[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a98af3f3 by security tracker role at 2018-11-10T08:10:15Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,17 @@
+CVE-2018-19147
+	RESERVED
+CVE-2018-19146
+	RESERVED
+CVE-2018-19145 (An issue was discovered in S-CMS v1.5. There is an XSS vulnerability in ...)
+	TODO: check
+CVE-2018-19144
+	RESERVED
+CVE-2018-19140
+	RESERVED
+CVE-2018-19139 (An issue has been found in JasPer 2.0.14. There is a memory leak in ...)
+	TODO: check
+CVE-2018-19138 (WSTMart 2.0.7 has CSRF via the index.php/admin/staffs/add.html URI. ...)
+	TODO: check
 CVE-2018-19137 (DomainMOD through 4.11.01 has XSS via the assets/edit/ip-address.php ...)
 	NOT-FOR-US: DomainMOD
 CVE-2018-19136 (DomainMOD through 4.11.01 has XSS via the ...)
@@ -32,16 +46,19 @@ CVE-2018-19122 (An issue has been found in libIEC61850 v1.3. It is a NULL pointe
 CVE-2018-19121 (An issue has been found in libIEC61850 v1.3. It is a SEGV in ...)
 	NOT-FOR-US: libIEC61850
 CVE-2018-19141 [otrs: Security Advisory 2018-09]
+	RESERVED
 	- otrs2 6.0.1-1
 	NOTE: https://community.otrs.com/security-advisory-2018-09-security-update-for-otrs-framework/
 	NOTE: Only the 4.x and 5.x series are affected (and possibly earlier versions).
 	NOTE: Add workaround and mark first 6.x version as fixing version
 CVE-2018-19142 [otrs: Security Advisory 2018-08]
+	RESERVED
 	- otrs2 6.0.13-1
 	[stretch] - otrs2 <not-affected> (Only affects 6.x)
 	[jessie] - otrs2 <not-affected> (Only affects 6.x)
 	NOTE: https://community.otrs.com/security-advisory-2018-08-security-update-for-otrs-framework/
 CVE-2018-19143 [otrs: Security Advisory 2018-07]
+	RESERVED
 	- otrs2 6.0.13-1
 	NOTE: https://community.otrs.com/security-advisory-2018-07-security-update-for-otrs-framework/
 CVE-2018-19120
@@ -124,14 +141,14 @@ CVE-2018-19089 (tianti 2.3 has stored XSS in the userlist module via the ...)
 	NOT-FOR-US: tianti
 CVE-2018-19088
 	RESERVED
-CVE-2018-19087
-	RESERVED
-CVE-2018-19086
-	RESERVED
-CVE-2018-19085
-	RESERVED
-CVE-2018-19084
-	RESERVED
+CVE-2018-19087 (RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a ...)
+	TODO: check
+CVE-2018-19086 (RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a ...)
+	TODO: check
+CVE-2018-19085 (RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a ...)
+	TODO: check
+CVE-2018-19084 (RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a ...)
+	TODO: check
 CVE-2018-19083 (WeCenter 3.2.0 through 3.2.2 has XSS in the ...)
 	NOT-FOR-US: WeCenter
 CVE-2018-19082 (An issue was discovered on Foscam Opticam i5 devices with System ...)
@@ -3737,8 +3754,8 @@ CVE-2018-17614
 CVE-2018-17613 (Telegram Desktop (aka tdesktop) 1.3.16 alpha, when "Use proxy" is ...)
 	- telegram-desktop <unfixed>
 	NOTE: https://www.inputzero.io/2018/09/telegram-share-password-in-cleartext.html
-CVE-2018-17612
-	RESERVED
+CVE-2018-17612 (Sennheiser HeadSetup 7.3.4903 places Certification Authority (CA) ...)
+	TODO: check
 CVE-2018-17611 (Foxit PhantomPDF and Reader before 9.3 allow remote attackers to ...)
 	NOT-FOR-US: Foxit
 CVE-2018-17610 (Foxit PhantomPDF and Reader before 9.3 allow remote attackers to ...)
@@ -8301,8 +8318,8 @@ CVE-2018-15798
 	RESERVED
 CVE-2018-15797
 	RESERVED
-CVE-2018-15796
-	RESERVED
+CVE-2018-15796 (Cloud Foundry Bits Service Release, versions prior to 2.14.0, uses an ...)
+	TODO: check
 CVE-2018-15795
 	RESERVED
 CVE-2018-15794



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a98af3f306499d5a155712687781daae47560f25

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a98af3f306499d5a155712687781daae47560f25
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181110/2e5689ba/attachment-0001.html>