Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 0b5d0e50 by security tracker role at 2024-05-16T20:12:17+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,299 @@ +CVE-2024-5023 (Improper Neutralization of Special Elements used in a Command ('Comman ...) + TODO: check +CVE-2024-4999 (A vulnerability in the web-based management interface of multiple Ligo ...) + TODO: check +CVE-2024-4993 (Vulnerability in SiAdmin 1.1 that allows XSS via the /show.php query p ...) + TODO: check +CVE-2024-4992 (Vulnerability in SiAdmin 1.1 that allows SQL injection via the /modul/ ...) + TODO: check +CVE-2024-4991 (Vulnerability in SiAdmin 1.1 that allows SQL injection via the /modul/ ...) + TODO: check +CVE-2024-4984 (The Yoast SEO plugin for WordPress is vulnerable to Stored Cross-Site ...) + TODO: check +CVE-2024-4976 (Out-of-bounds array write in Xpdf 4.05 and earlier, due to missing obj ...) + TODO: check +CVE-2024-4975 (A vulnerability, which was classified as problematic, has been found i ...) + TODO: check +CVE-2024-4974 (A vulnerability, which was classified as problematic, was found in cod ...) + TODO: check +CVE-2024-4973 (A vulnerability classified as critical was found in code-projects Simp ...) + TODO: check +CVE-2024-4972 (A vulnerability classified as critical has been found in code-projects ...) + TODO: check +CVE-2024-4968 (A vulnerability was found in SourceCodester Interactive Map with Marke ...) + TODO: check +CVE-2024-4967 (A vulnerability was found in SourceCodester Interactive Map with Marke ...) + TODO: check +CVE-2024-4966 (A vulnerability was found in SourceCodester SchoolWebTech 1.0. It has ...) + TODO: check +CVE-2024-4965 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DA ...) + TODO: check +CVE-2024-4964 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in D-Li ...) + TODO: check +CVE-2024-4963 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified ...) + TODO: check +CVE-2024-4962 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified ...) + TODO: check +CVE-2024-4961 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical ...) + TODO: check +CVE-2024-4960 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical ...) + TODO: check +CVE-2024-4956 (Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticate ...) + TODO: check +CVE-2024-4950 (Inappropriate implementation in Downloads in Google Chrome prior to 12 ...) + TODO: check +CVE-2024-4949 (Use after free in V8 in Google Chrome prior to 125.0.6422.60 allowed a ...) + TODO: check +CVE-2024-4948 (Use after free in Dawn in Google Chrome prior to 125.0.6422.60 allowed ...) + TODO: check +CVE-2024-4947 (Type Confusion in V8 in Google Chrome prior to 125.0.6422.60 allowed a ...) + TODO: check +CVE-2024-4946 (A vulnerability was found in SourceCodester Online Art Gallery Managem ...) + TODO: check +CVE-2024-4945 (A vulnerability was found in SourceCodester Best Courier Management Sy ...) + TODO: check +CVE-2024-4933 (A vulnerability has been found in SourceCodester Simple Online Bidding ...) + TODO: check +CVE-2024-4932 (A vulnerability, which was classified as critical, was found in Source ...) + TODO: check +CVE-2024-4931 (A vulnerability, which was classified as critical, has been found in S ...) + TODO: check +CVE-2024-4930 (A vulnerability classified as critical was found in SourceCodester Sim ...) + TODO: check +CVE-2024-4929 (A vulnerability classified as problematic has been found in SourceCode ...) + TODO: check +CVE-2024-4928 (A vulnerability was found in SourceCodester Simple Online Bidding Syst ...) + TODO: check +CVE-2024-4927 (A vulnerability was found in SourceCodester Simple Online Bidding Syst ...) + TODO: check +CVE-2024-4926 (A vulnerability was found in