Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: bb94a5da by security tracker role at 2018-04-12T08:10:15+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,25 @@ +CVE-2018-10058 + RESERVED +CVE-2018-10057 + RESERVED +CVE-2018-10056 + RESERVED +CVE-2018-10055 + RESERVED +CVE-2018-10054 (H2 1.4.197, as used in Datomic before 0.9.5697 and other products, ...) + TODO: check +CVE-2018-10053 + RESERVED +CVE-2018-10052 (iScripts SupportDesk v4.3 has XSS via the ...) + TODO: check +CVE-2018-10051 (iScripts SupportDesk v4.3 has XSS via the ...) + TODO: check +CVE-2018-10050 (iScripts eSwap v2.4 has SQL injection via the ...) + TODO: check +CVE-2018-10049 (iScripts eSwap v2.4 has XSS via the "registration_settings.php" txtDate ...) + TODO: check +CVE-2018-10048 (iScripts eSwap v2.4 has CSRF via "registration_settings.php" in the ...) + TODO: check CVE-2018-10047 RESERVED CVE-2018-10046 @@ -404,8 +426,7 @@ CVE-2018-9862 (util.c in runV 1.0.0 for Docker mishandles a numeric username, wh TODO: check CVE-2018-9861 RESERVED -CVE-2018-9860 [An off by one error in TLS CBC decryption] - RESERVED +CVE-2018-9860 (An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0. An ...) - botan 2.4.0-6 - botan1.10 <not-affected> (Issue introduced in 1.11.32) NOTE: https://github.com/randombit/botan/commit/ec222c99719c396a1f4756b2ca345dbbfbeb5ed5 @@ -4419,10 +4440,10 @@ CVE-2018-8119 RESERVED CVE-2018-8118 RESERVED -CVE-2018-8117 - RESERVED -CVE-2018-8116 - RESERVED +CVE-2018-8117 (A security feature bypass vulnerability exists in the Microsoft ...) + TODO: check +CVE-2018-8116 (A denial of service vulnerability exists in the way that Windows ...) + TODO: check CVE-2018-8115 RESERVED CVE-2018-8114 @@ -15966,12 +15987,12 @@ CVE-2018-3890 RESERVED CVE-2018-3889 RESERVED -CVE-2018-3888 - RESERVED -CVE-2018-3887 - RESERVED -CVE-2018-3886 - RESERVED +CVE-2018-3888 (A memory corruption vulnerability exists in the PCX-parsing ...) + TODO: check +CVE-2018-3887 (A memory corruption vulnerability exists in the PCX-parsing ...) + TODO: check +CVE-2018-3886 (A memory corruption vulnerability exists in the PCX-parsing ...) + TODO: check CVE-2018-3885 RESERVED CVE-2018-3884 @@ -24812,109 +24833,109 @@ CVE-2018-1039 RESERVED CVE-2018-1038 (The Windows kernel in Windows 7 SP1 and Windows Server 2008 R2 SP1 ...) NOT-FOR-US: Microsoft -CVE-2018-1037 - RESERVED +CVE-2018-1037 (An information disclosure vulnerability exists when Visual Studio ...) + TODO: check CVE-2018-1036 RESERVED CVE-2018-1035 RESERVED -CVE-2018-1034 - RESERVED +CVE-2018-1034 (An elevation of privilege vulnerability exists when Microsoft ...) + TODO: check CVE-2018-1033 RESERVED -CVE-2018-1032 - RESERVED +CVE-2018-1032 (An elevation of privilege vulnerability exists when Microsoft ...) + TODO: check CVE-2018-1031 RESERVED -CVE-2018-1030 - RESERVED -CVE-2018-1029 - RESERVED -CVE-2018-1028 - RESERVED -CVE-2018-1027 - RESERVED -CVE-2018-1026 - RESERVED +CVE-2018-1030 (A remote code execution vulnerability exists in Microsoft Office ...) + TODO: check +CVE-2018-1029 (A remote code execution vulnerability exists in Microsoft Excel ...) + TODO: check +CVE-2018-1028 (A remote code execution vulnerability exists when the Office graphics ...) + TODO: check +CVE-2018-1027 (A remote code execution vulnerability exists in Microsoft Excel ...) + TODO: check +CVE-2018-1026 (A remote code execution vulnerability exists in Microsoft Office ...) + TODO: check CVE-2018-1025 RESERVED CVE-2018-1024 RESERVED -CVE-2018-1023 - RESERVED +CVE-2018-1023 (A remote code execution vulnerability exists in the way that Microsoft ...) + TODO: check CVE-2018-1022 RESERVED CVE-2018-1021 RESERVED -CVE-2018-1020 - RESERVED -CVE-2018-1019 - RESERVED -CVE-2018-1018 - RESERVED +CVE-2018-1020 (A remote code execution vulnerability exists when Internet Explorer ...) + TODO: check +CVE-2018-1019 (A remote code execution vulnerability exists in the way that the ...) + TODO: check +CVE-2018-1018 (A remote code execution vulnerability exists when Internet Explorer ...) + TODO: check CVE-2018-1017 RESERVED -CVE-2018-1016 - RESERVED -CVE-2018-1015 - RESERVED -CVE-2018-1014 - RESERVED -CVE-2018-1013 - RESERVED -CVE-2018-1012 - RESERVED -CVE-2018-1011 - RESERVED -CVE-2018-1010 - RESERVED -CVE-2018-1009 - RESERVED -CVE-2018-1008 - RESERVED -CVE-2018-1007 - RESERVED +CVE-2018-1016 (A remote code execution vulnerability exists when the Windows font ...) + TODO: check +CVE-2018-1015 (A remote code execution vulnerability exists when the Windows font ...) + TODO: check +CVE-2018-1014 (An elevation of privilege vulnerability exists when Microsoft ...) + TODO: check +CVE-2018-1013 (A remote code execution vulnerability exists when the Windows font ...) + TODO: check +CVE-2018-1012 (A remote code execution vulnerability exists when the Windows font ...) + TODO: check +CVE-2018-1011 (A remote code execution vulnerability exists in Microsoft Excel ...) + TODO: check +CVE-2018-1010 (A remote code execution vulnerability exists when the Windows font ...) + TODO: check +CVE-2018-1009 (An elevation of privilege vulnerability exists when Windows improperly ...) + TODO: check +CVE-2018-1008 (An elevation of privilege vulnerability exists in Windows Adobe Type ...) + TODO: check +CVE-2018-1007 (An information disclosure vulnerability exists when Microsoft Office ...) + TODO: check CVE-2018-1006 RESERVED -CVE-2018-1005 - RESERVED -CVE-2018-1004 - RESERVED -CVE-2018-1003 - RESERVED +CVE-2018-1005 (An elevation of privilege vulnerability exists when Microsoft ...) + TODO: check +CVE-2018-1004 (A remote code execution vulnerability exists in the way that the ...) + TODO: check +CVE-2018-1003 (A buffer overflow vulnerability exists in the Microsoft JET Database ...) + TODO: check CVE-2018-1002 RESERVED -CVE-2018-1001 - RESERVED -CVE-2018-1000 - RESERVED +CVE-2018-1001 (A remote code execution vulnerability exists in the way that the ...) + TODO: check +CVE-2018-1000 (An information disclosure vulnerability exists in the way that the ...) + TODO: check CVE-2018-0999 RESERVED -CVE-2018-0998 - RESERVED -CVE-2018-0997 - RESERVED -CVE-2018-0996 - RESERVED -CVE-2018-0995 - RESERVED -CVE-2018-0994 - RESERVED -CVE-2018-0993 - RESERVED +CVE-2018-0998 (An information disclosure vulnerability exists when Microsoft Edge PDF ...) + TODO: check +CVE-2018-0997 (A remote code execution vulnerability exists when Internet Explorer ...) + TODO: check +CVE-2018-0996 (A remote code execution vulnerability exists in the way that the ...) + TODO: check +CVE-2018-0995 (A remote code execution vulnerability exists in the way that the ...) + TODO: check +CVE-2018-0994 (A remote code execution vulnerability exists in the way that the ...) + TODO: check +CVE-2018-0993 (A remote code execution vulnerability exists in the way that the ...) + TODO: check CVE-2018-0992 RESERVED -CVE-2018-0991 - RESERVED -CVE-2018-0990 - RESERVED -CVE-2018-0989 - RESERVED -CVE-2018-0988 - RESERVED -CVE-2018-0987 - RESERVED -CVE-2018-0986 (The Microsoft Malware Protection Engine running on Microsoft Forefront ...) +CVE-2018-0991 (A remote code execution vulnerability exists when Internet Explorer ...) + TODO: check +CVE-2018-0990 (A remote code execution vulnerability exists in the way that the ...) + TODO: check +CVE-2018-0989 (An information disclosure vulnerability exists in the way that the ...) + TODO: check +CVE-2018-0988 (A remote code execution vulnerability exists in the way that the ...) + TODO: check +CVE-2018-0987 (An information disclosure vulnerability exists when the scripting ...) + TODO: check +CVE-2018-0986 (A remote code execution vulnerability exists when the Microsoft ...) NOT-FOR-US: Microsoft CVE-2018-0985 RESERVED @@ -24924,58 +24945,58 @@ CVE-2018-0983 (Windows Storage Services in Windows 10 versions 1511, 1607, 1703 NOT-FOR-US: Microsoft CVE-2018-0982 RESERVED -CVE-2018-0981 - RESERVED -CVE-2018-0980 - RESERVED -CVE-2018-0979 - RESERVED +CVE-2018-0981 (An information disclosure vulnerability exists in the way that the ...) + TODO: check +CVE-2018-0980 (A remote code execution vulnerability exists in the way that the ...) + TODO: check +CVE-2018-0979 (A remote code execution vulnerability exists in the way that the ...) + TODO: check CVE-2018-0978 RESERVED CVE-2018-0977 (The Windows kernel mode driver in Windows 10 Gold, 1511, 1607, 1703, ...) NOT-FOR-US: Microsoft -CVE-2018-0976 - RESERVED -CVE-2018-0975 - RESERVED -CVE-2018-0974 - RESERVED -CVE-2018-0973 - RESERVED -CVE-2018-0972 - RESERVED -CVE-2018-0971 - RESERVED -CVE-2018-0970 - RESERVED -CVE-2018-0969 - RESERVED -CVE-2018-0968 - RESERVED -CVE-2018-0967 - RESERVED -CVE-2018-0966 - RESERVED +CVE-2018-0976 (A denial of service vulnerability exists in Remote Desktop Protocol ...) + TODO: check +CVE-2018-0975 (An information disclosure vulnerability exists in the Windows kernel ...) + TODO: check +CVE-2018-0974 (An information disclosure vulnerability exists in the Windows kernel ...) + TODO: check +CVE-2018-0973 (An information disclosure vulnerability exists in the Windows kernel ...) + TODO: check +CVE-2018-0972 (An information disclosure vulnerability exists in the Windows kernel ...) + TODO: check +CVE-2018-0971 (An information disclosure vulnerability exists in the Windows kernel ...) + TODO: check +CVE-2018-0970 (An information disclosure vulnerability exists in the Windows kernel ...) + TODO: check +CVE-2018-0969 (An information disclosure vulnerability exists in the Windows kernel ...) + TODO: check +CVE-2018-0968 (An information disclosure vulnerability exists in the Windows kernel ...) + TODO: check +CVE-2018-0967 (A denial of service vulnerability exists in the way that Windows SNMP ...) + TODO: check +CVE-2018-0966 (A security feature bypass exists when Device Guard incorrectly ...) + TODO: check CVE-2018-0965 RESERVED -CVE-2018-0964 - RESERVED -CVE-2018-0963 - RESERVED +CVE-2018-0964 (An information disclosure vulnerability exists when Windows Hyper-V on ...) + TODO: check +CVE-2018-0963 (An elevation of privilege vulnerability exists in the way that the ...) + TODO: check CVE-2018-0962 RESERVED CVE-2018-0961 RESERVED -CVE-2018-0960 - RESERVED +CVE-2018-0960 (An information disclosure vulnerability exists when the Windows kernel ...) + TODO: check CVE-2018-0959 RESERVED CVE-2018-0958 RESERVED -CVE-2018-0957 - RESERVED -CVE-2018-0956 - RESERVED +CVE-2018-0957 (An information disclosure vulnerability exists when Windows Hyper-V on ...) + TODO: check +CVE-2018-0956 (A denial of service vulnerability exists in the HTTP 2.0 protocol ...) + TODO: check CVE-2018-0955 RESERVED CVE-2018-0954 @@ -24986,8 +25007,8 @@ CVE-2018-0952 RESERVED CVE-2018-0951 RESERVED -CVE-2018-0950 - RESERVED +CVE-2018-0950 (An information disclosure vulnerability exists when Office renders ...) + TODO: check CVE-2018-0949 RESERVED CVE-2018-0948 @@ -25046,8 +25067,8 @@ CVE-2018-0922 (Microsoft Office 2010 SP2, 2013 SP1, and 2016, Microsoft Office 2 NOT-FOR-US: Microsoft CVE-2018-0921 (Microsoft SharePoint Enterprise Server 2016 allows an elevation of ...) NOT-FOR-US: Microsoft -CVE-2018-0920 - RESERVED +CVE-2018-0920 (A remote code execution vulnerability exists in Microsoft Excel ...) + TODO: check CVE-2018-0919 (Microsoft Office 2010 SP2, 2013 SP1, and 2016, Microsoft Office 2016 ...) NOT-FOR-US: Microsoft CVE-2018-0918 @@ -25102,18 +25123,18 @@ CVE-2018-0894 (The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP NOT-FOR-US: Microsoft CVE-2018-0893 (Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows ...) NOT-FOR-US: Microsoft -CVE-2018-0892 - RESERVED +CVE-2018-0892 (An information disclosure vulnerability exists when Microsoft Edge ...) + TODO: check CVE-2018-0891 (ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows ...) NOT-FOR-US: Microsoft -CVE-2018-0890 - RESERVED +CVE-2018-0890 (A security feature bypass vulnerability exists when Active Directory ...) + TODO: check CVE-2018-0889 (Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows ...) NOT-FOR-US: Microsoft CVE-2018-0888 (The Microsoft Hyper-V Network Switch in 64-bit versions of Microsoft ...) NOT-FOR-US: Microsoft -CVE-2018-0887 - RESERVED +CVE-2018-0887 (An information disclosure vulnerability exists when the Windows kernel ...) + TODO: check CVE-2018-0886 (The Credential Security Support Provider protocol (CredSSP) in ...) NOT-FOR-US: Microsoft CVE-2018-0885 (The Microsoft Hyper-V Network Switch in 64-bit versions of Microsoft ...) @@ -25146,8 +25167,8 @@ CVE-2018-0872 (ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, NOT-FOR-US: Microsoft CVE-2018-0871 RESERVED -CVE-2018-0870 - RESERVED +CVE-2018-0870 (A remote code execution vulnerability exists when Internet Explorer ...) + TODO: check CVE-2018-0869 (SharePoint Server 2016 allows an elevation of privilege vulnerability ...) NOT-FOR-US: Microsoft CVE-2018-0868 (Windows Installer in Microsoft Windows Server 2008 SP2 and R2 SP1, ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bb94a5da248abea78f6daa8e7346c8487dc67747 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bb94a5da248abea78f6daa8e7346c8487dc67747 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits