Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bb94a5da by security tracker role at 2018-04-12T08:10:15+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,25 @@
+CVE-2018-10058
+ RESERVED
+CVE-2018-10057
+ RESERVED
+CVE-2018-10056
+ RESERVED
+CVE-2018-10055
+ RESERVED
+CVE-2018-10054 (H2 1.4.197, as used in Datomic before 0.9.5697 and other
products, ...)
+ TODO: check
+CVE-2018-10053
+ RESERVED
+CVE-2018-10052 (iScripts SupportDesk v4.3 has XSS via the ...)
+ TODO: check
+CVE-2018-10051 (iScripts SupportDesk v4.3 has XSS via the ...)
+ TODO: check
+CVE-2018-10050 (iScripts eSwap v2.4 has SQL injection via the ...)
+ TODO: check
+CVE-2018-10049 (iScripts eSwap v2.4 has XSS via the
"registration_settings.php" txtDate ...)
+ TODO: check
+CVE-2018-10048 (iScripts eSwap v2.4 has CSRF via
"registration_settings.php" in the ...)
+ TODO: check
CVE-2018-10047
RESERVED
CVE-2018-10046
@@ -404,8 +426,7 @@ CVE-2018-9862 (util.c in runV 1.0.0 for Docker mishandles a
numeric username, wh
TODO: check
CVE-2018-9861
RESERVED
-CVE-2018-9860 [An off by one error in TLS CBC decryption]
- RESERVED
+CVE-2018-9860 (An issue was discovered in Botan 1.11.32 through 2.x before
2.6.0. An ...)
- botan 2.4.0-6
- botan1.10 <not-affected> (Issue introduced in 1.11.32)
NOTE:
https://github.com/randombit/botan/commit/ec222c99719c396a1f4756b2ca345dbbfbeb5ed5
@@ -4419,10 +4440,10 @@ CVE-2018-8119
RESERVED
CVE-2018-8118
RESERVED
-CVE-2018-8117
- RESERVED
-CVE-2018-8116
- RESERVED
+CVE-2018-8117 (A security feature bypass vulnerability exists in the Microsoft
...)
+ TODO: check
+CVE-2018-8116 (A denial of service vulnerability exists in the way that
Windows ...)
+ TODO: check
CVE-2018-8115
RESERVED
CVE-2018-8114
@@ -15966,12 +15987,12 @@ CVE-2018-3890
RESERVED
CVE-2018-3889
RESERVED
-CVE-2018-3888
- RESERVED
-CVE-2018-3887
- RESERVED
-CVE-2018-3886
- RESERVED
+CVE-2018-3888 (A memory corruption vulnerability exists in the PCX-parsing ...)
+ TODO: check
+CVE-2018-3887 (A memory corruption vulnerability exists in the PCX-parsing ...)
+ TODO: check
+CVE-2018-3886 (A memory corruption vulnerability exists in the PCX-parsing ...)
+ TODO: check
CVE-2018-3885
RESERVED
CVE-2018-3884
@@ -24812,109 +24833,109 @@ CVE-2018-1039
RESERVED
CVE-2018-1038 (The Windows kernel in Windows 7 SP1 and Windows Server 2008 R2
SP1 ...)
NOT-FOR-US: Microsoft
-CVE-2018-1037
- RESERVED
+CVE-2018-1037 (An information disclosure vulnerability exists when Visual
Studio ...)
+ TODO: check
CVE-2018-1036
RESERVED
CVE-2018-1035
RESERVED
-CVE-2018-1034
- RESERVED
+CVE-2018-1034 (An elevation of privilege vulnerability exists when Microsoft
...)
+ TODO: check
CVE-2018-1033
RESERVED
-CVE-2018-1032
- RESERVED
+CVE-2018-1032 (An elevation of privilege vulnerability exists when Microsoft
...)
+ TODO: check
CVE-2018-1031
RESERVED
-CVE-2018-1030
- RESERVED
-CVE-2018-1029
- RESERVED
-CVE-2018-1028
- RESERVED
-CVE-2018-1027
- RESERVED
-CVE-2018-1026
- RESERVED
+CVE-2018-1030 (A remote code execution vulnerability exists in Microsoft
Office ...)
+ TODO: check
+CVE-2018-1029 (A remote code execution vulnerability exists in Microsoft Excel
...)
+ TODO: check
+CVE-2018-1028 (A remote code execution vulnerability exists when the Office
graphics ...)
+ TODO: check
+CVE-2018-1027 (A remote code execution vulnerability exists in Microsoft Excel
...)
+ TODO: check
+CVE-2018-1026 (A remote code execution vulnerability exists in Microsoft
Office ...)
+ TODO: check
CVE-2018-1025
RESERVED
CVE-2018-1024
RESERVED
-CVE-2018-1023
- RESERVED
+CVE-2018-1023 (A remote code execution vulnerability exists in the way that
Microsoft ...)
+ TODO: check
CVE-2018-1022
RESERVED
CVE-2018-1021
RESERVED
-CVE-2018-1020
- RESERVED
-CVE-2018-1019
- RESERVED
-CVE-2018-1018
- RESERVED
+CVE-2018-1020 (A remote code execution vulnerability exists when Internet
Explorer ...)
+ TODO: check
+CVE-2018-1019 (A remote code execution vulnerability exists in the way that
the ...)
+ TODO: check
+CVE-2018-1018 (A remote code execution vulnerability exists when Internet
Explorer ...)
+ TODO: check
CVE-2018-1017
RESERVED
-CVE-2018-1016
- RESERVED
-CVE-2018-1015
- RESERVED
-CVE-2018-1014
- RESERVED
-CVE-2018-1013
- RESERVED
-CVE-2018-1012
- RESERVED
-CVE-2018-1011
- RESERVED
-CVE-2018-1010
- RESERVED
-CVE-2018-1009
- RESERVED
-CVE-2018-1008
- RESERVED
-CVE-2018-1007
- RESERVED
+CVE-2018-1016 (A remote code execution vulnerability exists when the Windows
font ...)
+ TODO: check
+CVE-2018-1015 (A remote code execution vulnerability exists when the Windows
font ...)
+ TODO: check
+CVE-2018-1014 (An elevation of privilege vulnerability exists when Microsoft
...)
+ TODO: check
+CVE-2018-1013 (A remote code execution vulnerability exists when the Windows
font ...)
+ TODO: check
+CVE-2018-1012 (A remote code execution vulnerability exists when the Windows
font ...)
+ TODO: check
+CVE-2018-1011 (A remote code execution vulnerability exists in Microsoft Excel
...)
+ TODO: check
+CVE-2018-1010 (A remote code execution vulnerability exists when the Windows
font ...)
+ TODO: check
+CVE-2018-1009 (An elevation of privilege vulnerability exists when Windows
improperly ...)
+ TODO: check
+CVE-2018-1008 (An elevation of privilege vulnerability exists in Windows Adobe
Type ...)
+ TODO: check
+CVE-2018-1007 (An information disclosure vulnerability exists when Microsoft
Office ...)
+ TODO: check
CVE-2018-1006
RESERVED
-CVE-2018-1005
- RESERVED
-CVE-2018-1004
- RESERVED
-CVE-2018-1003
- RESERVED
+CVE-2018-1005 (An elevation of privilege vulnerability exists when Microsoft
...)
+ TODO: check
+CVE-2018-1004 (A remote code execution vulnerability exists in the way that
the ...)
+ TODO: check
+CVE-2018-1003 (A buffer overflow vulnerability exists in the Microsoft JET
Database ...)
+ TODO: check
CVE-2018-1002
RESERVED
-CVE-2018-1001
- RESERVED
-CVE-2018-1000
- RESERVED
+CVE-2018-1001 (A remote code execution vulnerability exists in the way that
the ...)
+ TODO: check
+CVE-2018-1000 (An information disclosure vulnerability exists in the way that
the ...)
+ TODO: check
CVE-2018-0999
RESERVED
-CVE-2018-0998
- RESERVED
-CVE-2018-0997
- RESERVED
-CVE-2018-0996
- RESERVED
-CVE-2018-0995
- RESERVED
-CVE-2018-0994
- RESERVED
-CVE-2018-0993
- RESERVED
+CVE-2018-0998 (An information disclosure vulnerability exists when Microsoft
Edge PDF ...)
+ TODO: check
+CVE-2018-0997 (A remote code execution vulnerability exists when Internet
Explorer ...)
