diff options
author | security tracker role <sectracker@soriano.debian.org> | 2018-10-19 20:10:44 +0000 |
---|---|---|
committer | security tracker role <sectracker@soriano.debian.org> | 2018-10-19 20:10:44 +0000 |
commit | 2eec476fbc83801f83f7c15f776f6ac935d6fe0c (patch) | |
tree | 4795717c56b1940778d2509cc6854db99613eaeb /data/CVE | |
parent | 171070b4d16877abce2029b392b30b8ea058128e (diff) |
automatic update
Diffstat (limited to 'data/CVE')
-rw-r--r-- | data/CVE/2006.list | 2 | ||||
-rw-r--r-- | data/CVE/2017.list | 2 | ||||
-rw-r--r-- | data/CVE/2018.list | 134 |
3 files changed, 107 insertions, 31 deletions
diff --git a/data/CVE/2006.list b/data/CVE/2006.list index f2482f92d8..256251766b 100644 --- a/data/CVE/2006.list +++ b/data/CVE/2006.list @@ -14482,7 +14482,7 @@ CVE-2006-0863 (InfoVista PortalSE 2.0 Build 20087 on Solaris 8 allows remote ... NOT-FOR-US: InfoVista PortalSE CVE-2006-0862 (Unspecified vulnerability in InfoVista PortalSE 2.0 Build 20087 on ...) NOT-FOR-US: InfoVista PortalSE -CVE-2006-0861 (Michael Salzer Guestbox 0.6, and other versoins before 0.8, allows ...) +CVE-2006-0861 (Michael Salzer Guestbox 0.6, and other versions before 0.8, allows ...) NOT-FOR-US: Michael Salzer Guestbox CVE-2006-0860 (Multiple cross-site scripting (XSS) vulnerabilities in Michael Salzer ...) NOT-FOR-US: Michael Salzer Guestbox diff --git a/data/CVE/2017.list b/data/CVE/2017.list index ab210c88bc..e6591d03c4 100644 --- a/data/CVE/2017.list +++ b/data/CVE/2017.list @@ -1,4 +1,4 @@ -CVE-2017-18348 +CVE-2017-18348 (Splunk Enterprise 6.6.x, when configured to run as root but drop ...) NOT-FOR-US: Splunk CVE-2017-18347 (Incorrect access control in RDP Level 1 on STMicroelectronics STM32F0 ...) NOT-FOR-US: STMicroelectronics STM32F0 series devices diff --git a/data/CVE/2018.list b/data/CVE/2018.list index 325ee9419f..bd6ff0fe45 100644 --- a/data/CVE/2018.list +++ b/data/CVE/2018.list @@ -1,3 +1,79 @@ +CVE-2018-18528 + RESERVED +CVE-2018-18527 (OwnTicket 2018-05-23 allows SQL Injection via the showTicketId or ...) + TODO: check +CVE-2018-18526 + RESERVED +CVE-2018-18525 + RESERVED +CVE-2018-18524 + RESERVED +CVE-2018-18523 + RESERVED +CVE-2018-18522 + RESERVED +CVE-2018-18521 (Divide-by-zero vulnerabilities in the function arlib_add_symbols() in ...) + TODO: check +CVE-2018-18520 (An Invalid Memory Address Dereference exists in the function elf_end in ...) + TODO: check +CVE-2018-18519 + RESERVED +CVE-2018-18518 + RESERVED +CVE-2018-18517 + RESERVED +CVE-2018-18516 + RESERVED +CVE-2018-18515 + RESERVED +CVE-2018-18514 + RESERVED +CVE-2018-18513 + RESERVED +CVE-2018-18512 + RESERVED +CVE-2018-18511 + RESERVED +CVE-2018-18510 + RESERVED +CVE-2018-18509 + RESERVED +CVE-2018-18508 + RESERVED +CVE-2018-18507 + RESERVED +CVE-2018-18506 + RESERVED +CVE-2018-18505 + RESERVED +CVE-2018-18504 + RESERVED +CVE-2018-18503 + RESERVED +CVE-2018-18502 + RESERVED +CVE-2018-18501 + RESERVED +CVE-2018-18500 + RESERVED +CVE-2018-18499 + RESERVED +CVE-2018-18498 + RESERVED +CVE-2018-18497 + RESERVED +CVE-2018-18496 + RESERVED +CVE-2018-18495 + RESERVED +CVE-2018-18494 + RESERVED +CVE-2018-18493 + RESERVED +CVE-2018-18492 + RESERVED +CVE-2018-18491 + RESERVED CVE-2018-18490 RESERVED CVE-2018-18489 @@ -236,20 +312,20 @@ CVE-2018-18398 RESERVED CVE-2018-18397 RESERVED -CVE-2018-18396 - RESERVED -CVE-2018-18395 - RESERVED -CVE-2018-18394 - RESERVED -CVE-2018-18393 - RESERVED -CVE-2018-18392 - RESERVED -CVE-2018-18391 - RESERVED -CVE-2018-18390 - RESERVED +CVE-2018-18396 (Remote Code