Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ef852fb3 by Moritz Muehlenhoff at 2024-05-04T20:46:09+02:00
bugnums
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2252,10 +2252,10 @@ CVE-2024-0334 (The Jeg Elementor Kit plugin for
WordPress is vulnerable to Store
CVE-2023-7241 (Privilege Escalationin WRSA.EXE in Webroot Antivirus 8.0.1X-
9.0.35.12 ...)
NOT-FOR-US: Webroot Antivirus
CVE-2023-49606 (A use-after-free vulnerability exists in the HTTP Connection
Headers p ...)
- - tinyproxy <unfixed>
+ - tinyproxy <unfixed> (bug #1070395)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1889
CVE-2023-47212 (A heap-based buffer overflow vulnerability exists in the
comment funct ...)
- - libstb <unfixed>
+ - libstb <unfixed> (bug #1070394)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1846
CVE-2023-47166 (A firmware update vulnerability exists in the luci2-io
file-import fun ...)
NOT-FOR-US: Milesight UR32L
@@ -2264,7 +2264,7 @@ CVE-2023-46295 (An issue was discovered in Teledyne FLIR
M300 2.00-19. Unauthent
CVE-2023-46294 (An issue was discovered in Teledyne FLIR M300 2.00-19. User
account pa ...)
NOT-FOR-US: Teledyne FLIR M300
CVE-2023-40533 (An uninitialized memory use vulnerability exists in Tinyproxy
1.11.1 w ...)
- - tinyproxy <unfixed>
+ - tinyproxy <unfixed> (bug #1070395)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1902
CVE-2024-27392 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux <not-affected> (Vulnerable code not present)
@@ -3409,7 +3409,7 @@ CVE-2023-48684 (Sensitive information disclosure and
manipulation due to missing
CVE-2023-48683 (Sensitive information disclosure and manipulation due to
missing autho ...)
NOT-FOR-US: Acronis Cyber Protect Cloud Agent
CVE-2023-46565 (Buffer Overflow vulnerability in osrg gobgp commit
419c50dfac578daa4d1 ...)
- - gobgp <unfixed>
+ - gobgp <unfixed> (bug #1070393)
NOTE: https://github.com/osrg/gobgp/issues/2725
CVE-2023-46270 (MacPaw The Unarchiver before 4.3.6 contains vulnerability
related to m ...)
NOT-FOR-US: MacPaw The Unarchiver
@@ -22042,7 +22042,7 @@ CVE-2024-25909 (Unrestricted Upload of File with
Dangerous Type vulnerability in
CVE-2024-25770 (libming 0.4.8 contains a memory leak vulnerability in
/libming/src/act ...)
- ming <removed>
CVE-2024-25768 (OpenDMARC 1.4.2 contains a null pointer dereference
vulnerability in / ...)
- - opendmarc <unfixed>
+ - opendmarc <unfixed> (bug #1070390)
[bookworm] - opendmarc <no-dsa> (Minor issue)
[bullseye] - opendmarc <no-dsa> (Minor issue)
[buster] - opendmarc <no-dsa> (Minor issue)
@@ -25146,7 +25146,7 @@ CVE-2024-25360 (A hidden interface in Motorola CX2L
Router firmware v1.0.1 leaks
NOT-FOR-US: Motorola
CVE-2024-25112 (Exiv2 is a command-line utility and C++ library for reading,
writing, ...)
[experimental] - exiv2 0.28.2+dfsg-1
- - exiv2 <unfixed>
+ - exiv2 <unfixed> (bug #1070392)
[bookworm] - exiv2 <no-dsa> (Minor issue)
[bullseye] - exiv2 <no-dsa> (Minor issue)
[buster] - exiv2 <no-dsa> (Minor issue)
@@ -25174,7 +25174,7 @@ CVE-2024-24875 (Cross-Site Request Forgery (CSRF)
vulnerability in Yannick Lefeb
NOT-FOR-US: WordPress plugin
CVE-2024-24826 (Exiv2 is a command-line utility and C++ library for reading,
writing, ...)
[experimental] - exiv2 0.28.2+dfsg-1
- - exiv2 <unfixed>
+ - exiv2 <unfixed> (bug #1070392)
[bookworm] - exiv2 <no-dsa> (Minor issue)
[bullseye] - exiv2 <no-dsa> (Minor issue)
[buster] - exiv2 <no-dsa> (Minor issue)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ef852fb39e30f07a3c0071ee27a717b2881f7300
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ef852fb39e30f07a3c0071ee27a717b2881f7300
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
