[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Tue Oct 9 21:11:38 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3591f8df by security tracker role at 2018-10-09T20:11:22Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,241 @@
+CVE-2018-18188
+ RESERVED
+CVE-2018-18187
+ RESERVED
+CVE-2018-18186
+ RESERVED
+CVE-2018-18185
+ RESERVED
+CVE-2018-18184
+ RESERVED
+CVE-2018-18183
+ RESERVED
+CVE-2018-18182
+ RESERVED
+CVE-2018-18181
+ RESERVED
+CVE-2018-18180
+ RESERVED
+CVE-2018-18179
+ RESERVED
+CVE-2018-18178
+ RESERVED
+CVE-2018-18177
+ RESERVED
+CVE-2018-18176
+ RESERVED
+CVE-2018-18175
+ RESERVED
+CVE-2018-18174
+ RESERVED
+CVE-2018-18173
+ RESERVED
+CVE-2018-18172
+ RESERVED
+CVE-2018-18171
+ RESERVED
+CVE-2018-18170
+ RESERVED
+CVE-2018-18169
+ RESERVED
+CVE-2018-18168
+ RESERVED
+CVE-2018-18167
+ RESERVED
+CVE-2018-18166
+ RESERVED
+CVE-2018-18165
+ RESERVED
+CVE-2018-18164
+ RESERVED
+CVE-2018-18163
+ RESERVED
+CVE-2018-18162
+ RESERVED
+CVE-2018-18161
+ RESERVED
+CVE-2018-18160
+ RESERVED
+CVE-2018-18159
+ RESERVED
+CVE-2018-18158
+ RESERVED
+CVE-2018-18157
+ RESERVED
+CVE-2018-18156
+ RESERVED
+CVE-2018-18155
+ RESERVED
+CVE-2018-18154
+ RESERVED
+CVE-2018-18153
+ RESERVED
+CVE-2018-18152
+ RESERVED
+CVE-2018-18151
+ RESERVED
+CVE-2018-18150
+ RESERVED
+CVE-2018-18149
+ RESERVED
+CVE-2018-18148
+ RESERVED
+CVE-2018-18147
+ RESERVED
+CVE-2018-18146
+ RESERVED
+CVE-2018-18145
+ RESERVED
+CVE-2018-18144
+ RESERVED
+CVE-2018-18143
+ RESERVED
+CVE-2018-18142
+ RESERVED
+CVE-2018-18141
+ RESERVED
+CVE-2018-18140
+ RESERVED
+CVE-2018-18139
+ RESERVED
+CVE-2018-18138
+ RESERVED
+CVE-2018-18137
+ RESERVED
+CVE-2018-18136
+ RESERVED
+CVE-2018-18135
+ RESERVED
+CVE-2018-18134
+ RESERVED
+CVE-2018-18133
+ RESERVED
+CVE-2018-18132
+ RESERVED
+CVE-2018-18131
+ RESERVED
+CVE-2018-18130
+ RESERVED
+CVE-2018-18129
+ RESERVED
+CVE-2018-18128
+ RESERVED
+CVE-2018-18127
+ RESERVED
+CVE-2018-18126
+ RESERVED
+CVE-2018-18125
+ RESERVED
+CVE-2018-18124
+ RESERVED
+CVE-2018-18123
+ RESERVED
+CVE-2018-18122
+ RESERVED
+CVE-2018-18121
+ RESERVED
+CVE-2018-18120
+ RESERVED
+CVE-2018-18119
+ RESERVED
+CVE-2018-18118
+ RESERVED
+CVE-2018-18117
+ RESERVED
+CVE-2018-18116
+ RESERVED
+CVE-2018-18115
+ RESERVED
+CVE-2018-18114
+ RESERVED
+CVE-2018-18113
+ RESERVED
+CVE-2018-18112
+ RESERVED
+CVE-2018-18111
+ RESERVED
+CVE-2018-18110
+ RESERVED
+CVE-2018-18109
+ RESERVED
+CVE-2018-18108
+ RESERVED
+CVE-2018-18107
+ RESERVED
+CVE-2018-18106
+ RESERVED
+CVE-2018-18105
+ RESERVED
+CVE-2018-18104
+ RESERVED
+CVE-2018-18103
+ RESERVED
+CVE-2018-18102
+ RESERVED
+CVE-2018-18101
+ RESERVED
+CVE-2018-18100
+ RESERVED
+CVE-2018-18099
+ RESERVED
+CVE-2018-18098
+ RESERVED
+CVE-2018-18097
+ RESERVED
+CVE-2018-18096
+ RESERVED
+CVE-2018-18095
+ RESERVED
+CVE-2018-18094
+ RESERVED
+CVE-2018-18093
+ RESERVED
+CVE-2018-18092
+ RESERVED
+CVE-2018-18091
+ RESERVED
+CVE-2018-18090
+ RESERVED
+CVE-2018-18089
+ RESERVED
+CVE-2018-18088
+ RESERVED
+CVE-2018-18087
+ RESERVED
+CVE-2018-18086
+ RESERVED
+CVE-2018-18085
+ RESERVED
+CVE-2018-18084 (An issue was discovered in DuomiCMS 3.0. SQL injection exists in the ...)
