Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
77194603 by security tracker role at 2024-06-14T08:14:28+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,323 @@
+CVE-2024-5995 (The notification emails sent by Soar Cloud HR Portal contain a
link wi ...)
+ TODO: check
+CVE-2024-5994 (The WP Go Maps (formerly WP Google Maps) plugin for WordPress
is vulne ...)
+ TODO: check
+CVE-2024-5985 (A vulnerability classified as critical has been found in
SourceCodeste ...)
+ TODO: check
+CVE-2024-5984 (A vulnerability was found in itsourcecode Online Bookstore 1.0.
It has ...)
+ TODO: check
+CVE-2024-5983 (A vulnerability was found in itsourcecode Online Bookstore 1.0.
It has ...)
+ TODO: check
+CVE-2024-5981 (A vulnerability was found in itsourcecode Online House Rental
System 1 ...)
+ TODO: check
+CVE-2024-5976 (A vulnerability was found in SourceCodester Employee and
Visitor Gate ...)
+ TODO: check
+CVE-2024-5961 (Improper neutralization of input during web page generation
vulnerabil ...)
+ TODO: check
+CVE-2024-5577 (The Where I Was, Where I Will Be plugin for WordPress is
vulnerable to ...)
+ TODO: check
+CVE-2024-5551 (The WP STAGING Pro WordPress Backup Plugin plugin for WordPress
is vul ...)
+ TODO: check
+CVE-2024-5465 (Function vulnerabilities in the Calendar module Impact:
Successful exp ...)
+ TODO: check
+CVE-2024-5464 (Vulnerability of insufficient permission verification in the
NearLink ...)
+ TODO: check
+CVE-2024-5155 (The Inquiry cart WordPress plugin through 3.4.2 does not have
CSRF che ...)
+ TODO: check
+CVE-2024-4936 (The Canto plugin for WordPress is vulnerable to Remote File
Inclusion ...)
+ TODO: check
+CVE-2024-4751 (The WP Prayer II WordPress plugin through 2.4.7 does not have
CSRF che ...)
+ TODO: check
+CVE-2024-4480 (The WP Prayer II WordPress plugin through 2.4.7 does not have
CSRF che ...)
+ TODO: check
+CVE-2024-4404 (The ElementsKit PRO plugin for WordPress is vulnerable to
Server-Side ...)
+ TODO: check
+CVE-2024-4271 (The SVGator WordPress plugin through 1.2.6 does not sanitize
SVG file ...)
+ TODO: check
+CVE-2024-4270 (The SVGMagic WordPress plugin through 1.1 does not sanitize SVG
file c ...)
+ TODO: check
+CVE-2024-4005 (The Social Pixel WordPress plugin through 2.1 does not sanitise
and es ...)
+ TODO: check
+CVE-2024-3993 (The AZAN Plugin WordPress plugin through 0.6 does not have CSRF
check ...)
+ TODO: check
+CVE-2024-3992 (The Amen WordPress plugin through 3.3.1 does not sanitise and
escape s ...)
+ TODO: check
+CVE-2024-3978 (The WordPress Jitsi Shortcode WordPress plugin through 0.1 does
not va ...)
+ TODO: check
+CVE-2024-3977 (The WordPress Jitsi Shortcode WordPress plugin through 0.1 does
not sa ...)
+ TODO: check
+CVE-2024-3972 (The Similarity WordPress plugin through 3.0 does not have CSRF
check i ...)
+ TODO: check
+CVE-2024-3971 (The Similarity WordPress plugin through 3.0 does not have CSRF
check i ...)
+ TODO: check
+CVE-2024-3966 (The Pray For Me WordPress plugin through 1.0.4 does not
sanitise and e ...)
+ TODO: check
+CVE-2024-3965 (The Pray For Me WordPress plugin through 1.0.4 does not have
CSRF chec ...)
+ TODO: check
+CVE-2024-3754 (The Alemha watermarker WordPress plugin through 1.3.1 does not
sanitis ...)
+ TODO: check
+CVE-2024-3498 (Attackers can then execute malicious files by enabling certain
service ...)
+ TODO: check
+CVE-2024-3497 (Path traversal vulnerability in the web server of the Toshiba
printer ...)
+ TODO: check
+CVE-2024-3496 (Attackers can bypass the web login authentication process to
gain acce ...)
+ TODO: check
+CVE-2024-3080 (Certain ASUS router models have authentication bypass
vulnerability, a ...)
