Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c3ad806e by security tracker role at 2018-12-06T20:10:26Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,69 @@
+CVE-2019-1584
+ RESERVED
+CVE-2019-1583
+ RESERVED
+CVE-2019-1582
+ RESERVED
+CVE-2019-1581
+ RESERVED
+CVE-2019-1580
+ RESERVED
+CVE-2019-1579
+ RESERVED
+CVE-2019-1578
+ RESERVED
+CVE-2019-1577
+ RESERVED
+CVE-2019-1576
+ RESERVED
+CVE-2019-1575
+ RESERVED
+CVE-2019-1574
+ RESERVED
+CVE-2019-1573
+ RESERVED
+CVE-2019-1572
+ RESERVED
+CVE-2019-1571
+ RESERVED
+CVE-2019-1570
+ RESERVED
+CVE-2019-1569
+ RESERVED
+CVE-2019-1568
+ RESERVED
+CVE-2019-1567
+ RESERVED
+CVE-2019-1566
+ RESERVED
+CVE-2019-1565
+ RESERVED
+CVE-2018-19917
+ RESERVED
+CVE-2018-19916
+ RESERVED
+CVE-2018-19915 (DomainMOD through 4.11.01 has XSS via the assets/edit/host.php
Web Host ...)
+ TODO: check
+CVE-2018-19914 (DomainMOD through 4.11.01 has XSS via the assets/add/dns.php
Profile ...)
+ TODO: check
+CVE-2018-19913 (DomainMOD through 4.11.01 has XSS via the ...)
+ TODO: check
+CVE-2018-19912
+ RESERVED
+CVE-2018-19911 (FreeSWITCH through 1.8.2, when mod_xml_rpc is enabled, allows
remote ...)
+ TODO: check
+CVE-2018-19910
+ RESERVED
+CVE-2018-19909
+ RESERVED
+CVE-2018-19908 (An issue was discovered in MISP 2.4.9x before 2.4.99. In ...)
+ TODO: check
+CVE-2018-1000859
+ REJECTED
+ TODO: check
+CVE-2018-1000853
+ REJECTED
+ TODO: check
CVE-2018-19907 (A Server-Side Template Injection issue was discovered in
Crafter CMS ...)
NOT-FOR-US: Crafter CMS
CVE-2018-19906
@@ -6758,8 +6824,8 @@ CVE-2018-18364
RESERVED
CVE-2018-18363
RESERVED
-CVE-2018-18362
- RESERVED
+CVE-2018-18362 (Norton Password Manager for Android (formerly Norton Identity
Safe) ...)
+ TODO: check
CVE-2018-18361 (An issue was discovered in nc-cms through 2017-03-10. ...)
NOT-FOR-US: nc-cms
CVE-2018-18360
@@ -14448,8 +14514,8 @@ CVE-2018-15334
RESERVED
CVE-2018-15333
RESERVED
-CVE-2018-15332
- RESERVED
+CVE-2018-15332 (The svpn component of the F5 BIG-IP APM client prior to
version ...)
+ TODO: check
CVE-2018-15331
RESERVED
CVE-2018-15330
@@ -28122,43 +28188,43 @@ CVE-2018-10165 (Stored Cross-site scripting (XSS)
vulnerability in the TP-Link E
CVE-2018-10164 (Stored Cross-site scripting (XSS) vulnerability in the TP-Link
EAP ...)
