[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Wed Sep 12 09:10:24 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
fbb559c7 by security tracker role at 2018-09-12T08:10:16Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,9 @@
+CVE-2018-16951 (xunfeng 0.2.0 allows command execution via CSRF because masscan.py ...)
+ TODO: check
+CVE-2018-16950 (Inteno DG400 WU7U_ELION3.11.6-170614_1328 devices allow remote ...)
+ TODO: check
+CVE-2018-16946 (LG LNB*, LND*, LNU*, and LNV* smart network camera devices have broken ...)
+ TODO: check
CVE-2018-16945
RESERVED
CVE-2018-16944
@@ -226,13 +232,13 @@ CVE-2018-16833
RESERVED
CVE-2018-16832 (CSRF in the anti-csrf decorator in xunfeng 0.2.0 allows an attacker to ...)
NOT-FOR-US: xunfeng
-CVE-2018-16949 [OpenAFS Security Advisory-2018-003]
+CVE-2018-16949 (An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before ...)
- openafs <unfixed> (bug #908616)
NOTE: http://openafs.org/pages/security/OPENAFS-SA-2018-003.txt
-CVE-2018-16948 [OpenAFS Security Advisory-2018-002]
+CVE-2018-16948 (An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before ...)
- openafs <unfixed> (bug #908616)
NOTE: http://openafs.org/pages/security/OPENAFS-SA-2018-002.txt
-CVE-2018-16947 [OpenAFS Security Advisory-2018-001]
+CVE-2018-16947 (An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before ...)
- openafs <unfixed> (bug #908616)
NOTE: http://openafs.org/pages/security/OPENAFS-SA-2018-001.txt
CVE-2018-XXXX [function signature mismatch in webassembly]
@@ -469,7 +475,7 @@ CVE-2018-16742 [stack-based buffer overflow with long arguments in contrib/scrts
NOTE: Upstream removed contrib/scrts in 7d018d471f4c737f77ef281f5859a3b1c9ded42f (1.2.1)
CVE-2018-16741 [shell injection via faxq-helper]
RESERVED
- {DSA-4291-1}
+ {DSA-4291-1 DLA-1502-1}
- mgetty <unfixed>
NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-007-mgetty/
NOTE: Upstream commit: 1a7b3a30f79bae4cfbc6404fe4648689cd0ade62 (1.2.1)
@@ -2479,8 +2485,8 @@ CVE-2018-15900
RESERVED
CVE-2018-15899 (An issue was discovered in MiniCMS 1.10. There is a post.php?date= XSS ...)
NOT-FOR-US: MiniCMS
-CVE-2018-15898
- RESERVED
+CVE-2018-15898 (The Subsonic Music Streamer application 4.4 for Android has Improper ...)
+ TODO: check
CVE-2018-15897 (PHP Scripts Mall Website Seller Script 2.0.5 allows remote attackers ...)
NOT-FOR-US: PHP Scripts Mall Website Seller Script
CVE-2018-15896 (PHP Scripts Mall Website Seller Script 2.0.5 has XSS via Personal ...)
@@ -96790,7 +96796,7 @@ CVE-2016-9490 (ManageEngine Applications Manager versions 12 and 13 before build
NOT-FOR-US: ManageEngine Applications Manager
CVE-2016-9489 (In ManageEngine Applications Manager 12 and 13 before build 13200, an ...)
NOT-FOR-US: ManageEngine
-CVE-2016-9488 (ManageEngine Applications Manager versions 12 and 13 suffer from ...)
+CVE-2016-9488 (ManageEngine Applications Manager versions 12 and 13 before build ...)
NOT-FOR-US: ManageEngine Applications Manager
CVE-2016-9487 (EpubCheck 4.0.1 does not properly restrict resolving external entities ...)
NOT-FOR-US: EpubCheck
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fbb559c7a996fbb25b36d67425ef8db3a3441661
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fbb559c7a996fbb25b36d67425ef8db3a3441661
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180912/633c60f5/attachment.html>
More information about the debian-security-tracker-commits
mailing list