[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Sat, 06 Apr 2024 13:12:14 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
1842a9d7 by security tracker role at 2024-04-06T20:11:53+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,33 @@
+CVE-2024-3413 (A vulnerability has been found in SourceCodester Human Resource 
Inform ...)
+       TODO: check
+CVE-2024-3378 (A vulnerability has been found in iboss Secure Web Gateway up 
to 10.1  ...)
+       TODO: check
+CVE-2024-3377 (A vulnerability classified as problematic was found in 
SourceCodester  ...)
+       TODO: check
+CVE-2024-3376 (A vulnerability classified as critical has been found in 
SourceCodeste ...)
+       TODO: check
+CVE-2024-3369 (A vulnerability, which was classified as critical, has been 
found in c ...)
+       TODO: check
+CVE-2024-3366 (A vulnerability classified as problematic was found in Xuxueli 
xxl-job ...)
+       TODO: check
+CVE-2024-3365 (A vulnerability was found in SourceCodester Online Library 
System 1.0. ...)
+       TODO: check
+CVE-2024-3364 (A vulnerability was found in SourceCodester Online Library 
System 1.0. ...)
+       TODO: check
+CVE-2024-3363 (A vulnerability was found in SourceCodester Online Library 
System 1.0. ...)
+       TODO: check
+CVE-2024-2296 (The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery 
plugin ...)
+       TODO: check
+CVE-2024-2132 (The Ultimate Bootstrap Elements for Elementor plugin for 
WordPress is  ...)
+       TODO: check
+CVE-2024-28741 (Cross Site Scripting vulnerability in EginDemirbilek NorthStar 
C2 v1 a ...)
+       TODO: check
+CVE-2024-27620 (An issue in Ladder v.0.0.1 thru v.0.0.21 allows a remote 
attacker to o ...)
+       TODO: check
+CVE-2024-25029 (IBM Personal Communications 14.0.6 through 15.0.1 includes a 
Windows s ...)
+       TODO: check
+CVE-2024-22328 (IBM Maximo Application Suite 8.10 and 8.11 could allow a 
remote attack ...)
+       TODO: check
 CVE-2024-XXXX [RUSTSEC-2024-0332: Degradation of service in h2 servers with 
CONTINUATION Flood]
        - rust-h2 <unfixed>
        NOTE: https://rustsec.org/advisories/RUSTSEC-2024-0332.html
@@ -204,7 +234,7 @@ CVE-2024-26812 (In the Linux kernel, the following 
vulnerability has been resolv
 CVE-2024-26810 (In the Linux kernel, the following vulnerability has been 
resolved:  v ...)
        - linux <unfixed>
        NOTE: 
https://git.kernel.org/linus/810cd4bb53456d0503cc4e7934e063835152c1b7 (6.9-rc1)
-CVE-2024-24746
+CVE-2024-24746 (Loop with Unreachable Exit Condition ('Infinite Loop') 
vulnerability i ...)
        NOT-FOR-US: Apache NimBLE
 CVE-2024-3321 (A vulnerability classified as problematic has been found in 
SourceCode ...)
        NOT-FOR-US: SourceCodester eLearning System
@@ -1448,17 +1478,17 @@ CVE-2023-35764 (Insufficient verification of data 
authenticity issue in Survey M
        NOT-FOR-US: Survey Maker
 CVE-2023-34423 (Survey Maker prior to 3.6.4 contains a stored cross-site 
scripting vul ...)
        NOT-FOR-US: Survey Maker
-CVE-2024-3159
+CVE-2024-3159 (Out of bounds memory access in V8 in Google Chrome prior to 
123.0.6312 ...)
        {DSA-5654-1}
        - chromium 123.0.6312.105-1
        [bullseye] - chromium <end-of-life> (see #1061268)
        [buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2024-3158
+CVE-2024-3158 (Use after free in Bookmarks in Google Chrome prior to 
123.0.6312.105 a ...)
        {DSA-5654-1}
        - chromium 123.0.6312.105-1
        [bullseye] - chromium <end-of-life> (see #1061268)
        [buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2024-3156
+CVE-2024-3156 (Inappropriate implementation in V8 in Google Chrome prior to 
123.0.631 ...)
        {DSA-5654-1}
        - chromium 123.0.6312.105-1
        [bullseye] - chromium <end-of-life> (see #1061268)
@@ -16321,7 +16351,7 @@ CVE-2023-47355 (The com.eypcnnapps.quickreboot (aka 
Eyuep Can Yilmaz {ROOT] Quic
        NOT-FOR-US: com.eypcnnapps.quickreboot application
 CVE-2021-4436 (The 3DPrint Lite WordPress plugin before 1.9.1.5 does not have 
any aut ...)
        NOT-FOR-US: WordPress plugin
-CVE-2024-0406
+CVE-2024-0406 (A flaw was discovered in the mholt/archiver package. This flaw 
allows  ...)
        NOT-FOR-US: mholt/archiver Go package
 CVE-2024-25089 (Malwarebytes Binisoft Windows Firewall Control before 6.9.9.2 
allows r ...)
        NOT-FOR-US: Malwarebytes Binisoft Windows Firewall Control



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1842a9d767012a4ffeaf4a1ecfd330af962a8624

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1842a9d767012a4ffeaf4a1ecfd330af962a8624
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to