[Git][security-tracker-team/security-tracker][master] automatic update

Wed Sep 12 09:10:24 BST 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fbb559c7 by security tracker role at 2018-09-12T08:10:16Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,9 @@
+CVE-2018-16951 (xunfeng 0.2.0 allows command execution via CSRF because masscan.py ...)
+	TODO: check
+CVE-2018-16950 (Inteno DG400 WU7U_ELION3.11.6-170614_1328 devices allow remote ...)
+	TODO: check
+CVE-2018-16946 (LG LNB*, LND*, LNU*, and LNV* smart network camera devices have broken ...)
+	TODO: check
 CVE-2018-16945
 	RESERVED
 CVE-2018-16944
@@ -226,13 +232,13 @@ CVE-2018-16833
 	RESERVED
 CVE-2018-16832 (CSRF in the anti-csrf decorator in xunfeng 0.2.0 allows an attacker to ...)
 	NOT-FOR-US: xunfeng
-CVE-2018-16949 [OpenAFS Security Advisory-2018-003]
+CVE-2018-16949 (An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before ...)
 	- openafs <unfixed> (bug #908616)
 	NOTE: http://openafs.org/pages/security/OPENAFS-SA-2018-003.txt
-CVE-2018-16948 [OpenAFS Security Advisory-2018-002]
+CVE-2018-16948 (An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before ...)
 	- openafs <unfixed> (bug #908616)
 	NOTE: http://openafs.org/pages/security/OPENAFS-SA-2018-002.txt
-CVE-2018-16947 [OpenAFS Security Advisory-2018-001]
+CVE-2018-16947 (An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before ...)
 	- openafs <unfixed> (bug #908616)
 	NOTE: http://openafs.org/pages/security/OPENAFS-SA-2018-001.txt
 CVE-2018-XXXX [function signature mismatch in webassembly]
@@ -469,7 +475,7 @@ CVE-2018-16742 [stack-based buffer overflow with long arguments in contrib/scrts
 	NOTE: Upstream removed contrib/scrts in 7d018d471f4c737f77ef281f5859a3b1c9ded42f (1.2.1)
 CVE-2018-16741 [shell injection via faxq-helper]
 	RESERVED
-	{DSA-4291-1}
+	{DSA-4291-1 DLA-1502-1}
 	- mgetty <unfixed>
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-007-mgetty/
 	NOTE: Upstream commit: 1a7b3a30f79bae4cfbc6404fe4648689cd0ade62 (1.2.1)
@@ -2479,8 +2485,8 @@ CVE-2018-15900
 	RESERVED
 CVE-2018-15899 (An issue was discovered in MiniCMS 1.10. There is a post.php?date= XSS ...)
 	NOT-FOR-US: MiniCMS
-CVE-2018-15898
-	RESERVED
+CVE-2018-15898 (The Subsonic Music Streamer application 4.4 for Android has Improper ...)
+	TODO: check
 CVE-2018-15897 (PHP Scripts Mall Website Seller Script 2.0.5 allows remote attackers ...)
 	NOT-FOR-US: PHP Scripts Mall Website Seller Script
 CVE-2018-15896 (PHP Scripts Mall Website Seller Script 2.0.5 has XSS via Personal ...)
@@ -96790,7 +96796,7 @@ CVE-2016-9490 (ManageEngine Applications Manager versions 12 and 13 before build
 	NOT-FOR-US: ManageEngine Applications Manager
 CVE-2016-9489 (In ManageEngine Applications Manager 12 and 13 before build 13200, an ...)
 	NOT-FOR-US: ManageEngine
-CVE-2016-9488 (ManageEngine Applications Manager versions 12 and 13 suffer from ...)
+CVE-2016-9488 (ManageEngine Applications Manager versions 12 and 13 before build ...)
 	NOT-FOR-US: ManageEngine Applications Manager
 CVE-2016-9487 (EpubCheck 4.0.1 does not properly restrict resolving external entities ...)
 	NOT-FOR-US: EpubCheck



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fbb559c7a996fbb25b36d67425ef8db3a3441661

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fbb559c7a996fbb25b36d67425ef8db3a3441661
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180912/633c60f5/attachment.html>
