[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0317d02c by security tracker role at 2019-05-03T08:10:17Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,15 @@
+CVE-2019-11689
+	RESERVED
+CVE-2019-11688
+	RESERVED
+CVE-2019-11687 (An issue was discovered in the DICOM Part 10 File Format in the NEMA D ...)
+	TODO: check
+CVE-2019-11686
+	RESERVED
+CVE-2019-11685
+	RESERVED
+CVE-2019-11684
+	RESERVED
 CVE-2019-11683 (udp_gro_receive_segment in net/ipv4/udp_offload.c in the Linux kernel  ...)
 	- linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/4dd2b82d5adfbe0b1587ccad7a8f76d826120f37
@@ -5127,8 +5139,7 @@ CVE-2019-9828
 	RESERVED
 CVE-2019-9827
 	RESERVED
-CVE-2019-9826 [Native Fulltext Search denial of service]
-	RESERVED
+CVE-2019-9826 (The fulltext search component in phpBB before 3.2.6 allows Denial of S ...)
 	- phpbb3 <removed>
 	NOTE: https://www.openwall.com/lists/oss-security/2019/04/29/3
 CVE-2019-9825 (FeiFeiCMS 4.1.190209 allows remote attackers to upload and execute arb ...)
@@ -37364,8 +37375,8 @@ CVE-2018-16990
 	RESERVED
 CVE-2018-16989
 	RESERVED
-CVE-2018-16988
-	RESERVED
+CVE-2018-16988 (An issue was discovered in Open XDMoD through 7.5.0. An authentication ...)
+	TODO: check
 CVE-2018-16987 (Squash TM through 1.18.0 presents the cleartext passwords of external  ...)
 	NOT-FOR-US: Squash TM
 CVE-2018-16986 (Texas Instruments BLE-STACK v2.2.1 for SimpleLink CC2640 and CC2650 de ...)
@@ -37423,10 +37434,10 @@ CVE-2018-16963
 	RESERVED
 CVE-2018-16962 (Webroot SecureAnywhere before 9.0.8.34 on macOS mishandles access to t ...)
 	NOT-FOR-US: Webroot SecureAnywhere
-CVE-2018-16961
-	RESERVED
-CVE-2018-16960
-	RESERVED
+CVE-2018-16961 (An issue was discovered in Open XDMoD through 7.5.0. html/gui/general/ ...)
+	TODO: check
+CVE-2018-16960 (An issue was discovered in Open XDMoD through 7.5.0. html/gui/general/ ...)
+	TODO: check
 CVE-2018-16959 (An issue was discovered in Oracle WebCenter Interaction Portal 10.3.3. ...)
 	NOT-FOR-US: Oracle WebCenter Interaction Portal
 CVE-2018-16958 (An issue was discovered in Oracle WebCenter Interaction Portal 10.3.3. ...)
@@ -38211,12 +38222,12 @@ CVE-2018-16720
 	RESERVED
 CVE-2018-16719
 	RESERVED
-CVE-2018-16718
-	RESERVED
-CVE-2018-16717
-	RESERVED
-CVE-2018-16716
-	RESERVED
+CVE-2018-16718 (An XSS vulnerability exists in wwwblast.c in the 2.0.7 through 2.2.26  ...)
+	TODO: check
+CVE-2018-16717 (A heap-based buffer overflow exists in nph-viewgif.cgi in the 2.0.7 th ...)
+	TODO: check
+CVE-2018-16716 (A path traversal vulnerability exists in viewcgi.c in the 2.0.7 throug ...)
+	TODO: check
 CVE-2018-16715 (An issue was discovered in Absolute Software CTES Windows Agent throug ...)
 	NOT-FOR-US: Absolute Software CTES Windows Agent
 CVE-2018-16714
@@ -55093,8 +55104,8 @@ CVE-2018-10385
 	RESERVED
 CVE-2018-10384
 	RESERVED
-CVE-2018-10383
-	RESERVED
+CVE-2018-10383 (Lantronix SecureLinx Spider (SLS) 2.2+ devices have XSS in the auth.as ...)
+	TODO: check
 CVE-2018-10382 (MODX Revolution 2.6.3 has XSS. ...)
 	NOT-FOR-US: MODX Revolution
 CVE-2018-10381 (TunnelBear 3.2.0.6 for Windows suffers from a SYSTEM privilege escalat ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0317d02c48fcc68ce23b60cccc1b4ecdb250700e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0317d02c48fcc68ce23b60cccc1b4ecdb250700e
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190503/b713574f/attachment-0001.html>