Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fbb559c7 by security tracker role at 2018-09-12T08:10:16Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,9 @@
+CVE-2018-16951 (xunfeng 0.2.0 allows command execution via CSRF because
masscan.py ...)
+ TODO: check
+CVE-2018-16950 (Inteno DG400 WU7U_ELION3.11.6-170614_1328 devices allow remote
...)
+ TODO: check
+CVE-2018-16946 (LG LNB*, LND*, LNU*, and LNV* smart network camera devices
have broken ...)
+ TODO: check
CVE-2018-16945
RESERVED
CVE-2018-16944
@@ -226,13 +232,13 @@ CVE-2018-16833
RESERVED
CVE-2018-16832 (CSRF in the anti-csrf decorator in xunfeng 0.2.0 allows an
attacker to ...)
NOT-FOR-US: xunfeng
-CVE-2018-16949 [OpenAFS Security Advisory-2018-003]
+CVE-2018-16949 (An issue was discovered in OpenAFS before 1.6.23 and 1.8.x
before ...)
- openafs <unfixed> (bug #908616)
NOTE: http://openafs.org/pages/security/OPENAFS-SA-2018-003.txt
-CVE-2018-16948 [OpenAFS Security Advisory-2018-002]
+CVE-2018-16948 (An issue was discovered in OpenAFS before 1.6.23 and 1.8.x
before ...)
- openafs <unfixed> (bug #908616)
NOTE: http://openafs.org/pages/security/OPENAFS-SA-2018-002.txt
-CVE-2018-16947 [OpenAFS Security Advisory-2018-001]
+CVE-2018-16947 (An issue was discovered in OpenAFS before 1.6.23 and 1.8.x
before ...)
- openafs <unfixed> (bug #908616)
NOTE: http://openafs.org/pages/security/OPENAFS-SA-2018-001.txt
CVE-2018-XXXX [function signature mismatch in webassembly]
@@ -469,7 +475,7 @@ CVE-2018-16742 [stack-based buffer overflow with long
arguments in contrib/scrts
NOTE: Upstream removed contrib/scrts in
7d018d471f4c737f77ef281f5859a3b1c9ded42f (1.2.1)
CVE-2018-16741 [shell injection via faxq-helper]
RESERVED
- {DSA-4291-1}
+ {DSA-4291-1 DLA-1502-1}
- mgetty <unfixed>
NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-007-mgetty/
NOTE: Upstream commit: 1a7b3a30f79bae4cfbc6404fe4648689cd0ade62 (1.2.1)
@@ -2479,8 +2485,8 @@ CVE-2018-15900
RESERVED
CVE-2018-15899 (An issue was discovered in MiniCMS 1.10. There is a
post.php?date= XSS ...)
NOT-FOR-US: MiniCMS
-CVE-2018-15898
- RESERVED
+CVE-2018-15898 (The Subsonic Music Streamer application 4.4 for Android has
Improper ...)
+ TODO: check
CVE-2018-15897 (PHP Scripts Mall Website Seller Script 2.0.5 allows remote
attackers ...)
NOT-FOR-US: PHP Scripts Mall Website Seller Script
CVE-2018-15896 (PHP Scripts Mall Website Seller Script 2.0.5 has XSS via
Personal ...)
@@ -96790,7 +96796,7 @@ CVE-2016-9490 (ManageEngine Applications Manager
versions 12 and 13 before build
NOT-FOR-US: ManageEngine Applications Manager
CVE-2016-9489 (In ManageEngine Applications Manager 12 and 13 before build
13200, an ...)
NOT-FOR-US: ManageEngine
-CVE-2016-9488 (ManageEngine Applications Manager versions 12 and 13 suffer
from ...)
+CVE-2016-9488 (ManageEngine Applications Manager versions 12 and 13 before
build ...)
NOT-FOR-US: ManageEngine Applications Manager
CVE-2016-9487 (EpubCheck 4.0.1 does not properly restrict resolving external
entities ...)
NOT-FOR-US: EpubCheck
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/fbb559c7a996fbb25b36d67425ef8db3a3441661
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/fbb559c7a996fbb25b36d67425ef8db3a3441661
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
