[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Sat Nov 17 20:10:39 GMT 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6f09cef1 by security tracker role at 2018-11-17T20:10:18Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,37 @@
+CVE-2018-19340 (Guriddo Form PHP 5.3 has XSS via the ...)
+	TODO: check
+CVE-2018-19339
+	RESERVED
+CVE-2018-19338
+	RESERVED
+CVE-2018-19337
+	RESERVED
+CVE-2018-19336
+	RESERVED
+CVE-2018-19335
+	RESERVED
+CVE-2018-19334
+	RESERVED
+CVE-2018-19333 (pkg/sentry/kernel/shm/shm.go in Google gVisor before 2018-11-01 allows ...)
+	TODO: check
+CVE-2018-19332 (An issue was discovered in S-CMS v1.5. There is a CSRF vulnerability ...)
+	TODO: check
+CVE-2018-19331 (An issue was discovered in S-CMS v1.5. There is a SQL injection ...)
+	TODO: check
+CVE-2018-19330
+	RESERVED
+CVE-2018-19329 (GreenCMS v2.3.0603 allows remote authenticated administrators to delete ...)
+	TODO: check
+CVE-2018-19328 (LAOBANCMS 2.0 allows install/mysql_hy.php?riqi=../ Directory Traversal. ...)
+	TODO: check
+CVE-2018-19327 (An issue was discovered in JTBC(PHP) 3.0.1.7. ...)
+	TODO: check
+CVE-2018-19326 (Zyxel VMG1312-B10D devices before 5.13(AAXA.8)C0 allow ../ Directory ...)
+	TODO: check
+CVE-2018-19325
+	RESERVED
+CVE-2018-19324 (kimsQ Rb 2.3.0 allows XSS via the second input field to the ...)
+	TODO: check
 CVE-2018-19323
 	RESERVED
 CVE-2018-19322
@@ -202,8 +236,8 @@ CVE-2018-19276
 	RESERVED
 CVE-2018-19275
 	RESERVED
-CVE-2018-19274
-	RESERVED
+CVE-2018-19274 (Passing an absolute path to a file_exists check in phpBB before 3.2.4 ...)
+	TODO: check
 CVE-2018-19273
 	RESERVED
 CVE-2018-19272



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6f09cef1f92ee66db8867d43968ccdc5a6f28b9a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6f09cef1f92ee66db8867d43968ccdc5a6f28b9a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181117/5312fee0/attachment.html>

More information about the debian-security-tracker-commits mailing list