Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8fa3499c by Moritz Muehlenhoff at 2018-11-22T19:21:01Z
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7,13 +7,13 @@ CVE-2018-XXXX [tryton-client insecure connection setup]
CVE-2018-19437 (UCMS 1.4.7 allows remote authenticated users to change the ...)
NOT-FOR-US: UCMS
CVE-2018-19436 (An issue was discovered in the Manufacturing component in
webERP 4.15. ...)
- TODO: check
+ NOT-FOR-US: webERP
CVE-2018-19435 (An issue was discovered in the Sales component in webERP 4.15.
...)
- TODO: check
+ NOT-FOR-US: webERP
CVE-2018-19434 (An issue was discovered on the "Bank Account Matching -
Receipts" ...)
- TODO: check
+ NOT-FOR-US: webERP
CVE-2018-19433 (ShowDoc 2.4.1 has XSS via the lang parameter because ...)
- TODO: check
+ NOT-FOR-US: ShowDoc
CVE-2018-19432 (An issue was discovered in libsndfile 1.0.28. There is a NULL
pointer ...)
TODO: check
CVE-2018-19431
@@ -33,7 +33,7 @@ CVE-2018-19425
CVE-2018-19424 (ClipperCMS 1.3.3 allows remote authenticated administrators to
upload ...)
NOT-FOR-US: ClipperCMS
CVE-2018-19423 (Codiad 2.8.4 allows remote authenticated administrators to
execute ...)
- TODO: check
+ NOT-FOR-US: Codiad
CVE-2018-19422 (/panel/uploads in Subrion CMS 4.2.1 allows remote attackers to
execute ...)
NOT-FOR-US: Subrion CMS
CVE-2018-19421 (In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads
but ...)
@@ -45,7 +45,7 @@ CVE-2018-19419
CVE-2018-19418
RESERVED
CVE-2018-19417 (An issue was discovered in the MQTT server in Contiki-NG
before 4.2. ...)
- TODO: check
+ NOT-FOR-US: Contiki-NG
CVE-2018-19416 (An issue was discovered in sysstat 12.1.1. The remap_struct
function in ...)
- sysstat <unfixed>
NOTE: https://github.com/sysstat/sysstat/issues/196
@@ -47686,7 +47686,7 @@ CVE-2018-1845
CVE-2018-1844 (IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to a
XML ...)
NOT-FOR-US: IBM
CVE-2018-1843 (The Identity and Access Management (IAM) services (IBM Cloud
Private ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1842 (IBM Cognos Analytics 11 Configuration tool, under certain ...)
NOT-FOR-US: IBM
CVE-2018-1841 (IBM Cloud Private 2.1.0 could allow a local user to obtain the
CA ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/8fa3499cde8bc74e991e23b1fa41b6e5a678b2b4
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/8fa3499cde8bc74e991e23b1fa41b6e5a678b2b4
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
