Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: f569af91 by Salvatore Bonaccorso at 2018-08-17T08:19:28Z Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -534,7 +534,7 @@ CVE-2018-15124 (Weak hashing algorithm in Zipato Zipabox Smart Home Controller B CVE-2018-15123 (Insecure configuration storage in Zipato Zipabox Smart Home Controller ...) NOT-FOR-US: Zipato CVE-2018-15122 (An issue found in Progress Telerik JustAssembly through 2018.1.323.2 ...) - TODO: check + NOT-FOR-US: Telerik CVE-2018-15121 RESERVED CVE-2018-15120 @@ -4565,7 +4565,7 @@ CVE-2018-13447 (SQL injection vulnerability in product/card.php in Dolibarr ERP/ - dolibarr <removed> NOTE: https://github.com/Dolibarr/dolibarr/commit/36402c22eef49d60edd73a2f312f8e28fe0bd1cb CVE-2018-13446 (** DISPUTED ** An issue was discovered in the LINE jp.naver.line ...) - TODO: check + NOT-FOR-US: LINE jp.naver.line application for Android CVE-2018-13445 (An issue was discovered in SeaCMS 6.61. There is a CSRF vulnerability ...) NOT-FOR-US: SeaCMS CVE-2018-13444 (An issue was discovered in SeaCMS 6.61. There is a CSRF vulnerability ...) @@ -4591,9 +4591,9 @@ CVE-2018-13437 CVE-2018-13436 RESERVED CVE-2018-13435 (** DISPUTED ** An issue was discovered in the LINE jp.naver.line ...) - TODO: check + NOT-FOR-US: LINE jp.naver.line application for iOS CVE-2018-13434 (** DISPUTED ** An issue was discovered in the LINE jp.naver.line ...) - TODO: check + NOT-FOR-US: LINE jp.naver.line application for iOS CVE-2018-13433 (Boostnote v0.11.7 allows XSS during highlighting of Markdown text, as ...) NOT-FOR-US: Boostnote CVE-2018-13432 @@ -7687,7 +7687,7 @@ CVE-2018-12258 (An issue was discovered on Momentum Axel 720P 5.1.8 devices. Cus CVE-2018-12257 (An issue was discovered on Momentum Axel 720P 5.1.8 devices. There is ...) NOT-FOR-US: Momentum Axel 720P 5.1.8 devices CVE-2018-12256 (admin/vqmods.app/vqmods.inc.php in LiteCart before 2.1.3 allows remote ...) - TODO: check + NOT-FOR-US: LiteCart CVE-2018-12255 (An XSS issue was discovered in InvoicePlane 1.5.10 via the "Quote PDF ...) NOT-FOR-US: InvoicePlane CVE-2018-12254 (router.php in the Harmis Ek rishta (aka ek-rishta) 2.10 component for ...) @@ -9557,11 +9557,11 @@ CVE-2018-11513 CVE-2018-11512 (Stored cross-site scripting (XSS) vulnerability in the "Website's name" ...) NOT-FOR-US: wityCMS CVE-2018-11511 (The tree list functionality in the photo gallery application in ...) - TODO: check + NOT-FOR-US: ASUSTOR ADM CVE-2018-11510 (ASUSTOR ADM 3.1.2.RHG1 and earlier uses the same default root:admin ...) NOT-FOR-US: ASUSTOR CVE-2018-11509 (ASUSTOR ADM 3.1.0.RFQ3 uses the same default root:admin username and ...) - TODO: check + NOT-FOR-US: ASUSTOR ADM CVE-2018-11508 (The compat_get_timex function in kernel/compat.c in the Linux kernel ...) - linux 4.16.12-1 [stretch] - linux <not-affected> (Vulnerable code introduced later) @@ -17553,9 +17553,9 @@ CVE-2018-8408 CVE-2018-8407 RESERVED CVE-2018-8406 (An elevation of privilege vulnerability exists when the DirectX ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2018-8405 (An elevation of privilege vulnerability exists when the DirectX ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2018-8404 (An elevation of privilege vulnerability exists in Windows when the ...) NOT-FOR-US: Microsoft CVE-2018-8403 (A remote code execution vulnerability exists in the way that Microsoft ...) @@ -17563,9 +17563,9 @@ CVE-2018-8403 (A remote code execution vulnerability exists in the way that Micr CVE-2018-8402 RESERVED CVE-2018-8401 (An elevation of privilege vulnerability exists when the DirectX ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2018-8400 (An elevation of privilege vulnerability exists when the DirectX ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2018-8399 (An elevation of privilege vulnerability exists in Windows when the ...) NOT-FOR-US: Microsoft CVE-2018-8398 (An information disclosure vulnerability exists when the Windows GDI ...) @@ -54002,23 +54002,23 @@ CVE-2017-13110 CVE-2017-13109 RESERVED CVE-2017-13108 (DFNDR Security Antivirus, Anti-hacking & Cleaner, 5.0.9, 2017-11-01, ...) - TODO: check + NOT-FOR-US: DFNDR Security Antivirus, Anti-hacking & Cleaner CVE-2017-13107 (Live.me - live stream video chat, 3.7.20, 2017-11-06, Android ...) - TODO: check + NOT-FOR-US: Live.me - live stream video chat Android application CVE-2017-13106 (Cheetahmobile CM Launcher 3D - Theme, wallpaper, Secure, Efficient, ...) - TODO: check + NOT-FOR-US: Cheetahmobile CM Launcher 3D - Theme, wallpaper, Secure, Efficient Android application CVE-2017-13105 (Hi Security Virus Cleaner - Antivirus, Booster, 3.7.1.1329, ...) - TODO: check + NOT-FOR-US: Hi Security Virus Cleaner - Antivirus, Booster Android application CVE-2017-13104 (Uber Technologies, Inc. UberEATS: Uber for Food Delivery, 1.108.10001, ...) - TODO: check + NOT-FOR-US: Uber Technologies, Inc. UberEATS: Uber for Food Delivery iOS application CVE-2017-13103 (Pinterest, 6.37, 2017-10-24, iOS application uses a hard-coded key for ...) - TODO: check + NOT-FOR-US: Pinterest iOS application CVE-2017-13102 (Gameloft Asphalt Xtreme: Offroad Rally Racing, 1.6.0, 2017-08-13, iOS ...) - TODO: check + NOT-FOR-US: Gameloft Asphalt Xtreme: Offroad Rally Racing iOS application CVE-2017-13101 (Musical.ly Inc., musical.ly - your video social network, 6.1.6, ...) - TODO: check + NOT-FOR-US: Musical.ly Inc., musical.ly - your video social network iOS application CVE-2017-13100 (DistinctDev, Inc., The Moron Test, 6.3.1, 2017-05-04, iOS application ...) - TODO: check + NOT-FOR-US: DistinctDev, Inc., The Moron Test iOS application CVE-2017-13099 (wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle ...) - wolfssl 3.13.0+dfsg-1 (bug #884235) NOTE: https://github.com/wolfSSL/wolfssl/pull/1229 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f569af91448bc6e0588fad140d9708d34860668f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f569af91448bc6e0588fad140d9708d34860668f You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits