[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Thu, 04 Oct 2018 13:10:58 -0700

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
ca001a0b by security tracker role at 2018-10-04T20:10:24Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -218,18 +218,18 @@ CVE-2018-17878
        RESERVED
 CVE-2018-17877
        RESERVED
-CVE-2018-17876
-       RESERVED
+CVE-2018-17876 (A Stored XSS vulnerability has been discovered in the v5.5.0 
version ...)
+       TODO: check
 CVE-2018-17875
        RESERVED
 CVE-2018-17874 (ExpressionEngine before 4.3.5 has reflected XSS. ...)
        NOT-FOR-US: ExpressionEngine
 CVE-2018-17873
        RESERVED
-CVE-2018-17872
-       RESERVED
-CVE-2018-17871
-       RESERVED
+CVE-2018-17872 (Verba Collaboration Compliance and Quality Management Platform 
before ...)
+       TODO: check
+CVE-2018-17871 (Verba Collaboration Compliance and Quality Management Platform 
before ...)
+       TODO: check
 CVE-2018-17870 (An issue was discovered in BTITeam XBTIT 2.5.4. The 
&quot;returnto&quot; ...)
        NOT-FOR-US: BTITeam XBTIT
 CVE-2018-17869 (DASAN H660GW devices do not implement any CSRF protection 
mechanism. ...)
@@ -13311,12 +13311,12 @@ CVE-2018-12474
        RESERVED
 CVE-2018-12473 (A path traversal traversal vulnerability in 
obs-service-tar_scm of ...)
        TODO: check
-CVE-2018-12472
-       RESERVED
-CVE-2018-12471
-       RESERVED
-CVE-2018-12470
-       RESERVED
+CVE-2018-12472 (A improper authentication using the HOST header in SUSE Linux 
SMT ...)
+       TODO: check
+CVE-2018-12471 (A External Entity Reference ('XXE') vulnerability in SUSE 
Linux SMT ...)
+       TODO: check
+CVE-2018-12470 (A SQL Injection in the RegistrationSharing module of SUSE 
Linux SMT ...)
+       TODO: check
 CVE-2018-12469
        RESERVED
 CVE-2018-12468 (A vulnerability in the administration console of Micro Focus 
GroupWise ...)
@@ -15208,8 +15208,8 @@ CVE-2018-11786 (In Apache Karaf prior to 4.2.0 release, 
if the sshd service in K
        - apache-karaf <itp> (bug #881297)
 CVE-2018-11785
        RESERVED
-CVE-2018-11784
-       RESERVED
+CVE-2018-11784 (When the default servlet in Apache Tomcat versions 9.0.0.M1 to 
9.0.11, ...)
+       TODO: check
 CVE-2018-11783
        RESERVED
 CVE-2018-11782
@@ -33202,8 +33202,8 @@ CVE-2018-5494
        RESERVED
 CVE-2018-5493
        RESERVED
-CVE-2018-5492
-       RESERVED
+CVE-2018-5492 (NetApp E-Series SANtricity OS Controller Software 11.30 and 
later ...)
+       TODO: check
 CVE-2018-5491
        RESERVED
 CVE-2018-5490 (Read-Only export policy rules are not correctly enforced in 
Clustered ...)
@@ -43144,8 +43144,8 @@ CVE-2018-1821
        RESERVED
 CVE-2018-1820 (IBM WebSphere Portal 8.0, 8.5, and 9.0 is vulnerable to 
cross-site ...)
        NOT-FOR-US: IBM
-CVE-2018-1819
-       RESERVED
+CVE-2018-1819 (IBM Financial Transaction Manager for Digital Payments for ...)
+       TODO: check
 CVE-2018-1818
        RESERVED
 CVE-2018-1817
@@ -43442,8 +43442,8 @@ CVE-2018-1672 (IBM WebSphere Portal 7.0, 8.0, 8.5, and 
9.0 may fail to set the .
        NOT-FOR-US: IBM
 CVE-2018-1671
        RESERVED
-CVE-2018-1670
-       RESERVED
+CVE-2018-1670 (IBM Financial Transaction Manager for ACH Services for 
Multi-Platform ...)
+       TODO: check
 CVE-2018-1669 (IBM DataPower Gateway 7.1.0.0 - 7.1.0.23, 7.2.0.0 - 7.2.0.21, 
7.5.0.0 ...)
        NOT-FOR-US: IBM
 CVE-2018-1668
@@ -43574,12 +43574,12 @@ CVE-2018-1606
        RESERVED
 CVE-2018-1605 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 
through ...)
        NOT-FOR-US: IBM
-CVE-2018-1604
-       RESERVED
-CVE-2018-1603
-       RESERVED
-CVE-2018-1602
-       RESERVED
+CVE-2018-1604 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 
through ...)
+       TODO: check
+CVE-2018-1603 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 
through ...)
+       TODO: check
+CVE-2018-1602 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 
through ...)
+       TODO: check
 CVE-2018-1601 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 
through ...)
        NOT-FOR-US: IBM
 CVE-2018-1600 (IBM BigFix Platform 9.2 and 9.5 transmits sensitive or ...)
@@ -84312,8 +84312,8 @@ CVE-2017-5659 (Apache Traffic Server before 6.2.1 
generates a coredump when ther
        NOTE: reproducer in https://issues.apache.org/jira/browse/TS-4819 (dupe 
of above)
        NOTE: 
https://github.com/apache/trafficserver/pull/787/commits/85c021123fd94c4d97a6015484eb1d8054bec9eb
        NOTE: evaluate related backport to 6.2: 
https://github.com/apache/trafficserver/pull/1153
-CVE-2017-5658
-       RESERVED
+CVE-2017-5658 (The statistics generator in Apache Pony Mail 0.7 to 0.9 was 
found to ...)
+       TODO: check
 CVE-2017-5657 (Several REST service endpoints of Apache Archiva are not 
protected ...)
        NOT-FOR-US: Apache Archiva
 CVE-2017-5656 (Apache CXF's STSClient before 3.1.11 and 3.0.13 uses a flawed 
way of ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/ca001a0bb63f8e082ea4409b04f9987074b9de70

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/ca001a0bb63f8e082ea4409b04f9987074b9de70
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to