Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
21eb5928 by security tracker role at 2018-05-14T08:10:13+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,45 @@
+CVE-2018-11037 (In Exiv2 0.26, the Exiv2::PngImage::printStructure function in
...)
+ TODO: check
+CVE-2018-11036
+ RESERVED
+CVE-2018-11035 (In 2345 Security Guard 3.7, the driver file
(2345NsProtect.sys, X64 ...)
+ TODO: check
+CVE-2018-11034 (In 2345 Security Guard 3.7, the driver file
(2345NsProtect.sys, X64 ...)
+ TODO: check
+CVE-2018-11033 (The DCTStream::readHuffSym function in Stream.cc in the DCT
decoder in ...)
+ TODO: check
+CVE-2018-11032 (PHPRAP 1.0.4 through 1.0.8 has SQL Injection via the ...)
+ TODO: check
+CVE-2018-11031 (application/home/controller/debug.php in PHPRAP 1.0.4 through
1.0.8 has ...)
+ TODO: check
+CVE-2018-11030
+ RESERVED
+CVE-2018-11029
+ RESERVED
+CVE-2018-11028
+ RESERVED
+CVE-2018-11027
+ RESERVED
+CVE-2018-11026
+ RESERVED
+CVE-2018-11025
+ RESERVED
+CVE-2018-11024
+ RESERVED
+CVE-2018-11023
+ RESERVED
+CVE-2018-11022
+ RESERVED
+CVE-2018-11021
+ RESERVED
+CVE-2018-11020
+ RESERVED
+CVE-2018-11019
+ RESERVED
+CVE-2018-11018 (An issue was discovered in PbootCMS v1.0.7. Cross-site request
forgery ...)
+ TODO: check
+CVE-2018-11017 (The newVar_N function in decompile.c in libming through 0.4.8
...)
+ TODO: check
CVE-2018-11016
RESERVED
CVE-2018-11015
@@ -169,8 +211,8 @@ CVE-2017-18266 (The open_envvar function in xdg-open in
xdg-utils before 1.1.3 d
NOTE: Fixed by:
https://cgit.freedesktop.org/xdg/xdg-utils/commit/?id=ce802d71c3466d1dbb24f2fe9b6db82a1f899bcb
CVE-2018-10945
RESERVED
-CVE-2018-10944
- RESERVED
+CVE-2018-10944 (The request_dividend function of a smart contract
implementation for ...)
+ TODO: check
CVE-2018-10943
RESERVED
CVE-2018-10942 (modules/attributewizardpro/file_upload.php in the Attribute
Wizard ...)
@@ -782,8 +824,8 @@ CVE-2018-10680 (** DISPUTED ** Z-BlogPHP 1.5.2 has a stored
Cross Site Scripting
NOT-FOR-US: Z-BlogPHP
CVE-2018-10679
RESERVED
-CVE-2018-10678
- RESERVED
+CVE-2018-10678 (MyBB 1.8.15, when accessed with Microsoft Edge, mishandles ...)
+ TODO: check
CVE-2018-10677 (The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4
lacks ...)
NOT-FOR-US: ngiflib
CVE-2018-10676 (CeNova, Night OWL, Novo, Pulnix, QSee, Securus, and TBK Vision
DVR ...)
@@ -5060,6 +5102,7 @@ CVE-2018-8907
CVE-2018-8906 (dsmall v20180320 has XSS via a crafted street address to ...)
NOT-FOR-US: dsmall
CVE-2018-8905 (In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the
function ...)
+ {DLA-1378-1 DLA-1377-1}
- tiff <unfixed> (bug #893806)
[stretch] - tiff <postponed> (Can be fixed along in a future DSA)
[jessie] - tiff <postponed> (Can be fixed along in a future DSA)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/21eb5928b5a56e362217b21493a14dce27b48088
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/21eb5928b5a56e362217b21493a14dce27b48088
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
