[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Sat, 04 Aug 2018 01:10:38 -0700

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
12ce544a by security tracker role at 2018-08-04T08:10:16Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,37 @@
+CVE-2018-14931
+       RESERVED
+CVE-2018-14930
+       RESERVED
+CVE-2018-14929 (Matera Banco 1.0.0 is vulnerable to multiple reflected XSS, as 
...)
+       TODO: check
+CVE-2018-14928 (/contingency/servlet/ServletFileDownload executes as root and 
provides ...)
+       TODO: check
+CVE-2018-14927 (Matera Banco 1.0.0 is vulnerable to path traversal (allowing 
access to ...)
+       TODO: check
+CVE-2018-14926 (Matera Banco 1.0.0 allows CSRF, as demonstrated by a ...)
+       TODO: check
+CVE-2018-14925 (Matera Banco 1.0.0 mishandles Java errors in the backend, as 
...)
+       TODO: check
+CVE-2018-14924 (Matera Banco 1.0.0 is vulnerable to multiple stored XSS, as 
...)
+       TODO: check
+CVE-2018-14923 (A vulnerability in uniview EZPlayer 1.0.6 could allow an 
attacker to ...)
+       TODO: check
+CVE-2018-14922
+       RESERVED
+CVE-2018-14921
+       RESERVED
+CVE-2018-14920
+       RESERVED
+CVE-2018-14919
+       RESERVED
+CVE-2018-14918
+       RESERVED
+CVE-2018-14917
+       RESERVED
+CVE-2018-14916
+       RESERVED
+CVE-2018-14915
+       RESERVED
 CVE-2018-1000223 Heap-based buffer overflow in 
SoundStretch/WavFile.cpp:WavInFile::readHeaderBlock() potentially leading to 
code execution]
        - soundtouch <unfixed>
        NOTE: https://gitlab.com/soundtouch/soundtouch/issues/6
@@ -12844,8 +12878,8 @@ CVE-2018-9868
        RESERVED
 CVE-2018-9867
        RESERVED
-CVE-2018-9866
-       RESERVED
+CVE-2018-9866 (A vulnerability in lack of validation of user-supplied 
parameters pass ...)
+       TODO: check
 CVE-2018-9865
        RESERVED
 CVE-2018-9864 (The WP Live Chat Support plugin before 8.0.06 for WordPress has 
stored ...)
@@ -29981,8 +30015,8 @@ CVE-2018-3779
        RESERVED
 CVE-2018-3778
        RESERVED
-CVE-2018-3777
-       RESERVED
+CVE-2018-3777 (Insufficient URI encoding in restforce before 3.0.0 allows 
attacker to ...)
+       TODO: check
 CVE-2018-3776
        RESERVED
 CVE-2018-3775



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/12ce544a56662b1e5883a8b165f4a09db1711474

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/12ce544a56662b1e5883a8b165f4a09db1711474
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to