Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ecba9cd1 by security tracker role at 2018-10-28T20:10:23Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,33 @@
+CVE-2018-18765 (An exploitable arbitrary memory read vulnerability exists in
the MQTT ...)
+ TODO: check
+CVE-2018-18764 (An exploitable arbitrary memory read vulnerability exists in
the MQTT ...)
+ TODO: check
+CVE-2018-18763
+ RESERVED
+CVE-2018-18762
+ RESERVED
+CVE-2018-18761
+ RESERVED
+CVE-2018-18760
+ RESERVED
+CVE-2018-18759
+ RESERVED
+CVE-2018-18758
+ RESERVED
+CVE-2018-18757
+ RESERVED
+CVE-2018-18756
+ RESERVED
+CVE-2018-18755
+ RESERVED
+CVE-2018-18754 (ZyXEL VMG3312-B10B 1.00(AAPP.7) devices have a backdoor root
account ...)
+ TODO: check
+CVE-2018-18753 (Typecho V1.1 allows remote attackers to send shell commands
via ...)
+ TODO: check
+CVE-2018-18752 (Webiness Inventory 2.3 suffers from an Arbitrary File upload
...)
+ TODO: check
+CVE-2018-18751 (An issue was discovered in GNU gettext 0.19.8. There is a
double free ...)
+ TODO: check
CVE-2018-18750
RESERVED
CVE-2018-18749 (data-tools through 2017-07-26 has an Integer Overflow leading
to an ...)
@@ -450,6 +480,7 @@ CVE-2018-18559 (In the Linux kernel through 4.19, a
use-after-free can occur due
CVE-2018-18558
RESERVED
CVE-2018-18557 (LibTIFF 4.0.9 (with JBIG enabled) decodes arbitrarily-sized
JBIG into a ...)
+ {DLA-1557-1}
- tiff 4.0.9+git181026-1 (bug #911635)
- tiff3 <removed>
NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1697
@@ -496,6 +527,7 @@ CVE-2018-18540 (TeaKKi 2.7 allows XSS via a crafted onerror
attribute for a pict
CVE-2018-18539
RESERVED
CVE-2018-18541 (In Teeworlds before 0.6.5, connection packets could be forged.
There ...)
+ {DSA-4329-1}
- teeworlds 0.7.0-1 (bug #911487)
[jessie] - teeworlds <end-of-life> (Not supported in jessie LTS)
NOTE: https://www.teeworlds.com/forum/viewtopic.php?id=12544
@@ -4009,11 +4041,13 @@ CVE-2018-17103 (** DISPUTED ** An issue was discovered
in GetSimple CMS v3.3.13.
CVE-2018-17102 (An issue was discovered in QuickAppsCMS (aka QACMS) through
...)
NOT-FOR-US: QuickAppsCMS
CVE-2018-17101 (An issue was discovered in LibTIFF 4.0.9. There are two
out-of-bounds ...)
+ {DLA-1557-1}
- tiff 4.0.9+git181026-1 (bug #909037)
- tiff3 <removed>
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2807
NOTE:
https://gitlab.com/libtiff/libtiff/merge_requests/33/diffs?commit_id=f1b94e8a3ba49febdd3361c0214a1d1149251577
CVE-2018-17100 (An issue was discovered in LibTIFF 4.0.9. There is a int32
overflow in ...)
+ {DLA-1557-1}
- tiff 4.0.9+git181026-1 (bug #909038)
- tiff3 <removed>
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2810
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/ecba9cd10797d80f238a279c0000f06cf8a0bc3f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/ecba9cd10797d80f238a279c0000f06cf8a0bc3f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
