[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update

Mon, 12 Feb 2018 01:10:59 -0800 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
6131f624 by security tracker role at 2018-02-12T09:10:22+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,13 +1,55 @@
+CVE-2018-6913
+       RESERVED
+CVE-2018-6912 (The decode_plane function in libavcodec/utvideodec.c in FFmpeg 
through ...)
+       TODO: check
+CVE-2018-6911
+       RESERVED
+CVE-2018-6910
+       RESERVED
+CVE-2018-6909
+       RESERVED
+CVE-2018-6908
+       RESERVED
+CVE-2018-6907
+       RESERVED
+CVE-2018-6906
+       RESERVED
+CVE-2018-6905
+       RESERVED
+CVE-2018-6904
+       RESERVED
+CVE-2018-6903
+       RESERVED
+CVE-2018-6902
+       RESERVED
+CVE-2018-6901
+       RESERVED
+CVE-2018-6900
+       RESERVED
+CVE-2018-6899
+       RESERVED
+CVE-2018-6898
+       RESERVED
+CVE-2018-6897
+       RESERVED
+CVE-2018-6896
+       RESERVED
+CVE-2018-6895
+       RESERVED
+CVE-2018-6894
+       RESERVED
+CVE-2018-6893
+       RESERVED
 CVE-2018-6892 (An issue was discovered in CloudMe before 1.11.0. An 
unauthenticated ...)
        NOT-FOR-US: CloudMe
 CVE-2018-6891 (Bookly #1 WordPress Booking Plugin Lite before 14.5 has XSS via 
a ...)
        NOT-FOR-US: Bookly #1 WordPress Booking Plugin Lite
 CVE-2018-6890
        RESERVED
-CVE-2018-6889
-       RESERVED
-CVE-2018-6888
-       RESERVED
+CVE-2018-6889 (An issue was discovered in Typesetter 5.1. It suffers from a 
Host ...)
+       TODO: check
+CVE-2018-6888 (An issue was discovered in Typesetter 5.1. The User Permissions 
page ...)
+       TODO: check
 CVE-2018-6887
        RESERVED
 CVE-2018-6886
@@ -30,10 +72,10 @@ CVE-2018-1000060 (Sensu, Inc. Sensu Core version Before 
1.2.0 & before commi
        - sensu <itp> (bug #838484)
 CVE-2018-1000059 (ValidFormBuilder version 4.5.4 contains a PHP Object 
Injection ...)
        NOT-FOR-US: ValidFormBuilder
-CVE-2018-6881
-       RESERVED
-CVE-2018-6880
-       RESERVED
+CVE-2018-6881 (EmpireCMS 6.6 allows remote attackers to discover the full path 
via an ...)
+       TODO: check
+CVE-2018-6880 (EmpireCMS 6.6 through 7.2 allows remote attackers to discover 
the full ...)
+       TODO: check
 CVE-2018-6879
        RESERVED
 CVE-2018-6878 (Cross Site Scripting (XSS) exists in the review section in PHP 
Scripts ...)
@@ -75,20 +117,20 @@ CVE-2018-6866
        RESERVED
 CVE-2018-6865
        RESERVED
-CVE-2018-6864
-       RESERVED
-CVE-2018-6863
-       RESERVED
-CVE-2018-6862
-       RESERVED
-CVE-2018-6861
-       RESERVED
-CVE-2018-6860
-       RESERVED
+CVE-2018-6864 (Cross Site Scripting (XSS) exists in PHP Scripts Mall Multi 
religion ...)
+       TODO: check
+CVE-2018-6863 (SQL Injection exists in PHP Scripts Mall Select Your College 
Script ...)
+       TODO: check
+CVE-2018-6862 (Cross Site Scripting (XSS) exists in PHP Scripts Mall Bitcoin 
MLM ...)
+       TODO: check
+CVE-2018-6861 (Cross Site Scripting (XSS) exists in PHP Scripts Mall Lawyer 
Search ...)
+       TODO: check
+CVE-2018-6860 (Arbitrary File Upload and Remote Code Execution exist in PHP 
Scripts ...)
+       TODO: check
 CVE-2018-6859
        RESERVED
-CVE-2018-6858
-       RESERVED
+CVE-2018-6858 (Cross Site Scripting (XSS) exists in PHP Scripts Mall Facebook 
Clone ...)
+       TODO: check
 CVE-2018-6857
        RESERVED
 CVE-2018-6856
@@ -113,8 +155,8 @@ CVE-2018-6847
        RESERVED
 CVE-2018-6846 (Z-BlogPHP 1.5.1 allows remote attackers to discover the full 
path via a ...)
        NOT-FOR-US: Z-BlogPHP
-CVE-2018-6845
-       RESERVED
+CVE-2018-6845 (PHP Scripts Mall Multi Language Olx Clone Script 2.0.6 has XSS 
via the ...)
+       TODO: check
 CVE-2018-6844 (MyBB 1.8.14 has XSS via the Title or Description field on the 
Edit ...)
        NOT-FOR-US: MyBB
 CVE-2018-6843
@@ -1113,8 +1155,8 @@ CVE-2018-6508 (Puppet Enterprise 2017.3.x prior to 
2017.3.3 are vulnerable to a 
        NOTE: 
https://github.com/puppetlabs/puppetlabs-mysql/commit/da3684c79d5fe6ece826e087e8693c75ac40414c
 CVE-2018-6507
        RESERVED
-CVE-2018-6506
-       RESERVED
+CVE-2018-6506 (Cross-Site Scripting (XSS) exists in the Add Forum feature in 
the ...)
+       TODO: check
 CVE-2018-6505
        RESERVED
 CVE-2018-6504
@@ -91371,6 +91413,7 @@ CVE-2016-2541 (Audacity before 2.1.2 allows remote 
attackers to cause a denial o
        NOTE: http://wiki.audacityteam.org/wiki/Release_Notes_2.1.2
        NOTE: 
https://github.com/audacity/audacity/commit/85026f98958a8dcc09188be24a8db0385988e23f
 CVE-2016-2540 (Audacity before 2.1.2 allows remote attackers to cause a denial 
of ...)
+       {DLA-1277-1}
        - audacity 2.1.2-1
        NOTE: http://wiki.audacityteam.org/wiki/Release_Notes_2.1.2
        NOTE: 
https://github.com/audacity/audacity/commit/407c1dc4b209111e4dbb3eec88f333aa8f69094c



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6131f624768e8fa9770d6e6923fa82dfb157a329

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6131f624768e8fa9770d6e6923fa82dfb157a329
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to