Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a857a967 by security tracker role at 2024-03-04T08:11:49+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,76 @@
-CVE-2024-26622 [tomoyo: fix UAF write bug in tomoyo_write_control()]
+CVE-2024-2156 (A vulnerability was found in SourceCodester Best POS Management
System ...)
+ TODO: check
+CVE-2024-2155 (A vulnerability was found in SourceCodester Best POS Management
System ...)
+ TODO: check
+CVE-2024-2154 (A vulnerability has been found in SourceCodester Online Mobile
Managem ...)
+ TODO: check
+CVE-2024-2153 (A vulnerability, which was classified as critical, was found in
Source ...)
+ TODO: check
+CVE-2024-2152 (A vulnerability, which was classified as critical, has been
found in S ...)
+ TODO: check
+CVE-2024-2151 (A vulnerability classified as problematic was found in
SourceCodester ...)
+ TODO: check
+CVE-2024-28088 (LangChain through 0.1.10 allows ../ directory traversal by an
actor wh ...)
+ TODO: check
+CVE-2024-28084 (p2putil.c in iNet wireless daemon (IWD) through 2.15 allows
attackers ...)
+ TODO: check
+CVE-2024-21826 (in OpenHarmony v3.2.4 and prior versions allow a local
attacker cause ...)
+ TODO: check
+CVE-2024-21816 (in OpenHarmony v4.0.0 and prior versions allow a local
attacker cause ...)
+ TODO: check
+CVE-2024-20038 (In pq, there is a possible out of bounds read due to an
incorrect boun ...)
+ TODO: check
+CVE-2024-20037 (In pq, there is a possible write-what-where condition due to
an incorr ...)
+ TODO: check
+CVE-2024-20036 (In vdec, there is a possible permission bypass due to a
permissions by ...)
+ TODO: check
+CVE-2024-20034 (In battery, there is a possible escalation of privilege due to
a missi ...)
+ TODO: check
+CVE-2024-20033 (In nvram, there is a possible information disclosure due to a
missing ...)
+ TODO: check
+CVE-2024-20032 (In aee, there is a possible permission bypass due to a missing
permiss ...)
+ TODO: check
+CVE-2024-20031 (In da, there is a possible out of bounds write due to lack of
valudati ...)
+ TODO: check
+CVE-2024-20030 (In da, there is a possible information disclosure due to
improper inpu ...)
+ TODO: check
+CVE-2024-20029 (In wlan firmware, there is a possible out of bounds write due
to impro ...)
+ TODO: check
+CVE-2024-20028 (In da, there is a possible out of bounds write due to lack of
valudati ...)
+ TODO: check
+CVE-2024-20027 (In da, there is a possible out of bounds write due to improper
input v ...)
+ TODO: check
+CVE-2024-20026 (In da, there is a possible information disclosure due to
improper inpu ...)
+ TODO: check
+CVE-2024-20025 (In da, there is a possible out of bounds write due to an
integer overf ...)
+ TODO: check
+CVE-2024-20024 (In flashc, there is a possible out of bounds write due to lack
of valu ...)
+ TODO: check
+CVE-2024-20023 (In flashc, there is a possible out of bounds write due to lack
of valu ...)
+ TODO: check
+CVE-2024-20022 (In lk, there is a possible escalation of privilege due to a
missing bo ...)
+ TODO: check
+CVE-2024-20020 (In OPTEE, there is a possible out of bounds write due to an
incorrect ...)
+ TODO: check
+CVE-2024-20019 (In wlan driver, there is a possible memory leak due to
improper input ...)
+ TODO: check
+CVE-2024-20018 (In wlan driver, there is a possible out of bounds write due to
imprope ...)
+ TODO: check
+CVE-2024-20017 (In wlan service, there is a possible out of bounds write due
to improp ...)
+ TODO: check
+CVE-2024-20005 (In da, there is a possible permission bypass due to a missing
permissi ...)
+ TODO: check
+CVE-2023-4479 (Stored XSS Vulnerability in M-Files Web versions before 23.8
allows at ...)
+ TODO: check
+CVE-2023-49602 (in OpenHarmony v3.2.4 and prior versions allow a local
attacker cause ...)
+ TODO: check
+CVE-2023-46708 (in OpenHarmony v3.2.4 and prior versions allow a local
attacker arbitr ...)
+ TODO: check
+CVE-2023-25176 (in OpenHarmony v3.2.4 and prior versions allow a local
attacker cause ...)
+ TODO: check
+CVE-2019-25210 (An issue was discovered in Cloud Native Computing Foundation
(CNCF) He ...)
+ TODO: check
+CVE-2024-26622 (In the Linux kernel, the following vulnerability has been
resolved: t ...)
- linux <unfixed>
NOTE:
https://git.kernel.org/linus/2f03fc340cac9ea1dc63cbf8c93dd2eb0f227815 (6.8-rc7)
CVE-2024-2150 (A vulnerability, which was classified as critical, has been
found in S ...)
@@ -3666,7 +3738,7 @@ CVE-2024-1554 (The `fetch()` API and navigation
incorrectly shared the same cach
- firefox 123.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-05/#CVE-2024-1554
CVE-2024-1553 (Memory safety bugs present in Firefox 122, Firefox ESR 115.7,
and Thun ...)
- {DSA-5630-1 DSA-5627-1}
+ {DSA-5630-1 DSA-5627-1 DLA-3748-1 DLA-3747-1}
- firefox 123.0-1
- firefox-esr 115.8.0esr-1
- thunderbird 1:115.8.0-1
@@ -3674,7 +3746,7 @@ CVE-2024-1553 (Memory safety bugs present in Firefox 122,
Firefox ESR 115.7, and
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-06/#CVE-2024-1553
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-07/#CVE-2024-1553
CVE-2024-1552 (Incorrect code generation could have led to unexpected numeric
convers ...)
- {DSA-5630-1 DSA-5627-1}
+ {DSA-5630-1 DSA-5627-1 DLA-3748-1 DLA-3747-1}
- firefox 123.0-1
- firefox-esr 115.8.0esr-1
- thunderbird 1:115.8.0-1
@@ -3682,7 +3754,7 @@ CVE-2024-1552 (Incorrect code generation could have led
to unexpected numeric co
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-06/#CVE-2024-1552
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-07/#CVE-2024-1552
CVE-2024-1551 (Set-Cookie response headers were being incorrectly honored in
multipar ...)
- {DSA-5630-1 DSA-5627-1}
+ {DSA-5630-1 DSA-5627-1 DLA-3748-1 DLA-3747-1}
- firefox 123.0-1
- firefox-esr 115.8.0esr-1
- thunderbird 1:115.8.0-1
@@ -3690,7 +3762,7 @@ CVE-2024-1551 (Set-Cookie response headers were being
incorrectly honored in mul
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-06/#CVE-2024-1551
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-07/#CVE-2024-1551
CVE-2024-1550 (A malicious website could have used a combination of exiting
fullscree ...)
- {DSA-5630-1 DSA-5627-1}
+ {DSA-5630-1 DSA-5627-1 DLA-3748-1 DLA-3747-1}
- firefox 123.0-1
- firefox-esr 115.8.0esr-1
- thunderbird 1:115.8.0-1
@@ -3698,7 +3770,7 @@ CVE-2024-1550 (A malicious website could have used a
combination of exiting full
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-06/#CVE-2024-1550
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-07/#CVE-2024-1550
CVE-2024-1549 (If a website set a large custom cursor, portions of the cursor
could h ...)
- {DSA-5630-1 DSA-5627-1}
+ {DSA-5630-1 DSA-5627-1 DLA-3748-1 DLA-3747-1}
- firefox 123.0-1
- firefox-esr 115.8.0esr-1
- thunderbird 1:115.8.0-1
@@ -3706,7 +3778,7 @@ CVE-2024-1549 (If a website set a large custom cursor,
portions of the cursor co
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-06/#CVE-2024-1549
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-07/#CVE-2024-1549
CVE-2024-1548 (A website could have obscured the fullscreen notification by
using a d ...)
- {DSA-5630-1 DSA-5627-1}
+ {DSA-5630-1 DSA-5627-1 DLA-3748-1 DLA-3747-1}
- firefox 123.0-1
- firefox-esr 115.8.0esr-1
- thunderbird 1:115.8.0-1
@@ -3714,7 +3786,7 @@ CVE-2024-1548 (A website could have obscured the
fullscreen notification by usin
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-06/#CVE-2024-1548
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-07/#CVE-2024-1548
CVE-2024-1547 (Through a series of API calls and redirects, an
attacker-controlled al ...)
- {DSA-5630-1 DSA-5627-1}
+ {DSA-5630-1 DSA-5627-1 DLA-3748-1 DLA-3747-1}
- firefox 123.0-1
- firefox-esr 115.8.0esr-1
- thunderbird 1:115.8.0-1
@@ -3722,7 +3794,7 @@ CVE-2024-1547 (Through a series of API calls and
redirects, an attacker-controll
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-06/#CVE-2024-1547
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-07/#CVE-2024-1547
CVE-2024-1546 (When storing and re-accessing data on a networking channel, the
length ...)
- {DSA-5630-1 DSA-5627-1}
+ {DSA-5630-1 DSA-5627-1 DLA-3748-1 DLA-3747-1}
- firefox 123.0-1
- firefox-esr 115.8.0esr-1
- thunderbird 1:115.8.0-1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a857a96788921b9e24f995063d4414b74b2e4607
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a857a96788921b9e24f995063d4414b74b2e4607
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
