[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Mon May 14 09:10:20 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
21eb5928 by security tracker role at 2018-05-14T08:10:13+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,45 @@
+CVE-2018-11037 (In Exiv2 0.26, the Exiv2::PngImage::printStructure function in ...)
+ TODO: check
+CVE-2018-11036
+ RESERVED
+CVE-2018-11035 (In 2345 Security Guard 3.7, the driver file (2345NsProtect.sys, X64 ...)
+ TODO: check
+CVE-2018-11034 (In 2345 Security Guard 3.7, the driver file (2345NsProtect.sys, X64 ...)
+ TODO: check
+CVE-2018-11033 (The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in ...)
+ TODO: check
+CVE-2018-11032 (PHPRAP 1.0.4 through 1.0.8 has SQL Injection via the ...)
+ TODO: check
+CVE-2018-11031 (application/home/controller/debug.php in PHPRAP 1.0.4 through 1.0.8 has ...)
+ TODO: check
+CVE-2018-11030
+ RESERVED
+CVE-2018-11029
+ RESERVED
+CVE-2018-11028
+ RESERVED
+CVE-2018-11027
+ RESERVED
+CVE-2018-11026
+ RESERVED
+CVE-2018-11025
+ RESERVED
+CVE-2018-11024
+ RESERVED
+CVE-2018-11023
+ RESERVED
+CVE-2018-11022
+ RESERVED
+CVE-2018-11021
+ RESERVED
+CVE-2018-11020
+ RESERVED
+CVE-2018-11019
+ RESERVED
+CVE-2018-11018 (An issue was discovered in PbootCMS v1.0.7. Cross-site request forgery ...)
+ TODO: check
+CVE-2018-11017 (The newVar_N function in decompile.c in libming through 0.4.8 ...)
+ TODO: check
CVE-2018-11016
RESERVED
CVE-2018-11015
@@ -169,8 +211,8 @@ CVE-2017-18266 (The open_envvar function in xdg-open in xdg-utils before 1.1.3 d
NOTE: Fixed by: https://cgit.freedesktop.org/xdg/xdg-utils/commit/?id=ce802d71c3466d1dbb24f2fe9b6db82a1f899bcb
CVE-2018-10945
RESERVED
-CVE-2018-10944
- RESERVED
+CVE-2018-10944 (The request_dividend function of a smart contract implementation for ...)
+ TODO: check
CVE-2018-10943
RESERVED
CVE-2018-10942 (modules/attributewizardpro/file_upload.php in the Attribute Wizard ...)
@@ -782,8 +824,8 @@ CVE-2018-10680 (** DISPUTED ** Z-BlogPHP 1.5.2 has a stored Cross Site Scripting
NOT-FOR-US: Z-BlogPHP
CVE-2018-10679
RESERVED
-CVE-2018-10678
- RESERVED
+CVE-2018-10678 (MyBB 1.8.15, when accessed with Microsoft Edge, mishandles ...)
+ TODO: check
CVE-2018-10677 (The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 lacks ...)
NOT-FOR-US: ngiflib
CVE-2018-10676 (CeNova, Night OWL, Novo, Pulnix, QSee, Securus, and TBK Vision DVR ...)
@@ -5060,6 +5102,7 @@ CVE-2018-8907
CVE-2018-8906 (dsmall v20180320 has XSS via a crafted street address to ...)
NOT-FOR-US: dsmall
CVE-2018-8905 (In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function ...)
+ {DLA-1378-1 DLA-1377-1}
- tiff <unfixed> (bug #893806)
[stretch] - tiff <postponed> (Can be fixed along in a future DSA)
[jessie] - tiff <postponed> (Can be fixed along in a future DSA)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/21eb5928b5a56e362217b21493a14dce27b48088
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/21eb5928b5a56e362217b21493a14dce27b48088
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180514/89e3f705/attachment.html>
More information about the debian-security-tracker-commits
mailing list