Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: fbb559c7 by security tracker role at 2018-09-12T08:10:16Z automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,9 @@ +CVE-2018-16951 (xunfeng 0.2.0 allows command execution via CSRF because masscan.py ...) + TODO: check +CVE-2018-16950 (Inteno DG400 WU7U_ELION3.11.6-170614_1328 devices allow remote ...) + TODO: check +CVE-2018-16946 (LG LNB*, LND*, LNU*, and LNV* smart network camera devices have broken ...) + TODO: check CVE-2018-16945 RESERVED CVE-2018-16944 @@ -226,13 +232,13 @@ CVE-2018-16833 RESERVED CVE-2018-16832 (CSRF in the anti-csrf decorator in xunfeng 0.2.0 allows an attacker to ...) NOT-FOR-US: xunfeng -CVE-2018-16949 [OpenAFS Security Advisory-2018-003] +CVE-2018-16949 (An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before ...) - openafs <unfixed> (bug #908616) NOTE: http://openafs.org/pages/security/OPENAFS-SA-2018-003.txt -CVE-2018-16948 [OpenAFS Security Advisory-2018-002] +CVE-2018-16948 (An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before ...) - openafs <unfixed> (bug #908616) NOTE: http://openafs.org/pages/security/OPENAFS-SA-2018-002.txt -CVE-2018-16947 [OpenAFS Security Advisory-2018-001] +CVE-2018-16947 (An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before ...) - openafs <unfixed> (bug #908616) NOTE: http://openafs.org/pages/security/OPENAFS-SA-2018-001.txt CVE-2018-XXXX [function signature mismatch in webassembly] @@ -469,7 +475,7 @@ CVE-2018-16742 [stack-based buffer overflow with long arguments in contrib/scrts NOTE: Upstream removed contrib/scrts in 7d018d471f4c737f77ef281f5859a3b1c9ded42f (1.2.1) CVE-2018-16741 [shell injection via faxq-helper] RESERVED - {DSA-4291-1} + {DSA-4291-1 DLA-1502-1} - mgetty <unfixed> NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-007-mgetty/ NOTE: Upstream commit: 1a7b3a30f79bae4cfbc6404fe4648689cd0ade62 (1.2.1) @@ -2479,8 +2485,8 @@ CVE-2018-15900 RESERVED CVE-2018-15899 (An issue was discovered in MiniCMS 1.10. There is a post.php?date= XSS ...) NOT-FOR-US: MiniCMS -CVE-2018-15898 - RESERVED +CVE-2018-15898 (The Subsonic Music Streamer application 4.4 for Android has Improper ...) + TODO: check CVE-2018-15897 (PHP Scripts Mall Website Seller Script 2.0.5 allows remote attackers ...) NOT-FOR-US: PHP Scripts Mall Website Seller Script CVE-2018-15896 (PHP Scripts Mall Website Seller Script 2.0.5 has XSS via Personal ...) @@ -96790,7 +96796,7 @@ CVE-2016-9490 (ManageEngine Applications Manager versions 12 and 13 before build NOT-FOR-US: ManageEngine Applications Manager CVE-2016-9489 (In ManageEngine Applications Manager 12 and 13 before build 13200, an ...) NOT-FOR-US: ManageEngine -CVE-2016-9488 (ManageEngine Applications Manager versions 12 and 13 suffer from ...) +CVE-2016-9488 (ManageEngine Applications Manager versions 12 and 13 before build ...) NOT-FOR-US: ManageEngine Applications Manager CVE-2016-9487 (EpubCheck 4.0.1 does not properly restrict resolving external entities ...) NOT-FOR-US: EpubCheck View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fbb559c7a996fbb25b36d67425ef8db3a3441661 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fbb559c7a996fbb25b36d67425ef8db3a3441661 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits