[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Sat Dec 15 08:10:26 GMT 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d590d1eb by security tracker role at 2018-12-15T08:10:18Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,27 @@
+CVE-2018-20165
+ RESERVED
+CVE-2018-20164
+ RESERVED
+CVE-2018-20163
+ RESERVED
+CVE-2018-20162
+ RESERVED
+CVE-2018-20161 (A design flaw in the BlinkForHome (aka Blink For Home) Sync Module ...)
+ TODO: check
+CVE-2018-20160
+ RESERVED
+CVE-2018-20159 (i-doit open 1.11.2 allows Remote Code Execution because ZIP archives ...)
+ TODO: check
+CVE-2018-20158
+ RESERVED
+CVE-2018-20157 (The data import functionality in OpenRefine through 3.1 allows an XML ...)
+ TODO: check
+CVE-2018-20156 (The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote ...)
+ TODO: check
+CVE-2018-20155 (The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote ...)
+ TODO: check
+CVE-2018-20154 (The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote ...)
+ TODO: check
CVE-2019-3393
RESERVED
CVE-2019-3392
@@ -1998,27 +2022,27 @@ CVE-2019-2395
RESERVED
CVE-2018-20146
RESERVED
-CVE-2018-20153
+CVE-2018-20153 (In WordPress versions before 5.0.1, contributors could modify new ...)
- wordpress <unfixed> (bug #916403)
NOTE: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
-CVE-2018-20152
+CVE-2018-20152 (In WordPress versions before 5.0.1, authors could bypass intended ...)
- wordpress <unfixed> (bug #916403)
NOTE: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
-CVE-2018-20151
+CVE-2018-20151 (In WordPress versions before 5.0.1, the user-activation page could be ...)
- wordpress <unfixed> (bug #916403)
NOTE: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
-CVE-2018-20150
+CVE-2018-20150 (In WordPress versions before 5.0.1, crafted URLs could trigger XSS for ...)
- wordpress <unfixed> (bug #916403)
NOTE: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
NOTE: https://github.com/WordPress/WordPress/commit/fb3c6ea0618fcb9a51d4f2c1940e9efcd4a2d460
-CVE-2018-20149
+CVE-2018-20149 (In WordPress versions before 5.0.1, when the Apache HTTP Server is ...)
- wordpress <unfixed> (bug #916403)
NOTE: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
NOTE: https://github.com/WordPress/WordPress/commit/246a70bdbfac3bd45ff71c7941deef1bb206b19a
-CVE-2018-20148
+CVE-2018-20148 (In WordPress versions before 5.0.1, contributors could conduct PHP ...)
- wordpress <unfixed> (bug #916403)
NOTE: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
-CVE-2018-20147
+CVE-2018-20147 (In WordPress versions before 5.0.1, authors could modify metadata to ...)
- wordpress <unfixed> (bug #916403)
NOTE: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
CVE-2018-20144
@@ -8198,8 +8222,8 @@ CVE-2018-19415
RESERVED
CVE-2018-19414
RESERVED
-CVE-2018-19413
- RESERVED
+CVE-2018-19413 (A vulnerability in the API of SonarSource SonarQube before 7.4 could ...)
+ TODO: check
CVE-2018-19412
RESERVED
CVE-2018-19411 (PRTG Network Monitor before 18.2.40.1683 allows an authenticated user ...)
@@ -9511,16 +9535,16 @@ CVE-2018-19009
RESERVED
CVE-2018-19008
RESERVED
-CVE-2018-19007
- RESERVED
+CVE-2018-19007 (In Geutebrueck GmbH E2 Camera Series versions prior to 1.12.0.25 the ...)
+ TODO: check
CVE-2018-19006
RESERVED
CVE-2018-19005
RESERVED
CVE-2018-19004
RESERVED
-CVE-2018-19003
- RESERVED
+CVE-2018-19003 (GE Mark VIe, EX2100e, EX2100e_Reg, and LS2100e Versions 03.03.28C to ...)
+ TODO: check
CVE-2018-19002
RESERVED
CVE-2018-19001 (Philips HealthSuite Health Android App, all versions. The software ...)
@@ -9557,8 +9581,8 @@ CVE-2018-18986
RESERVED
CVE-2018-18985
RESERVED
-CVE-2018-18984
- RESERVED
+CVE-2018-18984 (Medtronic CareLink 2090 Programmer CareLink 9790 Programmer 29901 ...)
+ TODO: check
CVE-2018-18983 (VT-Designer Version 2.1.7.31 is vulnerable by the program reading the ...)
NOT-FOR-US: VT-Designer
CVE-2018-18982 (NUUO CMS All versions 3.3 and prior the web server application allows ...)
@@ -12135,8 +12159,8 @@ CVE-2018-18008
RESERVED
CVE-2018-18007
RESERVED
-CVE-2018-18006
- RESERVED
+CVE-2018-18006 (Hardcoded credentials in the Ricoh myPrint application 2.9.2.4 for ...)
+ TODO: check
CVE-2018-18005
RESERVED
CVE-2018-18004
@@ -15470,7 +15494,7 @@ CVE-2018-16647 (In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in ...)
[jessie] - mupdf <ignored> (Minor issue)
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699686
CVE-2018-16646 (In Poppler 0.68.0, the Parser::getObj() function in Parser.cc may cause ...)
- {DLA-1562-2 DLA-1562-1}
+ {DLA-1562-3 DLA-1562-2 DLA-1562-1}
- poppler <unfixed> (low; bug #909802)
[stretch] - poppler <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1622951
@@ -18853,7 +18877,7 @@ CVE-2018-15320 (On BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, undisclosed traffi
NOT-FOR-US: F5 BIG-IP
CVE-2018-15319 (On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.6, ...)
NOT-FOR-US: F5 BIG-IP
-CVE-2018-15318 (In BIG-IP 14.0.0-14.0.0.2, 13.1.0.4-13.1.1.1, or 12.1.3.4-12.1.3.6, if ...)
+CVE-2018-15318 (In BIG-IP 14.0.0-14.0.0.2, 13.1.0.4-13.1.1.1, or 12.1.3.4-12.1.3.6, ...)
NOT-FOR-US: F5 BIG-IP
CVE-2018-15317 (In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, ...)
NOT-FOR-US: F5 BIG-IP
@@ -55810,8 +55834,8 @@ CVE-2018-1979
RESERVED
CVE-2018-1978
RESERVED
-CVE-2018-1977
- RESERVED
+CVE-2018-1977 (IBM DB2 for Linux, UNIX and Windows 11.1 (includes DB2 Connect Server) ...)
+ TODO: check
CVE-2018-1976
RESERVED
CVE-2018-1975
@@ -56068,8 +56092,8 @@ CVE-2018-1850 (IBM Security Access Manager Appliance 9.0.3.1, 9.0.4.0 and 9.0.5.
NOT-FOR-US: IBM
CVE-2018-1849
RESERVED
-CVE-2018-1848
- RESERVED
+CVE-2018-1848 (IBM Business Automation Workflow 18.0.0.0 and 18.0.0.1 is vulnerable ...)
+ TODO: check
CVE-2018-1847
RESERVED
CVE-2018-1846 (IBM Rational Engineering Lifecycle Manager 5.0 through 5.0.2 and 6.0 ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d590d1ebccf61c28ee9a11361ab48ed8da8efcc0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d590d1ebccf61c28ee9a11361ab48ed8da8efcc0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181215/83cadc7f/attachment.html>
More information about the debian-security-tracker-commits
mailing list