[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Thu, 15 Nov 2018 12:10:36 -0800

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
66758e59 by security tracker role at 2018-11-15T20:10:18Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,9 @@
+CVE-2018-19297
+       RESERVED
+CVE-2018-19296
+       RESERVED
+CVE-2018-19295
+       RESERVED
 CVE-2018-19294
        RESERVED
 CVE-2018-19293
@@ -7962,14 +7968,14 @@ CVE-2018-16165
        RESERVED
 CVE-2018-16164
        RESERVED
-CVE-2018-16163
-       RESERVED
-CVE-2018-16162
-       RESERVED
-CVE-2018-16161
-       RESERVED
-CVE-2018-16160
-       RESERVED
+CVE-2018-16163 (OpenDolphin 2.7.0 and earlier allows authenticated attackers 
to bypass ...)
+       TODO: check
+CVE-2018-16162 (OpenDolphin 2.7.0 and earlier allows authenticated attackers 
to obtain ...)
+       TODO: check
+CVE-2018-16161 (OpenDolphin 2.7.0 and earlier allows authenticated users to 
gain ...)
+       TODO: check
+CVE-2018-16160 (SecureCore Standard Edition Version 2.x allows an attacker to 
bypass ...)
+       TODO: check
 CVE-2018-16159 (The Gift Vouchers plugin through 2.0.1 for WordPress allows 
SQL ...)
        NOT-FOR-US: Gift Vouchers plugin for WordPress
 CVE-2018-16048 (An issue was discovered in GitLab Community and Enterprise 
Edition ...)
@@ -17075,8 +17081,7 @@ CVE-2018-12545
        RESERVED
 CVE-2018-12544 (In version from 3.5.Beta1 to 3.5.3 of Eclipse Vert.x, the 
OpenAPI XML ...)
        NOT-FOR-US: Eclipse Vert.x
-CVE-2018-12543 [DoS due to a reachable assertion in topic field]
-       RESERVED
+CVE-2018-12543 (In Eclipse Mosquitto versions 1.5 to 1.5.2 inclusive, if a 
message is ...)
        - mosquitto <not-affected> (Vulnerable code introduced in 1.5)
        NOTE: 
http://mosquitto.org/blog/2018/09/security-advisory-cve-2018-12543/
        NOTE: https://mosquitto.org/files/cve/2018-12543/
@@ -17223,8 +17228,8 @@ CVE-2018-12482 (OCS Inventory 2.4.1 contains multiple 
SQL injections in the sear
        NOTE: Authentication is needed, only supported in trusted environments, 
see debtags
 CVE-2018-12481 (The Olive Tree Ftp Server application 1.32 for Android has a 
&quot;Sensitive ...)
        NOT-FOR-US: Olive Tree Ftp Server application for Android
-CVE-2018-12480
-       RESERVED
+CVE-2018-12480 (Mitigates an XSS issue in NetIQ Access Manager versions prior 
to 4.4 ...)
+       TODO: check
 CVE-2018-12479 (A Improper Input Validation vulnerability in Open Build 
Service allows ...)
        - open-build-service <unfixed> (bug #911797)
        NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1108435
@@ -27857,8 +27862,8 @@ CVE-2018-8531 (A remote code execution vulnerability 
exists in the way that Azur
        NOT-FOR-US: Microsoft
 CVE-2018-8530 (A security feature bypass vulnerability exists when Microsoft 
Edge ...)
        NOT-FOR-US: Microsoft
-CVE-2018-8529
-       RESERVED
+CVE-2018-8529 (A remote code execution vulnerability exists when Team 
Foundation ...)
+       TODO: check
 CVE-2018-8528
        RESERVED
 CVE-2018-8527 (An information disclosure vulnerability exists in Microsoft SQL 
Server ...)
@@ -47631,8 +47636,8 @@ CVE-2018-1645
        RESERVED
 CVE-2018-1644 (IBM WebSphere Commerce Enterprise, Professional, Express, and 
...)
        NOT-FOR-US: IBM
-CVE-2018-1643
-       RESERVED
+CVE-2018-1643 (The Installation Verification Tool of IBM WebSphere Application 
Server ...)
+       TODO: check
 CVE-2018-1642
        RESERVED
 CVE-2018-1641
@@ -51707,52 +51712,52 @@ CVE-2018-0703
        RESERVED
 CVE-2018-0702
        RESERVED
-CVE-2018-0701
-       RESERVED
