-5907 (Possible buffer overflow in
msm_adsp_stream_callback_put due to l
NOT-FOR-US: Qualcomm components for Android
CVE-2018-5906
RESERVED
-CVE-2018-5905
- RESERVED
+CVE-2018-5905 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
+ TODO: check
CVE-2018-5904
RESERVED
CVE-2018-5903
@@ -35481,24 +35542,24 @@ CVE-2018-3833 (An exploitable firmware downgrade
vulnerability exists in Insteon
NOT-FOR-US: Insteon Hub
CVE-2018-3832 (An exploitable firmware update vulnerability exists in Insteon
Hub ...)
NOT-FOR-US: Insteon Hub
-CVE-2018-3831
- RESERVED
-CVE-2018-3830
- RESERVED
-CVE-2018-3829
- RESERVED
-CVE-2018-3828
- RESERVED
-CVE-2018-3827
- RESERVED
-CVE-2018-3826
- RESERVED
-CVE-2018-3825
- RESERVED
-CVE-2018-3824
- RESERVED
-CVE-2018-3823
- RESERVED
+CVE-2018-3831 (Elasticsearch Alerting and Monitoring in versions before 6.4.1
or ...)
+ TODO: check
+CVE-2018-3830 (Kibana versions 5.3.0 to 6.4.1 had a cross-site scripting (XSS)
...)
+ TODO: check
+CVE-2018-3829 (In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 it
was ...)
+ TODO: check
+CVE-2018-3828 (Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 contain
an ...)
+ TODO: check
+CVE-2018-3827 (A sensitive data disclosure flaw was found in the Elasticsearch
...)
+ TODO: check
+CVE-2018-3826 (In Elasticsearch versions 6.0.0-beta1 to 6.2.4 a disclosure
flaw was ...)
+ TODO: check
+CVE-2018-3825 (In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 a
default ...)
+ TODO: check
+CVE-2018-3824 (X-Pack Machine Learning versions before 6.2.4 and 5.6.9 had a
...)
+ TODO: check
+CVE-2018-3823 (X-Pack Machine Learning versions before 6.2.4 and 5.6.9 had a
...)
+ TODO: check
CVE-2018-3822 (X-Pack Security versions 6.2.0, 6.2.1, and 6.2.2 are vulnerable
to a ...)
NOT-FOR-US: Elastic X-Pack Security
CVE-2018-3821 (Kibana versions after 5.1.1 and before 5.6.7 and 6.1.3 had a
...)
@@ -36910,10 +36971,10 @@ CVE-2018-3576 (improper validation of array index in
WiFi driver function ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2018-3575
RESERVED
-CVE-2018-3574
- RESERVED
-CVE-2018-3573
- RESERVED
+CVE-2018-3574 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
+ TODO: check
+CVE-2018-3573 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
+ TODO: check
CVE-2018-3572 (While processing a DSP buffer in an audio driver's event
handler, an ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2018-3571 (In the KGSL driver in all Android releases from CAF (Android
for MSM, ...)
@@ -41292,8 +41353,8 @@ CVE-2018-1784
RESERVED
CVE-2018-1783
RESERVED
-CVE-2018-1782
- RESERVED
+CVE-2018-1782 (IBM GPFS (IBM Spectrum Scale 5.0.1.0 and 5.0.1.1) allows a
local, ...)
+ TODO: check
CVE-2018-1781
RESERVED
CVE-2018-1780
@@ -43480,10 +43541,10 @@ CVE-2018-1152 (libjpeg-turbo 1.5.90 is vulnerable to
a denial of service ...)
NOTE:
https://github.com/libjpeg-turbo/libjpeg-turbo/commit/43e84cff1bb2bd8293066f6ac4eb0df61ddddbc6
CVE-2018-1151 (The web server on Western Digital TV Media Player 1.03.07 and
TV Live ...)
NOT-FOR-US: web server on Western Digital TV Media Player and TV Live
Hub
-CVE-2018-1150
- RESERVED
-CVE-2018-1149
- RESERVED
+CVE-2018-1150 (NUUO's NVRMini2 3.8.0 and below contains a backdoor that would
allow ...)
+ TODO: check
+CVE-2018-1149 (cgi_system in NUUO's NVRMini2 3.8.0 and below allows remote
attackers ...)
+ TODO: check
CVE-2018-1148 (In Nessus before 7.1.0, Session Fixation exists due to
insufficient ...)
NOT-FOR-US: Nessus
CVE-2018-1147 (In Nessus before 7.1.0, a XSS vulnerability exists due to
improper ...)
@@ -50948,7 +51009,7 @@ CVE-2017-15846 (In the video_ioctl2() function in the
camera driver in Android f
NOT-FOR-US: Qualcomm component for Android
CVE-2017-15845 (In Android for MSM, Firefox OS for MSM, QRD Android, with all
Android ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15844 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2017-15844 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
TODO: check
CVE-2017-15843 (Due to a race condition in a bus driver, a double free in ...)
NOT-FOR-US: Qualcomm components for Android
@@ -50982,13 +51043,13 @@ CVE-2017-15830 (In Android for MSM, Firefox OS for
MSM, QRD Android, with all An
NOT-FOR-US: Qualcomm components for Android
CVE-2017-15829 (In all Qualcomm products with Android releases from CAF using
the ...)
NOT-FOR-US: Qualcomm component for Android
-CVE-2017-15828 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2017-15828 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
TODO: check
CVE-2017-15827
RESERVED
CVE-2017-15826 (Due to a race condition in MDSS rotator in Android for MSM,
Firefox OS ...)
NOT-FOR-US: Qualcomm component for Android
-CVE-2017-15825 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2017-15825 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
NOT-FOR-US: Qualcomm component for Android
CVE-2017-15824 (In Android releases from CAF using the linux kernel (Android
for MSM, ...)
NOT-FOR-US: Qualcomm component for Android
@@ -51002,7 +51063,7 @@ CVE-2017-15820 (In all Qualcomm products with Android
releases from CAF using th
NOT-FOR-US: Qualcomm component for Android
CVE-2017-15819
RESERVED
-CVE-2017-15818 (In all android releases(Android for MSM, Firefox OS for MSM,
QRD ...)
+CVE-2017-15818 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
TODO: check
CVE-2017-15817 (In all Qualcomm products with Android releases from CAF using
the ...)
NOT-FOR-US: Qualcomm component for Android
@@ -90940,20 +91001,20 @@ CVE-2017-2881 (An exploitable vulnerability exists in
the torlist update ...)
NOT-FOR-US: Circle with Disney
CVE-2017-2880 (An memory corruption vulnerability exists in the .GIF parsing
...)
NOT-FOR-US: Computerinsel Photoline
-CVE-2017-2879
- RESERVED
-CVE-2017-2878
- RESERVED
-CVE-2017-2877
- RESERVED
-CVE-2017-2876
- RESERVED
-CVE-2017-2875
- RESERVED
+CVE-2017-2879 (An exploitable buffer overflow vulnerability exists in the UPnP
...)
+ TODO: check
+CVE-2017-2878 (An exploitable buffer overflow vulnerability exists in the web
...)
+ TODO: check
+CVE-2017-2877 (A missing error check exists in the Multi-Camera interface used
by the ...)
+ TODO: check
+CVE-2017-2876 (An exploitable buffer overflow vulnerability exists in the ...)
+ TODO: check
+CVE-2017-2875 (An exploitable buffer overflow vulnerability exists in the ...)
+ TODO: check
CVE-2017-2874 (An information disclosure vulnerability exists in the
Multi-Camera ...)
TODO: check
-CVE-2017-2873
- RESERVED
+CVE-2017-2873 (An exploitable command injection vulnerability exists in the
web ...)
+ TODO: check
CVE-2017-2872 (Insufficient security checks exist in the recovery procedure
used by ...)
TODO: check
CVE-2017-2871 (Insufficient security checks exist in the recovery procedure
used by ...)
@@ -90997,8 +91058,8 @@ CVE-2017-2857 (An exploitable buffer overflow
vulnerability exists in the DDNS c
TODO: check
CVE-2017-2856 (An exploitable buffer overflow vulnerability exists in the DDNS
client ...)
TODO: check
-CVE-2017-2855
- RESERVED
+CVE-2017-2855 (An exploitable buffer overflow vulnerability exists in the DDNS
client ...)
+ TODO: check
CVE-2017-2854 (An exploitable buffer overflow vulnerability exists in the DDNS
client ...)
TODO: check
CVE-2017-2853 (An exploitable Code Execution vulnerability exists in the ...)
@@ -93434,8 +93495,8 @@ CVE-2017-1796
RESERVED
CVE-2017-1795 (IBM WebSphere MQ 7.5, 8.0, and 9.0 through 9.0.4 could allow a
local ...)
NOT-FOR-US: IBM WebSphere MQ
-CVE-2017-1794
- RESERVED
+CVE-2017-1794 (IBM Tivoli Monitoring 6.2.3 through 6.2.3.5 and 6.3.0 through
6.3.0.7 ...)
+ TODO: check
CVE-2017-1793 (IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through
6.0.5 ...)
NOT-FOR-US: IBM
CVE-2017-1792 (IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through
6.0.5 ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0b5daf785610ca3c266970dcefd4f18eb837149e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0b5daf785610ca3c266970dcefd4f18eb837149e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
