[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Mon Dec 24 08:12:54 GMT 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ba0eed17 by security tracker role at 2018-12-24T08:10:15Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,111 @@
+CVE-2018-20432
+	RESERVED
+CVE-2018-20431 (GNU Libextractor through 1.8 has a NULL Pointer Dereference ...)
+	TODO: check
+CVE-2018-20430 (GNU Libextractor through 1.8 has an out-of-bounds read vulnerability in ...)
+	TODO: check
+CVE-2018-20429 (libming 0.4.8 has a NULL pointer dereference in the getName function of ...)
+	TODO: check
+CVE-2018-20428 (libming 0.4.8 has a NULL pointer dereference in the strlenext function ...)
+	TODO: check
+CVE-2018-20427 (libming 0.4.8 has a NULL pointer dereference in the getInt function of ...)
+	TODO: check
+CVE-2018-20426 (libming 0.4.8 has a NULL pointer dereference in the newVar3 function of ...)
+	TODO: check
+CVE-2018-20425 (libming 0.4.8 has a NULL pointer dereference in the pushdup function of ...)
+	TODO: check
+CVE-2018-20424 (Discuz! DiscuzX 3.4, when WeChat login is enabled, allows remote ...)
+	TODO: check
+CVE-2018-20423 (Discuz! DiscuzX 3.4, when WeChat login is enabled, allows remote ...)
+	TODO: check
+CVE-2018-20422 (Discuz! DiscuzX 3.4, when WeChat login is enabled, allows remote ...)
+	TODO: check
+CVE-2018-20421 (Go Ethereum (aka geth) 1.8.19 allows attackers to cause a denial of ...)
+	TODO: check
+CVE-2018-20420 (In webERP 4.15, Z_CreateCompanyTemplateFile.php has Incorrect Access ...)
+	TODO: check
+CVE-2018-20419 (DouCo DouPHP 1.5 has upload/admin/manager.php?rec=insert CSRF to add an ...)
+	TODO: check
+CVE-2018-20418 (index.php?p=admin/actions/entries/save-entry in Craft CMS 3.0.25 allows ...)
+	TODO: check
+CVE-2018-20417
+	RESERVED
+CVE-2018-20416
+	RESERVED
+CVE-2018-20415
+	RESERVED
+CVE-2018-20414
+	RESERVED
+CVE-2018-20413
+	RESERVED
+CVE-2018-20412
+	RESERVED
+CVE-2018-20411
+	RESERVED
+CVE-2018-20410 (WellinTech KingSCADA before 3.7.0.0.1 contains a stack-based buffer ...)
+	TODO: check
+CVE-2018-20409 (An issue was discovered in Bento4 1.5.1-627. There is a heap-based ...)
+	TODO: check
+CVE-2018-20408 (An issue was discovered in Bento4 1.5.1-627. There is a memory leak in ...)
+	TODO: check
+CVE-2018-20407 (An issue was discovered in Bento4 1.5.1-627. There is a memory leak in ...)
+	TODO: check
+CVE-2018-20406 (Modules/_pickle.c in Python before 3.7.1 has an integer overflow via a ...)
+	TODO: check
+CVE-2018-20405 (BigTree 4.3 allows full path disclosure via authenticated admin/news/ ...)
+	TODO: check
+CVE-2018-20404
+	RESERVED
+CVE-2018-20403
+	RESERVED
+CVE-2018-20402 (Safe Software FME Server through 2018.1 creates and enables three ...)
+	TODO: check
+CVE-2018-20401 (Zoom 5352 v5.5.8.6Y devices allow remote attackers to discover ...)
+	TODO: check
+CVE-2018-20400 (Ubee DVW2108 6.28.1017 and DVW2110 6.28.2012 devices allow remote ...)
+	TODO: check
+CVE-2018-20399 (Motorola SBG901 SBG901-2.10.1.1-GA-00-581-NOSH, SBG941 ...)
+	TODO: check
+CVE-2018-20398 (Skyworth CM5100 V1.1.0, CM5100-440 V1.2.1, CM5100-511 4.1.0.14, ...)
+	TODO: check
+CVE-2018-20397 (mplus CBC383Z CBC383Z_mplus_MDr026 devices allow remote attackers to ...)
+	TODO: check
+CVE-2018-20396 (NET&SYS MNG2120J 5.76.1006c and MNG6300 5.83.6305jrc2 devices allow ...)
+	TODO: check
+CVE-2018-20395 (NETWAVE MNG6200 C4835805jrc12FU121413.cpr devices allow remote ...)
+	TODO: check
+CVE-2018-20394 (Thomson DWG849 STC0.01.16, DWG850-4 ST9C.05.25, DWG855 ST80.20.26, and ...)
+	TODO: check
+CVE-2018-20393 (Technicolor CGA0111 CGA0111E-ES-13-E23E-c8000r5712-170217-0829-TRU, ...)
+	TODO: check
+CVE-2018-20392 (S-A WebSTAR DPC2100 v2.0.2r1256-060303 devices allow remote attackers ...)
+	TODO: check
+CVE-2018-20391 (TEKNOTEL CBW700N 81.447.392110.729.024 devices allow remote attackers ...)
+	TODO: check
+CVE-2018-20390 (Kaonmedia CG2001-AN22A 1.2.1, CG2001-UDBNA 3.0.8, and CG2001-UN2NA ...)
+	TODO: check
+CVE-2018-20389 (D-Link DCM-604 DCM604_C1_ViaCabo_1.04_20130606 and DCM-704 ...)
+	TODO: check
+CVE-2018-20388 (Comtrend CM-6200un 123.447.007 and CM-6300n 123.553mp1.005 devices ...)
+	TODO: check
+CVE-2018-20387 (Bnmux BCW700J 5.20.7, BCW710J 5.30.6a, and BCW710J2 5.30.16 devices ...)
+	TODO: check
+CVE-2018-20386 (ARRIS SBG6580-2 D30GW-SEAEAGLE-1.5.2.5-GA-00-NOSH devices allow remote ...)
+	TODO: check
+CVE-2018-20385 (CastleNet CBV38Z4EC 125.553mp1.39219mp1.899.007, CBV38Z4ECNIT ...)
+	TODO: check
+CVE-2018-20384 (iNovo Broadband IB-8120-W21 139.4410mp1.004200.002 and IB-8120-W21E1 ...)
+	TODO: check
+CVE-2018-20383 (ARRIS DG950A 7.10.145 and DG950S 7.10.145.EURO devices allow remote ...)
+	TODO: check
+CVE-2018-20382 (Jiuzhou BCM93383WRG 139.4410mp1.3921132mp1.899.004404.004 devices allow ...)
+	TODO: check
+CVE-2018-20381 (Technicolor DPC2320 dpc2300r2-v202r1244101-150420a-v6 devices allow ...)
+	TODO: check
+CVE-2018-20380 (Ambit DDW2600 5.100.1009, DDW2602 5.105.1003, T60C926 4.64.1012, and ...)
+	TODO: check
+CVE-2018-20379 (Technicolor DPC3928SL D3928SL-PSIP-13-A010-c3420r55105-160428a devices ...)
+	TODO: check
 CVE-2018-20378
 	RESERVED
 CVE-2018-20377 (Orange Livebox 00.96.320S devices allow remote attackers to discover ...)
@@ -9178,8 +9286,8 @@ CVE-2018-19358 (GNOME Keyring through 3.28.2 allows local users to retrieve logi
 	NOTE: Non issue
 	NOTE: https://wiki.gnome.org/Projects/GnomeKeyring/SecurityFAQ
 	NOTE: https://gitlab.gnome.org/GNOME/gnome-keyring/issues/5
-CVE-2018-19357
-	RESERVED
+CVE-2018-19357 (XMPlay 3.8.3 allows remote attackers to execute arbitrary code or cause ...)
+	TODO: check
 CVE-2018-19356
 	RESERVED
 CVE-2018-19355 (modules/orderfiles/ajax/upload.php in the Customer Files Upload addon ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ba0eed171abf17464b08d431ee99bfe4f5627be7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ba0eed171abf17464b08d431ee99bfe4f5627be7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181224/4f502d53/attachment.html>

More information about the debian-security-tracker-commits mailing list