Execution in Moxa ThingsPro IIoT Gateway and Device ...) + TODO: check +CVE-2018-18395 (Hidden Token Access in Moxa ThingsPro IIoT Gateway and Device ...) + TODO: check +CVE-2018-18394 (Sensitive Information Stored in Clear Text in Moxa ThingsPro IIoT ...) + TODO: check +CVE-2018-18393 (Password Management Issue in Moxa ThingsPro IIoT Gateway and Device ...) + TODO: check +CVE-2018-18392 (Privilege Escalation via Broken Access Control in Moxa ThingsPro IIoT ...) + TODO: check +CVE-2018-18391 (User Privilege Escalation in Moxa ThingsPro IIoT Gateway and Device ...) + TODO: check +CVE-2018-18390 (User Enumeration in Moxa ThingsPro IIoT Gateway and Device Management ...) + TODO: check CVE-2018-18389 (Due to incorrect access control in Neo4j Enterprise Database Server ...) NOT-FOR-US: Neo4J server CVE-2018-18388 @@ -5136,7 +5212,7 @@ CVE-2018-16312 RESERVED CVE-2018-16311 RESERVED -CVE-2018-16310 (Technicolor TG588V V2 devices allow remote attackers to cause a denial ...) +CVE-2018-16310 (** DISPUTED ** Technicolor TG588V V2 devices allow remote attackers ...) NOT-FOR-US: Technicolor CVE-2018-16309 REJECTED @@ -6083,7 +6159,7 @@ CVE-2018-15908 (In Artifex Ghostscript 9.23 before 2018-08-23, attackers are abl NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=0d3901189f245232f0161addf215d7268c4d05a3 NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699657 NOTE: https://www.kb.cert.org/vuls/id/332928 -CVE-2018-15907 (Technicolor (formerly RCA) TC8305C devices allow remote attackers to ...) +CVE-2018-15907 (** DISPUTED ** Technicolor (formerly RCA) TC8305C devices allow ...) NOT-FOR-US: Technicolor (formerly RCA) TC8305C devices CVE-2018-15906 RESERVED @@ -6310,7 +6386,7 @@ CVE-2018-15853 (Endless recursion exists in xkbcomp/expr.c in xkbcommon and ...) [jessie] - libxkbcommon <no-dsa> (Minor issue) NOTE: https://github.com/xkbcommon/libxkbcommon/commit/1f9d1248c07cda8aaff762429c0dce146de8632a NOTE: https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html -CVE-2018-15852 (Technicolor TC7200.20 devices allow remote attackers to cause a denial ...) +CVE-2018-15852 (** DISPUTED ** Technicolor TC7200.20 devices allow remote attackers ...) NOT-FOR-US: Technicolor CVE-2018-15851 (An issue was discovered in Flexo CMS v0.1.6. There is a CSRF ...) NOT-FOR-US: Flexo CMS @@ -7547,16 +7623,16 @@ CVE-2018-15318 RESERVED CVE-2018-15317 RESERVED -CVE-2018-15316 - RESERVED -CVE-2018-15315 - RESERVED -CVE-2018-15314 - RESERVED -CVE-2018-15313 - RESERVED -CVE-2018-15312 - RESERVED +CVE-2018-15316 (In F5 BIG-IP APM 13.0.0-13.1.1.1, APM Client 7.1.5-7.1.6, and/or Edge ...) + TODO: check +CVE-2018-15315 (On F5 BIG-IP 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, there is a reflected ...) + TODO: check +CVE-2018-15314 (On F5 BIG-IP AFM 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, there is a ...) + TODO: check +CVE-2018-15313 (On F5 BIG-IP AFM 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, there is a ...) + TODO: check +CVE-2018-15312 (On F5 BIG-IP 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, a reflected ...) + TODO: check CVE-2018-15311 (When F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or ...) NOT-FOR-US: F5 BIG-IP CVE-2018-15310 (A vulnerability in BIG-IP APM portal access 11.5.1-11.5.7, ...) @@ -36853,8 +36929,8 @@ CVE-2018-4015 RESERVED CVE-2018-4014 RESERVED -CVE-2018-4013 - RESERVED +CVE-2018-4013 (An exploitable code execution vulnerability exists in the HTTP ...) + TODO: check CVE-2018-4012 RESERVED CVE-2018-4011 |