+ TODO: check
+CVE-2018-18083 (An issue was discovered in DuomiCMS 3.0. Remote PHP code execution is ...)
+ TODO: check
+CVE-2018-18082 (XSS exists in Waimai Super Cms 20150505 via the fname parameter to the ...)
+ TODO: check
+CVE-2018-18081
+ RESERVED
+CVE-2018-18080
+ RESERVED
+CVE-2018-18079
+ RESERVED
+CVE-2018-18078
+ RESERVED
+CVE-2018-18077
+ RESERVED
+CVE-2018-18076
+ RESERVED
+CVE-2018-18075 (WikidForum 2.20 has SQL Injection via the rpc.php parent_post_id or ...)
+ TODO: check
+CVE-2018-18074 (The Requests package through 2.19.1 before 2018-09-14 for Python sends ...)
+ TODO: check
+CVE-2018-18073
+ RESERVED
+CVE-2018-18072
+ RESERVED
+CVE-2018-18071 (An issue was discovered in the Daimler Mercedes-Benz Me app 2.11.0-846 ...)
+ TODO: check
+CVE-2018-18070 (An issue was discovered in Daimler Mercedes-Benz COMAND 17/13.0 50.12 ...)
+ TODO: check
CVE-2018-18069 (process_forms in the WPML (aka sitepress-multilingual-cms) plugin ...)
NOT-FOR-US: Wordpress plugin
CVE-2018-18068
@@ -105,8 +343,8 @@ CVE-2018-18031
RESERVED
CVE-2018-18030
RESERVED
-CVE-2018-18029
- RESERVED
+CVE-2018-18029 (Navigate CMS has Stored XSS via the navigate.php Title field in an ...)
+ TODO: check
CVE-2018-18028
RESERVED
CVE-2018-18027
@@ -6101,10 +6339,10 @@ CVE-2018-15545
RESERVED
CVE-2018-15544
RESERVED
-CVE-2018-15543
- RESERVED
-CVE-2018-15542
- RESERVED
+CVE-2018-15543 (** DISPUTED ** An issue was discovered in the org.telegram.messenger ...)
+ TODO: check
+CVE-2018-15542 (** DISPUTED ** An issue was discovered in the org.telegram.messenger ...)
+ TODO: check
CVE-2018-15541
RESERVED
CVE-2018-15540
@@ -8096,8 +8334,7 @@ CVE-2018-14651
RESERVED
CVE-2018-14650 (It was discovered that sos-collector does not properly set the default ...)
NOT-FOR-US: sos-collector (not same as sosreport itself, additional tool to sosreport)
-CVE-2018-14649
- RESERVED
+CVE-2018-14649 (It was found that ceph-isci-cli package as shipped by Red Hat Ceph ...)
NOT-FOR-US: ceph-iscsi-cli
CVE-2018-14648 (A flaw was found in 389 Directory Server. A specially crafted search ...)
- 389-ds-base <unfixed>
@@ -9698,10 +9935,10 @@ CVE-2018-14083 (LICA miniCMTS E8K(u/i/...) devices allow remote attackers to obt
NOT-FOR-US: LICA miniCMTS E8K(u/i/...) devices
CVE-2018-14082 (PHP Scripts Mall JOB SITE (aka Job Portal) 3.0.1 has Cross-site ...)
NOT-FOR-US: PHP Scripts Mall JOB SITE (aka Job Portal)
-CVE-2018-14081
- RESERVED
-CVE-2018-14080
- RESERVED
+CVE-2018-14081 (An issue was discovered on D-Link DIR-809 A1 through 1.09, A2 through ...)
+ TODO: check
+CVE-2018-14080 (An issue was discovered on D-Link DIR-809 A1 through 1.09, A2 through ...)
+ TODO: check
CVE-2018-14079 (Wi2be SMART HP WMT R1.2.20_201400922 allows unauthorized remote ...)
NOT-FOR-US: Wi2be SMART HP WMT
CVE-2018-14078 (Wi2be SMART HP WMT R1.2.20_201400922 allows unauthorized remote ...)
@@ -13589,18 +13826,18 @@ CVE-2018-12481 (The Olive Tree Ftp Server application 1.32 for Android has a &qu
NOT-FOR-US: Olive Tree Ftp Server application for Android
CVE-2018-12480
RESERVED
-CVE-2018-12479
- RESERVED
-CVE-2018-12478
- RESERVED
-CVE-2018-12477
- RESERVED
+CVE-2018-12479 (A Improper Input Validation vulnerability in Open Build Service allows ...)
+ TODO: check
+CVE-2018-12478 (A Improper Input Validation vulnerability in Open Build Service allows ...)
+ TODO: check
+CVE-2018-12477 (A Improper Neutralization of CRLF Sequences vulnerability in Open ...)
+ TODO: check
CVE-2018-12476
RESERVED
CVE-2018-12475
RESERVED
-CVE-2018-12474
- RESERVED
+CVE-2018-12474 (Improper input validation in obs-service-tar_scm of Open Build Service ...)
+ TODO: check
CVE-2018-12473 (A path traversal traversal vulnerability in obs-service-tar_scm of ...)
NOT-FOR-US: obs-service-tar_scm of Open Build Service
CVE-2018-12472 (A improper authentication using the HOST header in SUSE Linux SMT ...)
@@ -16291,7 +16528,7 @@ CVE-2018-11512 (Stored cross-site scripting (XSS) vulnerability in the "Web
NOT-FOR-US: wityCMS
CVE-2018-11511 (The tree list functionality in the photo gallery application in ...)
NOT-FOR-US: ASUSTOR ADM
-CVE-2018-11510 (ASUSTOR ADM 3.1.2.RHG1 and earlier uses the same default root:admin ...)
+CVE-2018-11510 (The ASUSTOR ADM 3.1.0.RFQ3 NAS portal suffers from an unauthenticated ...)
NOT-FOR-US: ASUSTOR
CVE-2018-11509 (ASUSTOR ADM 3.1.0.RFQ3 uses the same default root:admin username and ...)
NOT-FOR-US: ASUSTOR ADM
@@ -25611,8 +25848,8 @@ CVE-2018-7930 (The Near Field Communication (NFC) module in Mate 9 Huawei mobile
NOT-FOR-US: Mate 9 Huawei mobile phones
CVE-2018-7929 (Huawei Mate RS smartphones with the versions before NEO-AL00D ...)
NOT-FOR-US: Huawei
-CVE-2018-7928
- RESERVED
+CVE-2018-7928 (There is a security vulnerability which could lead to Factory Reset ...)
+ TODO: check
CVE-2018-7927
RESERVED
CVE-2018-7926
@@ -42113,26 +42350,26 @@ CVE-2018-2477
RESERVED
CVE-2018-2476
RESERVED
-CVE-2018-2475
- RESERVED
-CVE-2018-2474
- RESERVED
+CVE-2018-2475 (Following the Gardener architecture, the Kubernetes apiserver of a ...)
+ TODO: check
+CVE-2018-2474 (SAP Fiori 1.0 for SAP ERP HCM (Approve Leave Request, version 2) ...)
+ TODO: check
CVE-2018-2473
RESERVED
-CVE-2018-2472
- RESERVED
-CVE-2018-2471
- RESERVED
-CVE-2018-2470
- RESERVED
-CVE-2018-2469
- RESERVED
-CVE-2018-2468
- RESERVED
-CVE-2018-2467
- RESERVED
-CVE-2018-2466
- RESERVED
+CVE-2018-2472 (SAP BusinessObjects Business Intelligence Platform 4.10 and 4.20 (Web ...)
+ TODO: check
+CVE-2018-2471 (Under certain conditions SAP BusinessObjects Business Intelligence ...)
+ TODO: check
+CVE-2018-2470 (In SAP NetWeaver Application Server for ABAP, from 7.0 to 7.02, 7.30, ...)
+ TODO: check
+CVE-2018-2469 (Under certain conditions SAP Adaptive Server Enterprise (ASE), ...)
+ TODO: check
+CVE-2018-2468 (Under certain conditions the backup server in SAP Adaptive Server ...)
+ TODO: check
+CVE-2018-2467 (In the Software Development Kit in SAP BusinessObjects BI Platform ...)
+ TODO: check
+CVE-2018-2466 (In Impact and Lineage Analysis in SAP Data Services, version 4.2, the ...)
+ TODO: check
CVE-2018-2465 (SAP HANA (versions 1.0 and 2.0) Extended Application Services classic ...)
NOT-FOR-US: SAP
CVE-2018-2464 (SAP WebDynpro Java, versions 7.20, 7.30, 7.31, 7.40, 7.50, does not ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3591f8df15dc8083c475766537b01815f5a1c729
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3591f8df15dc8083c475766537b01815f5a1c729
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181009/84d457d9/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list