Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
73b62d81 by security tracker role at 2018-03-29T08:10:20+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,21 @@
+CVE-2018-9123 (In Crea8social 2018.2, there is Stored Cross-Site Scripting via
a User ...)
+ TODO: check
+CVE-2018-9122 (In Crea8social 2018.2, there is Reflected Cross-Site Scripting
via the ...)
+ TODO: check
+CVE-2018-9121 (In Crea8social 2018.2, there is Stored Cross-Site Scripting via
a post ...)
+ TODO: check
+CVE-2018-9120 (In Crea8social 2018.2, there is Stored Cross-Site Scripting via
a post. ...)
+ TODO: check
+CVE-2018-9119
+ RESERVED
+CVE-2018-9118
+ RESERVED
+CVE-2018-9117 (WireMock before 2.16.0 contains a vulnerability that allows a
remote ...)
+ TODO: check
+CVE-2018-9116 (An XXE vulnerability within WireMock before 2.16.0 allows a
remote ...)
+ TODO: check
+CVE-2018-9115
+ RESERVED
CVE-2018-9114
RESERVED
CVE-2018-9113
@@ -116,8 +134,8 @@ CVE-2018-9058 (In Long Range Zip (aka lrzip) 0.631, there
is an infinite loop in
[jessie] - lrzip <no-dsa> (Minor issue)
[wheezy] - lrzip <ignored> (Minor issue)
NOTE: https://github.com/ckolivas/lrzip/issues/93
-CVE-2018-7600 [SA-CORE-2018-002]
- RESERVED
+CVE-2018-7600 (Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and
8.5.x ...)
+ {DSA-4156-1 DLA-1325-1}
- drupal7 7.58-1 (bug #894259)
NOTE: https://www.drupal.org/sa-core-2018-002
NOTE: https://groups.drupal.org/security/faq-2018-002
@@ -572,8 +590,8 @@ CVE-2018-8887
RESERVED
CVE-2018-8886
RESERVED
-CVE-2018-8885
- RESERVED
+CVE-2018-8885 (screenresolution-mechanism in screen-resolution-extra 0.17.2
does not ...)
+ TODO: check
CVE-2018-1000136 (Electron version 1.7 up to 1.7.12; 1.8 up to 1.8.3 and 2.0.0
up to ...)
- electron <itp> (bug #842420)
CVE-2017-18241 (fs/f2fs/segment.c in the Linux kernel before 4.13 allows local
users to ...)
@@ -732,8 +750,8 @@ CVE-2018-1000135 (GNOME NetworkManager version 1.10.2 and
earlier contains a Inf
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1553634
CVE-2018-8821 (windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows
attackers ...)
NOT-FOR-US: windrvr1260.sys in Jungo DriverWizard WinDriver
-CVE-2018-8820
- RESERVED
+CVE-2018-8820 (An issue was discovered in Square 9 GlobalForms 6.2.x. A Time
Based ...)
+ TODO: check
CVE-2018-8819
RESERVED
CVE-2018-8818
@@ -6685,8 +6703,8 @@ CVE-2018-6610 (Information Leakage exists in the jLike
1.0 component for Joomla!
NOT-FOR-US: jLike component for Joomla!
CVE-2018-6609 (SQL Injection exists in the JSP Tickets 1.1 component for
Joomla! via ...)
NOT-FOR-US: JSP Tickets component for Joomla!
-CVE-2018-6608
- RESERVED
+CVE-2018-6608 (In the WebRTC component in Opera 51.0.2830.55, after visiting a
web ...)
+ TODO: check
CVE-2018-6607
RESERVED
CVE-2018-6606 (An issue was discovered in MalwareFox AntiMalware 2.74.0.150.
Improper ...)
