[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Mon, 01 Apr 2024 01:12:03 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
48e029f9 by security tracker role at 2024-04-01T08:11:38+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,57 @@
+CVE-2024-31033 (JJWT (aka Java JWT) through 0.12.5 ignores certain characters 
and thus ...)
+       TODO: check
+CVE-2024-2278 (Themify  WordPress plugin before 1.4.4 does not sanitise and 
escape so ...)
+       TODO: check
+CVE-2024-2263 (Themify  WordPress plugin before 1.4.4 does not sanitise and 
escape a  ...)
+       TODO: check
+CVE-2024-2262 (Themify  WordPress plugin before 1.4.4 does not have CSRF check 
in its ...)
+       TODO: check
+CVE-2024-28895 ('Yahoo! JAPAN' App for Android v2.3.1 to v3.161.1 and 'Yahoo! 
JAPAN' A ...)
+       TODO: check
+CVE-2024-27609 (Bonita before 2023.2-u2 allows stored XSS via a UI screen in 
the admin ...)
+       TODO: check
+CVE-2024-20055 (In imgsys, there is a possible information disclosure due to a 
missing ...)
+       TODO: check
+CVE-2024-20054 (In gnss, there is a possible escalation of privilege due to a 
missing  ...)
+       TODO: check
+CVE-2024-20053 (In flashc, there is a possible out of bounds write due to an 
uncaught  ...)
+       TODO: check
+CVE-2024-20052 (In flashc, there is a possible information disclosure due to 
an uncaug ...)
+       TODO: check
+CVE-2024-20051 (In flashc, there is a possible system crash due to an uncaught 
excepti ...)
+       TODO: check
+CVE-2024-20050 (In flashc, there is a possible information disclosure due to 
an uncaug ...)
+       TODO: check
+CVE-2024-20049 (In flashc, there is a possible information disclosure due to 
an uncaug ...)
+       TODO: check
+CVE-2024-20048 (In flashc, there is a possible information disclosure due to 
an uncaug ...)
+       TODO: check
+CVE-2024-20047 (In battery, there is a possible out of bounds read due to an 
integer o ...)
+       TODO: check
+CVE-2024-20046 (In battery, there is a possible escalation of privilege due to 
an inte ...)
+       TODO: check
+CVE-2024-20045 (In audio, there is a possible out of bounds read due to an 
incorrect c ...)
+       TODO: check
+CVE-2024-20044 (In da, there is a possible out of bounds write due to a 
missing bounds ...)
+       TODO: check
+CVE-2024-20043 (In da, there is a possible out of bounds write due to a 
missing bounds ...)
+       TODO: check
+CVE-2024-20042 (In da, there is a possible out of bounds write due to a 
missing bounds ...)
+       TODO: check
+CVE-2024-20041 (In da, there is a possible out of bounds read due to a missing 
bounds  ...)
+       TODO: check
+CVE-2024-20040 (In wlan firmware, there is a possible out of bounds write due 
to impro ...)
+       TODO: check
+CVE-2024-20039 (In modem protocol, there is a possible out of bounds write due 
to a mi ...)
+       TODO: check
+CVE-2024-1526 (The Hubbub Lite  WordPress plugin before 1.33.1 does not ensure 
that u ...)
+       TODO: check
+CVE-2023-51803 (LinuxServer.io Heimdall before 2.5.7 does not prevent use of 
icons tha ...)
+       TODO: check
+CVE-2016-15038 (A vulnerability, which was classified as critical, was found 
in NUUO N ...)
+       TODO: check
+CVE-2014-125110 (A vulnerability has been found in wp-file-upload Plugin up to 
2.4.3 on ...)
+       TODO: check
 CVE-2024-31123 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-31122 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
@@ -15796,7 +15850,7 @@ CVE-2022-48622 (In GNOME GdkPixbuf (aka gdk-pixbuf) 
through 2.42.10, the ANI (Wi
        [bullseye] - gdk-pixbuf <postponed> (Revisit once fixed upstream)
        [buster] - gdk-pixbuf <postponed> (Minor issue, recheck when fixed 
upstream)
        NOTE: https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/202
-CVE-2024-24399 (An arbitrary file upload vulnerability in LeptonCMS v7.0.0 
allows auth ...)
+CVE-2024-24399 (An arbitrary file upload vulnerability in LEPTON v7.0.0 allows 
authent ...)
        NOT-FOR-US: LeptonCMS
 CVE-2024-23630 (An arbitrary firmware upload vulnerability exists in the 
Motorola  MR2 ...)
        NOT-FOR-US: Motorola



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/48e029f998289f54754651f75175f22d56b9d2fa

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/48e029f998289f54754651f75175f22d56b9d2fa
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to