Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
865bd4ed by security tracker role at 2024-05-02T08:11:48+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,35 @@
+CVE-2024-4142 (An Improper input validation vulnerability that could
potentially lead ...)
+ TODO: check
+CVE-2024-3490 (The WP Recipe Maker plugin for WordPress is vulnerable to
Stored Cross ...)
+ TODO: check
+CVE-2024-3481 (The Counter Box WordPress plugin before 1.2.4 does not have
CSRF chec ...)
+ TODO: check
+CVE-2024-3478 (The Herd Effects WordPress plugin before 5.2.7 does not have
CSRF che ...)
+ TODO: check
+CVE-2024-3477 (The Popup Box WordPress plugin before 2.2.7 does not have CSRF
checks ...)
+ TODO: check
+CVE-2024-3476 (The Side Menu Lite WordPress plugin before 4.2.1 does not have
CSRF c ...)
+ TODO: check
+CVE-2024-3475 (The Sticky Buttons WordPress plugin before 3.2.4 does not have
CSRF c ...)
+ TODO: check
+CVE-2024-3474 (The Wow Skype Buttons WordPress plugin before 4.0.4 does not
have CSRF ...)
+ TODO: check
+CVE-2024-3472 (The Modal Window WordPress plugin before 5.3.10 does not have
CSRF ch ...)
+ TODO: check
+CVE-2024-3471 (The Button Generator WordPress plugin before 3.0 does not have
CSRF c ...)
+ TODO: check
+CVE-2024-3280 (The Follow Us Badges plugin for WordPress is vulnerable to
Stored Cros ...)
+ TODO: check
+CVE-2024-32971 (Apollo Router is a configurable, graph router written in Rust
to run a ...)
+ TODO: check
+CVE-2024-32962 (xml-crypto is an xml digital signature and encryption library
for Node ...)
+ TODO: check
+CVE-2024-32882 (Wagtail is an open source content management system built on
Django. I ...)
+ TODO: check
+CVE-2024-2405 (The Float menu WordPress plugin before 6.0.1 does not have
CSRF check ...)
+ TODO: check
+CVE-2023-51631 (D-Link DIR-X3260 prog.cgi SetUsersSettings Stack-based Buffer
Overflow ...)
+ TODO: check
CVE-2024-33835 (Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in
the remo ...)
NOT-FOR-US: Tenda
CVE-2024-33820 (Totolink AC1200 Wireless Dual Band Gigabit Router A3002R_V4
Firmware V ...)
@@ -468,10 +500,12 @@ CVE-2022-48669 (In the Linux kernel, the following
vulnerability has been resolv
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/cda9c0d556283e2d4adaa9960b2dc19b16156bae (6.9-rc1)
CVE-2024-4331 (Use after free in Picture In Picture in Google Chrome prior to
124.0.6 ...)
+ {DSA-5676-1}
- chromium 124.0.6367.118-1
[bullseye] - chromium <end-of-life> (see #1061268)
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2024-4368 (Use after free in Dawn in Google Chrome prior to 124.0.6367.118
allowe ...)
+ {DSA-5676-1}
- chromium 124.0.6367.118-1
[bullseye] - chromium <end-of-life> (see #1061268)
[buster] - chromium <end-of-life> (see DSA 5046)
@@ -158237,7 +158271,8 @@ CVE-2022-27460
RESERVED
CVE-2022-27459
RESERVED
-CVE-2022-27458 (MariaDB Server v10.6.3 and below was discovered to contain an
use-afte ...)
+CVE-2022-27458
+ REJECTED
{DLA-3114-1}
- mariadb-10.6 1:10.6.8-1
- mariadb-10.5 <removed>
@@ -205736,10 +205771,10 @@ CVE-2021-36596
RESERVED
CVE-2021-36595
RESERVED
-CVE-2021-36594
- RESERVED
-CVE-2021-36593
- RESERVED
+CVE-2021-36594 (SSRF in Oxwall 1.8.7 (11111) allows an attacker to execute
arbitrary c ...)
+ TODO: check
+CVE-2021-36593 (Oxwall 1.8.7 (11111) is vulnerable to Incorrect Access
Control. Unauth ...)
+ TODO: check
CVE-2021-36592
RESERVED
CVE-2021-36591
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/865bd4ed64ada8c2bc0d2643d129b57fea269fea
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/865bd4ed64ada8c2bc0d2643d129b57fea269fea
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
