Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 530f8354 by security tracker role at 2018-11-06T08:10:16Z automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,55 @@ +CVE-2018-18980 (An XML External Entity injection (XXE) vulnerability exists in Zoho ...) + TODO: check +CVE-2018-18979 + RESERVED +CVE-2018-18978 + RESERVED +CVE-2018-18977 + RESERVED +CVE-2018-18976 + RESERVED +CVE-2018-18975 + RESERVED +CVE-2018-18974 + RESERVED +CVE-2018-18973 + RESERVED +CVE-2018-18972 + RESERVED +CVE-2018-18971 + RESERVED +CVE-2018-18970 + RESERVED +CVE-2018-18969 + RESERVED +CVE-2018-18968 + RESERVED +CVE-2018-18967 + RESERVED +CVE-2018-18966 (osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist ...) + TODO: check +CVE-2018-18965 (osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist ...) + TODO: check +CVE-2018-18964 (osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist ...) + TODO: check +CVE-2018-18963 (Busca.aspx.cs in Degrau Publicidade e Internet Plataforma de E-commerce ...) + TODO: check +CVE-2018-18962 + RESERVED +CVE-2018-18961 + RESERVED +CVE-2018-18960 + RESERVED +CVE-2018-18959 + RESERVED +CVE-2018-18958 + RESERVED +CVE-2018-18957 (An issue has been found in libIEC61850 v1.3. It is a stack-based buffer ...) + TODO: check +CVE-2018-18956 (The ProcessMimeEntity function in util-decode-mime.c in Suricata 4.x ...) + TODO: check +CVE-2018-18955 + RESERVED CVE-2018-18954 RESERVED CVE-2018-18953 @@ -2632,24 +2684,24 @@ CVE-2018-17915 (All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P NOT-FOR-US: P2P Cloud Server CVE-2018-17914 (InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI ...) NOT-FOR-US: InduSoft Web Studio -CVE-2018-17913 - RESERVED +CVE-2018-17913 (A type confusion vulnerability exists when processing project files in ...) + TODO: check CVE-2018-17912 (An XXE vulnerability exists in CASE Suite Versions 3.10 and prior when ...) NOT-FOR-US: CASE Suite CVE-2018-17911 (LAquis SCADA Versions 4.1.0.3870 and prior has several stack-based ...) NOT-FOR-US: LAquis SCADA CVE-2018-17910 (WebAccess Versions 8.3.2 and prior. The application fails to properly ...) NOT-FOR-US: Advantech WebAccess -CVE-2018-17909 - RESERVED +CVE-2018-17909 (When processing project files in Omron CX-Supervisor Versions 3.4.1.0 ...) + TODO: check CVE-2018-17908 (WebAccess Versions 8.3.2 and prior. During installation, the ...) NOT-FOR-US: Advantech WebAccess -CVE-2018-17907 - RESERVED +CVE-2018-17907 (When processing project files in Omron CX-Supervisor Versions 3.4.1.0 ...) + TODO: check CVE-2018-17906 RESERVED -CVE-2018-17905 - RESERVED +CVE-2018-17905 (When processing project files in Omron CX-Supervisor Versions 3.4.1.0 ...) + TODO: check CVE-2018-17904 (Reliance 4 SCADA/HMI, Version 4.7.3 Update 3 and prior. This ...) NOT-FOR-US: Reliance 4 SCADA/HMI CVE-2018-17903 (SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to ...) @@ -13743,10 +13795,10 @@ CVE-2018-13399 (The Microsoft Windows Installer for Atlassian Fisheye and Crucib NOT-FOR-US: Atlassian CVE-2018-13398 (The administrative smart-commits resource in Atlassian Fisheye and ...) NOT-FOR-US: Atlassian Fisheye and Crucible -CVE-2018-13397 - RESERVED -CVE-2018-13396 - RESERVED +CVE-2018-13397 (There was an argument injection vulnerability in Sourcetree for ...) + TODO: check +CVE-2018-13396 (There was an argument injection vulnerability in Sourcetree for macOS ...) + TODO: check CVE-2018-13395 (Various resources in Atlassian Jira before version 7.6.8, from version ...) NOT-FOR-US: Atlassian Jira CVE-2018-13394 (The acceptAnswer resource in Atlassian Confluence Questions before ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/530f8354dd64ab635792ec5ae5a947382c6f6cee -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/530f8354dd64ab635792ec5ae5a947382c6f6cee You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits