Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f54f8c5e by security tracker role at 2018-07-26T08:10:17+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -285,8 +285,8 @@ CVE-2018-14495
RESERVED
CVE-2018-14494
RESERVED
-CVE-2018-14493
- RESERVED
+CVE-2018-14493 (Cross-site scripting (XSS) vulnerability in the Groups Page in
...)
+ TODO: check
CVE-2018-14492 (Tenda AC7 through V15.03.06.44_CN, AC9 through
V15.03.05.19(6318)_CN, ...)
NOT-FOR-US: Tenda devices
CVE-2018-1999022 (PEAR HTML_QuickForm version 3.2.14 contains an eval
injection (CWE-95) ...)
@@ -443,8 +443,8 @@ CVE-2018-14432 [GET /v3/OS-FEDERATION/projects leaks
project information]
NOTE: http://www.openwall.com/lists/oss-security/2018/07/25/2
CVE-2018-14431
RESERVED
-CVE-2018-14430
- RESERVED
+CVE-2018-14430 (The Mondula Multi Step Form plugin through 1.2.5 for WordPress
allows ...)
+ TODO: check
CVE-2018-14429
RESERVED
CVE-2018-14428
@@ -1298,8 +1298,8 @@ CVE-2018-14085 (An issue was discovered in a smart
contract implementation for .
NOT-FOR-US: smart contract implementation for UserWallet
0x0a7bca9FB7AfF26c6ED8029BB6f0F5D291587c42
CVE-2018-14084 (An issue was discovered in a smart contract implementation for
MKCB, an ...)
NOT-FOR-US: smart contract implementation for MKCB
-CVE-2018-14083
- RESERVED
+CVE-2018-14083 (LICA miniCMTS E8K(u/i/...) devices allow remote attackers to
obtain ...)
+ TODO: check
CVE-2018-14082 (PHP Scripts Mall JOB SITE (aka Job Portal) 3.0.1 has
Cross-site ...)
NOT-FOR-US: PHP Scripts Mall JOB SITE (aka Job Portal)
CVE-2018-14081
@@ -1571,8 +1571,7 @@ CVE-2018-13990
RESERVED
CVE-2018-13989 (Grundig Smart Inter@ctive TV 3.0 devices allow CSRF attacks
via a POST ...)
NOT-FOR-US: Grundig Smart Inter@ctive TV 3.0 devices
-CVE-2018-13988 [buffer overflow in pdfunite]
- RESERVED
+CVE-2018-13988 (Poppler through 0.62 contains a Buffer Overflow vulnerability
due to ...)
- poppler <undetermined>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1602838
TODO: check, no actionable information available
@@ -1979,7 +1978,7 @@ CVE-2018-13799
RESERVED
CVE-2018-13798
RESERVED
-CVE-2018-13796 (Unspecified vulnerability in Mailman before 2.1.28 has unknown
impact ...)
+CVE-2018-13796 (An issue was discovered in GNU Mailman before 2.1.28. A
crafted URL ...)
{DLA-1442-1}
- mailman <unfixed> (bug #903674)
[stretch] - mailman <no-dsa> (Minor issue)
@@ -16313,8 +16312,8 @@ CVE-2018-8092 (Mautic before 2.13.0 allows CSV
injection. ...)
NOT-FOR-US: Mautic
CVE-2018-8091
RESERVED
-CVE-2018-8090
- RESERVED
+CVE-2018-8090 (Quick Heal Total Security 64 bit 17.00 (QHTS64.exe),
(QHTSFT64.exe) - ...)
+ TODO: check
CVE-2018-8089
RESERVED
CVE-2018-8088 (org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J
before ...)
@@ -22376,8 +22375,8 @@ CVE-2018-6161
- chromium-browser 68.0.3440.75-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
CVE-2018-6160
- - chromium-browser <not-affected> (Only affects Chrome on iOS)
RESERVED
+ - chromium-browser <not-affected> (Only affects Chrome on iOS)
CVE-2018-6159
RESERVED
- chromium-browser 68.0.3440.75-1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f54f8c5e01710199c152e62d797d230a3906b220
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f54f8c5e01710199c152e62d797d230a3906b220
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
