Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4a912bc7 by security tracker role at 2018-08-02T08:10:13Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,147 @@
+CVE-2018-14848
+ RESERVED
+CVE-2018-14847 (Winbox for MikroTik RouterOS through 6.42 allows remote
attackers to ...)
+ TODO: check
+CVE-2018-14846
+ RESERVED
+CVE-2018-14845
+ RESERVED
+CVE-2018-14844
+ RESERVED
+CVE-2018-14843
+ RESERVED
+CVE-2018-14842
+ RESERVED
+CVE-2018-14841
+ RESERVED
+CVE-2018-14840 (uploads/.htaccess in Subrion CMS 4.2.1 allows XSS because it
does not ...)
+ TODO: check
+CVE-2018-14839
+ RESERVED
+CVE-2018-14838 (rejucms 2.1 has stored XSS via the admin/book.php content
parameter. ...)
+ TODO: check
+CVE-2018-14837
+ RESERVED
+CVE-2018-14836 (Subrion 4.2.1 is vulnerable to Improper Access control because
user ...)
+ TODO: check
+CVE-2018-14835 (Subrion CMS v4.2.1 is vulnerable to Stored XSS because of no
escaping ...)
+ TODO: check
+CVE-2018-14834
+ RESERVED
+CVE-2018-14833
+ RESERVED
+CVE-2018-14832
+ RESERVED
+CVE-2018-14831
+ RESERVED
+CVE-2018-14830
+ RESERVED
+CVE-2018-14829
+ RESERVED
+CVE-2018-14828
+ RESERVED
+CVE-2018-14827
+ RESERVED
+CVE-2018-14826
+ RESERVED
+CVE-2018-14825
+ RESERVED
+CVE-2018-14824
+ RESERVED
+CVE-2018-14823
+ RESERVED
+CVE-2018-14822
+ RESERVED
+CVE-2018-14821
+ RESERVED
+CVE-2018-14820
+ RESERVED
+CVE-2018-14819
+ RESERVED
+CVE-2018-14818
+ RESERVED
+CVE-2018-14817
+ RESERVED
+CVE-2018-14816
+ RESERVED
+CVE-2018-14815
+ RESERVED
+CVE-2018-14814
+ RESERVED
+CVE-2018-14813
+ RESERVED
+CVE-2018-14812
+ RESERVED
+CVE-2018-14811
+ RESERVED
+CVE-2018-14810
+ RESERVED
+CVE-2018-14809
+ RESERVED
+CVE-2018-14808
+ RESERVED
+CVE-2018-14807
+ RESERVED
+CVE-2018-14806
+ RESERVED
+CVE-2018-14805
+ RESERVED
+CVE-2018-14804
+ RESERVED
+CVE-2018-14803
+ RESERVED
+CVE-2018-14802
+ RESERVED
+CVE-2018-14801
+ RESERVED
+CVE-2018-14800
+ RESERVED
+CVE-2018-14799
+ RESERVED
+CVE-2018-14798
+ RESERVED
+CVE-2018-14797
+ RESERVED
+CVE-2018-14796
+ RESERVED
+CVE-2018-14795
+ RESERVED
+CVE-2018-14794
+ RESERVED
+CVE-2018-14793
+ RESERVED
+CVE-2018-14792
+ RESERVED
+CVE-2018-14791
+ RESERVED
+CVE-2018-14790
+ RESERVED
+CVE-2018-14789
+ RESERVED
+CVE-2018-14788
+ RESERVED
+CVE-2018-14787
+ RESERVED
+CVE-2018-14786
+ RESERVED
+CVE-2018-14785
+ RESERVED
+CVE-2018-14784
+ RESERVED
+CVE-2018-14783
+ RESERVED
+CVE-2018-14782
+ RESERVED
+CVE-2018-14781
+ RESERVED
+CVE-2018-14780
+ RESERVED
+CVE-2018-14779
+ RESERVED
+CVE-2018-14778
+ RESERVED
+CVE-2015-9262 (_XcursorThemeInherits in library.c in libXcursor before 1.1.15
allows ...)
+ TODO: check
CVE-2018-14777 (An issue was discovered in DataLife Engine (DLE) through 13.0.
An ...)
TODO: check
CVE-2018-1000631
@@ -5654,8 +5798,8 @@ CVE-2018-12470
RESERVED
CVE-2018-12469
RESERVED
-CVE-2018-12468
- RESERVED
+CVE-2018-12468 (A vulnerability in the administration console of Micro Focus
GroupWise ...)
+ TODO: check
CVE-2018-12467 (Authorized users of the openbuildservice before 2.9.4 could
delete ...)
- open-build-service <undetermined>
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1100217
@@ -10584,8 +10728,8 @@ CVE-2018-10626
RESERVED
CVE-2018-10625
RESERVED
-CVE-2018-10624
- RESERVED
+CVE-2018-10624 (In Johnson Controls Metasys System Versions 8.0 and prior and
BCPro ...)
+ TODO: check
CVE-2018-10623 (Delta Electronics Delta Industrial Automation DOPSoft version
4.00.04 ...)
NOT-FOR-US: Delta Electronics Delta Industrial Automation DOPSoft
CVE-2018-10622
@@ -28955,8 +29099,8 @@ CVE-2018-3941
RESERVED
CVE-2018-3940
RESERVED
-CVE-2018-3939
- RESERVED
+CVE-2018-3939 (An exploitable use-after-free vulnerability exists in the
JavaScript ...)
+ TODO: check
CVE-2018-3938
RESERVED
CVE-2018-3937
@@ -28985,8 +29129,8 @@ CVE-2018-3926
RESERVED
CVE-2018-3925
RESERVED
-CVE-2018-3924
- RESERVED
+CVE-2018-3924 (An exploitable use-after-free vulnerability exists in the
JavaScript ...)
+ TODO: check
CVE-2018-3923 (A memory corruption vulnerability exists in the PCX-parsing ...)
TODO: check
CVE-2018-3922 (A memory corruption vulnerability exists in the ANI-parsing ...)
@@ -29071,8 +29215,8 @@ CVE-2018-3883
RESERVED
CVE-2018-3882
RESERVED
-CVE-2018-3881
- RESERVED
+CVE-2018-3881 (An exploitable unauthenticated XML external injection
vulnerability ...)
+ TODO: check
CVE-2018-3880
RESERVED
CVE-2018-3879
@@ -31926,6 +32070,7 @@ CVE-2018-3083
CVE-2018-3082 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
NOT-FOR-US: Oracle MySQL 8
CVE-2018-3081 (Vulnerability in the MySQL Client component of Oracle MySQL ...)
+ {DLA-1407-1}
- mariadb-10.1 1:10.1.34-1
- mariadb-10.0 <removed>
- mysql-5.7 <unfixed> (bug #904121)
@@ -40044,22 +40189,22 @@ CVE-2018-0415
RESERVED
CVE-2018-0414
RESERVED
-CVE-2018-0413
- RESERVED
+CVE-2018-0413 (A vulnerability in the web-based management interface of Cisco
Identity ...)
+ TODO: check
CVE-2018-0412
RESERVED
-CVE-2018-0411
- RESERVED
+CVE-2018-0411 (A vulnerability in the web-based management interface of Cisco
Unified ...)
+ TODO: check
CVE-2018-0410
RESERVED
CVE-2018-0409
RESERVED
-CVE-2018-0408
- RESERVED
-CVE-2018-0407
- RESERVED
-CVE-2018-0406
- RESERVED
+CVE-2018-0408 (A vulnerability in the web-based management interface of Cisco
Small ...)
+ TODO: check
+CVE-2018-0407 (A vulnerability in the web-based management interface of Cisco
Small ...)
+ TODO: check
+CVE-2018-0406 (A vulnerability in the web-based management interface of Cisco
Web ...)
+ TODO: check
CVE-2018-0405
RESERVED
CVE-2018-0404
@@ -40076,8 +40221,8 @@ CVE-2018-0399 (Multiple vulnerabilities in the
web-based management interface of
NOT-FOR-US: Cisco
CVE-2018-0398 (Multiple vulnerabilities in the web-based management interface
of Cisco ...)
NOT-FOR-US: Cisco
-CVE-2018-0397
- RESERVED
+CVE-2018-0397 (A vulnerability in Cisco AMP for Endpoints Mac Connector
Software ...)
+ TODO: check
CVE-2018-0396 (A vulnerability in the web framework of the Cisco Unified ...)
NOT-FOR-US: Cisco
CVE-2018-0395
@@ -40088,8 +40233,8 @@ CVE-2018-0393 (A Read-Only User Effect Change
vulnerability in the Policy Builde
NOT-FOR-US: Cisco
CVE-2018-0392 (A vulnerability in the CLI of Cisco Policy Suite could allow an
...)
NOT-FOR-US: Cisco
-CVE-2018-0391
- RESERVED
+CVE-2018-0391 (A vulnerability in the password change function of Cisco Prime
...)
+ TODO: check
CVE-2018-0390 (A vulnerability in the web framework of Cisco Webex could allow
an ...)
NOT-FOR-US: Cisco
CVE-2018-0389
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/4a912bc75e5e61a467b8c468fefbdbad21f3d3a1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/4a912bc75e5e61a467b8c468fefbdbad21f3d3a1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
