Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7eab1abd by security tracker role at 2018-09-04T08:10:18Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,83 @@
+CVE-2018-16457
+ RESERVED
+CVE-2018-16456
+ RESERVED
+CVE-2018-16455
+ RESERVED
+CVE-2018-16454
+ RESERVED
+CVE-2018-16453
+ RESERVED
+CVE-2018-16452
+ RESERVED
+CVE-2018-16451
+ RESERVED
+CVE-2018-16450 (CraftedWeb through 2013-09-24 has reflected XSS via the p
parameter. ...)
+ TODO: check
+CVE-2018-16449 (OneThink 1.1.141212 allows CSRF for adding a page via ...)
+ TODO: check
+CVE-2018-16448 (Cscms 4 allows CSRF for creating a member via ...)
+ TODO: check
+CVE-2018-16447 (Frog CMS 0.9.5 has admin/?/user/edit/1 CSRF. ...)
+ TODO: check
+CVE-2018-16446 (An issue was discovered in SeaCMS through 6.61. ...)
+ TODO: check
+CVE-2018-16445 (An issue was discovered in SeaCMS through 6.61. SQL injection
exists ...)
+ TODO: check
+CVE-2018-16444 (An issue was discovered in SeaCMS 6.61. adm1n/admin_reslib.php
has SSRF ...)
+ TODO: check
+CVE-2018-16443
+ RESERVED
+CVE-2018-16442
+ RESERVED
+CVE-2018-16441
+ RESERVED
+CVE-2018-16440
+ RESERVED
+CVE-2018-16439
+ RESERVED
+CVE-2018-16438 (An issue was discovered in the HDF HDF5 1.8.20 library. There
is an out ...)
+ TODO: check
+CVE-2018-16437
+ RESERVED
+CVE-2018-16436
+ RESERVED
+CVE-2018-16435 (Little CMS (aka Little Color Management System) 2.9 has an
integer ...)
+ TODO: check
+CVE-2018-16434
+ RESERVED
+CVE-2018-16433
+ RESERVED
+CVE-2018-16432 (BlueCMS 1.6 allows SQL Injection via the user_name parameter
to ...)
+ TODO: check
+CVE-2018-16431 (admin/admin/adminsave.html in YFCMF v3.0 allows CSRF to add an
...)
+ TODO: check
+CVE-2018-16430 (GNU Libextractor through 1.7 has an out-of-bounds read
vulnerability in ...)
+ TODO: check
+CVE-2018-16429 (GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in
...)
+ TODO: check
+CVE-2018-16428 (In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in
gmarkup.c ...)
+ TODO: check
+CVE-2018-16427 (Various out of bounds reads when handling responses in OpenSC
before ...)
+ TODO: check
+CVE-2018-16426 (Endless recursion when handling responses from an IAS-ECC card
in ...)
+ TODO: check
+CVE-2018-16425 (A double free when handling responses from an HSM Card in ...)
+ TODO: check
+CVE-2018-16424 (A double free when handling responses in read_file in
tools/egk-tool.c ...)
+ TODO: check
+CVE-2018-16423 (A double free when handling responses from a smartcard in ...)
+ TODO: check
+CVE-2018-16422 (A single byte buffer overflow when handling responses from an
esteid ...)
+ TODO: check
+CVE-2018-16421 (Several buffer overflows when handling responses from a CAC
Card in ...)
+ TODO: check
+CVE-2018-16420 (Several buffer overflows when handling responses from an ePass
2003 ...)
+ TODO: check
+CVE-2018-16419 (Several buffer overflows when handling responses from a
Cryptoflex card ...)
+ TODO: check
+CVE-2018-16418 (A buffer overflow when handling string concatenation in
util_acl_to_str ...)
+ TODO: check
CVE-2018-16417
RESERVED
CVE-2018-16416 (Cross-site request forgery (CSRF) vulnerability in ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7eab1abdb48d9156e9df2758f89de1d68fac21aa
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7eab1abdb48d9156e9df2758f89de1d68fac21aa
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
