[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Sat Jul 21 21:11:47 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
238307b1 by security tracker role at 2018-07-21T20:10:22+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,19 @@
+CVE-2018-14499
+ RESERVED
+CVE-2018-14498
+ RESERVED
+CVE-2018-14497
+ RESERVED
+CVE-2018-14496
+ RESERVED
+CVE-2018-14495
+ RESERVED
+CVE-2018-14494
+ RESERVED
+CVE-2018-14493
+ RESERVED
+CVE-2018-14492 (Tenda AC7 through V15.03.06.44_CN, AC9 through V15.03.05.19(6318)_CN, ...)
+ TODO: check
CVE-2018-XXXX [CIVI-SA-2018-07: Remote code execution in QuickForm]
- civicrm 5.3.1+dfsg-1 (bug #904215)
NOTE: https://civicrm.org/advisory/civi-sa-2018-07-remote-code-execution-in-quickform
@@ -8716,6 +8732,7 @@ CVE-2018-10997 (Etere EtereWeb before 28.1.20 has a pre-authentication blind SQL
CVE-2018-10996 (The weblogin_log function in /htdocs/cgibin on D-Link DIR-629-B1 ...)
NOT-FOR-US: D-Link
CVE-2018-10995 (SchedMD Slurm before 17.02.11 and 17.1x.x before 17.11.7 mishandles ...)
+ {DLA-1437-1}
- slurm-llnl 17.11.7-1 (bug #900548)
NOTE: https://www.schedmd.com/news.php?id=203
NOTE: https://lists.schedmd.com/pipermail/slurm-announce/2018/000008.html
@@ -19332,7 +19349,7 @@ CVE-2018-7035 (Cross-site scripting (XSS) vulnerability in Gleez CMS 1.2.0 and 2
CVE-2018-7034 (TRENDnet TEW-751DR v1.03B03, TEW-752DRU v1.03B01, and TEW733GR v1.03B01 ...)
NOT-FOR-US: TRENDnet devices
CVE-2018-7033 (SchedMD Slurm before 17.02.10 and 17.11.x before 17.11.5 allows SQL ...)
- {DLA-1367-1}
+ {DLA-1437-1 DLA-1367-1}
- slurm-llnl 17.11.5-1 (bug #893044)
NOTE: https://bugs.schedmd.com/show_bug.cgi?id=4792 (not yet public)
NOTE: https://github.com/SchedMD/slurm/commit/db468895240ad6817628d07054fe54e71273b2fe
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/238307b1a05c01e70a5ef3be4f62362430d735a9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/238307b1a05c01e70a5ef3be4f62362430d735a9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180721/ddaca65c/attachment.html>
More information about the debian-security-tracker-commits
mailing list