NOT-FOR-US: TP-Link
CVE-2018-10163
- RESERVED
+ REJECTED
CVE-2018-10162
- RESERVED
+ REJECTED
CVE-2018-10161
- RESERVED
+ REJECTED
CVE-2018-10160
- RESERVED
+ REJECTED
CVE-2018-10159
- RESERVED
+ REJECTED
CVE-2018-10158
- RESERVED
+ REJECTED
CVE-2018-10157
- RESERVED
+ REJECTED
CVE-2018-10156
- RESERVED
+ REJECTED
CVE-2018-10155
- RESERVED
+ REJECTED
CVE-2018-10154
- RESERVED
+ REJECTED
CVE-2018-10153
- RESERVED
+ REJECTED
CVE-2018-10152
- RESERVED
+ REJECTED
CVE-2018-10151
- RESERVED
+ REJECTED
CVE-2018-10150
- RESERVED
+ REJECTED
CVE-2018-10149
- RESERVED
+ REJECTED
CVE-2018-10148
- RESERVED
+ REJECTED
CVE-2018-10147
- RESERVED
+ REJECTED
CVE-2018-10146
- RESERVED
+ REJECTED
CVE-2018-10145
- RESERVED
+ REJECTED
CVE-2018-10144
RESERVED
CVE-2018-10143
@@ -29516,61 +29582,60 @@ CVE-2018-9570
CVE-2018-9569
RESERVED
NOT-FOR-US: Android libxaac
-CVE-2018-9568 [Memory corruption due to incorrect socket cloning]
- RESERVED
+CVE-2018-9568 (In sk_clone_lock of sock.c, there is a possible memory
corruption due ...)
- linux 4.13.10-1
[stretch] - linux 4.9.65-1
[jessie] - linux 3.16.59-1
NOTE: Fixed by:
https://git.kernel.org/linus/9d538fa60bad4f7b23193c89e843797a1cf71ef3
-CVE-2018-9567
- RESERVED
-CVE-2018-9566
- RESERVED
-CVE-2018-9565
- RESERVED
+CVE-2018-9567 (On Pixel devices there is a bug causing verified boot to show
the same ...)
+ TODO: check
+CVE-2018-9566 (In process_service_search_rsp of sdp_discovery.c, there is a
possible ...)
+ TODO: check
+CVE-2018-9565 (In readBytes of xltdecwbxml.c, there is a possible out of
bounds read ...)
+ TODO: check
CVE-2018-9564
RESERVED
CVE-2018-9563
RESERVED
-CVE-2018-9562
- RESERVED
+CVE-2018-9562 (In bta_ag_do_disc of bta_ag_sdp.cc, there is a possible
out-of-bound ...)
+ TODO: check
CVE-2018-9561
RESERVED
-CVE-2018-9560
- RESERVED
-CVE-2018-9559
- RESERVED
-CVE-2018-9558
- RESERVED
-CVE-2018-9557
- RESERVED
-CVE-2018-9556
- RESERVED
-CVE-2018-9555
- RESERVED
-CVE-2018-9554
- RESERVED
-CVE-2018-9553
- RESERVED
-CVE-2018-9552
- RESERVED
-CVE-2018-9551
- RESERVED
-CVE-2018-9550
- RESERVED
-CVE-2018-9549
- RESERVED
-CVE-2018-9548
- RESERVED
-CVE-2018-9547
- RESERVED
+CVE-2018-9560 (In HID_DevAddRecord of hidd_api.cc, there is a possible
out-of-bounds ...)
+ TODO: check
+CVE-2018-9559 (In persist_set_key and other functions of cryptfs.cpp, there is
a ...)
+ TODO: check
+CVE-2018-9558 (In rw_t2t_handle_tlv_detect of rw_t2t_ndef.cc, there is a
possible ...)
+ TODO: check
+CVE-2018-9557 (In really_install_package of install.cpp, there is a possible
free of ...)
+ TODO: check
+CVE-2018-9556 (In ParsePayloadHeader of payload_metadata.cc, there is a
possible out ...)
+ TODO: check
+CVE-2018-9555 (In l2c_lcc_proc_pdu of l2c_fcr.cc, there is a possible out of
bounds ...)
+ TODO: check
+CVE-2018-9554 (In dumpExtractors of IMediaExtractor.cp, there is a possible
...)
+ TODO: check
+CVE-2018-9553 (In MasteringMetadata::Parse of mkvparser.cc there is a possible
double ...)
+ TODO: check
+CVE-2018-9552 (In ihevcd_sao_shift_ctb of ihevcd_sao.c there is a possible out
of ...)
+ TODO: check
+CVE-2018-9551 (In CAacDecoder_Init of aacdecoder.cpp, there is a possible ...)
+ TODO: check
+CVE-2018-9550 (In CAacDecoder_Init of aacdecoder.cpp, there is a possible out
of ...)
+ TODO: check
+CVE-2018-9549 (In lppTransposer of lpp_tran.cpp there is a possible out of
bounds ...)
