[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Tue, 05 Mar 2024 00:24:23 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
97b894a0 by security tracker role at 2024-03-05T08:12:21+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,99 @@
+CVE-2024-2168 (A vulnerability was found in SourceCodester Online Tours & 
Travels Man ...)
+       TODO: check
+CVE-2024-27718 (SQL Injection vulnerability in Baizhuo Network Smart s200 
Management P ...)
+       TODO: check
+CVE-2024-26333 (swftools v0.9.2 was discovered to contain a segmentation 
violation via ...)
+       TODO: check
+CVE-2024-25731 (The Elink Smart eSmartCam (com.cn.dq.ipc) application 2.1.5 
for Androi ...)
+       TODO: check
+CVE-2024-25269 (libheif <= 1.17.6 contains a memory leak in the function 
JpegEncoder:: ...)
+       TODO: check
+CVE-2024-25164 (iA Path Traversal vulnerability exists in iDURAR v2.0.0, that 
allows u ...)
+       TODO: check
+CVE-2024-22383 (Missing release of resource after effective lifetime (CWE-772) 
in the  ...)
+       TODO: check
+CVE-2024-22188 (TYPO3 before 13.0.1 allows an authenticated admin user (with 
system ma ...)
+       TODO: check
+CVE-2024-21838 (Improper neutralization of special elements in output (CWE-74) 
used by ...)
+       TODO: check
+CVE-2024-21815 (Insufficiently protected credentials (CWE-522) for third party 
DVR int ...)
+       TODO: check
+CVE-2024-20841 (Improper Handling of Insufficient Privileges in Samsung 
Account prior  ...)
+       TODO: check
+CVE-2024-20840 (Improper access control in Samsung Voice Recorder prior to 
versions 21 ...)
+       TODO: check
+CVE-2024-20839 (Improper access control in Samsung Voice Recorder prior to 
versions 21 ...)
+       TODO: check
+CVE-2024-20838 (Improper validation vulnerability in Samsung Internet prior to 
version ...)
+       TODO: check
+CVE-2024-20837 (Improper handling of granting permission for Trusted Web 
Activities in ...)
+       TODO: check
+CVE-2024-20836 (Out of bounds Read vulnerability in ssmis_get_frm in 
libsubextractor.s ...)
+       TODO: check
+CVE-2024-20835 (Improper access control vulnerability in 
CustomFrequencyManagerService ...)
+       TODO: check
+CVE-2024-20834 (The sensitive information exposure vulnerability in WlanTest 
prior to  ...)
+       TODO: check
+CVE-2024-20833 (Use after free vulnerability in pub_crypto_recv_msg prior to 
SMR Mar-2 ...)
+       TODO: check
+CVE-2024-20832 (Heap overflow in Little Kernel in bootloader prior to SMR 
Mar-2024 Rel ...)
+       TODO: check
+CVE-2024-20831 (Stack overflow in Little Kernel in bootloader prior to SMR 
Mar-2024 Re ...)
+       TODO: check
+CVE-2024-20830 (Incorrect default permission in AppLock prior to SMR MAr-2024 
Release  ...)
+       TODO: check
+CVE-2024-20829 (Missing proper interaction for opening deeplink in Samsung 
Internet pr ...)
+       TODO: check
+CVE-2024-1936 (The encrypted subject of an email message could be incorrectly 
and per ...)
+       TODO: check
+CVE-2024-1782 (The Blue Triad EZAnalytics plugin for WordPress is vulnerable 
to Refle ...)
+       TODO: check
+CVE-2024-1769 (The JM Twitter Cards plugin for WordPress is vulnerable to 
Information ...)
+       TODO: check
+CVE-2024-1731 (The Auto Refresh Single Page plugin for WordPress is vulnerable 
to PHP ...)
+       TODO: check
+CVE-2024-1478 (The Maintenance Mode plugin for WordPress is vulnerable to 
Sensitive I ...)
+       TODO: check
+CVE-2024-1381 (The Page Builder Sandwich \u2013 Front End WordPress Page 
Builder Plug ...)
+       TODO: check
+CVE-2024-1319 (The Events Tickets Plus WordPress plugin before 5.9.1 does not 
prevent ...)
+       TODO: check
+CVE-2024-1316 (The Event Tickets and Registration WordPress plugin before 
5.8.1, Even ...)
+       TODO: check
+CVE-2024-1285 (The Page Builder Sandwich \u2013 Front End WordPress Page 
Builder Plug ...)
+       TODO: check
+CVE-2024-1178 (The SportsPress \u2013 Sports Club & League Manager plugin for 
WordPre ...)
+       TODO: check
+CVE-2024-1095 (The Build & Control Block Patterns \u2013 Boost up Gutenberg 
Editor pl ...)
+       TODO: check
+CVE-2024-1093 (The Change Memory Limit plugin for WordPress is vulnerable to 
unauthor ...)
+       TODO: check
+CVE-2024-1088 (The Password Protected Store for WooCommerce plugin for 
WordPress is v ...)
+       TODO: check
+CVE-2024-0825 (The Vimeography: Vimeo Video Gallery WordPress Plugin plugin 
for WordP ...)
+       TODO: check
+CVE-2024-0698 (The Easy!Appointments plugin for WordPress is vulnerable to 
Stored Cro ...)
+       TODO: check
+CVE-2023-52432 (Improper input validation in IpcTxSndSetLoopbackCtrl in 
libsec-ril pri ...)
+       TODO: check
+CVE-2023-49970 (Customer Support System v1 was discovered to contain a SQL 
injection v ...)
+       TODO: check
+CVE-2023-49969 (Customer Support System v1 was discovered to contain a SQL 
injection v ...)
+       TODO: check
+CVE-2023-49968 (Customer Support System v1 was discovered to contain a SQL 
injection v ...)
+       TODO: check
+CVE-2023-49548 (Customer Support System v1 was discovered to contain a SQL 
injection v ...)
+       TODO: check
+CVE-2023-49547 (Customer Support System v1 was discovered to contain a SQL 
injection v ...)
+       TODO: check
+CVE-2023-49546 (Customer Support System v1 was discovered to contain a SQL 
injection v ...)
+       TODO: check
+CVE-2023-42419 (Maintenance Server, inCybellum'sQCOW air-gapped distribution 
(China Ed ...)
+       TODO: check
+CVE-2023-41829 (An improper export vulnerability was reported in the Motorola 
Carrier  ...)
+       TODO: check
+CVE-2023-41827 (An improper export vulnerability was reported in the Motorola 
OTA upda ...)
+       TODO: check
 CVE-2024-2002
        - dwarfutils <unfixed>
        NOTE: https://www.prevanders.net/dwarfbug.html#DW202402-002
@@ -1541,6 +1637,7 @@ CVE-2024-27516 (livehelperchat 4.28v is vulnerable to 
Server-Side Template Injec
 CVE-2024-27515 (Osclass 5.1.2 is vulnerable to SQL Injection.)
        NOT-FOR-US: Osclass
 CVE-2024-27285 (YARD is a Ruby Documentation tool. The "frames.html" file 
within the Y ...)
+       {DSA-5635-1}
        - yard 0.9.35-1 (bug #1065118)
        NOTE: 
https://github.com/lsegal/yard/security/advisories/GHSA-8mq4-9jjh-9xrc
        NOTE: Fixed by: 
https://github.com/lsegal/yard/commit/d78fc393d603c4fc35975969296ed381146a29d4 
(v0.9.35)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/97b894a01fd40adcff303bc537362ea14e4b6186

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/97b894a01fd40adcff303bc537362ea14e4b6186
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to