SourceCodester School Intramurals Student ...) + TODO: check +CVE-2024-4925 (A vulnerability was found in SourceCodester School Intramurals Student ...) + TODO: check +CVE-2024-4923 (A vulnerability has been found in Codezips E-Commerce Site 1.0 and cla ...) + TODO: check +CVE-2024-4922 (A vulnerability, which was classified as problematic, was found in Sou ...) + TODO: check +CVE-2024-4921 (A vulnerability classified as critical has been found in SourceCodeste ...) + TODO: check +CVE-2024-4920 (A vulnerability was found in SourceCodester Online Discussion Forum Si ...) + TODO: check +CVE-2024-4919 (A vulnerability was found in Campcodes Online Examination System 1.0. ...) + TODO: check +CVE-2024-4918 (A vulnerability was found in Campcodes Online Examination System 1.0. ...) + TODO: check +CVE-2024-4917 (A vulnerability was found in Campcodes Online Examination System 1.0 a ...) + TODO: check +CVE-2024-4916 (A vulnerability has been found in Campcodes Online Examination System ...) + TODO: check +CVE-2024-4915 (A vulnerability, which was classified as critical, was found in Campco ...) + TODO: check +CVE-2024-4914 (A vulnerability, which was classified as critical, has been found in C ...) + TODO: check +CVE-2024-4913 (A vulnerability classified as critical was found in Campcodes Online E ...) + TODO: check +CVE-2024-4912 (A vulnerability classified as critical has been found in Campcodes Onl ...) + TODO: check +CVE-2024-4911 (A vulnerability was found in Campcodes Complete Web-Based School Manag ...) + TODO: check +CVE-2024-4844 (Hardcoded credentials vulnerability in Trellix ePolicy Orchestrator (e ...) + TODO: check +CVE-2024-4843 (ePO doesn't allow a regular privileged user to delete tasks or assignm ...) + TODO: check +CVE-2024-4838 (The ConvertPlus plugin for WordPress is vulnerable to PHP Object Injec ...) + TODO: check +CVE-2024-4826 (SQL injection vulnerability in Simple PHP Shopping Cart affecting vers ...) + TODO: check +CVE-2024-4760 (A voltage glitch during the startup of EEFC NVM controllers on Microch ...) + TODO: check +CVE-2024-4733 (The ShiftController Employee Shift Scheduling plugin is vulnerable to ...) + TODO: check +CVE-2024-4642 (A Server-Side Request Forgery (SSRF) vulnerability exists in the wandb ...) + TODO: check +CVE-2024-4635 (The Menu Icons by ThemeIsle plugin for WordPress is vulnerable to Stor ...) + TODO: check +CVE-2024-4634 (The Elementor Header & Footer Builder plugin for WordPress is vulnerab ...) + TODO: check +CVE-2024-4617 (The Rank Math SEO with AI Best SEO Tools plugin for WordPress is vulne ...) + TODO: check +CVE-2024-4609 (A vulnerability exists in the Rockwell Automation FactoryTalk\xae View ...) + TODO: check +CVE-2024-4580 (The Master Addons \u2013 Free Widgets, Hover Effects, Toggle, Conditio ...) + TODO: check +CVE-2024-4546 (The Custom Post Type Attachment plugin for WordPress is vulnerable to ...) + TODO: check +CVE-2024-4478 (The Happy Addons for Elementor plugin for WordPress is vulnerable to S ...) + TODO: check +CVE-2024-4400 (The Post and Page Builder by BoldGrid \u2013 Visual Drag and Drop Edit ...) + TODO: check +CVE-2024-4391 (The Happy Addons for Elementor plugin for WordPress is vulnerable to S ...) + TODO: check +CVE-2024-4385 (The Envo Extra plugin for WordPress is vulnerable to Stored Cross-Site ...) + TODO: check +CVE-2024-4352 (The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized a ...) + TODO: check +CVE-2024-4351 (The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized a ...) + TODO: check +CVE-2024-4326 (A vulnerability in parisneo/lollms-webui versions up to 9.3 allows rem ...) + TODO: check +CVE-2024-4322 (A path traversal vulnerability exists in the parisneo/lollms-webui app ...) + TODO: check +CVE-2024-4321 (A Local File Inclusion (LFI) vulnerability exists in the gaizhenbiao/c ...) + TODO: check +CVE-2024-4318 (The Tutor LMS plugin for WordPress is vulnerable to time-based SQL Inj ...) + TODO: check +CVE-2024-4288 (The Appointment Booking Calendar \u2014 Simply Schedule Appointments B ...) + TODO: check +CVE-2024-4279 (The Tutor LMS \u2013 eLearning and online course solution plugin for W ...) + TODO: check +CVE-2024-4263 (A broken access control vulnerability exists in mlflow/mlflow versions ...) + TODO: check +CVE-2024-4223 (The Tutor LMS plugin for WordPress is vulnerable to unauthorized acces ...) + TODO: check +CVE-2024-4222 (The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized a ...) + TODO: check +CVE-2024-4181 (A command injection vulnerability exists in the RunGptLLM class of the ...) + TODO: check +CVE-2024-4078 (A vulnerability in the parisneo/lollms, specifically in the `/unInstal ...) + TODO: check +CVE-2024-3887 (The Royal Elementor Addons and Templates plugin for WordPress is vulne ...) + TODO: check +CVE-2024-3851 (A stored Cross-Site Scripting (XSS) vulnerability exists in the 'imart ...) + TODO: check +CVE-2024-3848 (A path traversal vulnerability exists in mlflow/mlflow version 2.11.0, ...) + TODO: check +CVE-2024-3750 (The Visualizer: Tables and Charts Manager for WordPress plugin for Wor ...) + TODO: check +CVE-2024-3644 (The Newsletter Popup WordPress plugin through 1.2 does not sanitise an ...) + TODO: check +CVE-2024-3643 (The Newsletter Popup WordPress plugin through 1.2 does not have CSRF c ...) + TODO: check +CVE-2024-3642 (The Newsletter Popup WordPress plugin through 1.2 does not have CSRF c ...) + TODO: check +CVE-2024-3641 (The Newsletter Popup WordPress plugin through 1.2 does not sanitise an ...) + TODO: check +CVE-2024-3640 (An unquoted executable path exists in the Rockwell AutomationFactoryTa ...) + TODO: check +CVE-2024-3435 (A path traversal vulnerability exists in the 'save_settings' endpoint ...) + TODO: check +CVE-2024-3403 (imartinez/privategpt version 0.2.0 is vulnerable to a local file inclu ...) + TODO: check +CVE-2024-3286 (A buffer overflow vulnerability was identified in some Lenovo printers ...) + TODO: check +CVE-2024-3126 (A command injection vulnerability exists in the 'run_xtts_api_server' ...) + TODO: check +CVE-2024-35302 (In JetBrains TeamCity before 2023.11 stored XSS during restore from ba ...) + TODO: check +CVE-2024-35301 (In JetBrains TeamCity before 2024.03.1 commit status publisher didn't ...) + TODO: check +CVE-2024-35300 (In JetBrains TeamCity between 2024.03 and 2024.03.1 several stored XSS ...) + TODO: check +CVE-2024-35299 (In JetBrains YouTrack before 2024.1.29548 the SMTPS protocol communica ...) + TODO: check +CVE-2024-35187 (Stalwart Mail Server is an open-source mail server. Prior to version 0 ...) + TODO: check +CVE-2024-35185 (Minder is a software supply chain security platform. Prior to version ...) + TODO: check +CVE-2024-35184 (Paperless-ngx is a document management system that transforms physical ...) + TODO: check +CVE-2024-35183 (wolfictl is a command line tool for working with Wolfi. A git authenti ...) + TODO: check +CVE-2024-35176 (REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a den ...) + TODO: check +CVE-2024-35039 (idccms V1.35 was discovered to contain a Cross-Site Request Forgery (C ...) + TODO: check +CVE-2024-34958 (idccms v1.35 was discovered to contain a Cross-Site Request Forgery (C ...) + TODO: check +CVE-2024-34957 (idccms v1.35 was discovered to contain a Cross-Site Request Forgery (C ...) + TODO: check +CVE-2024-34905 (FlyFish v3.0.0 was discovered to contain a buffer overflow via the pas ...) + TODO: check +CVE-2024-34808 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...) + TODO: check +CVE-2024-34805 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) + TODO: check +CVE-2024-34760 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) + TODO: check +CVE-2024-34751 (Deserialization of Untrusted Data vulnerability in WebToffee Order Exp ...) + TODO: check +CVE-2024-34582 (Sunhillo SureLine through 8.10.0 on RICI 5000 devices allows cgi/usrPa ...) + TODO: check +CVE-2024-34273 (njwt up to v0.4.0 was discovered to contain a prototype pollution in t ...) + TODO: check +CVE-2024-31226 (Sunshine is a self-hosted game stream host for Moonlight. Users who ra ...) + TODO: check +CVE-2024-30314 (Dreamweaver Desktop versions 21.3 and earlier are affected by an Impro ...) + TODO: check +CVE-2024-30309 (Substance3D - Painter versions 9.1.2 and earlier Answer: are affected ...) + TODO: check +CVE-2024-30308 (Substance3D - Painter versions 9.1.2 and earlier Answer: are affected ...) + TODO: check +CVE-2024-30307 (Substance3D - Painter versions 9.1.2 and earlier are affected by an ou ...) + TODO: check +CVE-2024-30298 (Animate versions 24.0.2, 23.0.5 and earlier Answer: are affected by an ...) + TODO: check +CVE-2024-30297 (Animate versions 24.0.2, 23.0.5 and earlier are affected by an out-of- ...) + TODO: check +CVE-2024-30296 (Animate versions 24.0.2, 23.0.5 and earlier are affected by an out-of- ...) + TODO: check +CVE-2024-30295 (Animate versions 24.0.2, 23.0.5 and earlier are affected by a NULL Poi ...) + TODO: check +CVE-2024-30294 (Animate versions 24.0.2, 23.0.5 and earlier are affected by a Heap-bas ...) + TODO: check +CVE-2024-30293 (Animate versions 24.0.2, 23.0.5 and earlier are affected by a Stack-ba ...) + TODO: check +CVE-2024-30292 (Adobe Framemaker versions 2020.5, 2022.3 and earlier are affected by a ...) + TODO: check +CVE-2024-30291 (Adobe Framemaker versions 2020.5, 2022.3 and earlier are affected by a ...) + TODO: check +CVE-2024-30290 (Adobe Framemaker versions 2020.5, 2022.3 and earlier are affected by a ...) + TODO: check +CVE-2024-30289 (Adobe Framemaker versions 2020.5, 2022.3 and earlier are affected by a ...) + TODO: check +CVE-2024-30288 (Adobe Framemaker versions 2020.5, 2022.3 and earlier are affected by a ...) + TODO: check +CVE-2024-30287 (Adobe Framemaker versions 2020.5, 2022.3 and earlier Answer: are affec ...) + TODO: check +CVE-2024-30286 (Adobe Framemaker versions 2020.5, 2022.3 and earlier Answer: are affec ...) + TODO: check +CVE-2024-30283 (Adobe Framemaker versions 2020.5, 2022.3 and earlier Answer: are affec ...) + TODO: check +CVE-2024-30282 (Animate versions 24.0.2, 23.0.5 and earlier are affected by an out-of- ...) + TODO: check +CVE-2024-30281 (Substance3D - Designer versions 13.1.1 and earlier Answer: are affecte ...) + TODO: check +CVE-2024-30275 (Adobe Aero Desktop versions 23.4 and earlier are affected by a Use Aft ...) + TODO: check +CVE-2024-30274 (Substance3D - Painter versions 9.1.2 and earlier are affected by an ou ...) + TODO: check +CVE-2024-2366 (A remote code execution vulnerability exists in the parisneo/lollms-we ...) + TODO: check +CVE-2024-2361 (A vulnerability in the parisneo/lollms-webui allows for arbitrary file ...) + TODO: check +CVE-2024-2358 (A path traversal vulnerability in the '/apply_settings' endpoint of pa ...) + TODO: check +CVE-2024-27260 (IBM AIX could 7.2, 7.3, VIOS 3.1, and VIOS 4.1 allow a non-privileged ...) + TODO: check +CVE-2024-27244 (Insufficient verification of data authenticity in the installer for Zo ...) + TODO: check +CVE-2024-27243 (Buffer overflow in some Zoom Workplace Apps and SDK\u2019s may allow a ...) + TODO: check +CVE-2024-20793 (Illustrator versions 28.4, 27.9.3 and earlier are affected by an out-o ...) + TODO: check +CVE-2024-20792 (Illustrator versions 28.4, 27.9.3 and earlier are affected by a Use Af ...) + TODO: check +CVE-2024-20791 (Illustrator versions 28.4, 27.9.3 and earlier are affected by an out-o ...) + TODO: check +CVE-2024-20389 (A vulnerability in the ConfD CLI and the Cisco Crosswork Network Serv ...) + TODO: check +CVE-2024-20326 (A vulnerability in the ConfD CLI and the Cisco Crosswork Network Serv ...) + TODO: check +CVE-2024-1417 (Improper Neutralization of Special Elements used in a Command ('Comman ...) + TODO: check +CVE-2023-48643 (Shrubbery tac_plus 2.x, 3.x. and 4.x through F4.0.4.28 allows unauthen ...) + TODO: check +CVE-2023-47717 (IBM Security Guardium 12.0 could allow a privileged user to perform un ...) + TODO: check CVE-2024-4910 (A vulnerability was found in Campcodes Complete Web-Based School Manag ...) NOT-FOR-US: Campcodes Complete Web-Based School Management System CVE-2024-4909 (A vulnerability was found in Campcodes Complete Web-Based School Manag ...) @@ -700,7 +996,7 @@ CVE-2024-4778 (Memory safety bugs present in Firefox 125. Some of these bugs sho - firefox 126.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4778 CVE-2024-4777 (Memory safety bugs present in Firefox 125, Firefox ESR 115.10, and Thu ...) - {DSA-5691-1} + {DSA-5691-1 DLA-3815-1} - firefox 126.0-1 - firefox-esr 115.11.0esr-1 - thunderbird 1:115.11.0-1 @@ -726,7 +1022,7 @@ CVE-2024-4771 (A memory allocation check was missing which would lead to a use-a - firefox 126.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4771 CVE-2024-4770 (When saving a page to PDF, certain font styles could have led to a pot ...) - {DSA-5691-1} + {DSA-5691-1 DLA-3815-1} - firefox 126.0-1 - firefox-esr 115.11.0esr-1 - thunderbird 1:115.11.0-1 @@ -734,7 +1030,7 @@ CVE-2024-4770 (When saving a page to PDF, certain font styles could have led to NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-22/#CVE-2024-4770 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-23/#CVE-2024-4769 CVE-2024-4769 (When importing resources using Web Workers, error messages would disti ...) - {DSA-5691-1} + {DSA-5691-1 DLA-3815-1} - firefox 126.0-1 - firefox-esr 115.11.0esr-1 - thunderbird 1:115.11.0-1 @@ -742,7 +1038,7 @@ CVE-2024-4769 (When importing resources using Web Workers, error messages would NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-22/#CVE-2024-4769 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-23/#CVE-2024-4769 CVE-2024-4768 (A bug in popup notifications' interaction with WebAuthn made it easier ...) - {DSA-5691-1} + {DSA-5691-1 DLA-3815-1} - firefox 126.0-1 - firefox-esr 115.11.0esr-1 - thunderbird 1:115.11.0-1 @@ -750,7 +1046,7 @@ CVE-2024-4768 (A bug in popup notifications' interaction with WebAuthn made it e NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-22/#CVE-2024-4768 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-23/#CVE-2024-4768 CVE-2024-4767 (If the `browser.privatebrowsing.autostart` preference is enabled, Inde ...) - {DSA-5691-1} + {DSA-5691-1 DLA-3815-1} - firefox 126.0-1 - firefox-esr 115.11.0esr-1 - thunderbird 1:115.11.0-1 @@ -764,7 +1060,7 @@ CVE-2024-4765 (Web application manifests were stored by using an insecure MD5 ha - firefox <not-affected> (Android-specific) NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4765 CVE-2024-4367 (A type check was missing when handling fonts in PDF.js, which would al ...) - {DSA-5691-1} + {DSA-5691-1 DLA-3815-1} - firefox 126.0-1 - firefox-esr 115.11.0esr-1 - thunderbird 1:115.11.0-1 @@ -1041,7 +1337,8 @@ CVE-2024-34077 (MantisBT (Mantis Bug Tracker) is an open source issue tracker. I - mantis <removed> CVE-2024-33433 (Cross Site Scripting vulnerability in TOTOLINK X2000R before v1.0.0-B2 ...) NOT-FOR-US: TOTOLINK -CVE-2024-33386 (An issue in SoundCloud Prometheu v.2.5.1 and before allows a remote at ...) +CVE-2024-33386 + REJECTED NOT-FOR-US: SoundCloud Prometheu CVE-2024-33250 (An issue in Open-Source Technology Committee SRS real-time video serve ...) NOT-FOR-US: Open-Source Technology Committee SRS real-time video server @@ -1529,7 +1826,7 @@ CVE-2024-4606 (Deserialization of Untrusted Data vulnerability in BdThemes Ultim NOT-FOR-US: WordPress plugin CVE-2024-4605 (The Breakdance plugin for WordPress is vulnerable to Remote Code Execu ...) NOT-FOR-US: WordPress plugin -CVE-2024-4603 [Excessive time spent checking DSA keys and parameters] +CVE-2024-4603 (Issue summary: Checking excessively long DSA keys or parameters may be ...) - openssl <unfixed> [bullseye] - openssl <not-affected> (Vulnerable code not present) [buster] - openssl <not-affected> (Vulnerable code not present) @@ -1547,7 +1844,8 @@ CVE-2024-4567 (The Themify Shortcodes plugin for WordPress is vulnerable to Stor NOT-FOR-US: WordPress plugin CVE-2024-4545 (All versions of EnterpriseDB Postgres Advanced Server (EPAS) from 15.0 ...) NOT-FOR-US: EnterpriseDB -CVE-2024-4542 (The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for WordPre ...) +CVE-2024-4542 + REJECTED NOT-FOR-US: WordPress plugin CVE-2024-4463 (The Squelch Tabs and Accordions Shortcodes plugin for WordPress is vul ...) NOT-FOR-US: WordPress plugin @@ -12825,7 +13123,7 @@ CVE-2024-2201 [Native Branch History Injection] NOTE: https://vusec.net/projects/native-bhi NOTE: https://download.vusec.net/papers/inspectre_sec24.pdf NOTE: https://xenbits.xen.org/xsa/advisory-456.html -CVE-2024-31142 [x86: Incorrect logic for BTC/SRSO mitigations] +CVE-2024-31142 (Because of a logical error in XSA-407 (Branch Type Confusion), the mit ...) - xen <unfixed> [bookworm] - xen <postponed> (Minor issue, fix along in next DSA) [bullseye] - xen <end-of-life> (EOLed in Bullseye) @@ -13737,7 +14035,7 @@ CVE-2024-28787 (IBM Security Verify Access 10.0.0 through 10.0.7 and IBM Applica NOT-FOR-US: IBM CVE-2024-27575 (INOTEC Sicherheitstechnik WebServer CPS220/64 3.3.19 allows a remote a ...) NOT-FOR-US: INOTEC -CVE-2024-27268 (IBM WebSphere Application Server Liberty 18.0.0.2 through 24.0.0.3 is ...) +CVE-2024-27268 (IBM WebSphere Application Server Liberty 18.0.0.2 through 24.0.0.4 is ...) NOT-FOR-US: IBM CVE-2024-25709 REJECTED @@ -15713,7 +16011,7 @@ CVE-2024-30489 (Improper Neutralization of Special Elements used in an SQL Comma NOT-FOR-US: WordPress plugin CVE-2024-25027 (IBM Security Verify Access 10.0.6 could disclose sensitive snapshot in ...) NOT-FOR-US: IBM -CVE-2024-22353 (IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.3 is ...) +CVE-2024-22353 (IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.4 is ...) NOT-FOR-US: IBM CVE-2023-50959 (IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2,19.0.1, 1 ...) NOT-FOR-US: IBM @@ -32772,7 +33070,7 @@ CVE-2020-36772 (CloudLinux CageFS 7.0.8-2 or below insufficiently restricts file NOT-FOR-US: CloudLinux CageFS CVE-2020-36771 (CloudLinux CageFS 7.1.1-1 or below passes the authentication token as ...) NOT-FOR-US: CloudLinux CageFS -CVE-2023-46842 [x86 HVM hypercalls may trigger Xen bug check] +CVE-2023-46842 (Unlike 32-bit PV guests, HVM guests may switch freely between 64-bit a ...) - xen <unfixed> [bookworm] - xen <postponed> (Minor issue, fix along in next DSA) [bullseye] - xen <end-of-life> (EOLed in Bullseye) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0b5d0e50752c6fa8009a72e18ddd0ff3fc8e6a2e -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0b5d0e50752c6fa8009a72e18ddd0ff3fc8e6a2e You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits