Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3d6cf553 by security tracker role at 2018-10-29T08:10:13Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,85 @@
+CVE-2018-18806
+ RESERVED
+CVE-2018-18805
+ RESERVED
+CVE-2018-18804
+ RESERVED
+CVE-2018-18803
+ RESERVED
+CVE-2018-18802
+ RESERVED
+CVE-2018-18801
+ RESERVED
+CVE-2018-18800
+ RESERVED
+CVE-2018-18799
+ RESERVED
+CVE-2018-18798
+ RESERVED
+CVE-2018-18797
+ RESERVED
+CVE-2018-18796
+ RESERVED
+CVE-2018-18795
+ RESERVED
+CVE-2018-18794
+ RESERVED
+CVE-2018-18793
+ RESERVED
+CVE-2018-18792 (An issue was discovered in zzcms 8.3. SQL Injection exists in
...)
+ TODO: check
+CVE-2018-18791 (An issue was discovered in zzcms 8.3. SQL Injection exists in
...)
+ TODO: check
+CVE-2018-18790 (An issue was discovered in zzcms 8.3. SQL Injection exists in
...)
+ TODO: check
+CVE-2018-18789 (An issue was discovered in zzcms 8.3. SQL Injection exists in
...)
+ TODO: check
+CVE-2018-18788 (An issue was discovered in zzcms 8.3. SQL Injection exists in
...)
+ TODO: check
+CVE-2018-18787 (An issue was discovered in zzcms 8.3. SQL Injection exists in
zs/zs.php ...)
+ TODO: check
+CVE-2018-18786 (An issue was discovered in zzcms 8.3. SQL Injection exists in
...)
+ TODO: check
+CVE-2018-18785 (An issue was discovered in zzcms 8.3. SQL Injection exists in
...)
+ TODO: check
+CVE-2018-18784 (An issue was discovered in zzcms 8.3. SQL Injection exists in
...)
+ TODO: check
+CVE-2018-18783 (XSS was discovered in SEMCMS V3.4 via the
semcms_remail.php?type=ok ...)
+ TODO: check
+CVE-2018-18782 (Reflected XSS exists in DedeCMS 5.7 SP2 via the
/member/myfriend.php ...)
+ TODO: check
+CVE-2018-18781 (DedeCMS 5.7 SP2 allows XSS via the /member/uploads_select.php
f or ...)
+ TODO: check
+CVE-2018-18780
+ RESERVED
+CVE-2018-18779
+ RESERVED
+CVE-2018-18778 (ACME mini_httpd before 1.30 lets remote users read arbitrary
files. ...)
+ TODO: check
+CVE-2018-18777
+ RESERVED
+CVE-2018-18776
+ RESERVED
+CVE-2018-18775
+ RESERVED
+CVE-2018-18774
+ RESERVED
+CVE-2018-18773
+ RESERVED
+CVE-2018-18772
+ RESERVED
+CVE-2018-18771 (An issue was discovered in LuLu CMS through 2015-05-14. ...)
+ TODO: check
+CVE-2018-18770
+ RESERVED
+CVE-2018-18769
+ RESERVED
+CVE-2018-18768
+ RESERVED
+CVE-2018-18767
+ RESERVED
+CVE-2018-18766
+ RESERVED
CVE-2018-18765 (An exploitable arbitrary memory read vulnerability exists in
the MQTT ...)
TODO: check
CVE-2018-18764 (An exploitable arbitrary memory read vulnerability exists in
the MQTT ...)
@@ -5783,6 +5865,7 @@ CVE-2018-16397 (In LimeSurvey before 3.14.7, an admin
user can leverage a "
- limesurvey <itp> (bug #472802)
CVE-2018-16396 [Tainted flags are not propagated in Array#pack and
String#unpack with some directives]
RESERVED
+ {DLA-1558-1}
- ruby2.5 <unfixed> (bug #911920)
- ruby2.3 <removed>
- ruby2.1 <removed>
@@ -5790,6 +5873,7 @@ CVE-2018-16396 [Tainted flags are not propagated in
Array#pack and String#unpack
NOTE:
https://github.com/ruby/ruby/commit/a2958f6743664006d21fc0bafd4ca6214df1d429
CVE-2018-16395 [OpenSSL::X509::Name equality check does not work correctly]
RESERVED
+ {DLA-1558-1}
- ruby-openssl <unfixed> (bug #911918)
- ruby2.5 <unfixed> (bug #911919)
- ruby2.3 <removed>
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/3d6cf5534ab4122a67907afdd0b286aaf2c3734f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/3d6cf5534ab4122a67907afdd0b286aaf2c3734f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
