[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Thu, 15 Nov 2018 00:11:05 -0800

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
b1df794d by security tracker role at 2018-11-15T08:10:14Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,39 @@
+CVE-2018-19294
+       RESERVED
+CVE-2018-19293
+       RESERVED
+CVE-2018-19292
+       RESERVED
+CVE-2018-19291 (An issue discovered in DiliCMS 2.4.0. There is a CSRF 
vulnerability ...)
+       TODO: check
+CVE-2018-19290
+       RESERVED
+CVE-2018-19289 (An issue was discovered in Valine v1.3.3. It allows HTML 
injection, ...)
+       TODO: check
+CVE-2018-19288 (Zoho ManageEngine OpManager 12.3 before Build 123223 has XSS 
via the ...)
+       TODO: check
+CVE-2018-19287 (XSS in the Ninja Forms plugin before 3.3.18 for WordPress 
allows Remote ...)
+       TODO: check
+CVE-2018-19286 (The server in mubu note 2018-11-11 has XSS by configuring an 
account ...)
+       TODO: check
+CVE-2018-19285
+       RESERVED
+CVE-2018-19284
+       RESERVED
+CVE-2018-19283
+       RESERVED
+CVE-2018-19282
+       RESERVED
+CVE-2018-19281 (Centreon 3.4.x allows SNMP trap SQL Injection. ...)
+       TODO: check
+CVE-2018-19280 (Centreon 3.4.x has XSS via the resource name or macro 
expression of a ...)
+       TODO: check
+CVE-2018-19279 (PRIMX ZoneCentral before 6.1.2236 on Windows sometimes leaks 
the ...)
+       TODO: check
+CVE-2018-19278 (Buffer overflow in DNS SRV and NAPTR lookups in Digium 
Asterisk 15.x ...)
+       TODO: check
+CVE-2015-9274 (HarfBuzz before 1.0.4 allows remote attackers to cause a denial 
of ...)
+       TODO: check
 CVE-2019-0235
        RESERVED
 CVE-2019-0234
@@ -3608,8 +3644,7 @@ CVE-2018-17961 (Artifex Ghostscript 9.25 and earlier 
allows attackers to bypass
        NOTE: 
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a54c9e61e7d02bbc620bcba9b1c208462a876afb
        NOTE: 
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a6807394bd94b708be24758287b606154daaaed9
        NOTE: 
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a5a9bf8c6a63aa4ac6874234fe8cd63e72077291
-CVE-2018-17960 [ckeditor XSS]
-       RESERVED
+CVE-2018-17960 (CKEditor 4.x before 4.11.0 allows user-assisted XSS involving 
a ...)
        - ckeditor 4.11.1+dfsg-1 (low)
        [stretch] - ckeditor <no-dsa> (Minor issue)
        [jessie] - ckeditor <ignored> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/b1df794d183bae3bbe057cd0ebbd128d8a8f458d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/b1df794d183bae3bbe057cd0ebbd128d8a8f458d
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to