+ TODO: check
+CVE-2018-0996 (A remote code execution vulnerability exists in the way that
the ...)
+ TODO: check
+CVE-2018-0995 (A remote code execution vulnerability exists in the way that
the ...)
+ TODO: check
+CVE-2018-0994 (A remote code execution vulnerability exists in the way that
the ...)
+ TODO: check
+CVE-2018-0993 (A remote code execution vulnerability exists in the way that
the ...)
+ TODO: check
CVE-2018-0992
RESERVED
-CVE-2018-0991
- RESERVED
-CVE-2018-0990
- RESERVED
-CVE-2018-0989
- RESERVED
-CVE-2018-0988
- RESERVED
-CVE-2018-0987
- RESERVED
-CVE-2018-0986 (The Microsoft Malware Protection Engine running on Microsoft
Forefront ...)
+CVE-2018-0991 (A remote code execution vulnerability exists when Internet
Explorer ...)
+ TODO: check
+CVE-2018-0990 (A remote code execution vulnerability exists in the way that
the ...)
+ TODO: check
+CVE-2018-0989 (An information disclosure vulnerability exists in the way that
the ...)
+ TODO: check
+CVE-2018-0988 (A remote code execution vulnerability exists in the way that
the ...)
+ TODO: check
+CVE-2018-0987 (An information disclosure vulnerability exists when the
scripting ...)
+ TODO: check
+CVE-2018-0986 (A remote code execution vulnerability exists when the Microsoft
...)
NOT-FOR-US: Microsoft
CVE-2018-0985
RESERVED
@@ -24924,58 +24945,58 @@ CVE-2018-0983 (Windows Storage Services in Windows 10
versions 1511, 1607, 1703
NOT-FOR-US: Microsoft
CVE-2018-0982
RESERVED
-CVE-2018-0981
- RESERVED
-CVE-2018-0980
- RESERVED
-CVE-2018-0979
- RESERVED
+CVE-2018-0981 (An information disclosure vulnerability exists in the way that
the ...)
+ TODO: check
+CVE-2018-0980 (A remote code execution vulnerability exists in the way that
the ...)
+ TODO: check
+CVE-2018-0979 (A remote code execution vulnerability exists in the way that
the ...)
+ TODO: check
CVE-2018-0978
RESERVED
CVE-2018-0977 (The Windows kernel mode driver in Windows 10 Gold, 1511, 1607,
1703, ...)
NOT-FOR-US: Microsoft
-CVE-2018-0976
- RESERVED
-CVE-2018-0975
- RESERVED
-CVE-2018-0974
- RESERVED
-CVE-2018-0973
- RESERVED
-CVE-2018-0972
- RESERVED
-CVE-2018-0971
- RESERVED
-CVE-2018-0970
- RESERVED
-CVE-2018-0969
- RESERVED
-CVE-2018-0968
- RESERVED
-CVE-2018-0967
- RESERVED
-CVE-2018-0966
- RESERVED
+CVE-2018-0976 (A denial of service vulnerability exists in Remote Desktop
Protocol ...)
+ TODO: check
+CVE-2018-0975 (An information disclosure vulnerability exists in the Windows
kernel ...)
+ TODO: check
+CVE-2018-0974 (An information disclosure vulnerability exists in the Windows
kernel ...)
+ TODO: check
+CVE-2018-0973 (An information disclosure vulnerability exists in the Windows
kernel ...)
+ TODO: check
+CVE-2018-0972 (An information disclosure vulnerability exists in the Windows
kernel ...)
+ TODO: check
+CVE-2018-0971 (An information disclosure vulnerability exists in the Windows
kernel ...)
+ TODO: check
+CVE-2018-0970 (An information disclosure vulnerability exists in the Windows
kernel ...)
+ TODO: check
+CVE-2018-0969 (An information disclosure vulnerability exists in the Windows
kernel ...)
+ TODO: check
+CVE-2018-0968 (An information disclosure vulnerability exists in the Windows
kernel ...)
+ TODO: check
+CVE-2018-0967 (A denial of service vulnerability exists in the way that
Windows SNMP ...)
+ TODO: check
+CVE-2018-0966 (A security feature bypass exists when Device Guard incorrectly
...)
