[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Tue Sep 4 09:10:26 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7eab1abd by security tracker role at 2018-09-04T08:10:18Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,83 @@
+CVE-2018-16457
+ RESERVED
+CVE-2018-16456
+ RESERVED
+CVE-2018-16455
+ RESERVED
+CVE-2018-16454
+ RESERVED
+CVE-2018-16453
+ RESERVED
+CVE-2018-16452
+ RESERVED
+CVE-2018-16451
+ RESERVED
+CVE-2018-16450 (CraftedWeb through 2013-09-24 has reflected XSS via the p parameter. ...)
+ TODO: check
+CVE-2018-16449 (OneThink 1.1.141212 allows CSRF for adding a page via ...)
+ TODO: check
+CVE-2018-16448 (Cscms 4 allows CSRF for creating a member via ...)
+ TODO: check
+CVE-2018-16447 (Frog CMS 0.9.5 has admin/?/user/edit/1 CSRF. ...)
+ TODO: check
+CVE-2018-16446 (An issue was discovered in SeaCMS through 6.61. ...)
+ TODO: check
+CVE-2018-16445 (An issue was discovered in SeaCMS through 6.61. SQL injection exists ...)
+ TODO: check
+CVE-2018-16444 (An issue was discovered in SeaCMS 6.61. adm1n/admin_reslib.php has SSRF ...)
+ TODO: check
+CVE-2018-16443
+ RESERVED
+CVE-2018-16442
+ RESERVED
+CVE-2018-16441
+ RESERVED
+CVE-2018-16440
+ RESERVED
+CVE-2018-16439
+ RESERVED
+CVE-2018-16438 (An issue was discovered in the HDF HDF5 1.8.20 library. There is an out ...)
+ TODO: check
+CVE-2018-16437
+ RESERVED
+CVE-2018-16436
+ RESERVED
+CVE-2018-16435 (Little CMS (aka Little Color Management System) 2.9 has an integer ...)
+ TODO: check
+CVE-2018-16434
+ RESERVED
+CVE-2018-16433
+ RESERVED
+CVE-2018-16432 (BlueCMS 1.6 allows SQL Injection via the user_name parameter to ...)
+ TODO: check
+CVE-2018-16431 (admin/admin/adminsave.html in YFCMF v3.0 allows CSRF to add an ...)
+ TODO: check
+CVE-2018-16430 (GNU Libextractor through 1.7 has an out-of-bounds read vulnerability in ...)
+ TODO: check
+CVE-2018-16429 (GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in ...)
+ TODO: check
+CVE-2018-16428 (In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c ...)
+ TODO: check
+CVE-2018-16427 (Various out of bounds reads when handling responses in OpenSC before ...)
+ TODO: check
+CVE-2018-16426 (Endless recursion when handling responses from an IAS-ECC card in ...)
+ TODO: check
+CVE-2018-16425 (A double free when handling responses from an HSM Card in ...)
+ TODO: check
+CVE-2018-16424 (A double free when handling responses in read_file in tools/egk-tool.c ...)
+ TODO: check
+CVE-2018-16423 (A double free when handling responses from a smartcard in ...)
+ TODO: check
+CVE-2018-16422 (A single byte buffer overflow when handling responses from an esteid ...)
+ TODO: check
+CVE-2018-16421 (Several buffer overflows when handling responses from a CAC Card in ...)
+ TODO: check
+CVE-2018-16420 (Several buffer overflows when handling responses from an ePass 2003 ...)
+ TODO: check
+CVE-2018-16419 (Several buffer overflows when handling responses from a Cryptoflex card ...)
+ TODO: check
+CVE-2018-16418 (A buffer overflow when handling string concatenation in util_acl_to_str ...)
+ TODO: check
CVE-2018-16417
RESERVED
CVE-2018-16416 (Cross-site request forgery (CSRF) vulnerability in ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7eab1abdb48d9156e9df2758f89de1d68fac21aa
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7eab1abdb48d9156e9df2758f89de1d68fac21aa
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180904/0c9668be/attachment.html>
More information about the debian-security-tracker-commits
mailing list