Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 6131f624 by security tracker role at 2018-02-12T09:10:22+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -1,13 +1,55 @@ +CVE-2018-6913 + RESERVED +CVE-2018-6912 (The decode_plane function in libavcodec/utvideodec.c in FFmpeg through ...) + TODO: check +CVE-2018-6911 + RESERVED +CVE-2018-6910 + RESERVED +CVE-2018-6909 + RESERVED +CVE-2018-6908 + RESERVED +CVE-2018-6907 + RESERVED +CVE-2018-6906 + RESERVED +CVE-2018-6905 + RESERVED +CVE-2018-6904 + RESERVED +CVE-2018-6903 + RESERVED +CVE-2018-6902 + RESERVED +CVE-2018-6901 + RESERVED +CVE-2018-6900 + RESERVED +CVE-2018-6899 + RESERVED +CVE-2018-6898 + RESERVED +CVE-2018-6897 + RESERVED +CVE-2018-6896 + RESERVED +CVE-2018-6895 + RESERVED +CVE-2018-6894 + RESERVED +CVE-2018-6893 + RESERVED CVE-2018-6892 (An issue was discovered in CloudMe before 1.11.0. An unauthenticated ...) NOT-FOR-US: CloudMe CVE-2018-6891 (Bookly #1 WordPress Booking Plugin Lite before 14.5 has XSS via a ...) NOT-FOR-US: Bookly #1 WordPress Booking Plugin Lite CVE-2018-6890 RESERVED -CVE-2018-6889 - RESERVED -CVE-2018-6888 - RESERVED +CVE-2018-6889 (An issue was discovered in Typesetter 5.1. It suffers from a Host ...) + TODO: check +CVE-2018-6888 (An issue was discovered in Typesetter 5.1. The User Permissions page ...) + TODO: check CVE-2018-6887 RESERVED CVE-2018-6886 @@ -30,10 +72,10 @@ CVE-2018-1000060 (Sensu, Inc. Sensu Core version Before 1.2.0 & before commi - sensu <itp> (bug #838484) CVE-2018-1000059 (ValidFormBuilder version 4.5.4 contains a PHP Object Injection ...) NOT-FOR-US: ValidFormBuilder -CVE-2018-6881 - RESERVED -CVE-2018-6880 - RESERVED +CVE-2018-6881 (EmpireCMS 6.6 allows remote attackers to discover the full path via an ...) + TODO: check +CVE-2018-6880 (EmpireCMS 6.6 through 7.2 allows remote attackers to discover the full ...) + TODO: check CVE-2018-6879 RESERVED CVE-2018-6878 (Cross Site Scripting (XSS) exists in the review section in PHP Scripts ...) @@ -75,20 +117,20 @@ CVE-2018-6866 RESERVED CVE-2018-6865 RESERVED -CVE-2018-6864 - RESERVED -CVE-2018-6863 - RESERVED -CVE-2018-6862 - RESERVED -CVE-2018-6861 - RESERVED -CVE-2018-6860 - RESERVED +CVE-2018-6864 (Cross Site Scripting (XSS) exists in PHP Scripts Mall Multi religion ...) + TODO: check +CVE-2018-6863 (SQL Injection exists in PHP Scripts Mall Select Your College Script ...) + TODO: check +CVE-2018-6862 (Cross Site Scripting (XSS) exists in PHP Scripts Mall Bitcoin MLM ...) + TODO: check +CVE-2018-6861 (Cross Site Scripting (XSS) exists in PHP Scripts Mall Lawyer Search ...) + TODO: check +CVE-2018-6860 (Arbitrary File Upload and Remote Code Execution exist in PHP Scripts ...) + TODO: check CVE-2018-6859 RESERVED -CVE-2018-6858 - RESERVED +CVE-2018-6858 (Cross Site Scripting (XSS) exists in PHP Scripts Mall Facebook Clone ...) + TODO: check CVE-2018-6857 RESERVED CVE-2018-6856 @@ -113,8 +155,8 @@ CVE-2018-6847 RESERVED CVE-2018-6846 (Z-BlogPHP 1.5.1 allows remote attackers to discover the full path via a ...) NOT-FOR-US: Z-BlogPHP -CVE-2018-6845 - RESERVED +CVE-2018-6845 (PHP Scripts Mall Multi Language Olx Clone Script 2.0.6 has XSS via the ...) + TODO: check CVE-2018-6844 (MyBB 1.8.14 has XSS via the Title or Description field on the Edit ...) NOT-FOR-US: MyBB CVE-2018-6843 @@ -1113,8 +1155,8 @@ CVE-2018-6508 (Puppet Enterprise 2017.3.x prior to 2017.3.3 are vulnerable to a NOTE: https://github.com/puppetlabs/puppetlabs-mysql/commit/da3684c79d5fe6ece826e087e8693c75ac40414c CVE-2018-6507 RESERVED -CVE-2018-6506 - RESERVED +CVE-2018-6506 (Cross-Site Scripting (XSS) exists in the Add Forum feature in the ...) + TODO: check CVE-2018-6505 RESERVED CVE-2018-6504 @@ -91371,6 +91413,7 @@ CVE-2016-2541 (Audacity before 2.1.2 allows remote attackers to cause a denial o NOTE: http://wiki.audacityteam.org/wiki/Release_Notes_2.1.2 NOTE: https://github.com/audacity/audacity/commit/85026f98958a8dcc09188be24a8db0385988e23f CVE-2016-2540 (Audacity before 2.1.2 allows remote attackers to cause a denial of ...) + {DLA-1277-1} - audacity 2.1.2-1 NOTE: http://wiki.audacityteam.org/wiki/Release_Notes_2.1.2 NOTE: https://github.com/audacity/audacity/commit/407c1dc4b209111e4dbb3eec88f333aa8f69094c View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6131f624768e8fa9770d6e6923fa82dfb157a329 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6131f624768e8fa9770d6e6923fa82dfb157a329 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits