Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
56e7e4bf by security tracker role at 2024-06-08T20:12:25+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,21 +1,145 @@
-CVE-2024-36970 [wifi: iwlwifi: Use request_module_nowait]
+CVE-2024-5766 (A vulnerability was found in Likeshop up to 2.5.7 and
classified as pr ...)
+ TODO: check
+CVE-2024-5654 (The CF7 Google Sheets Connector plugin for WordPress is
vulnerable to ...)
+ TODO: check
+CVE-2024-4680 (A vulnerability in zenml-io/zenml version 0.56.3 allows
attackers to r ...)
+ TODO: check
+CVE-2024-4146 (In lunary-ai/lunary version v1.2.13, an improper authorization
vulnera ...)
+ TODO: check
+CVE-2024-37408 (fprintd through 1.94.3 lacks a security attention mechanism,
and thus ...)
+ TODO: check
+CVE-2024-37407 (Libarchive before 3.7.4 allows name out-of-bounds access when
a ZIP ar ...)
+ TODO: check
+CVE-2024-35756 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35755 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35753 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35752 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35751 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35750 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2024-35740 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35739 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35738 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35737 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35736 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2024-35734 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35733 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35732 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35731 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35730 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35719 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35718 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35715 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35714 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35713 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35711 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35710 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
+ TODO: check
+CVE-2024-35709 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35708 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35707 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35706 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35705 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35704 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35703 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35702 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35701 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35699 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35698 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35697 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35696 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35695 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35694 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35693 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35691 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
+ TODO: check
+CVE-2024-35689 (Cross-Site Request Forgery (CSRF) vulnerability in
Analytify.This issu ...)
+ TODO: check
+CVE-2024-35688 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35687 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35684 (Cross-Site Request Forgery (CSRF) vulnerability in 10up
ElasticPress.T ...)
+ TODO: check
+CVE-2024-35682 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
+ TODO: check
+CVE-2024-35681 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35679 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35678 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2024-35676 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35675 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-35659 (Authorization Bypass Through User-Controlled Key vulnerability
in Kivi ...)
+ TODO: check
+CVE-2024-35657 (Cross-Site Request Forgery (CSRF) vulnerability in Plechev
Andrey WP-R ...)
+ TODO: check
+CVE-2024-34765 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-22151 (Missing Authorization vulnerability in Codection Import and
export use ...)
+ TODO: check
+CVE-2024-21748 (Missing Authorization vulnerability in Icegram.This issue
affects Iceg ...)
+ TODO: check
+CVE-2023-45707 (HCL Connections Docs is vulnerable to a cross-site scripting
attack wh ...)
+ TODO: check
+CVE-2024-36970 (In the Linux kernel, the following vulnerability has been
resolved: w ...)
- linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/3d913719df14c28c4d3819e7e6d150760222bda4 (6.10-rc1)
-CVE-2024-36969 [drm/amd/display: Fix division by zero in setup_dsc_config]
+CVE-2024-36969 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/130afc8a886183a94cf6eab7d24f300014ff87ba (6.10-rc1)
-CVE-2024-36968 [Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init()]
+CVE-2024-36968 (In the Linux kernel, the following vulnerability has been
resolved: B ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/a5b862c6a221459d54e494e88965b48dcfa6cc44 (6.10-rc1)
-CVE-2024-36967 [KEYS: trusted: Fix memory leak in tpm2_key_encode()]
+CVE-2024-36967 (In the Linux kernel, the following vulnerability has been
resolved: K ...)
- linux 6.8.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/ffcaa2172cc1a85ddb8b783de96d38ca8855e248 (6.10-rc1)
-CVE-2024-36966 [erofs: reliably distinguish block based and fscache mode]
+CVE-2024-36966 (In the Linux kernel, the following vulnerability has been
resolved: e ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/7af2ae1b1531feab5d38ec9c8f472dc6cceb4606 (6.9-rc7)
-CVE-2024-36965 [remoteproc: mediatek: Make sure IPI buffer fits in L2TCM]
+CVE-2024-36965 (In the Linux kernel, the following vulnerability has been
resolved: r ...)
- linux 6.8.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/56e7e4bf4d468b1dc2cca13350e69c1e5a539443
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/56e7e4bf4d468b1dc2cca13350e69c1e5a539443
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
