Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d793e701 by Moritz Muehlenhoff at 2018-11-09T20:48:49Z
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,13 +1,13 @@
CVE-2018-19137 (DomainMOD through 4.11.01 has XSS via the
assets/edit/ip-address.php ...)
- TODO: check
+ NOT-FOR-US: DomainMOD
CVE-2018-19136 (DomainMOD through 4.11.01 has XSS via the ...)
- TODO: check
+ NOT-FOR-US: DomainMOD
CVE-2018-19135
RESERVED
CVE-2018-19134
RESERVED
CVE-2018-19133 (In Flarum Core 0.1.0-beta.7.1, a serious leak can get
everyone's email ...)
- TODO: check
+ NOT-FOR-US: Flarum Core
CVE-2018-19130 (In Libav 12.3, there is an invalid memory access in
vc1_decode_frame in ...)
- libav <removed>
CVE-2018-19129 (In Libav 12.3, a NULL pointer dereference (RIP points to zero)
issue in ...)
@@ -15,19 +15,19 @@ CVE-2018-19129 (In Libav 12.3, a NULL pointer dereference
(RIP points to zero) i
CVE-2018-19128 (In Libav 12.3, there is a heap-based buffer over-read in
decode_frame ...)
- libav <removed>
CVE-2018-19127 (A code injection vulnerability in /type.php in PHPCMS 2008
allows ...)
- TODO: check
+ NOT-FOR-US: PHPCMS
CVE-2018-19126 (PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4
allows remote ...)
- TODO: check
+ NOT-FOR-US: PrestaShop
CVE-2018-19125 (PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4
allows remote ...)
- TODO: check
+ NOT-FOR-US: PrestaShop
CVE-2018-19124 (PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 on
Windows ...)
- TODO: check
+ NOT-FOR-US: PrestaShop
CVE-2018-19123
RESERVED
CVE-2018-19122 (An issue has been found in libIEC61850 v1.3. It is a NULL
pointer ...)
- TODO: check
+ NOT-FOR-US: libIEC61850
CVE-2018-19121 (An issue has been found in libIEC61850 v1.3. It is a SEGV in
...)
- TODO: check
+ NOT-FOR-US: libIEC61850
CVE-2018-XXXX [otrs: Security Advisory 2018-09]
- otrs2 6.0.13-1
NOTE:
https://community.otrs.com/security-advisory-2018-09-security-update-for-otrs-framework/
@@ -29214,7 +29214,7 @@ CVE-2018-7738 (In util-linux before 2.32-rc1,
bash-completion/umount allows loca
NOTE: src:bash-completion (which in turn starting from 1:2.1-4.3
NOTE: does not provide the umount completion in the binary packaage)
CVE-2018-7718 (An issue was discovered in Telexy QPath 5.4.462. A low
privileged ...)
- TODO: check
+ NOT-FOR-US: Telexy QPath
CVE-2018-7717 (The htmlImageAddTitleAttribute function in sige.php in the
Kubik-Rubik ...)
NOT-FOR-US: Kubik-Rubik Simple Image Gallery Extended (SIGE) extension
for Joomla!
CVE-2018-7716 (PrivateVPN 2.0.31 for macOS suffers from a root privilege
escalation ...)
@@ -46519,7 +46519,7 @@ CVE-2018-1874
CVE-2018-1873
RESERVED
CVE-2018-1872 (IBM Maximo Asset Management 7.6 is vulnerable to cross-site
scripting. ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1871
RESERVED
CVE-2018-1870
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/d793e7018ad1b06ccb5db6b23ab829e3411b1534
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/d793e7018ad1b06ccb5db6b23ab829e3411b1534
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
