Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: e8927736 by security tracker role at 2018-03-04T09:10:15+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,19 @@ +CVE-2018-7658 + RESERVED +CVE-2018-7657 + RESERVED +CVE-2018-7656 + RESERVED +CVE-2018-7655 + RESERVED +CVE-2018-7654 (On 3CX 15.5.6354.2 devices, the parameter "file" in the request ...) + TODO: check +CVE-2018-7653 + RESERVED +CVE-2018-7652 (lib/Zonemaster/GUI/Dancer/Export.pm in Zonemaster Web GUI before 1.0.11 ...) + TODO: check +CVE-2017-18213 (In Exponent CMS before 2.4.1 Patch #6, certain admin users can elevate ...) + TODO: check CVE-2018-XXXX [Regular Expression Denial of Service] - node-moment 2.19.3+ds-1 (unimportant) NOTE: fixed in 2.19.3 upstream @@ -6,7 +22,7 @@ CVE-2018-XXXX [Regular Expression Denial of Service] NOTE: https://github.com/moment/moment/issues/4163 NOTE: https://nodesecurity.io/advisories/532 NOTE: nodejs not covered by security support -CVE-2018-7651 [Regular Expression Denial of Service vulnerability in the strict mode functionality] +CVE-2018-7651 (index.js in the ssri module before 5.2.2 for Node.js is prone to a ...) - node-ssri <unfixed> (unimportant; bug #891980) NOTE: fixed in 5.2.2 NOTE: https://github.com/zkat/ssri/commit/d0ebcdc22cb5c8f47f89716d08b3518b2485d65d @@ -189,8 +205,8 @@ CVE-2018-7584 (In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, NOTE: Fixed in 7.0.28, 7.2.3 NOTE: PHP Bug: https://bugs.php.net/bug.php?id=75981 NOTE: https://github.com/php/php-src/commit/523f230c831d7b33353203fa34aee4e92ac12bba -CVE-2018-7583 - RESERVED +CVE-2018-7583 (Proxy.exe in DualDesk 20 allows Remote Denial Of Service (daemon crash) ...) + TODO: check CVE-2018-7582 RESERVED CVE-2018-7581 @@ -639,8 +655,8 @@ CVE-2018-7451 RESERVED CVE-2018-7450 RESERVED -CVE-2018-7449 - RESERVED +CVE-2018-7449 (SEGGER embOS/IP FTP Server 3.22 allows remote attackers to cause a ...) + TODO: check CVE-2018-7448 (Remote code execution vulnerability in ...) NOT-FOR-US: CMS Made Simple CVE-2018-7447 (mojoPortal through 2.6.0.0 is prone to multiple persistent cross-site ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e892773628081d1867e6f508b46e20894ee22401 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e892773628081d1867e6f508b46e20894ee22401 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits