Todo Lists

Pending advisories

Group Package Severity Affected Fixed Ticket
AVG-762 linux-hardened High 4.18.1.a-1 4.19.4.a-1

Bumped packages

Group Package Severity Affected Current Ticket
AVG-767 linux-lts High 4.14.71-1 4.14.87-1 [core]
AVG-758 linux-lts High 4.14.62-1 4.14.87-1 [core]
AVG-757 linux-zen High 4.17.14.zen1-1 4.19.8.zen2-1 [extra]
AVG-756 linux High 4.17.14.arch1-1 4.19.8.arch1-1 [core]
AVG-685 linux-zen High 4.16.8-1 4.19.8.zen2-1 [extra]
AVG-684 linux-lts High 4.14.40-1 4.14.87-1 [core]
AVG-683 linux-hardened High 4.16.7.b-1 4.19.8.a-1 [extra]
AVG-682 linux High 4.16.8-1 4.19.8.arch1-1 [core]
AVG-572 linux-zen High 4.14.11-1 4.19.8.zen2-1 [extra]
AVG-566 linux-lts High 4.9.74-1 4.14.87-1 [core]
AVG-559 linux-lts High 4.9.74-1 4.14.87-1 [core]
AVG-558 linux-hardened High 4.14.11.a-1 4.19.8.a-1 [extra]
AVG-557 linux-zen High 4.14.11-1 4.19.8.zen2-1 [extra]
AVG-553 linux High 4.14.11-1 4.19.8.arch1-1 [core]
AVG-704 linux-zen Medium 4.16.9-1 4.19.8.zen2-1 [extra]
AVG-703 linux-hardened Medium 4.16.9.a-1 4.19.8.a-1 [extra]
AVG-702 linux-lts Medium 4.14.41-1 4.14.87-1 [core]
AVG-701 linux Medium 4.16.9-1 4.19.8.arch1-1 [core]
AVG-615 systemd Medium 239.2-1 239.303-1 [core]
AVG-573 linux-hardened Medium 4.14.11-1 4.19.8.a-1 [extra]
AVG-312 linux-lts Medium 4.9.33-1 4.14.87-1 [core]
AVG-277 cairo Low 1.15.14-1 1.16.0-1 [extra]

Orphan issues

Issue Severity Remote Type Description
CVE-2016-1000000 High Yes Sql injection
Ipswitch WhatsUp Gold 16.4.1 WrFreeFormText.asp sUniqueID Parameter Blind SQL Injection
CVE-2016-1951 Medium Yes Arbitrary code execution
Multiple integer overflows in io/prprf.c in Mozilla Netscape Portable Runtime (NSPR) before...
CVE-2016-5258 Critical Yes Arbitrary code execution
Use-after-free vulnerability in the WebRTC socket thread in Mozilla Firefox before 48.0 and...
CVE-2016-7053 Medium Yes Denial of service
Applications parsing invalid CMS structures can crash with a NULL pointer dereference. This...
CVE-2016-9427 High Yes Arbitrary code execution
An integer overflow problem has been discovered leading to hep corruption. When calling...
CVE-2016-9443 High Yes Arbitrary code execution
Null pointer dereference in formUpdateBuffer
CVE-2017-1000410 High Yes Information disclosure
The Linux kernel version 3.3-rc1 and later is affected by a vulnerability in the processing...
CVE-2017-10979 Critical Yes Arbitrary code execution
A security issue has been found in freeradius <= 2.2.9, where the rad_coalesce() function...
CVE-2017-10980 Medium Yes Denial of service
A security issue has been found in freeradius <= 2.2.9, where thedecode_tlv() function...
CVE-2017-10981 Low Yes Denial of service
A security issue has been found in freeradius <= 2.2.9, where the fr_dhcp_decode() function...
CVE-2017-11333 Low Yes Denial of service
A security issue has been found in libvorbis <= 1.3.5, where a specially crafted WAV file...
CVE-2017-12925 Medium No Arbitrary code execution
Invalid memory read in SetImageColorCallBack.
CVE-2017-14497 Medium No Denial of service
The tpacket_rcv function in net/packet/af_packet.c in the Linux kernel before 4.13...
CVE-2017-15994 Critical Yes Access restriction bypass
rsync 3.1.3-development before 2017-10-24, as used in the xlucas svfs rsync fork and other...
CVE-2017-7223 Medium No Denial of service
GNU assembler in GNU Binutils 2.28 is vulnerable to a global buffer overflow (of size 1)...
CVE-2017-7224 Medium No Denial of service
The find_nearest_line function in objdump in GNU Binutils 2.28 is vulnerable to an invalid...
CVE-2017-7225 Medium No Denial of service
The find_nearest_line function in addr2line in GNU Binutils 2.28 does not handle the case...
CVE-2017-7226 High No Information disclosure
The pe_ILF_object_p function in the Binary File Descriptor (BFD) library (aka libbfd), as...
CVE-2017-7227 Medium No Denial of service
GNU linker (ld) in GNU Binutils 2.28 is vulnerable to a heap-based buffer overflow while...
CVE-2017-7980 High No Arbitrary code execution
Quick emulator(Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to...
CVE-2017-9098 High Yes Information disclosure
Chris Evans discovered that ImageMagick uses unitialized memory in the RLE decoder,...
CVE-2018-0492 High No Privilege escalation
beep through version 1.3.4 is vulnerable to local privilege escalation if the setuid bit is...
CVE-2018-1000115 High Yes Insufficient validation
Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network...
CVE-2018-18642 Medium Yes Cross-site scripting
A security issue has been found in gitlab versions prior to 11.4.3, where the license...
CVE-2018-18644 Medium Yes Information disclosure
A security issue has been found in gitlab versions prior to 11.4.3, where the Prometheus...
CVE-2018-18647 Medium Yes Access restriction bypass
A security issue has been found in gitlab versions prior to 11.4.3, where the...
CVE-2018-4101 Critical Yes Arbitrary code execution
A security issue has been found in WebKitGTK+ < 2.20.0, where processing maliciously...
CVE-2018-4113 Low Yes Denial of service
A security issue has been found in the handling of a function in JavaScriptCore of...
CVE-2018-5709 Low Yes Information disclosure
An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable...
CVE-2018-9234 Low No Insufficient validation
When using a GnuPG smartcard in 2.2.4+ with an offline master [C]ertify key, it is possible...