@@ -10800,7 +10818,7 @@ CVE-2018-5147 [out-of-bound write]
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-08/
CVE-2018-5146 [out-of-bound write]
RESERVED
- {DSA-4143-1 DSA-4140-1 DLA-1319-1}
+ {DSA-4155-1 DSA-4143-1 DSA-4140-1 DLA-1319-1}
- firefox 59.0.1-1
- firefox-esr 52.7.2esr-1
- thunderbird 1:52.7.0-1
@@ -10810,14 +10828,14 @@ CVE-2018-5146 [out-of-bound write]
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-09/
CVE-2018-5145
RESERVED
- {DSA-4139-1 DLA-1308-1}
+ {DSA-4155-1 DSA-4139-1 DLA-1308-1}
- firefox-esr 52.7.0esr-1
- thunderbird 1:52.7.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-07/
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-09/
CVE-2018-5144
RESERVED
- {DSA-4139-1 DLA-1308-1}
+ {DSA-4155-1 DSA-4139-1 DLA-1308-1}
- firefox-esr 52.7.0esr-1
- thunderbird 1:52.7.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-07/
@@ -10884,7 +10902,7 @@ CVE-2018-5130
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
CVE-2018-5129
RESERVED
- {DSA-4139-1 DLA-1308-1}
+ {DSA-4155-1 DSA-4139-1 DLA-1308-1}
- firefox 59.0-1
- firefox-esr 52.7.0esr-1
- thunderbird 1:52.7.0-1
@@ -10897,7 +10915,7 @@ CVE-2018-5128
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
CVE-2018-5127
RESERVED
- {DSA-4139-1 DLA-1308-1}
+ {DSA-4155-1 DSA-4139-1 DLA-1308-1}
- firefox 59.0-1
- firefox-esr 52.7.0esr-1
- thunderbird 1:52.7.0-1
@@ -10910,7 +10928,7 @@ CVE-2018-5126
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
CVE-2018-5125
RESERVED
- {DSA-4139-1 DLA-1308-1}
+ {DSA-4155-1 DSA-4139-1 DLA-1308-1}
- firefox 59.0-1
- firefox-esr 52.7.0esr-1
- thunderbird 1:52.7.0-1
@@ -24419,100 +24437,100 @@ CVE-2018-0198 (A vulnerability in the web framework
of Cisco Unified Communicati
NOT-FOR-US: Cisco
CVE-2018-0197
RESERVED
-CVE-2018-0196
- RESERVED
-CVE-2018-0195
- RESERVED
+CVE-2018-0196 (A vulnerability in the web-based user interface (web UI) of
Cisco IOS ...)
+ TODO: check
+CVE-2018-0195 (A vulnerability in the Cisco IOS XE Software REST API could
allow an ...)
+ TODO: check
CVE-2018-0194
RESERVED
-CVE-2018-0193
- RESERVED
+CVE-2018-0193 (Multiple vulnerabilities in the CLI parser of Cisco IOS XE
Software ...)
+ TODO: check
CVE-2018-0192
RESERVED
CVE-2018-0191
RESERVED
-CVE-2018-0190
- RESERVED
-CVE-2018-0189
- RESERVED
-CVE-2018-0188
- RESERVED
+CVE-2018-0190 (Multiple vulnerabilities in the web-based user interface (web
UI) of ...)
+ TODO: check
+CVE-2018-0189 (A vulnerability in the Forwarding Information Base (FIB) code
of Cisco ...)
+ TODO: check
+CVE-2018-0188 (Multiple vulnerabilities in the web-based user interface (web
UI) of ...)
+ TODO: check
CVE-2018-0187
RESERVED
-CVE-2018-0186
- RESERVED
-CVE-2018-0185
- RESERVED
-CVE-2018-0184
- RESERVED
-CVE-2018-0183
- RESERVED
-CVE-2018-0182
- RESERVED
+CVE-2018-0186 (Multiple vulnerabilities in the web-based user interface (web
UI) of ...)
+ TODO: check
+CVE-2018-0185 (Multiple vulnerabilities in the CLI parser of Cisco IOS XE
Software ...)
+ TODO: check
+CVE-2018-0184 (A vulnerability in the CLI parser of Cisco IOS XE Software
could allow ...)
+ TODO: check
+CVE-2018-0183 (A vulnerability in the CLI parser of Cisco IOS XE Software
could allow ...)
+ TODO: check
+CVE-2018-0182 (Multiple vulnerabilities in the CLI parser of Cisco IOS XE
Software ...)
+ TODO: check
CVE-2018-0181
RESERVED
-CVE-2018-0180
- RESERVED
-CVE-2018-0179
- RESERVED
+CVE-2018-0180 (Multiple vulnerabilities in the Login Enhancements (Login
Block) ...)
+ TODO: check
+CVE-2018-0179 (Multiple vulnerabilities in the Login Enhancements (Login
Block) ...)
+ TODO: check
CVE-2018-0178
RESERVED
-CVE-2018-0177
- RESERVED
-CVE-2018-0176
- RESERVED
-CVE-2018-0175
- RESERVED
-CVE-2018-0174
- RESERVED
-CVE-2018-0173
- RESERVED
-CVE-2018-0172
- RESERVED
-CVE-2018-0171
- RESERVED
-CVE-2018-0170
- RESERVED
-CVE-2018-0169
- RESERVED
+CVE-2018-0177 (A vulnerability in the IP Version 4 (IPv4) processing code of
Cisco IOS ...)
+ TODO: check
+CVE-2018-0176 (Multiple vulnerabilities in the CLI parser of Cisco IOS XE
Software ...)
+ TODO: check
+CVE-2018-0175 (Multiple Buffer Overflow vulnerabilities in the Link Layer
Discovery ...)
+ TODO: check
+CVE-2018-0174 (A vulnerability in the DHCP option 82 encapsulation
functionality of ...)
+ TODO: check
+CVE-2018-0173 (A vulnerability in the Cisco IOS Software and Cisco IOS XE
Software ...)
+ TODO: check
+CVE-2018-0172 (A vulnerability in the DHCP option 82 encapsulation
functionality of ...)
+ TODO: check
+CVE-2018-0171 (A vulnerability in the Smart Install feature of Cisco IOS
Software and ...)
+ TODO: check
+CVE-2018-0170 (A vulnerability in the Cisco Umbrella Integration feature of
Cisco IOS ...)
+ TODO: check
+CVE-2018-0169 (Multiple vulnerabilities in the CLI parser of Cisco IOS XE
Software ...)
+ TODO: check
CVE-2018-0168
RESERVED
-CVE-2018-0167
- RESERVED
+CVE-2018-0167 (Multiple Buffer Overflow vulnerabilities in the Link Layer
Discovery ...)
+ TODO: check
CVE-2018-0166
RESERVED
-CVE-2018-0165
- RESERVED
-CVE-2018-0164
- RESERVED
-CVE-2018-0163
- RESERVED
+CVE-2018-0165 (A vulnerability in the Internet Group Management Protocol
(IGMP) ...)
+ TODO: check
+CVE-2018-0164 (A vulnerability in the Switch Integrated Security Features of
Cisco IOS ...)
+ TODO: check
+CVE-2018-0163 (A vulnerability in the 802.1x multiple-authentication
(multi-auth) ...)
+ TODO: check
CVE-2018-0162
RESERVED
-CVE-2018-0161
- RESERVED
-CVE-2018-0160
- RESERVED
-CVE-2018-0159
- RESERVED
-CVE-2018-0158
- RESERVED
-CVE-2018-0157
- RESERVED
-CVE-2018-0156
- RESERVED
-CVE-2018-0155
- RESERVED
-CVE-2018-0154
- RESERVED
+CVE-2018-0161 (A vulnerability in the Simple Network Management Protocol
(SNMP) ...)
+ TODO: check
+CVE-2018-0160 (A vulnerability in Simple Network Management Protocol (SNMP)
subsystem ...)
+ TODO: check
+CVE-2018-0159 (A vulnerability in the implementation of Internet Key Exchange
Version ...)
+ TODO: check
+CVE-2018-0158 (A vulnerability in the Internet Key Exchange Version 2 (IKEv2)
module ...)
+ TODO: check
+CVE-2018-0157 (A vulnerability in the Zone-Based Firewall code of Cisco IOS XE
...)
+ TODO: check
+CVE-2018-0156 (A vulnerability in the Smart Install feature of Cisco IOS
Software and ...)
+ TODO: check
+CVE-2018-0155 (A vulnerability in the Bidirectional Forwarding Detection (BFD)
offload ...)
+ TODO: check
+CVE-2018-0154 (A vulnerability in the crypto engine of the Cisco Integrated
Services ...)
+ TODO: check
CVE-2018-0153
RESERVED
-CVE-2018-0152
- RESERVED
-CVE-2018-0151
- RESERVED
-CVE-2018-0150
- RESERVED
+CVE-2018-0152 (A vulnerability in the web-based user interface (web UI) of
Cisco IOS ...)
+ TODO: check
+CVE-2018-0151 (A vulnerability in the quality of service (QoS) subsystem of
Cisco IOS ...)
+ TODO: check
+CVE-2018-0150 (A vulnerability in Cisco IOS XE Software could allow an ...)
+ TODO: check
CVE-2018-0149
RESERVED
CVE-2018-0148 (A vulnerability in the web-based management interface of Cisco
UCS ...)
@@ -72727,8 +72745,8 @@ CVE-2017-0938
RESERVED
CVE-2017-0937
RESERVED
-CVE-2017-0936
- RESERVED
+CVE-2017-0936 (Nextcloud Server before 11.0.7 and 12.0.5 suffers from an ...)
+ TODO: check
CVE-2017-0935 (Ubiquiti Networks EdgeOS version 1.9.1.1 and prior suffer from
an ...)
NOT-FOR-US: Ubiquiti Networks EdgeOS
CVE-2017-0934 (Ubiquiti Networks EdgeOS version 1.9.1 and prior suffer from an
...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/73b62d8114c7f11602dfcca5c1ff86c8f679b054
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/73b62d8114c7f11602dfcca5c1ff86c8f679b054
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
