Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7ad26450 by security tracker role at 2018-08-09T20:10:14Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -51,14 +51,14 @@ CVE-2018-15186
RESERVED
CVE-2018-15185
RESERVED
-CVE-2018-15184
- RESERVED
-CVE-2018-15183
- RESERVED
-CVE-2018-15182
- RESERVED
-CVE-2018-15181
- RESERVED
+CVE-2018-15184 (PHP Scripts Mall Naukri / Shine / Jobsite Clone Script 3.0.4
has ...)
+ TODO: check
+CVE-2018-15183 (PHP Scripts Mall Myperfectresume / JobHero / Resume Clone
Script 2.0.6 ...)
+ TODO: check
+CVE-2018-15182 (PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the
FirstName and ...)
+ TODO: check
+CVE-2018-15181 (JioFi 4G Hotspot M2S devices allow attackers to cause a denial
of ...)
+ TODO: check
CVE-2018-15180
RESERVED
CVE-2018-15179
@@ -153,8 +153,8 @@ CVE-2018-15135
RESERVED
CVE-2018-15134
RESERVED
-CVE-2018-15133
- RESERVED
+CVE-2018-15133 (In Laravel Framework through 5.5.40 and 5.6.x through 5.6.29,
remote ...)
+ TODO: check
CVE-2018-15132 (An issue was discovered in ext/standard/link_win32.c in PHP
before ...)
TODO: check
CVE-2018-15131
@@ -10798,8 +10798,7 @@ CVE-2018-10910 [ailure in disabling Bluetooth
discoverability in certain cases m
TODO: check, might not be a problem with Gnome <= 3.26, i.e. no-dsa for
those suites
CVE-2018-10909
RESERVED
-CVE-2018-10908
- RESERVED
+CVE-2018-10908 (It was found that vdsm before version 4.20.37 invokes qemu-img
on ...)
NOT-FOR-US: ovirt
CVE-2018-10907
RESERVED
@@ -21545,8 +21544,7 @@ CVE-2018-6924
RESERVED
CVE-2018-6923
RESERVED
-CVE-2018-6922
- RESERVED
+CVE-2018-6922 (One of the data structures that holds TCP segments in all
versions of ...)
- kfreebsd-10 <unfixed> (unimportant)
NOTE: https://www.kb.cert.org/vuls/id/962459
NOTE: kfreebsd not covered by security support
@@ -41282,10 +41280,12 @@ CVE-2018-0363 (A vulnerability in the web-based
management interface of Cisco Un
CVE-2018-0362 (A vulnerability in BIOS authentication management of Cisco 5000
Series ...)
NOT-FOR-US: Cisco
CVE-2018-0361 (ClamAV before 0.100.1 lacks a PDF object length check,
resulting in an ...)
+ {DLA-1461-1}
- clamav 0.100.1+dfsg-1
[stretch] - clamav <no-dsa> (clamav is updated via -updates)
NOTE:
https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html
CVE-2018-0360 (ClamAV before 0.100.1 has an HWP integer overflow with a
resultant ...)
+ {DLA-1461-1}
- clamav 0.100.1+dfsg-1
[stretch] - clamav <no-dsa> (clamav is updated via -updates)
NOTE:
https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html
@@ -174729,7 +174729,7 @@ CVE-2014-0086 (The doFilter function in
webapp/PushHandlerFilter.java in JBoss .
NOT-FOR-US: RichFaces
NOTE:
https://github.com/richfaces/richfaces/commit/4115c103f74e7cb0af6d392e22866e52db2bc4e7
NOTE: https://issues.jboss.org/browse/RF-13250
-CVE-2014-0085 (Apache Zookeeper logs cleartext admin passwords, which allows
local ...)
+CVE-2014-0085 (JBoss Fuse did not enable encrypted passwords by default in its
usage ...)
NOT-FOR-US: Fuse Fabric
CVE-2014-0084
RESERVED
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7ad264508318c1432fed28c24d491d11c3ec2d53
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7ad264508318c1432fed28c24d491d11c3ec2d53
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
