Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7e2f9df8 by security tracker role at 2018-08-26T08:10:17Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,7 @@
+CVE-2018-15877 (The Plainview Activity Monitor plugin 4.7.11 for WordPress is
...)
+ TODO: check
+CVE-2018-15876 (An issue was discovered in the ajax-bootmodal-login plugin
1.4.3 for ...)
+ TODO: check
CVE-2018-15875 (Cross-site scripting (XSS) vulnerability on D-Link DIR-615
routers ...)
NOT-FOR-US: D-Link
CVE-2018-15874 (Cross-site scripting (XSS) vulnerability on D-Link DIR-615
routers ...)
@@ -24,52 +28,52 @@ CVE-2018-15866
RESERVED
CVE-2018-15865
RESERVED
-CVE-2018-15864
- RESERVED
-CVE-2018-15863
- RESERVED
-CVE-2018-15862
- RESERVED
-CVE-2018-15861
- RESERVED
+CVE-2018-15864 (Unchecked NULL pointer usage in resolve_keysym in
xkbcomp/parser.y in ...)
+ TODO: check
+CVE-2018-15863 (Unchecked NULL pointer usage in ResolveStateAndPredicate in
...)
+ TODO: check
+CVE-2018-15862 (Unchecked NULL pointer usage in LookupModMask in
xkbcomp/expr.c in ...)
+ TODO: check
+CVE-2018-15861 (Unchecked NULL pointer usage in ExprResolveLhs in
xkbcomp/expr.c in ...)
+ TODO: check
CVE-2018-15860
RESERVED
-CVE-2018-15859
- RESERVED
-CVE-2018-15858
- RESERVED
-CVE-2018-15857
- RESERVED
-CVE-2018-15856
- RESERVED
-CVE-2018-15855
- RESERVED
-CVE-2018-15854
- RESERVED
-CVE-2018-15853
- RESERVED
-CVE-2018-15852
- RESERVED
-CVE-2018-15851
- RESERVED
-CVE-2018-15850
- RESERVED
-CVE-2018-15849
- RESERVED
-CVE-2018-15848
- RESERVED
-CVE-2018-15847
- RESERVED
-CVE-2018-15846
- RESERVED
-CVE-2018-15845
- RESERVED
-CVE-2018-15844
- RESERVED
-CVE-2018-15843
- RESERVED
-CVE-2018-15842
- RESERVED
+CVE-2018-15859 (Unchecked NULL pointer usage when parsing invalid atoms in ...)
+ TODO: check
+CVE-2018-15858 (Unchecked NULL pointer usage when handling invalid aliases in
...)
+ TODO: check
+CVE-2018-15857 (An invalid free in ExprAppendMultiKeysymList in
xkbcomp/ast-build.c in ...)
+ TODO: check
+CVE-2018-15856 (An infinite loop when reaching EOL unexpectedly in
compose/parser.c ...)
+ TODO: check
+CVE-2018-15855 (Unchecked NULL pointer usage in xkbcommon before 0.8.1 could
be used by ...)
+ TODO: check
+CVE-2018-15854 (Unchecked NULL pointer usage in xkbcommon before 0.8.1 could
be used by ...)
+ TODO: check
+CVE-2018-15853 (Endless recursion exists in xkbcomp/expr.c in xkbcommon and
...)
+ TODO: check
+CVE-2018-15852 (Technicolor TC7200.20 devices allow remote attackers to cause
a denial ...)
+ TODO: check
+CVE-2018-15851 (An issue was discovered in Flexo CMS v0.1.6. There is a CSRF
...)
+ TODO: check
+CVE-2018-15850 (An issue was discovered in REDAXO CMS 4.7.2. There is a CSRF
...)
+ TODO: check
+CVE-2018-15849 (An issue was discovered in portfolioCMS 1.0.5. There is CSRF
to update ...)
+ TODO: check
+CVE-2018-15848 (An issue was discovered in portfolioCMS 1.0.5. There is CSRF
to create ...)
+ TODO: check
+CVE-2018-15847 (An issue was discovered in puppyCMS 5.1. There is an XSS
vulnerability ...)
+ TODO: check
+CVE-2018-15846 (An issue was discovered in fledrCMS through 2014-02-03. There
is a CSRF ...)
+ TODO: check
+CVE-2018-15845 (There is a CSRF vulnerability that can add an administrator
account in ...)
+ TODO: check
+CVE-2018-15844 (An issue was discovered in DamiCMS 6.0.0. There is an CSRF ...)
+ TODO: check
+CVE-2018-15843 (GetSimple CMS 3.3.14 has XSS via the admin/edit.php "Add
New Page" ...)
+ TODO: check
+CVE-2018-15842 (WolfCMS 0.8.3.1 has XSS via the /?/admin/page/add slug
parameter. ...)
+ TODO: check
CVE-2018-15841
RESERVED
CVE-2018-15840
@@ -895,6 +899,7 @@ CVE-2018-15503 (The unpack implementation in Swoole version
4.0.4 lacks correct
CVE-2018-15502
RESERVED
CVE-2018-15501 (In ng_pkt in transports/smart_pkt.c in libgit2 before 0.26.6
and 0.27.x ...)
+ {DLA-1477-1}
- libgit2 0.27.4+dfsg.1-0.1 (low)
[stretch] - libgit2 <no-dsa> (Minor issue)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9406
@@ -12454,9 +12459,11 @@ CVE-2018-10890 (A flaw was found in moodle before
versions 3.5.1, 3.4.4, 3.3.7,
CVE-2018-10889 (A flaw was found in moodle before versions 3.5.1, 3.4.4,
3.3.7. No ...)
- moodle <removed>
CVE-2018-10888 (A flaw was found in libgit2 before version 0.27.3. A missing
check in ...)
+ {DLA-1477-1}
- libgit2 0.27.4+dfsg.1-0.1 (bug #903508)
NOTE:
https://github.com/libgit2/libgit2/commit/9844d38bed10e9ff17174434b3421b227ae710f3
CVE-2018-10887 (A flaw was found in libgit2 before version 0.27.3. It has been
...)
+ {DLA-1477-1}
- libgit2 0.27.4+dfsg.1-0.1 (bug #903509)
NOTE:
https://github.com/libgit2/libgit2/commit/3f461902dc1072acb8b7607ee65d0a0458ffac2a
NOTE:
https://github.com/libgit2/libgit2/commit/c1577110467b701dcbcf9439ac225ea851b47d22
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7e2f9df8a9857f7862dc189e4e557dcc3077f537
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7e2f9df8a9857f7862dc189e4e557dcc3077f537
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
