Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
247eedf2 by security tracker role at 2018-02-03T09:10:15+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,45 @@
+CVE-2018-6595
+ RESERVED
+CVE-2018-6594 (lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1
generates ...)
+ TODO: check
+CVE-2018-6593
+ RESERVED
+CVE-2018-6592
+ RESERVED
+CVE-2018-6591
+ RESERVED
+CVE-2018-6590
+ RESERVED
+CVE-2018-6589
+ RESERVED
+CVE-2018-6588
+ RESERVED
+CVE-2018-6587
+ RESERVED
+CVE-2018-6586
+ RESERVED
+CVE-2018-1000040
+ RESERVED
+CVE-2018-1000039
+ RESERVED
+CVE-2018-1000038
+ RESERVED
+CVE-2018-1000037
+ RESERVED
+CVE-2018-1000036
+ RESERVED
+CVE-2018-1000035
+ RESERVED
+CVE-2018-1000034
+ RESERVED
+CVE-2018-1000033
+ RESERVED
+CVE-2018-1000032
+ RESERVED
+CVE-2018-1000031
+ RESERVED
+CVE-2017-18123 (The call parameter of /lib/exe/ajax.php in DokuWiki through
2017-02-19e ...)
+ TODO: check
CVE-2018-6585
RESERVED
CVE-2018-6584
@@ -777,12 +819,12 @@ CVE-2018-6321
RESERVED
CVE-2018-6320
RESERVED
-CVE-2018-6319
- RESERVED
-CVE-2018-6318
- RESERVED
-CVE-2018-6317
- RESERVED
+CVE-2018-6319 (In Sophos Tester Tool 3.2.0.7 Beta, the driver accepts a
special ...)
+ TODO: check
+CVE-2018-6318 (In Sophos Tester Tool 3.2.0.7 Beta, the driver loads (in the
context ...)
+ TODO: check
+CVE-2018-6317 (The remote management interface in Claymore Dual Miner 10.5 and
...)
+ TODO: check
CVE-2018-6316
RESERVED
CVE-2018-6315 (The outputSWF_TEXT_RECORD function (util/outputscript.c) in
libming ...)
@@ -3486,8 +3528,8 @@ CVE-2018-5263 (The StackIdeas EasyDiscuss (aka
com_easydiscuss) extension before
NOT-FOR-US: The StackIdeas EasyDiscuss extension for Joomla!
CVE-2018-5262 (A stack-based buffer overflow in Flexense DiskBoss 8.8.16 and
earlier ...)
NOT-FOR-US: Flexense DiskBoss
-CVE-2018-5261
- RESERVED
+CVE-2018-5261 (An issue was discovered in Flexense DiskBoss 8.8.16 and
earlier. Due ...)
+ TODO: check
CVE-2018-5260
RESERVED
CVE-2018-5259 (Discuz! DiscuzX X3.4 allows remote authenticated users to
bypass ...)
@@ -13896,10 +13938,10 @@ CVE-2018-1187
RESERVED
CVE-2018-1186
RESERVED
-CVE-2018-1185
- RESERVED
-CVE-2018-1184
- RESERVED
+CVE-2018-1185 (An issue was discovered in EMC RecoverPoint for Virtual
Machines ...)
+ TODO: check
+CVE-2018-1184 (An issue was discovered in EMC RecoverPoint for Virtual
Machines ...)
+ TODO: check
CVE-2018-1183
RESERVED
CVE-2018-1182
@@ -14990,8 +15032,8 @@ CVE-2017-17110 (Techno Portfolio Management Panel 1.0
allows an attacker to inje
NOT-FOR-US: Techno Portfolio Management Panel
CVE-2017-17109
RESERVED
-CVE-2017-17108
- RESERVED
+CVE-2017-17108 (Path traversal vulnerability in the administrative panel in
KonaKart ...)
+ TODO: check
CVE-2017-17107 (Zivif PR115-204-P-RS V2.3.4.2103 web cameras contain a
hard-coded ...)
NOT-FOR-US: Zivif web cameras
CVE-2017-17106 (Credentials for Zivif PR115-204-P-RS V2.3.4.2103 Webcams can
be ...)
@@ -98332,8 +98374,8 @@ CVE-2016-0344
RESERVED
CVE-2016-0343
RESERVED
-CVE-2016-0342
- RESERVED
+CVE-2016-0342 (IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before
...)
+ TODO: check
CVE-2016-0341 (IBM Multi-Enterprise Integration Gateway 1.0 through 1.0.0.1
and B2B ...)
NOT-FOR-US: IBM
CVE-2016-0340 (IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0
through ...)
@@ -98358,8 +98400,8 @@ CVE-2016-0331 (Cross-site scripting (XSS) vulnerability
in IBM Rational Team Con
NOT-FOR-US: IBM
CVE-2016-0330 (IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0
through ...)
NOT-FOR-US: IBM
-CVE-2016-0329
- RESERVED
+CVE-2016-0329 (Open redirect vulnerability in IBM Emptoris Sourcing 10.0.0.x
before ...)
+ TODO: check
CVE-2016-0328 (IBM Security Guardium Database Activity Monitor 8.2 before
p310, 9.x ...)
NOT-FOR-US: IBM
CVE-2016-0327 (IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0
through ...)
@@ -98392,10 +98434,10 @@ CVE-2016-0314 (The Report Builder and Data Collection
Component (DCC) in IBM Jaz
NOT-FOR-US: IBM
CVE-2016-0313 (Cross-site scripting (XSS) vulnerability in the Report Builder
and ...)
NOT-FOR-US: IBM
-CVE-2016-0312
- RESERVED
-CVE-2016-0311
- RESERVED
+CVE-2016-0312 (IBM TRIRIGA Application Platform before 3.3.2 allows remote
attackers ...)
+ TODO: check
+CVE-2016-0311 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Business
...)
+ TODO: check
CVE-2016-0310 (IBM Connections 5.5 and earlier is vulnerable to possible host
header ...)
NOT-FOR-US: IBM
CVE-2016-0309
@@ -98410,14 +98452,14 @@ CVE-2016-0305 (IBM Connections is vulnerable to
cross-site scripting, caused by
NOT-FOR-US: IBM
CVE-2016-0304 (The Java Console in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and
9.x ...)
NOT-FOR-US: IBM
-CVE-2016-0303
- RESERVED
+CVE-2016-0303 (Cross-site scripting (XSS) vulnerability in IBM Tivoli
Integrated ...)
+ TODO: check
CVE-2016-0302
RESERVED
CVE-2016-0301 (Heap-based buffer overflow in the KeyView PDF filter in IBM
Domino ...)
NOT-FOR-US: IBM
-CVE-2016-0300
- RESERVED
+CVE-2016-0300 (IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before
...)
+ TODO: check
CVE-2016-0299
RESERVED
CVE-2016-0298 (Directory traversal vulnerability in IBM Security Guardium
Database ...)
@@ -115386,8 +115428,8 @@ CVE-2015-2798 (SQL injection vulnerability in Joomla!
Component Contact Form Mak
NOT-FOR-US: Joomla! extension
CVE-2015-2797 (Stack-based buffer overflow in AirTies Air 6372, 5760, 5750,
5650TT, ...)
NOT-FOR-US: AirTies Air DSL modems
-CVE-2015-2796
- RESERVED
+CVE-2015-2796 (Multiple cross-site scripting (XSS) vulnerabilities in
Project-Pier ...)
+ TODO: check
CVE-2015-2795
RESERVED
CVE-2015-2794 (The installation wizard in DotNetNuke (DNN) before 7.4.1 allows
remote ...)
@@ -117449,8 +117491,8 @@ CVE-2015-2187 (The dissect_atn_cpdlc_heur function in
...)
[wheezy] - wireshark <not-affected> (Only affects 1.12.x)
[squeeze] - wireshark <not-affected> (Only affects 1.12.x)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9952
-CVE-2015-2186
- RESERVED
+CVE-2015-2186 (The Ansible edxapp role in the Configuration Repo in edX allows
remote ...)
+ TODO: check
CVE-2015-2185
RESERVED
CVE-2015-2184 (ZeusCart 4 allows remote attackers to obtain configuration
information ...)
@@ -119036,8 +119078,7 @@ CVE-2015-2091 (The authentication hook
(mgs_hook_authz) in mod-gnutls 0.5.10 and
{DSA-3177-1 DLA-170-1}
- mod-gnutls 0.6-1.3 (bug #578663)
NOTE:
https://github.com/airtower-luna/mod_gnutls/commit/5a8a32bbfb8a83fe6358c5c31c443325a7775fc2
-CVE-2009-5144 [vulnerability involving the directory context]
- RESERVED
+CVE-2009-5144 (mod-gnutls does not validate client certificates when ...)
- mod-gnutls 0.5.6-1 (bug #578663)
NOTE: http://issues.outoforder.cc/view.php?id=93
CVE-2014-9682 (The dns-sync module before 0.1.1 for node.js allows
context-dependent ...)
@@ -144643,11 +144684,9 @@ CVE-2014-1837 (Cross-site scripting (XSS)
vulnerability in the StackIdeas Koment
NOT-FOR-US: Joomla com_komento
CVE-2014-1836 (Absolute path traversal vulnerability in ...)
NOT-FOR-US: ImpressCMS
-CVE-2014-1835
- RESERVED
+CVE-2014-1835 (The perform_request function in /lib/echor/backplane.rb in
echor 0.1.6 ...)
NOT-FOR-US: Echor Ruby Gem
-CVE-2014-1834
- RESERVED
+CVE-2014-1834 (The perform_request function in /lib/echor/backplane.rb in
echor 0.1.6 ...)
NOT-FOR-US: Echor Ruby Gem
CVE-2014-1833 (Directory traversal vulnerability in uupdate in devscripts
2.14.1 ...)
- devscripts 2.14.8 (low; bug #737160)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/247eedf2375f82bd69ad0e876d054b7a253f74c5
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/247eedf2375f82bd69ad0e876d054b7a253f74c5
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
