diff options
author | security tracker role <sectracker@soriano.debian.org> | 2018-02-21 09:10:21 +0000 |
---|---|---|
committer | security tracker role <sectracker@soriano.debian.org> | 2018-02-21 09:10:21 +0000 |
commit | 5bb814c27801febe96b85a5e3ee3eb0521e33dda (patch) | |
tree | 82d40ca37fdb7d0f95fe81c541f4ab97a0b7635b /data | |
parent | a90928569f203332286243650a2c10dc8e663079 (diff) |
automatic update
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/2004.list | 2 | ||||
-rw-r--r-- | data/CVE/2017.list | 16 | ||||
-rw-r--r-- | data/CVE/2018.list | 39 |
3 files changed, 46 insertions, 11 deletions
diff --git a/data/CVE/2004.list b/data/CVE/2004.list index cf87a3b51e..bd711e2aca 100644 --- a/data/CVE/2004.list +++ b/data/CVE/2004.list @@ -1,3 +1,5 @@ +CVE-2004-2779 (id3_utf16_deserialize() in utf16.c in libid3tag through 0.15.1b ...) + TODO: check CVE-2004-2778 (Ebuild in Gentoo may change directory and file permissions depending ...) NOT-FOR-US: Gentoo ebuilds dir permissions at install time CVE-2004-2777 (GE Healthcare Centricity Image Vault 3.x has a password of (1) gemnet ...) diff --git a/data/CVE/2017.list b/data/CVE/2017.list index 88e8bf463b..01a0b9bc4a 100644 --- a/data/CVE/2017.list +++ b/data/CVE/2017.list @@ -2413,10 +2413,10 @@ CVE-2017-17456 (The function d2alaw_array() in alaw.c of libsndfile 1.0.29pre1 m [jessie] - libsndfile <no-dsa> (Minor issue) [wheezy] - libsndfile <no-dsa> (Minor issue) NOTE: https://github.com/erikd/libsndfile/issues/344 -CVE-2017-17455 - RESERVED -CVE-2017-17454 - RESERVED +CVE-2017-17455 (Mahara 16.10 before 16.10.7, 17.04 before 17.04.5, and 17.10 before ...) + TODO: check +CVE-2017-17454 (Mahara 16.10 before 16.10.7 and 17.04 before 17.04.5 and 17.10 before ...) + TODO: check CVE-2017-17453 RESERVED CVE-2017-17452 @@ -9329,8 +9329,8 @@ CVE-2017-14994 (ReadDCMImage in coders/dcm.c in GraphicsMagick 1.3.26 allows rem - graphicsmagick 1.3.26-13 NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=b3eca3eaa264 NOTE: https://sourceforge.net/p/graphicsmagick/bugs/512/ -CVE-2017-14993 - RESERVED +CVE-2017-14993 (OXID eShop Community Edition before 6.0.0 RC3 (development), 4.10.x ...) + TODO: check CVE-2017-14992 (Lack of content verification in Docker-CE (Also known as Moby) ...) - docker.io <undetermined> CVE-2017-14991 (The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel before ...) @@ -16587,8 +16587,8 @@ CVE-2017-12417 RESERVED CVE-2017-12416 (Cross-site scripting (XSS) vulnerability in the GlobalProtect internal ...) NOT-FOR-US: Palo Alto Networks PAN-OS -CVE-2017-12415 - RESERVED +CVE-2017-12415 (OXID eShop Community Edition before 6.0.0 RC2 (development), 4.10.x ...) + TODO: check CVE-2017-12414 (Format Factory 4.1.0 has a DLL Hijacking Vulnerability because an ...) NOT-FOR-US: Format Factory CVE-2017-12413 (AXIS 2100 devices 2.43 have XSS via the URI, possibly related to ...) diff --git a/data/CVE/2018.list b/data/CVE/2018.list index a37ac62b3f..603d549e3e 100644 --- a/data/CVE/2018.list +++ b/data/CVE/2018.list @@ -1,5 +1,37 @@ -CVE-2018-7263 +CVE-2018-7279 RESERVED +CVE-2018-7278 (An issue was discovered on RLE Protocol Converter FDS-PC / FDS-PC-DP ...) + TODO: check +CVE-2018-7277 (An issue was discovered on RLE Wi-MGR/FDS-Wi 6.2 devices. Persistent ...) + TODO: check +CVE-2018-7276 (An issue was discovered on Lutron Quantum BACnet Integration 2.0 ...) + TODO: check +CVE-2018-7275 + RESERVED +CVE-2018-7274 (Yab Quarx through 2.4.3 is prone to multiple persistent cross-site ...) + TODO: check +CVE-2018-7273 (In the Linux kernel through 4.15.4, the floppy driver reveals the ...) + TODO: check +CVE-2018-7272 (The REST APIs in ForgeRock AM before 5.5.0 include SSOToken IDs as part ...) + TODO: check +CVE-2018-7271 (An issue was discovered in MetInfo 6.0.0. In install/install.php in the ...) + TODO: check +CVE-2018-7270 + RESERVED +CVE-2018-7269 + RESERVED +CVE-2018-7268 + RESERVED +CVE-2018-7267 + RESERVED +CVE-2018-7266 + RESERVED +CVE-2018-7265 (Shimmie 2 2.6.0 allows an attacker to upload a crafted SVG file that ...) + TODO: check +CVE-2018-7264 + RESERVED +CVE-2018-7263 (The mad_decoder_run() function in decoder.c in Underbit libmad through ...) + TODO: check CVE-2018-7262 RESERVED CVE-2018-7261 @@ -903,6 +935,7 @@ CVE-2018-6871 (LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attac CVE-2018-6870 RESERVED CVE-2018-6869 (In ZZIPlib 0.13.68, there is an uncontrolled memory allocation and a ...) + {DLA-1287-1} - zziplib <unfixed> [stretch] - zziplib <no-dsa> (Minor issue) [jessie] - zziplib <no-dsa> (Minor issue) @@ -1884,8 +1917,8 @@ CVE-2018-6489 RESERVED CVE-2018-6488 RESERVED -CVE-2018-6487 - RESERVED +CVE-2018-6487 (Remote Disclosure of Information in Micro Focus Universal CMDB ...) + TODO: check CVE-2018-6486 (XML External Entity (XXE) vulnerability in Micro Focus Fortify Audit ...) NOT-FOR-US: Micro Focus Fortify Audit Workbench CVE-2018-6485 (An integer overflow in the implementation of the posix_memalign in ...) |