Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7ed19821 by security tracker role at 2018-10-15T08:11:14Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,9 +1,83 @@
-CVE-2018-18289
- NOT-FOR-US: Zabbix Plugin for Confluence
-CVE-2018-18288
+CVE-2018-18326
+ RESERVED
+CVE-2018-18325
+ RESERVED
+CVE-2018-18324 (CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has
XSS via ...)
+ TODO: check
+CVE-2018-18323 (CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has
Local File ...)
+ TODO: check
+CVE-2018-18322 (CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has
Command ...)
+ TODO: check
+CVE-2018-18321
+ RESERVED
+CVE-2018-18320 (** DISPUTED ** An issue was discovered in the Merlin.PHP
component ...)
+ TODO: check
+CVE-2018-18319 (** DISPUTED ** An issue was discovered in the Merlin.PHP
component ...)
+ TODO: check
+CVE-2018-18318 (The /dev/block/mmcblk0rpmb driver kernel module on Qiku 360
Phone N6 ...)
+ TODO: check
+CVE-2018-18317 (DESHANG DSCMS 1.1 has CSRF via the ...)
+ TODO: check
+CVE-2018-18316 (emlog v6.0.0 has CSRF via the admin/user.php?action=new URI.
...)
+ TODO: check
+CVE-2018-18315 (com/mossle/cdn/CdnController.java in lemon 1.9.0 allows
attackers to ...)
+ TODO: check
+CVE-2018-18314
+ RESERVED
+CVE-2018-18313
+ RESERVED
+CVE-2018-18312
+ RESERVED
+CVE-2018-18311
+ RESERVED
+CVE-2018-18310 (An invalid memory address dereference was discovered in ...)
+ TODO: check
+CVE-2018-18309 (An issue was discovered in the Binary File Descriptor (BFD)
library ...)
+ TODO: check
+CVE-2018-18308
+ RESERVED
+CVE-2018-18307
RESERVED
-CVE-2018-18287
+CVE-2018-18306
RESERVED
+CVE-2018-18305
+ RESERVED
+CVE-2018-18304
+ RESERVED
+CVE-2018-18303
+ RESERVED
+CVE-2018-18302
+ RESERVED
+CVE-2018-18301
+ RESERVED
+CVE-2018-18300
+ RESERVED
+CVE-2018-18299
+ RESERVED
+CVE-2018-18298
+ RESERVED
+CVE-2018-18297
+ RESERVED
+CVE-2018-18296 (MetInfo 6.1.2 has XSS via the /admin/index.php bigclass
parameter in an ...)
+ TODO: check
+CVE-2018-18295
+ RESERVED
+CVE-2018-18294
+ RESERVED
+CVE-2018-18293
+ RESERVED
+CVE-2018-18292
+ RESERVED
+CVE-2018-18291 (A cross site scripting (XSS) vulnerability on ASUS RT-AC58U
...)
+ TODO: check
+CVE-2018-18290 (An issue was discovered in nc-cms through 2017-03-10. ...)
+ TODO: check
+CVE-2018-18289 (The MESILAT Zabbix plugin before 1.1.15 for Atlassian
Confluence allows ...)
+ NOT-FOR-US: Zabbix Plugin for Confluence
+CVE-2018-18288
+ RESERVED
+CVE-2018-18287 (On ASUS RT-AC58U 3.0.0.4.380_6516 devices, remote attackers
can ...)
+ TODO: check
CVE-2018-18286
RESERVED
CVE-2018-18285
@@ -2804,7 +2878,7 @@ CVE-2018-17131 (admin/web_config.php in PHPMyWind 5.5
allows Admin users to exec
NOT-FOR-US: PHPMyWind
CVE-2018-17130 (PHPMyWind 5.5 has XSS in member.php via an HTTP Referer
header, ...)
NOT-FOR-US: PHPMyWind
-CVE-2018-17129 (MetInfo 6.1.0 has XSS in doexport() in ...)
+CVE-2018-17129 (MetInfo 6.1.0 has SQL injection in doexport() in ...)
NOT-FOR-US: MetInfo
CVE-2018-17128 (A Persistent XSS issue was discovered in the Visual Editor in
MyBB ...)
NOT-FOR-US: MyBB
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7ed1982118fdc82da81c740e901d002f0d0288bd
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7ed1982118fdc82da81c740e901d002f0d0288bd
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
