[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
746de4f5 by security tracker role at 2018-08-27T08:10:14Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,9 +1,45 @@
+CVE-2018-15901
+	RESERVED
+CVE-2018-15900
+	RESERVED
+CVE-2018-15899 (An issue was discovered in MiniCMS 1.10. There is a post.php?date= XSS ...)
+	TODO: check
+CVE-2018-15898
+	RESERVED
+CVE-2018-15897
+	RESERVED
+CVE-2018-15896
+	RESERVED
+CVE-2018-15895 (An SSRF vulnerability was discovered in idreamsoft iCMS 7.0.11 because ...)
+	TODO: check
+CVE-2018-15894 (A SQL injection was discovered in ...)
+	TODO: check
+CVE-2018-15893 (A SQL injection was discovered in /coreframe/app/admin/copyfrom.php in ...)
+	TODO: check
+CVE-2018-15892
+	RESERVED
+CVE-2018-15891
+	RESERVED
+CVE-2018-15890
+	RESERVED
+CVE-2018-15889 (In podofo 0.9.6, the function PoDoFo::PdfParser::ReadObjects() in ...)
+	TODO: check
+CVE-2018-15888 (An issue was discovered in ASPCMS 2.5.6. When registering ordinary ...)
+	TODO: check
+CVE-2017-18346
+	RESERVED
+CVE-2015-9264 (Lansweeper 4.x through 6.x before 6.0.0.48 allows attackers to execute ...)
+	TODO: check
+CVE-2015-9263 (An issue was discovered in post2file.php in Up.Time Monitoring Station ...)
+	TODO: check
+CVE-2014-10074 (Umbraco before 7.2.0 has a remote PHP code execution vulnerability ...)
+	TODO: check
 CVE-2018-15887
 	RESERVED
 CVE-2018-15886
 	RESERVED
-CVE-2018-15885
-	RESERVED
+CVE-2018-15885 (Ovation FindMe 1.4-1083-1 is intended to support transmission of ...)
+	TODO: check
 CVE-2018-15884
 	RESERVED
 CVE-2018-15883
@@ -18,8 +54,8 @@ CVE-2018-15879
 	RESERVED
 CVE-2018-15878
 	RESERVED
-CVE-2017-18345
-	RESERVED
+CVE-2017-18345 (The Joomanager component through 2.0.0 for Joomla! has an arbitrary ...)
+	TODO: check
 CVE-2018-XXXX [Multiple -dSAFER sandbox bypass vulnerabilities]
 	- ghostscript <unfixed> (bug #907332)
 	NOTE: https://www.kb.cert.org/vuls/id/332928
@@ -650,8 +686,8 @@ CVE-2018-15604
 	RESERVED
 CVE-2018-15603 (An issue was discovered in Victor CMS through 2018-05-10. There is XSS ...)
 	NOT-FOR-US: Victor CMS
-CVE-2018-15602
-	RESERVED
+CVE-2018-15602 (Zyxel VMG3312 B10B devices are affected by a persistent XSS ...)
+	TODO: check
 CVE-2018-15601 (apps/filemanager/handlers/upload/drop.php in Elefant CMS 2.0.3 performs ...)
 	NOT-FOR-US: Elefant CMS
 CVE-2018-15600



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/746de4f5f5e479bcc79d464c27a98f874d847fba

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/746de4f5f5e479bcc79d464c27a98f874d847fba
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180827/953e0912/attachment-0001.html>