Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
86757c1f by security tracker role at 2018-11-22T08:10:19Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,43 @@
+CVE-2018-19437 (UCMS 1.4.7 allows remote authenticated users to change the ...)
+ TODO: check
+CVE-2018-19436 (An issue was discovered in the Manufacturing component in
webERP 4.15. ...)
+ TODO: check
+CVE-2018-19435 (An issue was discovered in the Sales component in webERP 4.15.
...)
+ TODO: check
+CVE-2018-19434 (An issue was discovered on the "Bank Account Matching -
Receipts" ...)
+ TODO: check
+CVE-2018-19433 (ShowDoc 2.4.1 has XSS via the lang parameter because ...)
+ TODO: check
+CVE-2018-19432 (An issue was discovered in libsndfile 1.0.28. There is a NULL
pointer ...)
+ TODO: check
+CVE-2018-19431
+ RESERVED
+CVE-2018-19430
+ RESERVED
+CVE-2018-19429
+ RESERVED
+CVE-2018-19428
+ RESERVED
+CVE-2018-19427
+ RESERVED
+CVE-2018-19426
+ RESERVED
+CVE-2018-19425
+ RESERVED
+CVE-2018-19424 (ClipperCMS 1.3.3 allows remote authenticated administrators to
upload ...)
+ TODO: check
+CVE-2018-19423 (Codiad 2.8.4 allows remote authenticated administrators to
execute ...)
+ TODO: check
+CVE-2018-19422 (/panel/uploads in Subrion CMS 4.2.1 allows remote attackers to
execute ...)
+ TODO: check
+CVE-2018-19421 (In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads
but ...)
+ TODO: check
+CVE-2018-19420 (In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads
but there ...)
+ TODO: check
+CVE-2018-19419
+ RESERVED
+CVE-2018-19418
+ RESERVED
CVE-2018-19417 (An issue was discovered in the MQTT server in Contiki-NG
before 4.2. ...)
TODO: check
CVE-2018-19416 (An issue was discovered in sysstat 12.1.1. The remap_struct
function in ...)
@@ -37741,6 +37781,7 @@ CVE-2018-5409
CVE-2018-5408
RESERVED
CVE-2018-5407 (Simultaneous Multi-threading (SMT) in processors can enable
local ...)
+ {DLA-1586-1}
- openssl 1.1.1~~pre9-1
- openssl1.0 <unfixed>
NOTE: https://www.openssl.org/news/secadv/20181112.txt
@@ -51854,6 +51895,7 @@ CVE-2018-0737 (The OpenSSL RSA Key generation algorithm
has been shown to be ...
CVE-2018-0736
RESERVED
CVE-2018-0735 (The OpenSSL ECDSA signature algorithm has been shown to be
vulnerable ...)
+ {DLA-1586-1}
- openssl <unfixed>
[stretch] - openssl <postponed> (Wait for next DSA and upstream release)
- openssl1.0 <unfixed>
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/86757c1f27fef0932aea135074f6d9bbc7ed3a3c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/86757c1f27fef0932aea135074f6d9bbc7ed3a3c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