+ TODO: check
+CVE-2024-3079 (Certain models of ASUS routers have buffer overflow
vulnerabilities, a ...)
+ TODO: check
+CVE-2024-36503 (Memory management vulnerability in the Gralloc module Impact:
Successf ...)
+ TODO: check
+CVE-2024-36502 (Out-of-bounds read vulnerability in the audio module Impact:
Successfu ...)
+ TODO: check
+CVE-2024-36501 (Memory management vulnerability in the boottime module Impact:
Success ...)
+ TODO: check
+CVE-2024-36500 (Privilege escalation vulnerability in the AMS module Impact:
Successfu ...)
+ TODO: check
+CVE-2024-36499 (Vulnerability of unauthorized screenshot capturing in the WMS
module I ...)
+ TODO: check
+CVE-2024-33253 (Cross-site scripting (XSS) vulnerability in GUnet OpenEclass
E-learnin ...)
+ TODO: check
+CVE-2024-32930 (In plugin_ipc_handler of slc_plugin.c, there is a possible
information ...)
+ TODO: check
+CVE-2024-32929 (In gpu_slc_get_region of pixel_gpu_slc.c, there is a possible
EoP due ...)
+ TODO: check
+CVE-2024-32926 (there is a possible information disclosure due to side channel
informa ...)
+ TODO: check
+CVE-2024-32925 (In dhd_prot_txstatus_process of dhd_msgbuf.c, there is a
possible out ...)
+ TODO: check
+CVE-2024-32924 (In DeregAcceptProcINT of cn_NrmmStateDeregInit.cpp, there is a
possibl ...)
+ TODO: check
+CVE-2024-32923 (there is a possible cellular denial of service due to a logic
error in ...)
+ TODO: check
+CVE-2024-32922 (In gpu_pm_power_on_top_nolock of pixel_gpu_power.c, there is a
possibl ...)
+ TODO: check
+CVE-2024-32921 (In lwis_initialize_transaction_fences of lwis_fence.c, there
is a poss ...)
+ TODO: check
+CVE-2024-32920 (In set_secure_reg of sac_handler.c, there is a possible out of
bounds ...)
+ TODO: check
+CVE-2024-32919 (In lwis_add_completion_fence of lwis_fence.c, there is a
possible esca ...)
+ TODO: check
+CVE-2024-32918 (Permission Bypass allowing attackers to disable HDCP 2.2
encryption b ...)
+ TODO: check
+CVE-2024-32917 (In pl330_dma_from_peri_start() of fp_spi_dma.c, there is a
possible ou ...)
+ TODO: check
+CVE-2024-32916 (In fvp_freq_histogram_init of fvp.c, there is a possible
Information D ...)
+ TODO: check
+CVE-2024-32915 (In CellInfoListParserV2::FillCellInfo() of
protocolnetadapter.cpp, the ...)
+ TODO: check
+CVE-2024-32914 (In tpu_get_int_state of tpu.c, there is a possible information
disclos ...)
+ TODO: check
+CVE-2024-32913 (In wl_notify_rx_mgmt_frame of wl_cfg80211.c, there is a
possible out o ...)
+ TODO: check
+CVE-2024-32912 (there is a possible persistent Denial of Service due to
test/debugging ...)
+ TODO: check
+CVE-2024-32911 (There is a possible escalation of privilege due to improperly
used cry ...)
+ TODO: check
+CVE-2024-32910 (In handle_msg_shm_map_req of
trusty/user/base/lib/spi/srv/tipc/tipc.c, ...)
+ TODO: check
+CVE-2024-32909 (In handle_msg of main.cpp, there is a possible out of bounds
write due ...)
+ TODO: check
+CVE-2024-32908 (In sec_media_protect of media.c, there is a possible
permission bypass ...)
+ TODO: check
+CVE-2024-32907 (In memcall_add of memlog.c, there is a possible buffer
overflow due to ...)
+ TODO: check
+CVE-2024-32906 (In AcvpOnMessage of avcp.cpp, there is a possible EOP due to
uninitial ...)
+ TODO: check
+CVE-2024-32905 (In circ_read of link_device_memory_legacy.c, there is a
possible out o ...)
+ TODO: check
+CVE-2024-32904 (In ProtocolVsimOperationAdapter() of protocolvsimadapter.cpp,
there is ...)
+ TODO: check
+CVE-2024-32903 (In prepare_response_locked of lwis_transaction.c, there is a
possible ...)
