Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
da6467db by security tracker role at 2018-08-31T08:10:16Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,91 @@
+CVE-2018-16274
+ RESERVED
+CVE-2018-16273
+ RESERVED
+CVE-2018-16272
+ RESERVED
+CVE-2018-16271
+ RESERVED
+CVE-2018-16270
+ RESERVED
+CVE-2018-16269
+ RESERVED
+CVE-2018-16268
+ RESERVED
+CVE-2018-16267
+ RESERVED
+CVE-2018-16266
+ RESERVED
+CVE-2018-16265
+ RESERVED
+CVE-2018-16264
+ RESERVED
+CVE-2018-16263
+ RESERVED
+CVE-2018-16262
+ RESERVED
+CVE-2018-16261
+ RESERVED
+CVE-2018-16260
+ RESERVED
+CVE-2018-16259
+ RESERVED
+CVE-2018-16258
+ RESERVED
+CVE-2018-16257
+ RESERVED
+CVE-2018-16256
+ RESERVED
+CVE-2018-16255
+ RESERVED
+CVE-2018-16254
+ RESERVED
+CVE-2018-16253
+ RESERVED
+CVE-2018-16252
+ RESERVED
+CVE-2018-16251
+ RESERVED
+CVE-2018-16250
+ RESERVED
+CVE-2018-16249
+ RESERVED
+CVE-2018-16248
+ RESERVED
+CVE-2018-16247
+ RESERVED
+CVE-2018-16246
+ RESERVED
+CVE-2018-16245
+ RESERVED
+CVE-2018-16244
+ RESERVED
+CVE-2018-16243
+ RESERVED
+CVE-2018-16242
+ RESERVED
+CVE-2018-16241
+ RESERVED
+CVE-2018-16240
+ RESERVED
+CVE-2018-16239 (An issue was discovered in damiCMS V6.0.1. It relies on the
PHP time() ...)
+ TODO: check
+CVE-2018-16238 (An issue was discovered in damiCMS V6.0.1. Remote code
execution can ...)
+ TODO: check
+CVE-2018-16237 (An issue was discovered in damiCMS V6.0.1. There is Directory
Traversal ...)
+ TODO: check
+CVE-2018-16236 (cPanel through 74 allows XSS via a crafted filename in the
logs ...)
+ TODO: check
+CVE-2018-16235
+ RESERVED
+CVE-2018-16234 (MorningStar WhatWeb 0.4.9 has XSS via JSON report files. ...)
+ TODO: check
+CVE-2018-16233 (MiniCMS V1.10 has XSS via the mc-admin/post-edit.php tags
parameter. ...)
+ TODO: check
+CVE-2018-16232
+ RESERVED
+CVE-2018-16231 (Michael Roth Software Personal FTP Server (PFTP) through 8.4f
allows ...)
+ TODO: check
CVE-2018-16230
RESERVED
CVE-2018-16229
@@ -696,7 +784,7 @@ CVE-2018-15908 (In Artifex Ghostscript 9.23 before
2018-08-23, attackers are abl
- ghostscript 9.22~dfsg-3 (bug #907332)
NOTE:
http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=0d3901189f245232f0161addf215d7268c4d05a3
NOTE: https://www.kb.cert.org/vuls/id/332928
-CVE-2018-15907 (Technicolor (formerly RCA) TC8305C devices have a Buffer
Overflow. ...)
+CVE-2018-15907 (Technicolor (formerly RCA) TC8305C devices allow remote
attackers to ...)
NOT-FOR-US: Technicolor (formerly RCA) TC8305C devices
CVE-2018-15906
RESERVED
@@ -25430,10 +25518,10 @@ CVE-2018-6501
RESERVED
CVE-2018-6500
RESERVED
-CVE-2018-6499
- RESERVED
-CVE-2018-6498
- RESERVED
+CVE-2018-6499 (Remote Code Execution in the following products Hybrid Cloud
...)
+ TODO: check
+CVE-2018-6498 (Remote Code Execution in the following products Hybrid Cloud
...)
+ TODO: check
CVE-2018-6497 (Remote Cross-site Request forgery (CSRF) potential has been
identified ...)
NOT-FOR-US: UCMDB Server
CVE-2018-6496 (Remote Cross-site Request forgery (CSRF) potential has been
identified ...)
@@ -28114,6 +28202,7 @@ CVE-2018-5741
RESERVED
CVE-2018-5740 [A flaw in the "deny-answer-aliases" feature can cause an INSIST
assertion failure in named]
RESERVED
+ {DLA-1485-1}
- bind9 <unfixed> (bug #905743)
[stretch] - bind9 <postponed> (Can be fixed along in the next DSA)
NOTE: https://kb.isc.org/article/AA-01639/74/CVE-2018-5740
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/da6467dbeb8dbe7b1d9815aab8f030d1a31907c6
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/da6467dbeb8dbe7b1d9815aab8f030d1a31907c6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
