Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f93bff7f by Moritz Muehlenhoff at 2018-05-22T23:30:01+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -58,21 +58,21 @@ CVE-2018-11375 (The _inst__lds() function in radare2 2.5.0
allows remote attacke
CVE-2018-11374
RESERVED
CVE-2018-11373 (iScripts eSwap v2.4 has SQL injection via the
"salelistdetailed.php" ...)
- TODO: check
+ NOT-FOR-US: iScripts eSwap
CVE-2018-11372 (iScripts eSwap v2.4 has SQL injection via the
wishlistdetailed.php User ...)
- TODO: check
+ NOT-FOR-US: iScripts eSwap
CVE-2018-11371 (SkyCaiji 1.2 allows CSRF to add an Administrator user. ...)
- TODO: check
+ NOT-FOR-US: SkyCaiji
CVE-2018-11370
RESERVED
CVE-2018-11369 (An issue was discovered in PbootCMS v1.0.9. There is a SQL
Injection ...)
- TODO: check
+ NOT-FOR-US: PbootCMS
CVE-2018-11368
RESERVED
CVE-2018-11367 (An issue was discovered in CppCMS before 1.2.1. There is a
denial of ...)
- TODO: check
+ NOT-FOR-US: CppCMS
CVE-2018-11366 (init.php in the Loginizer plugin 1.3.8 through 1.3.9 for
WordPress has ...)
- TODO: check
+ NOT-FOR-US: Wordpress plugin
CVE-2018-11365 (sas/readstat_sas7bcat_read.c in libreadstat.a in ReadStat
0.1.1 has an ...)
- r-cran-haven <unfixed> (low)
CVE-2018-11364 (sav_parse_machine_integer_info_record in
spss/readstat_sav_read.c in ...)
@@ -146,23 +146,23 @@ CVE-2018-11331 (An issue was discovered in Pluck before
4.7.6. Remote PHP code .
CVE-2018-11330 (An issue was discovered in Pluck before 4.7.6. There is
authenticated ...)
NOT-FOR-US: Pluck CMS
CVE-2018-11329 (The DrugDealer function of a smart contract implementation for
Ether ...)
- TODO: check
+ NOT-FOR-US: DrugDealer smart contractz
CVE-2018-11328 (An issue was discovered in Joomla! Core before 3.8.8. Under
specific ...)
- TODO: check
+ NOT-FOR-US: Joomla!
CVE-2018-11327 (An issue was discovered in Joomla! Core before 3.8.8.
Inadequate checks ...)
- TODO: check
+ NOT-FOR-US: Joomla!
CVE-2018-11326 (An issue was discovered in Joomla! Core before 3.8.8.
Inadequate input ...)
- TODO: check
+ NOT-FOR-US: Joomla!
CVE-2018-11325 (An issue was discovered in Joomla! Core before 3.8.8. The web
install ...)
- TODO: check
+ NOT-FOR-US: Joomla!
CVE-2018-11324 (An issue was discovered in Joomla! Core before 3.8.8. A long
running ...)
- TODO: check
+ NOT-FOR-US: Joomla!
CVE-2018-11323 (An issue was discovered in Joomla! Core before 3.8.8.
Inadequate checks ...)
- TODO: check
+ NOT-FOR-US: Joomla!
CVE-2018-11322 (An issue was discovered in Joomla! Core before 3.8.8.
Depending on the ...)
- TODO: check
+ NOT-FOR-US: Joomla!
CVE-2018-11321 (An issue was discovered in com_fields in Joomla! Core before
3.8.8. ...)
- TODO: check
+ NOT-FOR-US: Joomla!
CVE-2018-11320 (In Octopus Deploy 2018.4.4 through 2018.5.1, Octopus variables
that are ...)
NOT-FOR-US: Octopus Deploy
CVE-2018-1000181
@@ -718,7 +718,7 @@ CVE-2018-11095 (The decompileJUMP function in decompile.c
in libming through 0.4
CVE-2018-11094 (An issue was discovered on Intelbras NCLOUD 300 1.0 devices.
...)
NOT-FOR-US: Intelbras NCLOUD
CVE-2018-11093 (Cross-site scripting (XSS) vulnerability in the Link package
for ...)
- TODO: check
+ NOT-FOR-US: CKeditor addon
CVE-2018-11092 (An issue was discovered in the Admin Notes plugin 1.1 for
MyBB. CSRF ...)
NOT-FOR-US: Admin Notes plugin for MyBB
CVE-2018-11091 (An issue was discovered in MyBiz MyProcureNet 5.0.0. A
malicious file ...)
@@ -11334,9 +11334,9 @@ CVE-2018-6965
CVE-2018-6964
RESERVED
CVE-2018-6963 (VMware Workstation (14.x before 14.1.2) and Fusion (10.x before
...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2018-6962 (VMware Fusion (10.x before 10.1.2) contains a signature bypass
...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2018-6961
RESERVED
CVE-2018-6960 (VMware Horizon DaaS (7.x before 8.0.0) contains a broken ...)
@@ -12808,11 +12808,11 @@ CVE-2018-6496
CVE-2018-6495
RESERVED
CVE-2018-6494 (Remote SQL Injection against the HP Service Manager Software
Web Tier, ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2018-6493 (SQL Injection in HP Network Operations Management Ultimate,
version ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2018-6492 (Persistent Cross-Site Scripting, and non-persistent HTML
Injection in ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2018-6491 (Local Escalation of Privilege vulnerability to Micro Focus
Universal ...)
NOT-FOR-US: Micro Focus Universal CMDB
CVE-2018-6490 (Denial of Service vulnerability in Micro Focus Operations ...)
@@ -13160,7 +13160,7 @@ CVE-2018-6380 (In Joomla! before 3.8.4, lack of
escaping in the module chromes l
CVE-2018-6379 (In Joomla! before 3.8.4, inadequate input filtering in the Uri
class ...)
NOT-FOR-US: Joomla!
CVE-2018-6378 (In Joomla! Core before 3.8.8, inadequate filtering of file and
folder ...)
- TODO: check
+ NOT-FOR-US: Joomla!
CVE-2018-6377 (In Joomla! before 3.8.4, inadequate input filtering in
com_fields leads ...)
NOT-FOR-US: Joomla!
CVE-2018-6376 (In Joomla! before 3.8.4, the lack of type casting of a variable
in a ...)
@@ -26034,7 +26034,7 @@ CVE-2018-1585
CVE-2018-1584
RESERVED
CVE-2018-1583 (IBM StoredIQ 7.6 could allow an authenticated attacker to
bypass ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1582
RESERVED
CVE-2018-1581
@@ -114623,7 +114623,7 @@ CVE-2015-8096 (Integer overflow in Google Picasa
3.9.140 Build 239 and Build 248
CVE-2015-8095 (The recycle bin feature in the Monster Menus module 7.x-1.21
before ...)
NOT-FOR-US: Monster Menus module for Drupal
CVE-2015-8094 (Open redirect vulnerability in Cloudera HUE before 3.10.0
allows ...)
- TODO: check
+ NOT-FOR-US: Cloudera HUE
CVE-2015-8093
RESERVED
CVE-2015-8092
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f93bff7f74900543af27a52bc8a3ecc03f92ff2a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f93bff7f74900543af27a52bc8a3ecc03f92ff2a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