-CVE-2018-0700
-       RESERVED
-CVE-2018-0699
-       RESERVED
+CVE-2018-0701 (BlueStacks App Player (BlueStacks App Player for Windows 3.0.0 
to ...)
+       TODO: check
+CVE-2018-0700 (YukiWiki 2.1.3 and earlier does not process a particular 
request ...)
+       TODO: check
+CVE-2018-0699 (Cross-site scripting vulnerability in YukiWiki 2.1.3 and 
earlier ...)
+       TODO: check
 CVE-2018-0698
        RESERVED
-CVE-2018-0697
-       RESERVED
+CVE-2018-0697 (Cross-site scripting vulnerability in Metabase version 0.29.3 
and ...)
+       TODO: check
 CVE-2018-0696
        RESERVED
-CVE-2018-0695
-       RESERVED
-CVE-2018-0694
-       RESERVED
-CVE-2018-0693
-       RESERVED
-CVE-2018-0692
-       RESERVED
-CVE-2018-0691
-       RESERVED
-CVE-2018-0690
-       RESERVED
+CVE-2018-0695 (Cross-site scripting vulnerability in User-friendly SVN (USVN) 
Version ...)
+       TODO: check
+CVE-2018-0694 (FileZen V3.0.0 to V4.2.1 allows remote attackers to execute 
arbitrary ...)
+       TODO: check
+CVE-2018-0693 (Directory traversal vulnerability in FileZen V3.0.0 to V4.2.1 
allows ...)
+       TODO: check
+CVE-2018-0692 (Untrusted search path vulnerability in Baidu Browser Version 
...)
+       TODO: check
+CVE-2018-0691 (Multiple +Message Apps (Softbank +Message App for Android prior 
to ...)
+       TODO: check
+CVE-2018-0690 (An unvalidated software update vulnerability in Music Center 
for PC ...)
+       TODO: check
 CVE-2018-0689
        RESERVED
 CVE-2018-0688
        RESERVED
-CVE-2018-0687
-       RESERVED
-CVE-2018-0686
-       RESERVED
-CVE-2018-0685
-       RESERVED
-CVE-2018-0684
-       RESERVED
-CVE-2018-0683
-       RESERVED
-CVE-2018-0682
-       RESERVED
-CVE-2018-0681
-       RESERVED
-CVE-2018-0680
-       RESERVED
-CVE-2018-0679
-       RESERVED
+CVE-2018-0687 (Cross-site scripting vulnerability in Denbun by NEOJAPAN Inc. 
(Denbun ...)
+       TODO: check
+CVE-2018-0686 (Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and 
earlier, ...)
+       TODO: check
+CVE-2018-0685 (SQL injection vulnerability in the Denbun POP version V3.3P 
R4.0 and ...)
+       TODO: check
+CVE-2018-0684 (Buffer overflow in Denbun by NEOJAPAN Inc. (Denbun POP version 
V3.3P ...)
+       TODO: check
+CVE-2018-0683 (Buffer overflow in Denbun by NEOJAPAN Inc. (Denbun POP version 
V3.3P ...)
+       TODO: check
+CVE-2018-0682 (Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and 
earlier, ...)
+       TODO: check
+CVE-2018-0681 (Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and 
earlier, ...)
+       TODO: check
+CVE-2018-0680 (Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and 
earlier, ...)
+       TODO: check
+CVE-2018-0679 (Cross-site scripting vulnerability in multiple FXC Inc. network 
...)
+       TODO: check
 CVE-2018-0678
        RESERVED
 CVE-2018-0677
@@ -51763,8 +51768,8 @@ CVE-2018-0675 (AttacheCase ver.3.3.0.0 and earlier 
allows an arbitrary script ..
        NOT-FOR-US: AttacheCase
 CVE-2018-0674 (AttacheCase ver.2.8.4.0 and earlier allows an arbitrary script 
...)
        NOT-FOR-US: AttacheCase
-CVE-2018-0673
-       RESERVED
+CVE-2018-0673 (Directory traversal vulnerability in Cybozu Garoon 3.5.0 to 
4.6.3 ...)
+       TODO: check
 CVE-2018-0672 (Cross-site scripting vulnerability in Movable Type versions 
prior to ...)
        - movabletype-opensource <removed>
 CVE-2018-0671



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/66758e592a692671fe75b9644c6762c94eea9292

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/66758e592a692671fe75b9644c6762c94eea9292
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to