[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Sat Apr 7 20:10:26 UTC 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3b33b31f by security tracker role at 2018-04-07T20:10:21+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1047,8 +1047,8 @@ CVE-2016-10720
 	RESERVED
 CVE-2016-10719
 	RESERVED
-CVE-2018-9330
-	RESERVED
+CVE-2018-9330 (register.jsp in Coremail XT3.0 allows stored XSS, as demonstrated by ...)
+	TODO: check
 CVE-2018-9329 (The Bitdefender Antivirus 6.2.19.890 component, as configured for AV ...)
 	NOT-FOR-US: Bitdefender Antivirus
 CVE-2018-9328 (PHP Scripts Mall Redbus Clone Script 3.0.6 has XSS via the ter_from ...)
@@ -8718,7 +8718,7 @@ CVE-2018-6528 (XSS vulnerability in htdocs/webinc/body/bsc_sms_send.php in D-Lin
 	NOT-FOR-US: D-Link
 CVE-2018-6527 (XSS vulnerability in htdocs/webinc/js/adv_parent_ctrl_map.php in ...)
 	NOT-FOR-US: D-Link
-CVE-2018-6526 (view_all_bug_page.php in MantisBT before 2018-02-02 allows remote ...)
+CVE-2018-6526 (view_all_bug_page.php in MantisBT 2.10.0-development before 2018-02-02 ...)
 	- mantis <removed>
 	[wheezy] - mantis <end-of-life> (Not supported in wheezy LTS)
 	NOTE: https://mantisbt.org/bugs/view.php?id=23921
@@ -9149,7 +9149,7 @@ CVE-2018-6384 (Unquoted Windows search path vulnerability in NSClient++ before .
 	NOT-FOR-US: NSClient++
 CVE-2018-6383 (Monstra CMS through 3.0.4 has an incomplete "forbidden types" list that ...)
 	NOT-FOR-US: Monstra CMS
-CVE-2018-6382 (MantisBT 2.10.0 allows local users to conduct SQL Injection attacks via ...)
+CVE-2018-6382 (** DISPUTED ** MantisBT 2.10.0 allows local users to conduct SQL ...)
 	- mantis <removed>
 	[wheezy] - mantis <end-of-life> (Not supported in Wheezy)
 	NOTE: https://mantisbt.org/bugs/view.php?id=23908



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3b33b31f7539a96a3bd2852dedbb3cee8730a3ab

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3b33b31f7539a96a3bd2852dedbb3cee8730a3ab
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180407/9916532a/attachment.html>

More information about the Secure-testing-commits mailing list