+ TODO: check
CVE-2018-0965
RESERVED
-CVE-2018-0964
- RESERVED
-CVE-2018-0963
- RESERVED
+CVE-2018-0964 (An information disclosure vulnerability exists when Windows
Hyper-V on ...)
+ TODO: check
+CVE-2018-0963 (An elevation of privilege vulnerability exists in the way that
the ...)
+ TODO: check
CVE-2018-0962
RESERVED
CVE-2018-0961
RESERVED
-CVE-2018-0960
- RESERVED
+CVE-2018-0960 (An information disclosure vulnerability exists when the Windows
kernel ...)
+ TODO: check
CVE-2018-0959
RESERVED
CVE-2018-0958
RESERVED
-CVE-2018-0957
- RESERVED
-CVE-2018-0956
- RESERVED
+CVE-2018-0957 (An information disclosure vulnerability exists when Windows
Hyper-V on ...)
+ TODO: check
+CVE-2018-0956 (A denial of service vulnerability exists in the HTTP 2.0
protocol ...)
+ TODO: check
CVE-2018-0955
RESERVED
CVE-2018-0954
@@ -24986,8 +25007,8 @@ CVE-2018-0952
RESERVED
CVE-2018-0951
RESERVED
-CVE-2018-0950
- RESERVED
+CVE-2018-0950 (An information disclosure vulnerability exists when Office
renders ...)
+ TODO: check
CVE-2018-0949
RESERVED
CVE-2018-0948
@@ -25046,8 +25067,8 @@ CVE-2018-0922 (Microsoft Office 2010 SP2, 2013 SP1, and
2016, Microsoft Office 2
NOT-FOR-US: Microsoft
CVE-2018-0921 (Microsoft SharePoint Enterprise Server 2016 allows an elevation
of ...)
NOT-FOR-US: Microsoft
-CVE-2018-0920
- RESERVED
+CVE-2018-0920 (A remote code execution vulnerability exists in Microsoft Excel
...)
+ TODO: check
CVE-2018-0919 (Microsoft Office 2010 SP2, 2013 SP1, and 2016, Microsoft Office
2016 ...)
NOT-FOR-US: Microsoft
CVE-2018-0918
@@ -25102,18 +25123,18 @@ CVE-2018-0894 (The Windows kernel in Microsoft
Windows Server 2008 SP2 and R2 SP
NOT-FOR-US: Microsoft
CVE-2018-0893 (Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and
Windows ...)
NOT-FOR-US: Microsoft
-CVE-2018-0892
- RESERVED
+CVE-2018-0892 (An information disclosure vulnerability exists when Microsoft
Edge ...)
+ TODO: check
CVE-2018-0891 (ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1,
Windows ...)
NOT-FOR-US: Microsoft
-CVE-2018-0890
- RESERVED
+CVE-2018-0890 (A security feature bypass vulnerability exists when Active
Directory ...)
+ TODO: check
CVE-2018-0889 (Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and
Windows ...)
NOT-FOR-US: Microsoft
CVE-2018-0888 (The Microsoft Hyper-V Network Switch in 64-bit versions of
Microsoft ...)
NOT-FOR-US: Microsoft
-CVE-2018-0887
- RESERVED
+CVE-2018-0887 (An information disclosure vulnerability exists when the Windows
kernel ...)
+ TODO: check
CVE-2018-0886 (The Credential Security Support Provider protocol (CredSSP) in
...)
NOT-FOR-US: Microsoft
CVE-2018-0885 (The Microsoft Hyper-V Network Switch in 64-bit versions of
Microsoft ...)
@@ -25146,8 +25167,8 @@ CVE-2018-0872 (ChakraCore and Microsoft Edge in
Microsoft Windows 10 Gold, 1511,
NOT-FOR-US: Microsoft
CVE-2018-0871
RESERVED
-CVE-2018-0870
- RESERVED
+CVE-2018-0870 (A remote code execution vulnerability exists when Internet
Explorer ...)
+ TODO: check
CVE-2018-0869 (SharePoint Server 2016 allows an elevation of privilege
vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2018-0868 (Windows Installer in Microsoft Windows Server 2008 SP2 and R2
SP1, ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/bb94a5da248abea78f6daa8e7346c8487dc67747
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/bb94a5da248abea78f6daa8e7346c8487dc67747
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
