Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3f287cbf by security tracker role at 2018-09-21T08:10:16Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,47 @@
+CVE-2018-17303
+ RESERVED
+CVE-2018-17302 (Stored XSS exists in views/fields/wysiwyg.js in EspoCRM 5.3.6
via a ...)
+ TODO: check
+CVE-2018-17301 (Reflected XSS exists in ...)
+ TODO: check
+CVE-2018-17300 (Stored XSS exists in CuppaCMS through 2018-09-03 via an ...)
+ TODO: check
+CVE-2018-17299
+ RESERVED
+CVE-2018-17298 (An issue was discovered in Enalean Tuleap before 10.5. Reset
password ...)
+ TODO: check
+CVE-2018-17297 (The unzip function in ZipUtil.java in Hutool before 4.1.12
allows ...)
+ TODO: check
+CVE-2018-17296
+ RESERVED
+CVE-2018-17295
+ RESERVED
+CVE-2018-17294 (The matchCurrentInput function inside lou_translateString.c of
Liblouis ...)
+ TODO: check
+CVE-2018-17293 (An issue was discovered in WAVM before 2018-09-16. The run
function in ...)
+ TODO: check
+CVE-2018-17292 (An issue was discovered in WAVM before 2018-09-16. The
loadModule ...)
+ TODO: check
+CVE-2018-17291
+ RESERVED
+CVE-2018-17290
+ RESERVED
+CVE-2018-17289
+ RESERVED
+CVE-2018-17288
+ RESERVED
+CVE-2018-17287
+ RESERVED
+CVE-2018-17286
+ RESERVED
+CVE-2018-17285
+ RESERVED
+CVE-2018-17284
+ RESERVED
+CVE-2018-17283 (Zoho ManageEngine OpManager before 12.3 Build 123196 does not
require ...)
+ TODO: check
+CVE-2018-17282 (An issue was discovered in Exiv2 v0.26. The function ...)
+ TODO: check
CVE-2018-17281
RESERVED
CVE-2018-17280
@@ -504,7 +548,7 @@ CVE-2018-17063 (An issue was discovered on D-Link DIR-816
A2 1.10 B05 devices. A
NOT-FOR-US: D-Link
CVE-2018-17062 (An issue was discovered in SeaCMS 6.64. XSS exists in
admin_video.php ...)
NOT-FOR-US: SeaCMS
-CVE-2018-17061 (BullGuard Safe Browsing 18.1.355 allows XSS on Google, Bing,
and Yahoo! ...)
+CVE-2018-17061 (BullGuard Safe Browsing before 18.1.355.9 allows XSS on
Google, Bing, ...)
NOT-FOR-US: BullGuard Safe Browsing
CVE-2018-17060
RESERVED
@@ -1187,8 +1231,8 @@ CVE-2018-16754
RESERVED
CVE-2018-16753
RESERVED
-CVE-2018-16752
- RESERVED
+CVE-2018-16752 (LINK-NET LW-N605R devices with firmware 12.20.2.1486 allow
Remote Code ...)
+ TODO: check
CVE-2018-16751
RESERVED
CVE-2018-16750 (In ImageMagick 7.0.7-29 and earlier, a memory leak in the ...)
@@ -1652,6 +1696,7 @@ CVE-2018-1000773 (WordPress version 4.9.8 and earlier
contains a CWE-20 Input Va
CVE-2018-1000673
REJECTED
CVE-2018-1000671 (sympa version 6.2.16 and later contains a CWE-601: URL
Redirection to ...)
+ {DLA-1512-1}
- sympa <unfixed> (bug #908165)
[stretch] - sympa <no-dsa> (Minor issue)
NOTE: https://github.com/sympa-community/sympa/issues/268
@@ -2346,8 +2391,8 @@ CVE-2018-16284
RESERVED
CVE-2018-16283
RESERVED
-CVE-2018-16282
- RESERVED
+CVE-2018-16282 (A command injection vulnerability in the web server
functionality of ...)
+ TODO: check
CVE-2018-16281
RESERVED
CVE-2018-16280
@@ -3516,8 +3561,8 @@ CVE-2018-15834 (In radare2 before 2.9.0, a heap overflow
vulnerability exists in
NOTE: https://github.com/radare/radare2/pull/11300
CVE-2018-15833 (In Vanilla before 2.6.1, the polling functionality allows
Insecure ...)
NOT-FOR-US: Vanilla
-CVE-2018-15832
- RESERVED
+CVE-2018-15832 (upc.exe in Ubisoft Uplay Desktop Client versions 63.0.5699.0
allows ...)
+ TODO: check
CVE-2018-15831
RESERVED
CVE-2018-15830
@@ -5762,12 +5807,12 @@ CVE-2018-14831
RESERVED
CVE-2018-14830
RESERVED
-CVE-2018-14829
- RESERVED
+CVE-2018-14829 (Rockwell Automation RSLinx Classic Versions 4.00.01 and prior.
This ...)
+ TODO: check
CVE-2018-14828
RESERVED
-CVE-2018-14827
- RESERVED
+CVE-2018-14827 (Rockwell Automation RSLinx Classic Versions 4.00.01 and prior.
A ...)
+ TODO: check
CVE-2018-14826
RESERVED
CVE-2018-14825
@@ -5778,8 +5823,8 @@ CVE-2018-14823
RESERVED
CVE-2018-14822
RESERVED
-CVE-2018-14821
- RESERVED
+CVE-2018-14821 (Rockwell Automation RSLinx Classic Versions 4.00.01 and prior.
This ...)
+ TODO: check
CVE-2018-14820
RESERVED
CVE-2018-14819
@@ -6446,8 +6491,8 @@ CVE-2018-14593 (An issue was discovered in Open Ticket
Request System (OTRS) 6.0
NOTE: OTRS-6:
https://github.com/OTRS/otrs/commit/57cda14db8fdbcbfb8cabb32d85fbc89fde48c62
NOTE: OTRS-5:
https://github.com/OTRS/otrs/commit/7b6802723e1f5d1764b617e9fcf0a8dd21e96216
NOTE: OTRS-4:
https://github.com/OTRS/otrs/commit/78331ea187181d6130189d4563a50b4c30256320
-CVE-2018-14592
- RESERVED
+CVE-2018-14592 (The CWJoomla CW Article Attachments PRO extension before 2.0.7
and CW ...)
+ TODO: check
CVE-2018-14591
RESERVED
CVE-2018-14590 (An issue has been discovered in Bento4 1.5.1-624. A SEGV can
occur in ...)
@@ -20796,8 +20841,8 @@ CVE-2018-9064 (In Lenovo xClarity Administrator
versions earlier than 2.1.0, an
NOT-FOR-US: Lenovo xClarity Administrator
CVE-2018-9063 (MapDrv (C:\Program Files\Lenovo\System Update\mapdrv.exe) In
Lenovo ...)
NOT-FOR-US: Lenovo
-CVE-2018-9062
- REJECTED
+CVE-2018-9062 (In some Lenovo ThinkPad products, one BIOS region is not
properly ...)
+ TODO: check
CVE-2018-9061
RESERVED
CVE-2018-9060
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/3f287cbf24445b5c3ecbb2f78f0365d77a567202
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/3f287cbf24445b5c3ecbb2f78f0365d77a567202
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
