[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Fri, 12 Oct 2018 01:11:33 -0700

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
606480c6 by security tracker role at 2018-10-12T08:10:19Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,33 @@
+CVE-2018-18265
+       RESERVED
+CVE-2018-18264
+       RESERVED
+CVE-2018-18263
+       RESERVED
+CVE-2018-18262
+       RESERVED
+CVE-2018-18261
+       RESERVED
+CVE-2018-18260
+       RESERVED
+CVE-2018-18259
+       RESERVED
+CVE-2018-18258 (An issue was discovered in BageCMS 3.1.3. The attacker can 
execute ...)
+       TODO: check
+CVE-2018-18257 (An issue was discovered in BageCMS 3.1.3. An attacker can 
delete any ...)
+       TODO: check
+CVE-2018-18256
+       RESERVED
+CVE-2018-18255
+       RESERVED
+CVE-2018-18254
+       RESERVED
+CVE-2018-18253
+       RESERVED
+CVE-2018-18252
+       RESERVED
+CVE-2018-18251
+       RESERVED
 CVE-2019-0085
        RESERVED
 CVE-2019-0084
@@ -214,12 +244,12 @@ CVE-2018-18229
        RESERVED
 CVE-2018-18228
        RESERVED
-CVE-2018-18227
-       RESERVED
-CVE-2018-18226
-       RESERVED
-CVE-2018-18225
-       RESERVED
+CVE-2018-18227 (In Wireshark 2.6.0 to 2.6.3 and 2.4.0 to 2.4.9, the MS-WSP 
protocol ...)
+       TODO: check
+CVE-2018-18226 (In Wireshark 2.6.0 to 2.6.3, the Steam IHS Discovery dissector 
could ...)
+       TODO: check
+CVE-2018-18225 (In Wireshark 2.6.0 to 2.6.3, the CoAP dissector could crash. 
This was ...)
+       TODO: check
 CVE-2018-18224
        RESERVED
 CVE-2018-18223
@@ -917,12 +947,12 @@ CVE-2018-17931
        RESERVED
 CVE-2018-17930
        RESERVED
-CVE-2018-17929
-       RESERVED
+CVE-2018-17929 (In Delta Industrial Automation TPEditor, TPEditor Versions 
1.90 and ...)
+       TODO: check
 CVE-2018-17928
        RESERVED
-CVE-2018-17927
-       RESERVED
+CVE-2018-17927 (In Delta Industrial Automation TPEditor, TPEditor Versions 
1.90 and ...)
+       TODO: check
 CVE-2018-17926
        RESERVED
 CVE-2018-17925 (Multiple instances of this vulnerability (Unsafe ActiveX 
Control ...)
@@ -14238,8 +14268,8 @@ CVE-2018-12443
        RESERVED
 CVE-2018-12442
        RESERVED
-CVE-2018-12441
-       RESERVED
+CVE-2018-12441 (The CorsairService Service in Corsair Utility Engine is 
installed with ...)
+       TODO: check
 CVE-2017-18341
        RESERVED
 CVE-2017-18340
@@ -17278,6 +17308,7 @@ CVE-2018-11361 (In Wireshark 2.6.0, the IEEE 802.11 
protocol dissector could cra
        NOTE: 
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=1b52f9929238ce3948ec924ae4f9456b5e9df558
        NOTE: https://www.wireshark.org/security/wnpa-sec-2018-32.html
 CVE-2018-11360 (In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the 
GSM A DTAP ...)
+       {DSA-4217-1}
        - wireshark 2.6.1-1 (bug #900708)
        [jessie] - wireshark <not-affected> (vulnerable code not present (uses 
static a_bigbuf instead))
        [wheezy] - wireshark <not-affected> (vulnerable code not present (uses 
static a_bigbuf instead))
@@ -22704,6 +22735,7 @@ CVE-2018-9274 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 
2.2.13, ui/failure_messa
        NOTE: 
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f38e895dfc0d97bce64f73ce99df706911d9aa07
        NOTE: https://www.wireshark.org/security/wnpa-sec-2018-24.html
 CVE-2018-9273 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, ...)
+       {DSA-4217-1}
        - wireshark 2.4.6-1
        [jessie] - wireshark <not-affected> (Vulnerable code not present)
        [wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -22767,6 +22799,7 @@ CVE-2018-9265 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 
2.2.13, ...)
        NOTE: 
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b12cc581cd4878d74b6116ca02c7dbe650c1f242
        NOTE: https://www.wireshark.org/security/wnpa-sec-2018-24.html
 CVE-2018-9264 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the ADB 
dissector ...)
+       {DSA-4217-1}
        - wireshark 2.4.6-1
        [jessie] - wireshark <not-affected> (Vulnerable code not present (only 
adb_cs available))
        [wheezy] - wireshark <not-affected> (Vulnerable code not present (only 
adb_cs available))
@@ -28131,6 +28164,7 @@ CVE-2018-7321 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 
2.2.12, ...)
        NOTE: 
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c784d551ad50864de1035ce54e72837301cf6aca
        NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
 CVE-2018-7320 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the SIGCOMP 
protocol ...)
+       {DSA-4217-1}
        - wireshark 2.4.5-1
        [jessie] - wireshark <not-affected> (Vulnerable code introduced later)
        [wheezy] - wireshark <not-affected> (Vulnerable code introduced later)
@@ -43954,8 +43988,8 @@ CVE-2018-1840
        RESERVED
 CVE-2018-1839
        RESERVED
-CVE-2018-1838
-       RESERVED
+CVE-2018-1838 (IBM WebSphere Application Server 8.5 and 9.0 in IBM Cloud could 
allow ...)
+       TODO: check
 CVE-2018-1837
        RESERVED
 CVE-2018-1836
@@ -44284,8 +44318,8 @@ CVE-2018-1675
        RESERVED
 CVE-2018-1674 (IBM Business Process Manager 8.5 through 8.6 and 18.0.0.0 
through ...)
        NOT-FOR-US: IBM
-CVE-2018-1673
-       RESERVED
+CVE-2018-1673 (IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to 
...)
+       TODO: check
 CVE-2018-1672 (IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 may fail to set the 
...)
        NOT-FOR-US: IBM
 CVE-2018-1671
@@ -59931,6 +59965,7 @@ CVE-2017-13767 (In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 
2.0.0 to 2.0.14, the MSD
        NOTE: 
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6f18ace2a2683418a9368a8dfd92da6bd8213e15
        NOTE: https://www.wireshark.org/security/wnpa-sec-2017-38.html
 CVE-2017-13766 (In Wireshark 2.4.0 and 2.2.0 to 2.2.8, the Profinet I/O 
dissector could ...)
+       {DSA-4060-1}
        - wireshark 2.4.1-1
        [jessie] - wireshark <not-affected> (Vulnerable code not present)
        [wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -97355,8 +97390,8 @@ CVE-2017-1233 (IBM Remote Control v9 could allow a 
local user to use the compone
        NOT-FOR-US: IBM Remote Control
 CVE-2017-1232 (IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) 
...)
        NOT-FOR-US: IBM Tivoli Endpoint Manager
-CVE-2017-1231
-       RESERVED
+CVE-2017-1231 (IBM BigFix Platform 9.5 - 9.5.9 stores user credentials in 
plain in ...)
+       TODO: check
 CVE-2017-1230 (IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) 
uses ...)
        NOT-FOR-US: IBM Tivoli Endpoint Manager
 CVE-2017-1229 (IBM Tivoli Endpoint Manager (IBM BigFix 9.2 and 9.5) could 
allow a ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/606480c63349cf69a85bd55928cfead4ac069e41

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/606480c63349cf69a85bd55928cfead4ac069e41
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to