Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9be70af5 by security tracker role at 2018-09-14T08:10:19Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,59 @@
+CVE-2018-17051 (K-Net Cisco Configuration Manager through 2014-11-19 has XSS
via ...)
+ TODO: check
+CVE-2018-17050
+ RESERVED
+CVE-2018-17049 (CQU-LANKERS through 2017-11-02 has XSS via the public/api.php
callback ...)
+ TODO: check
+CVE-2018-17048
+ RESERVED
+CVE-2018-17047
+ RESERVED
+CVE-2018-17046 (translate man before 2018-08-21 has XSS via ...)
+ TODO: check
+CVE-2018-17045 (An issue was discovered in CMS MaeloStore V.1.5.0. There is a
CSRF ...)
+ TODO: check
+CVE-2018-17044 (In YzmCMS 5.1, stored XSS exists via the ...)
+ TODO: check
+CVE-2018-17043 (An issue has been found in doc2txt through 2014-03-19. It is a
...)
+ TODO: check
+CVE-2018-17042 (An issue has been found in dbf2txt through 2012-07-19. It is a
infinite ...)
+ TODO: check
+CVE-2018-17041
+ RESERVED
+CVE-2018-17040
+ RESERVED
+CVE-2018-17039 (MiniCMS 1.10, when Internet Explorer is used, allows XSS via a
crafted ...)
+ TODO: check
+CVE-2018-17038
+ RESERVED
+CVE-2018-17037 (user/editpost.php in UCMS 1.4.6 mishandles levels, which
allows ...)
+ TODO: check
+CVE-2018-17036 (An issue was discovered in UCMS 1.4.6. It allows PHP code
injection ...)
+ TODO: check
+CVE-2018-17035 (UCMS 1.4.6 has SQL injection during installation via the ...)
+ TODO: check
+CVE-2018-17034 (UCMS 1.4.6 has XSS via the install/index.php mysql_dbname
parameter. ...)
+ TODO: check
+CVE-2018-17033
+ RESERVED
+CVE-2018-17032
+ RESERVED
+CVE-2018-17031 (In Gogs 0.11.53, an attacker can use a crafted .eml file to
trigger ...)
+ TODO: check
+CVE-2018-17030 (BigTree CMS 4.2.23 allows remote authenticated users, if
possessing ...)
+ TODO: check
+CVE-2018-17029
+ RESERVED
+CVE-2018-17028
+ RESERVED
+CVE-2018-17027
+ RESERVED
+CVE-2018-17026 (admin/index.php in Monstra CMS 3.0.4 allows XSS via the
page_meta_title ...)
+ TODO: check
+CVE-2018-17025 (admin/index.php in Monstra CMS 3.0.4 allows XSS via the
page_meta_title ...)
+ TODO: check
+CVE-2018-17024 (admin/index.php in Monstra CMS 3.0.4 allows XSS via the
page_meta_title ...)
+ TODO: check
CVE-2018-17023 (Cross-site request forgery (CSRF) vulnerability on ASUS
GT-AC5300 ...)
NOT-FOR-US: ASUS GT-AC5300 routers
CVE-2018-17022 (Stack-based buffer overflow on the ASUS GT-AC5300 router
through ...)
@@ -16203,8 +16259,8 @@ CVE-2018-10639
RESERVED
CVE-2018-10638
RESERVED
-CVE-2018-10637
- RESERVED
+CVE-2018-10637 (A maliciously crafted project file may cause a buffer
overflow, which ...)
+ TODO: check
CVE-2018-10636 (CNCSoft Version 1.00.83 and prior with ScreenEditor Version
1.00.54 ...)
NOT-FOR-US: CNCSoft
CVE-2018-10635 (In Universal Robots Robot Controllers Version CB 3.1, SW
Version ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/9be70af50f4ec7006262372e8bbecabcd32c3996
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/9be70af50f4ec7006262372e8bbecabcd32c3996
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