+ TODO: check
+CVE-2018-9548 (In multiple functions of ContentProvider.java, there is a
possible ...)
+ TODO: check
+CVE-2018-9547 (In unflatten of GraphicBuffer.cpp, there is a possible bad fd
close ...)
+ TODO: check
CVE-2018-9546
RESERVED
CVE-2018-9545 (In BTA_HdRegisterApp of bta_hd_api.cc, there is a possible ...)
NOT-FOR-US: Android
CVE-2018-9544 (In register_app of btif_hd.cc, there is a possible
out-of-bounds read ...)
NOT-FOR-US: Android
-CVE-2018-9543 (In f2fs_format_utils.c WITH_BLKDISCARD is not defined, which
may cause ...)
+CVE-2018-9543 (In trim_device of f2fs_format_utils.c, it is possible that the
data ...)
NOT-FOR-US: Android
CVE-2018-9542 (In avrc_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible
out of ...)
NOT-FOR-US: Android
@@ -29580,8 +29645,8 @@ CVE-2018-9540 (In avrc_ctrl_pars_vendor_rsp of
avrc_pars_ct.c, there is a possib
NOT-FOR-US: Android
CVE-2018-9539 (In the ClearKey CAS descrambler, there is a possible use after
free ...)
NOT-FOR-US: Android Media Framework
-CVE-2018-9538
- RESERVED
+CVE-2018-9538 (In V4L2SliceVideoDecodeAccelerator::Dequeue of ...)
+ TODO: check
CVE-2018-9537 (In CAacDecoder_DecodeFrame of aacdecode.cpp, there is a
possible ...)
NOT-FOR-US: Android Media Framework
CVE-2018-9536 (In numerous functions of libFDK, there are possible out of
bounds ...)
@@ -51486,8 +51551,8 @@ CVE-2018-1937
RESERVED
CVE-2018-1936
RESERVED
-CVE-2018-1935
- RESERVED
+CVE-2018-1935 (IBM Connections 5.0, 5.5, and 6.0 could allow an authenticated
user to ...)
+ TODO: check
CVE-2018-1934
RESERVED
CVE-2018-1933
@@ -51614,8 +51679,8 @@ CVE-2018-1873
RESERVED
CVE-2018-1872 (IBM Maximo Asset Management 7.6 is vulnerable to cross-site
scripting. ...)
NOT-FOR-US: IBM
-CVE-2018-1871
- RESERVED
+CVE-2018-1871 (IBM Financial Transaction Manager for Digital Payments for ...)
+ TODO: check
CVE-2018-1870
RESERVED
CVE-2018-1869
@@ -52306,8 +52371,8 @@ CVE-2018-1527
RESERVED
CVE-2018-1526
RESERVED
-CVE-2018-1525
- RESERVED
+CVE-2018-1525 (IBM i2 Enterprise Insight Analysis 2.1.7 could allow a remote
attacker ...)
+ TODO: check
CVE-2018-1524 (IBM Maximo Asset Management 7.6 through 7.6.3 installs with a
default ...)
NOT-FOR-US: IBM
CVE-2018-1523 (IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through
6.0.5 ...)
@@ -52346,10 +52411,10 @@ CVE-2018-1507 (IBM DOORS Next Generation (DNG/RRC)
6.0.5 is vulnerable to cross-
NOT-FOR-US: IBM
CVE-2018-1506
RESERVED
-CVE-2018-1505
- RESERVED
-CVE-2018-1504
- RESERVED
+CVE-2018-1505 (IBM i2 Enterprise Insight Analysis 2.1.7 allows web pages to be
stored ...)
+ TODO: check
+CVE-2018-1504 (IBM i2 Enterprise Insight Analysis 2.1.7 could allow a remote
attacker ...)
+ TODO: check
CVE-2018-1503 (IBM WebSphere MQ 7.5, 8.0, and 9.0 could allow a remotely ...)
NOT-FOR-US: IBM
CVE-2018-1502 (IBM Content Manager Enterprise Edition Resource Manager 8.4.3
and 9.5 ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/c3ad806e66eea75d555c9ccd93f137220c799d4d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/c3ad806e66eea75d555c9ccd93f137220c799d4d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
