[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Fri Sep 14 09:10:27 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9be70af5 by security tracker role at 2018-09-14T08:10:19Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,59 @@
+CVE-2018-17051 (K-Net Cisco Configuration Manager through 2014-11-19 has XSS via ...)
+ TODO: check
+CVE-2018-17050
+ RESERVED
+CVE-2018-17049 (CQU-LANKERS through 2017-11-02 has XSS via the public/api.php callback ...)
+ TODO: check
+CVE-2018-17048
+ RESERVED
+CVE-2018-17047
+ RESERVED
+CVE-2018-17046 (translate man before 2018-08-21 has XSS via ...)
+ TODO: check
+CVE-2018-17045 (An issue was discovered in CMS MaeloStore V.1.5.0. There is a CSRF ...)
+ TODO: check
+CVE-2018-17044 (In YzmCMS 5.1, stored XSS exists via the ...)
+ TODO: check
+CVE-2018-17043 (An issue has been found in doc2txt through 2014-03-19. It is a ...)
+ TODO: check
+CVE-2018-17042 (An issue has been found in dbf2txt through 2012-07-19. It is a infinite ...)
+ TODO: check
+CVE-2018-17041
+ RESERVED
+CVE-2018-17040
+ RESERVED
+CVE-2018-17039 (MiniCMS 1.10, when Internet Explorer is used, allows XSS via a crafted ...)
+ TODO: check
+CVE-2018-17038
+ RESERVED
+CVE-2018-17037 (user/editpost.php in UCMS 1.4.6 mishandles levels, which allows ...)
+ TODO: check
+CVE-2018-17036 (An issue was discovered in UCMS 1.4.6. It allows PHP code injection ...)
+ TODO: check
+CVE-2018-17035 (UCMS 1.4.6 has SQL injection during installation via the ...)
+ TODO: check
+CVE-2018-17034 (UCMS 1.4.6 has XSS via the install/index.php mysql_dbname parameter. ...)
+ TODO: check
+CVE-2018-17033
+ RESERVED
+CVE-2018-17032
+ RESERVED
+CVE-2018-17031 (In Gogs 0.11.53, an attacker can use a crafted .eml file to trigger ...)
+ TODO: check
+CVE-2018-17030 (BigTree CMS 4.2.23 allows remote authenticated users, if possessing ...)
+ TODO: check
+CVE-2018-17029
+ RESERVED
+CVE-2018-17028
+ RESERVED
+CVE-2018-17027
+ RESERVED
+CVE-2018-17026 (admin/index.php in Monstra CMS 3.0.4 allows XSS via the page_meta_title ...)
+ TODO: check
+CVE-2018-17025 (admin/index.php in Monstra CMS 3.0.4 allows XSS via the page_meta_title ...)
+ TODO: check
+CVE-2018-17024 (admin/index.php in Monstra CMS 3.0.4 allows XSS via the page_meta_title ...)
+ TODO: check
CVE-2018-17023 (Cross-site request forgery (CSRF) vulnerability on ASUS GT-AC5300 ...)
NOT-FOR-US: ASUS GT-AC5300 routers
CVE-2018-17022 (Stack-based buffer overflow on the ASUS GT-AC5300 router through ...)
@@ -16203,8 +16259,8 @@ CVE-2018-10639
RESERVED
CVE-2018-10638
RESERVED
-CVE-2018-10637
- RESERVED
+CVE-2018-10637 (A maliciously crafted project file may cause a buffer overflow, which ...)
+ TODO: check
CVE-2018-10636 (CNCSoft Version 1.00.83 and prior with ScreenEditor Version 1.00.54 ...)
NOT-FOR-US: CNCSoft
CVE-2018-10635 (In Universal Robots Robot Controllers Version CB 3.1, SW Version ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9be70af50f4ec7006262372e8bbecabcd32c3996
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9be70af50f4ec7006262372e8bbecabcd32c3996
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180914/5a647a60/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list