Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a98af3f3 by security tracker role at 2018-11-10T08:10:15Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,17 @@
+CVE-2018-19147
+ RESERVED
+CVE-2018-19146
+ RESERVED
+CVE-2018-19145 (An issue was discovered in S-CMS v1.5. There is an XSS
vulnerability in ...)
+ TODO: check
+CVE-2018-19144
+ RESERVED
+CVE-2018-19140
+ RESERVED
+CVE-2018-19139 (An issue has been found in JasPer 2.0.14. There is a memory
leak in ...)
+ TODO: check
+CVE-2018-19138 (WSTMart 2.0.7 has CSRF via the index.php/admin/staffs/add.html
URI. ...)
+ TODO: check
CVE-2018-19137 (DomainMOD through 4.11.01 has XSS via the
assets/edit/ip-address.php ...)
NOT-FOR-US: DomainMOD
CVE-2018-19136 (DomainMOD through 4.11.01 has XSS via the ...)
@@ -32,16 +46,19 @@ CVE-2018-19122 (An issue has been found in libIEC61850
v1.3. It is a NULL pointe
CVE-2018-19121 (An issue has been found in libIEC61850 v1.3. It is a SEGV in
...)
NOT-FOR-US: libIEC61850
CVE-2018-19141 [otrs: Security Advisory 2018-09]
+ RESERVED
- otrs2 6.0.1-1
NOTE:
https://community.otrs.com/security-advisory-2018-09-security-update-for-otrs-framework/
NOTE: Only the 4.x and 5.x series are affected (and possibly earlier
versions).
NOTE: Add workaround and mark first 6.x version as fixing version
CVE-2018-19142 [otrs: Security Advisory 2018-08]
+ RESERVED
- otrs2 6.0.13-1
[stretch] - otrs2 <not-affected> (Only affects 6.x)
[jessie] - otrs2 <not-affected> (Only affects 6.x)
NOTE:
https://community.otrs.com/security-advisory-2018-08-security-update-for-otrs-framework/
CVE-2018-19143 [otrs: Security Advisory 2018-07]
+ RESERVED
- otrs2 6.0.13-1
NOTE:
https://community.otrs.com/security-advisory-2018-07-security-update-for-otrs-framework/
CVE-2018-19120
@@ -124,14 +141,14 @@ CVE-2018-19089 (tianti 2.3 has stored XSS in the userlist
module via the ...)
NOT-FOR-US: tianti
CVE-2018-19088
RESERVED
-CVE-2018-19087
- RESERVED
-CVE-2018-19086
- RESERVED
-CVE-2018-19085
- RESERVED
-CVE-2018-19084
- RESERVED
+CVE-2018-19087 (RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a
...)
+ TODO: check
+CVE-2018-19086 (RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a
...)
+ TODO: check
+CVE-2018-19085 (RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a
...)
+ TODO: check
+CVE-2018-19084 (RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a
...)
+ TODO: check
CVE-2018-19083 (WeCenter 3.2.0 through 3.2.2 has XSS in the ...)
NOT-FOR-US: WeCenter
CVE-2018-19082 (An issue was discovered on Foscam Opticam i5 devices with
System ...)
@@ -3737,8 +3754,8 @@ CVE-2018-17614
CVE-2018-17613 (Telegram Desktop (aka tdesktop) 1.3.16 alpha, when "Use
proxy" is ...)
- telegram-desktop <unfixed>
NOTE:
https://www.inputzero.io/2018/09/telegram-share-password-in-cleartext.html
-CVE-2018-17612
- RESERVED
+CVE-2018-17612 (Sennheiser HeadSetup 7.3.4903 places Certification Authority
(CA) ...)
+ TODO: check
CVE-2018-17611 (Foxit PhantomPDF and Reader before 9.3 allow remote attackers
to ...)
NOT-FOR-US: Foxit
CVE-2018-17610 (Foxit PhantomPDF and Reader before 9.3 allow remote attackers
to ...)
@@ -8301,8 +8318,8 @@ CVE-2018-15798
RESERVED
CVE-2018-15797
RESERVED
-CVE-2018-15796
- RESERVED
+CVE-2018-15796 (Cloud Foundry Bits Service Release, versions prior to 2.14.0,
uses an ...)
+ TODO: check
CVE-2018-15795
RESERVED
CVE-2018-15794
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/a98af3f306499d5a155712687781daae47560f25
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/a98af3f306499d5a155712687781daae47560f25
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
