Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bb6f2c3c by Moritz Muehlenhoff at 2018-09-03T10:39:35Z
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,11 +5,11 @@ CVE-2018-16389
CVE-2018-16388
RESERVED
CVE-2018-16387 (An issue was discovered in Elefant CMS before 2.0.5. There is
a CSRF ...)
- TODO: check
+ NOT-FOR-US: Elefant CMS
CVE-2018-16386
RESERVED
CVE-2018-16385 (ThinkPHP before 5.1.23 allows SQL Injection via the ...)
- TODO: check
+ NOT-FOR-US: ThinkPHP
CVE-2018-16384 (A SQL injection bypass (aka PL1 bypass) exists in OWASP
ModSecurity ...)
TODO: check
CVE-2018-16383
@@ -19,9 +19,9 @@ CVE-2018-16382 (Netwide Assembler (NASM) 2.14rc15 has a
buffer over-read in ...)
CVE-2018-16381
RESERVED
CVE-2018-16380 (An issue was discovered in Ogma CMS 0.4 Beta. There is a CSRF
...)
- TODO: check
+ NOT-FOR-US: Ogma CMS
CVE-2018-16379 (Ogma CMS 0.4 Beta has XSS via the "Footer Text
footer" field on the ...)
- TODO: check
+ NOT-FOR-US: Ogma CMS
CVE-2018-16378
RESERVED
CVE-2018-16377
@@ -31,39 +31,39 @@ CVE-2018-16376 (An issue was discovered in OpenJPEG 2.3.0.
A heap-based buffer o
CVE-2018-16375 (An issue was discovered in OpenJPEG 2.3.0. Missing checks for
...)
TODO: check
CVE-2018-16374 (Frog CMS 0.9.5 has stored XSS via
/admin/?/plugin/comment/settings. ...)
- TODO: check
+ NOT-FOR-US: Frog CMS
CVE-2018-16373 (Frog CMS 0.9.5 has an Upload vulnerability that can create
files via ...)
- TODO: check
+ NOT-FOR-US: Frog CMS
CVE-2018-16372 (The issue was discovered in IdeaCMS through 2016-04-30. There
is ...)
- TODO: check
+ NOT-FOR-US: IdeaCMS
CVE-2018-16371 (PESCMS Team 2.2.1 has multiple reflected XSS via the keyword
parameter: ...)
- TODO: check
+ NOT-FOR-US: PESCMS Team
CVE-2018-16370 (In PESCMS Team 2.2.1, attackers may upload and execute
arbitrary PHP ...)
- TODO: check
+ NOT-FOR-US: PESCMS Team
CVE-2018-16369 (XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to
cause a ...)
TODO: check
CVE-2018-16368 (SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf
4.00 allows ...)
TODO: check
CVE-2018-16367 (In OnlineJudge 2.0, the sandbox has an incorrect access
control ...)
- TODO: check
+ NOT-FOR-US: OnlineJudge
CVE-2018-16366 (An issue discovered in idreamsoft iCMS V7.0.10. ...)
- TODO: check
+ NOT-FOR-US: idreamsoft iCMS
CVE-2018-16365 (An issue discovered in idreamsoft iCMS V7.0.10. ...)
- TODO: check
+ NOT-FOR-US: idreamsoft iCMS
CVE-2018-16364
RESERVED
CVE-2018-16363
RESERVED
CVE-2018-16362 (An issue was discovered in the Source Integration plugin
before 1.5.9 ...)
- TODO: check
+ NOT-FOR-US: Mantis plugin
CVE-2018-16361
RESERVED
CVE-2018-16360
RESERVED
CVE-2018-16359 (Google gVisor before 2018-08-23, within the seccomp sandbox,
permits ...)
- TODO: check
+ NOT-FOR-US: gVisor
CVE-2018-16358 (A cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ - dotclear <removed>
CVE-2018-16357
RESERVED
CVE-2018-16356
@@ -71,11 +71,11 @@ CVE-2018-16356
CVE-2018-16355
RESERVED
CVE-2018-16354 (An issue was discovered in FHCRM through 2018-02-11. There is
a SQL ...)
- TODO: check
+ NOT-FOR-US: FHCRM
CVE-2018-16353 (An issue was discovered in FHCRM through 2018-02-11. There is
a SQL ...)
- TODO: check
+ NOT-FOR-US: FHCRM
CVE-2018-16352 (There is a PHP code upload vulnerablity in WeaselCMS 0.3.6 via
...)
- TODO: check
+ NOT-FOR-US: WeaselCMS
CVE-2018-16351
RESERVED
CVE-2018-16350 (WUZHI CMS 4.1.0 has XSS via the
index.php?m=core&f=set&v=basic ...)
@@ -95,7 +95,7 @@ CVE-2018-16344 (An issue was discovered in zzcms 8.3. It
allows remote attackers
CVE-2018-16343 (SeaCMS 6.61 allows remote attackers to execute arbitrary code
because ...)
NOT-FOR-US: SeaCMS
CVE-2018-16342 (ShowDoc v1.8.0 has XSS via a new page. ...)
- TODO: check
+ NOT-FOR-US: ShowDoc
CVE-2018-16341
RESERVED
CVE-2018-16340
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/bb6f2c3cf12879c8ea1643946bbf5f22853db566
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/bb6f2c3cf12879c8ea1643946bbf5f22853db566
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
