[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Fri Sep 21 09:10:27 BST 2018


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3f287cbf by security tracker role at 2018-09-21T08:10:16Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,47 @@
+CVE-2018-17303
+	RESERVED
+CVE-2018-17302 (Stored XSS exists in views/fields/wysiwyg.js in EspoCRM 5.3.6 via a ...)
+	TODO: check
+CVE-2018-17301 (Reflected XSS exists in ...)
+	TODO: check
+CVE-2018-17300 (Stored XSS exists in CuppaCMS through 2018-09-03 via an ...)
+	TODO: check
+CVE-2018-17299
+	RESERVED
+CVE-2018-17298 (An issue was discovered in Enalean Tuleap before 10.5. Reset password ...)
+	TODO: check
+CVE-2018-17297 (The unzip function in ZipUtil.java in Hutool before 4.1.12 allows ...)
+	TODO: check
+CVE-2018-17296
+	RESERVED
+CVE-2018-17295
+	RESERVED
+CVE-2018-17294 (The matchCurrentInput function inside lou_translateString.c of Liblouis ...)
+	TODO: check
+CVE-2018-17293 (An issue was discovered in WAVM before 2018-09-16. The run function in ...)
+	TODO: check
+CVE-2018-17292 (An issue was discovered in WAVM before 2018-09-16. The loadModule ...)
+	TODO: check
+CVE-2018-17291
+	RESERVED
+CVE-2018-17290
+	RESERVED
+CVE-2018-17289
+	RESERVED
+CVE-2018-17288
+	RESERVED
+CVE-2018-17287
+	RESERVED
+CVE-2018-17286
+	RESERVED
+CVE-2018-17285
+	RESERVED
+CVE-2018-17284
+	RESERVED
+CVE-2018-17283 (Zoho ManageEngine OpManager before 12.3 Build 123196 does not require ...)
+	TODO: check
+CVE-2018-17282 (An issue was discovered in Exiv2 v0.26. The function ...)
+	TODO: check
 CVE-2018-17281
 	RESERVED
 CVE-2018-17280
@@ -504,7 +548,7 @@ CVE-2018-17063 (An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. A
 	NOT-FOR-US: D-Link
 CVE-2018-17062 (An issue was discovered in SeaCMS 6.64. XSS exists in admin_video.php ...)
 	NOT-FOR-US: SeaCMS
-CVE-2018-17061 (BullGuard Safe Browsing 18.1.355 allows XSS on Google, Bing, and Yahoo! ...)
+CVE-2018-17061 (BullGuard Safe Browsing before 18.1.355.9 allows XSS on Google, Bing, ...)
 	NOT-FOR-US: BullGuard Safe Browsing
 CVE-2018-17060
 	RESERVED
@@ -1187,8 +1231,8 @@ CVE-2018-16754
 	RESERVED
 CVE-2018-16753
 	RESERVED
-CVE-2018-16752
-	RESERVED
+CVE-2018-16752 (LINK-NET LW-N605R devices with firmware 12.20.2.1486 allow Remote Code ...)
+	TODO: check
 CVE-2018-16751
 	RESERVED
 CVE-2018-16750 (In ImageMagick 7.0.7-29 and earlier, a memory leak in the ...)
@@ -1652,6 +1696,7 @@ CVE-2018-1000773 (WordPress version 4.9.8 and earlier contains a CWE-20 Input Va
 CVE-2018-1000673
 	REJECTED
 CVE-2018-1000671 (sympa version 6.2.16 and later contains a CWE-601: URL Redirection to ...)
+	{DLA-1512-1}
 	- sympa <unfixed> (bug #908165)
 	[stretch] - sympa <no-dsa> (Minor issue)
 	NOTE: https://github.com/sympa-community/sympa/issues/268
@@ -2346,8 +2391,8 @@ CVE-2018-16284
 	RESERVED
 CVE-2018-16283
 	RESERVED
-CVE-2018-16282
-	RESERVED
+CVE-2018-16282 (A command injection vulnerability in the web server functionality of ...)
+	TODO: check
 CVE-2018-16281
 	RESERVED
 CVE-2018-16280
@@ -3516,8 +3561,8 @@ CVE-2018-15834 (In radare2 before 2.9.0, a heap overflow vulnerability exists in
 	NOTE: https://github.com/radare/radare2/pull/11300
 CVE-2018-15833 (In Vanilla before 2.6.1, the polling functionality allows Insecure ...)
 	NOT-FOR-US: Vanilla
-CVE-2018-15832
-	RESERVED
+CVE-2018-15832 (upc.exe in Ubisoft Uplay Desktop Client versions 63.0.5699.0 allows ...)
+	TODO: check
 CVE-2018-15831
 	RESERVED
 CVE-2018-15830
@@ -5762,12 +5807,12 @@ CVE-2018-14831
 	RESERVED
 CVE-2018-14830
 	RESERVED
-CVE-2018-14829
-	RESERVED
+CVE-2018-14829 (Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. This ...)
+	TODO: check
 CVE-2018-14828
 	RESERVED
-CVE-2018-14827
-	RESERVED
+CVE-2018-14827 (Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. A ...)
+	TODO: check
 CVE-2018-14826
 	RESERVED
 CVE-2018-14825
@@ -5778,8 +5823,8 @@ CVE-2018-14823
 	RESERVED
 CVE-2018-14822
 	RESERVED
-CVE-2018-14821
-	RESERVED
+CVE-2018-14821 (Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. This ...)
+	TODO: check
 CVE-2018-14820
 	RESERVED
 CVE-2018-14819
@@ -6446,8 +6491,8 @@ CVE-2018-14593 (An issue was discovered in Open Ticket Request System (OTRS) 6.0
 	NOTE: OTRS-6: https://github.com/OTRS/otrs/commit/57cda14db8fdbcbfb8cabb32d85fbc89fde48c62
 	NOTE: OTRS-5: https://github.com/OTRS/otrs/commit/7b6802723e1f5d1764b617e9fcf0a8dd21e96216
 	NOTE: OTRS-4: https://github.com/OTRS/otrs/commit/78331ea187181d6130189d4563a50b4c30256320
-CVE-2018-14592
-	RESERVED
+CVE-2018-14592 (The CWJoomla CW Article Attachments PRO extension before 2.0.7 and CW ...)
+	TODO: check
 CVE-2018-14591
 	RESERVED
 CVE-2018-14590 (An issue has been discovered in Bento4 1.5.1-624. A SEGV can occur in ...)
@@ -20796,8 +20841,8 @@ CVE-2018-9064 (In Lenovo xClarity Administrator versions earlier than 2.1.0, an
 	NOT-FOR-US: Lenovo xClarity Administrator
 CVE-2018-9063 (MapDrv (C:\Program Files\Lenovo\System Update\mapdrv.exe) In Lenovo ...)
 	NOT-FOR-US: Lenovo
-CVE-2018-9062
-	REJECTED
+CVE-2018-9062 (In some Lenovo ThinkPad products, one BIOS region is not properly ...)
+	TODO: check
 CVE-2018-9061
 	RESERVED
 CVE-2018-9060



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3f287cbf24445b5c3ecbb2f78f0365d77a567202

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3f287cbf24445b5c3ecbb2f78f0365d77a567202
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180921/d5369c89/attachment-0001.html>


More information about the debian-security-tracker-commits mailing list