[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Sat Jun 30 21:11:13 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cb7d95ca by security tracker role at 2018-06-30T20:11:06+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,15 @@
+CVE-2018-13031
+	RESERVED
+CVE-2018-13030 (An issue was discovered in jpeg-compressor 0.1. The build_huffman ...)
+	TODO: check
+CVE-2018-13029
+	RESERVED
+CVE-2018-13028
+	RESERVED
+CVE-2018-13027
+	RESERVED
+CVE-2018-13026 (An issue was discovered in gpmf-parser 1.1.2. There is a heap-based ...)
+	TODO: check
 CVE-2018-13025 (protected/apps/admin/controller/photoController.php in YXcms 1.4.7 ...)
 	NOT-FOR-US: YXcms
 CVE-2018-13024 (Metinfo v6.0.0 allows remote attackers to write code into a .php file, ...)
@@ -68,8 +80,8 @@ CVE-2018-12992 (An issue was discovered CMS MaeloStore V.1.5.0. There is stored 
 	NOT-FOR-US: CMS MaeloStore
 CVE-2018-12991
 	RESERVED
-CVE-2018-12990
-	RESERVED
+CVE-2018-12990 (phpwcms 1.8.9 allows remote attackers to discover the installation path ...)
+	TODO: check
 CVE-2018-12989
 	RESERVED
 CVE-2018-12988 (GreenCMS 2.3.0603 has an arbitrary file download vulnerability via an ...)
@@ -14274,8 +14286,8 @@ CVE-2018-7477 (SQL Injection exists in PHP Scripts Mall School Management Script
 	NOT-FOR-US: PHP Scripts Mall School Management Script
 CVE-2018-7476 (controllers/admin/Linkage.php in dayrui FineCms 5.3.0 has Cross Site ...)
 	NOT-FOR-US: FineCms
-CVE-2018-7475
-	RESERVED
+CVE-2018-7475 (Cross-site scripting (XSS) vulnerability for webdav/ticket/ URIs in ...)
+	TODO: check
 CVE-2018-7474 (An issue was discovered in Textpattern CMS 4.6.2 and earlier. It is ...)
 	- textpattern <removed>
 CVE-2018-7473 (Open redirect vulnerability in the SO Connect SO WIFI hotspot web ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cb7d95ca57b589944e9935bbeda1dd58c1a8c8a6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cb7d95ca57b589944e9935bbeda1dd58c1a8c8a6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180630/6b217a44/attachment.html>

More information about the debian-security-tracker-commits mailing list