[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Tue Oct 30 08:10:25 GMT 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8d124fc6 by security tracker role at 2018-10-30T08:10:16Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,89 @@
+CVE-2018-18848
+	RESERVED
+CVE-2018-18847
+	RESERVED
+CVE-2018-18846
+	RESERVED
+CVE-2018-18845
+	RESERVED
+CVE-2018-18844
+	RESERVED
+CVE-2018-18843
+	RESERVED
+CVE-2018-18842 (CSRF exists in zb_users/plugin/AppCentre/theme.js.php in Z-BlogPHP ...)
+	TODO: check
+CVE-2018-18841 (XSS was discovered in SEMCMS PHP V3.4 via the ...)
+	TODO: check
+CVE-2018-18840 (XSS was discovered in SEMCMS PHP V3.4 via the ...)
+	TODO: check
+CVE-2018-18839
+	RESERVED
+CVE-2018-18838
+	RESERVED
+CVE-2018-18837
+	RESERVED
+CVE-2018-18836
+	RESERVED
+CVE-2018-18835 (upload_template() in system/changeskin.php in DocCms 2016.5.12 allows ...)
+	TODO: check
+CVE-2018-18834 (An issue has been found in libIEC61850 v1.3. It is a heap-based buffer ...)
+	TODO: check
+CVE-2018-18833
+	RESERVED
+CVE-2018-18832 (admin/check.asp in DKCMS 9.4 allows SQL Injection via an ASPSESSIONID ...)
+	TODO: check
+CVE-2018-18831 (An issue was discovered in com\mingsoft\cms\action\GeneraterAction.java ...)
+	TODO: check
+CVE-2018-18830 (An issue was discovered in ...)
+	TODO: check
+CVE-2018-18829 (There exists a NULL pointer dereference in ...)
+	TODO: check
+CVE-2018-18828 (There exists a heap-based buffer overflow in vc1_decode_i_block_adv in ...)
+	TODO: check
+CVE-2018-18827 (There exists a heap-based buffer over-read in ff_vc1_pred_dc in ...)
+	TODO: check
+CVE-2018-18826 (There exists a heap-based buffer overflow in vc1_decode_p_mb_intfi in ...)
+	TODO: check
+CVE-2018-18825 (Pagoda Linux panel V6.0 has XSS via the verification code associated ...)
+	TODO: check
+CVE-2018-18824
+	RESERVED
+CVE-2018-18823
+	RESERVED
+CVE-2018-18822 (Grapixel New Media v2.0 allows SQL Injection via the pages.aspx pageref ...)
+	TODO: check
+CVE-2018-18821
+	RESERVED
+CVE-2018-18820
+	RESERVED
+CVE-2018-18819
+	RESERVED
+CVE-2018-18818
+	RESERVED
+CVE-2018-18817 (The Leostream Agent before Build 7.0.1.0 when used with Leostream ...)
+	TODO: check
+CVE-2018-18816
+	RESERVED
+CVE-2018-18815
+	RESERVED
+CVE-2018-18814
+	RESERVED
+CVE-2018-18813
+	RESERVED
+CVE-2018-18812
+	RESERVED
+CVE-2018-18811
+	RESERVED
+CVE-2018-18810
+	RESERVED
+CVE-2018-18809
+	RESERVED
+CVE-2018-18808
+	RESERVED
+CVE-2018-18807
+	RESERVED
+CVE-2017-18350
+	RESERVED
 CVE-2018-XXXX [Squid: SNMP mem leak]
 	- squid <unfixed> (low; bug #912294)
 	- squid3 <removed> (low)
@@ -2770,8 +2856,8 @@ CVE-2018-17708
 	RESERVED
 CVE-2018-17707
 	RESERVED
-CVE-2018-17706
-	RESERVED
+CVE-2018-17706 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
 CVE-2018-17705
 	RESERVED
 CVE-2018-17704
@@ -2934,26 +3020,26 @@ CVE-2018-17626
 	RESERVED
 CVE-2018-17625
 	RESERVED
-CVE-2018-17624
-	RESERVED
-CVE-2018-17623
-	RESERVED
-CVE-2018-17622
-	RESERVED
-CVE-2018-17621
-	RESERVED
-CVE-2018-17620
-	RESERVED
-CVE-2018-17619
-	RESERVED
-CVE-2018-17618
-	RESERVED
-CVE-2018-17617
-	RESERVED
-CVE-2018-17616
-	RESERVED
-CVE-2018-17615
-	RESERVED
+CVE-2018-17624 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17623 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17622 (This vulnerability allows remote attackers to disclose sensitive ...)
+	TODO: check
+CVE-2018-17621 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17620 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17619 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17618 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17617 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17616 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2018-17615 (This vulnerability allows remote attackers to execute arbitrary code ...)
+	TODO: check
 CVE-2018-17614
 	RESERVED
 CVE-2018-17613 (Telegram Desktop (aka tdesktop) 1.3.16 alpha, when "Use proxy" is ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8d124fc6aa853f34f666661be751ec14fa465adb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8d124fc6aa853f34f666661be751ec14fa465adb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181030/fd5cec4e/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list