Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2b397860 by security tracker role at 2018-11-08T20:10:18Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,13 +1,25 @@
-CVE-2018-19108
+CVE-2018-19114 (An issue was discovered in MinDoc through v1.0.2. It allows
attackers ...)
+ TODO: check
+CVE-2018-19113
RESERVED
-CVE-2018-19107
+CVE-2018-19112
RESERVED
+CVE-2018-19111 (The Google Cardboard application 1.8 for Android and 1.2 for
iOS sends ...)
+ TODO: check
+CVE-2018-19110 (The skin-management feature in tianti 2.3 allows remote
authenticated ...)
+ TODO: check
+CVE-2018-19109 (tianti 2.3 allows remote authenticated users to bypass
intended ...)
+ TODO: check
+CVE-2018-19108 (In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp
in the PSD ...)
+ TODO: check
+CVE-2018-19107 (In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called
from ...)
+ TODO: check
CVE-2018-19106
RESERVED
-CVE-2018-19105
- RESERVED
-CVE-2018-19104
- RESERVED
+CVE-2018-19105 (LibreCAD 2.1.3 allows remote attackers to cause a denial of
service ...)
+ TODO: check
+CVE-2018-19104 (In BageCMS 3.1.3, upload/index.php has a CSRF vulnerability
that can be ...)
+ TODO: check
CVE-2018-19103
RESERVED
CVE-2018-19102
@@ -5453,6 +5465,7 @@ CVE-2018-16847 (An OOB heap buffer r/w access issue was
found in the NVM Express
CVE-2018-16846
RESERVED
CVE-2018-16845 (nginx before versions 1.15.6, 1.14.1 has a vulnerability in
the ...)
+ {DLA-1572-1}
- nginx 1.14.1-1 (bug #913090)
NOTE: http://mailman.nginx.org/pipermail/nginx-announce/2018/000221.html
NOTE: https://nginx.org/download/patch.2018.mp4.txt
@@ -9069,32 +9082,32 @@ CVE-2018-15451
RESERVED
CVE-2018-15450
RESERVED
-CVE-2018-15449
- RESERVED
-CVE-2018-15448
- RESERVED
-CVE-2018-15447
- RESERVED
-CVE-2018-15446
- RESERVED
-CVE-2018-15445
- RESERVED
-CVE-2018-15444
- RESERVED
-CVE-2018-15443
- RESERVED
+CVE-2018-15449 (A vulnerability in the web-based management interface of Cisco
Video ...)
+ TODO: check
+CVE-2018-15448 (A vulnerability in the user management functions of Cisco
Registered ...)
+ TODO: check
+CVE-2018-15447 (A vulnerability in the web framework code of Cisco Integrated
...)
+ TODO: check
+CVE-2018-15446 (A vulnerability in Cisco Meeting Server could allow an ...)
+ TODO: check
+CVE-2018-15445 (A vulnerability in the web-based management interface of Cisco
Energy ...)
+ TODO: check
+CVE-2018-15444 (A vulnerability in the web-based user interface of Cisco
Energy ...)
+ TODO: check
+CVE-2018-15443 (A vulnerability in the detection engine of Cisco Firepower
System ...)
+ TODO: check
CVE-2018-15442 (A vulnerability in the update service of Cisco Webex Meetings
Desktop ...)
NOT-FOR-US: Cisco
CVE-2018-15441
RESERVED
CVE-2018-15440
RESERVED
-CVE-2018-15439
- RESERVED
+CVE-2018-15439 (A vulnerability in the Cisco Small Business Switches software
could ...)
+ TODO: check
CVE-2018-15438 (A vulnerability in the web-based management interface of Cisco
Prime ...)
NOT-FOR-US: Cisco
-CVE-2018-15437
- RESERVED
+CVE-2018-15437 (A vulnerability in the system scanning component of Cisco
Immunet and ...)
+ TODO: check
CVE-2018-15436 (A vulnerability in the web-based management interface of Cisco
Webex ...)
NOT-FOR-US: Cisco
CVE-2018-15435 (A vulnerability in the web-based management interface of Cisco
...)
@@ -9179,10 +9192,10 @@ CVE-2018-15396 (A vulnerability in the Bulk
Administration Tool (BAT) for Cisco
NOT-FOR-US: Cisco
CVE-2018-15395 (A vulnerability in the authentication and authorization
checking ...)
NOT-FOR-US: Cisco
-CVE-2018-15394
- RESERVED
-CVE-2018-15393
- RESERVED
+CVE-2018-15394 (A vulnerability in the Stealthwatch Management Console (SMC)
of Cisco ...)
+ TODO: check
+CVE-2018-15393 (A vulnerability in the web-based management interface of Cisco
Content ...)
+ TODO: check
CVE-2018-15392 (A vulnerability in the DHCP service of Cisco Industrial
Network ...)
NOT-FOR-US: Cisco
CVE-2018-15391 (A vulnerability in certain IPv4 fragment-processing functions
of Cisco ...)
@@ -9205,8 +9218,8 @@ CVE-2018-15383 (A vulnerability in the cryptographic
hardware accelerator driver
NOT-FOR-US: Cisco
CVE-2018-15382 (A vulnerability in Cisco HyperFlex Software could allow an ...)
NOT-FOR-US: Cisco
-CVE-2018-15381
- RESERVED
+CVE-2018-15381 (A Java deserialization vulnerability in Cisco Unity Express
(CUE) ...)
+ TODO: check
CVE-2018-15380
RESERVED
CVE-2018-15379 (A vulnerability in which the HTTP web server for Cisco Prime
...)
@@ -18438,8 +18451,8 @@ CVE-2018-11779
RESERVED
CVE-2018-11778 (UnixAuthenticationService in Apache Ranger 1.2.0 was updated
to ...)
NOT-FOR-US: Apache Ranger
-CVE-2018-11777
- RESERVED
+CVE-2018-11777 (In Apache Hive 2.3.3, 3.1.0 and earlier, local resources on
...)
+ TODO: check
CVE-2018-11776 (Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer
from ...)
- libstruts1.2-java <not-affected> (Specific to 2.x)
NOTE: https://cwiki.apache.org/confluence/display/WW/S2-057
@@ -33335,26 +33348,26 @@ CVE-2018-6444
RESERVED
CVE-2018-6443
RESERVED
-CVE-2018-6442
- RESERVED
-CVE-2018-6441
- RESERVED
+CVE-2018-6442 (A vulnerability in the Brocade Webtools firmware update section
of ...)
+ TODO: check
+CVE-2018-6441 (A vulnerability in Secure Shell implementation of Brocade
Fabric OS ...)
+ TODO: check
CVE-2018-6440
RESERVED
CVE-2018-6439
RESERVED
-CVE-2018-6438
- RESERVED
-CVE-2018-6437
- RESERVED
-CVE-2018-6436
- RESERVED
-CVE-2018-6435
- RESERVED
-CVE-2018-6434
- RESERVED
-CVE-2018-6433
- RESERVED
+CVE-2018-6438 (A Vulnerability in the supportsave command of Brocade Fabric OS
...)
+ TODO: check
+CVE-2018-6437 (A Vulnerability in the help command of Brocade Fabric OS
command line ...)
+ TODO: check
+CVE-2018-6436 (A Vulnerability in the firmwaredownload command of Brocade
Fabric OS ...)
+ TODO: check
+CVE-2018-6435 (A Vulnerability in the secryptocfg command of Brocade Fabric OS
...)
+ TODO: check
+CVE-2018-6434 (A vulnerability in the web management interface of Brocade
Fabric OS ...)
+ TODO: check
+CVE-2018-6433 (A vulnerability in the secryptocfg export command of Brocade
Fabric OS ...)
+ TODO: check
CVE-2018-6432
RESERVED
CVE-2018-6431
@@ -48230,8 +48243,8 @@ CVE-2018-1316 (The ODE process deployment web service
was sensible to deployment
NOT-FOR-US: Apache ODE
CVE-2018-1315 (In Apache Hive 2.1.0 to 2.3.2, when 'COPY FROM FTP' statement
is run ...)
NOT-FOR-US: Apache Hive
-CVE-2018-1314
- RESERVED
+CVE-2018-1314 (In Apache Hive 2.3.3, 3.1.0 and earlier, Hive
"EXPLAIN" operation does ...)
+ TODO: check
CVE-2018-1313 (In Apache Derby 10.3.1.4 to 10.14.1.0, a specially-crafted
network ...)
- derby 10.14.2.0-1
[jessie] - derby <no-dsa> (Minor issue)
@@ -51987,8 +52000,8 @@ CVE-2018-0286 (A vulnerability in the netconf interface
of Cisco IOS XR Software
NOT-FOR-US: Cisco
CVE-2018-0285 (A vulnerability in service logging for Cisco Prime Service
Catalog ...)
NOT-FOR-US: Cisco
-CVE-2018-0284
- RESERVED
+CVE-2018-0284 (A vulnerability in the local status page functionality of the
Cisco ...)
+ TODO: check
CVE-2018-0283 (A vulnerability in the detection engine of Cisco Firepower
System ...)
NOT-FOR-US: Cisco
CVE-2018-0282
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/2b3978601ecb64470aeac39a6a326127cb6bea0b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/2b3978601ecb64470aeac39a6a326127cb6bea0b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