+ TODO: check
+CVE-2024-32902 (Remote prevention of access to cellular service with no user
interacti ...)
+ TODO: check
+CVE-2024-32901 (In v4l2_smfc_qbuf of smfc-v4l2-ioctls.c, there is a possible
out of bo ...)
+ TODO: check
+CVE-2024-32900 (In lwis_fence_signal of lwis_debug.c, there is a possible Use
after Fr ...)
+ TODO: check
+CVE-2024-32899 (In gpu_pm_power_off_top_nolock of pixel_gpu_power.c, there is
a possib ...)
+ TODO: check
+CVE-2024-32898 (In ProtocolCellIdentityParserV4::Parse() of
protocolnetadapter.cpp, th ...)
+ TODO: check
+CVE-2024-32897 (In ProtocolCdmaCallWaitingIndAdapter::GetCwInfo() of
protocolsmsadapte ...)
+ TODO: check
+CVE-2024-32896 (there is a possible way to bypass due to a logic error in the
code. T ...)
+ TODO: check
+CVE-2024-32895 (In BCMFASTPATH of dhd_msgbuf.c, there is a possible out of
bounds writ ...)
+ TODO: check
+CVE-2024-32894 (In bc_get_converted_received_bearer of bc_utilities.c, there
is a poss ...)
+ TODO: check
+CVE-2024-32893 (In _s5e9865_mif_set_rate of exynos_dvfs.c, there is a possible
out of ...)
+ TODO: check
+CVE-2024-32892 (In handle_init of goodix/main/main.c, there is a possible
memory corru ...)
+ TODO: check
+CVE-2024-32891 (In sec_media_unprotect of media.c, there is a possible memory
corrupti ...)
+ TODO: check
+CVE-2024-31777 (File Upload vulnerability in openeclass v.3.15 and before
allows an at ...)
+ TODO: check
+CVE-2024-31163 (ASUS Download Master has a buffer overflow vulnerability. An
unauthent ...)
+ TODO: check
+CVE-2024-31162 (The specific function parameter of ASUS Download Master does
not prope ...)
+ TODO: check
+CVE-2024-31161 (The upload functionality of ASUS Download Master does not
properly fil ...)
+ TODO: check
+CVE-2024-31160 (The parameter used in the certain page of ASUS Download Master
is not ...)
+ TODO: check
+CVE-2024-31159 (The parameter used in the certain page of ASUS Download Master
is not ...)
+ TODO: check
+CVE-2024-2218 (The LuckyWP Table of Contents WordPress plugin through 2.1.4
does not ...)
+ TODO: check
+CVE-2024-2122 (The Best WordPress Gallery Plugin \u2013 FooGallery plugin for
WordPre ...)
+ TODO: check
+CVE-2024-29787 (In lwis_process_transactions_in_queue of lwis_transaction.c,
there is ...)
+ TODO: check
+CVE-2024-29786 (In pktproc_fill_data_addr_without_bm of link_rx_pktproc.c,
there is a ...)
+ TODO: check
+CVE-2024-29785 (In aur_get_state of aurora.c, there is a possible information
disclosu ...)
+ TODO: check
+CVE-2024-29784 (In prepare_response of lwis_periodic_io.c, there is a possible
out of ...)
+ TODO: check
+CVE-2024-29781 (In ss_AnalyzeOssReturnResUssdArgIe of ss_OssAsnManagement.c,
there is ...)
+ TODO: check
+CVE-2024-29780 (In hwbcc_ns_deprivilege of
trusty/user/base/lib/hwbcc/client/hwbcc.c, ...)
+ TODO: check
+CVE-2024-29778 (In ProtocolPsDedicatedBearInfoAdapter::processQosSession of
protocolps ...)
+ TODO: check
+CVE-2024-27180 (An attacker with admin access can install rogue applications.
As for t ...)
+ TODO: check
+CVE-2024-27179 (Admin cookies are written in clear-text in logs. An attacker
can retri ...)
+ TODO: check
+CVE-2024-27178 (An attacker can get Remote Code Execution by overwriting
files. Overw ...)
+ TODO: check
+CVE-2024-27177 (An attacker can get Remote Code Execution by overwriting
files. Overw ...)
+ TODO: check
+CVE-2024-27176 (An attacker can get Remote Code Execution by overwriting
files. Overwr ...)
+ TODO: check
+CVE-2024-27175 (Remote Command program allows an attacker to read any file
using a Loc ...)
+ TODO: check
+CVE-2024-27174 (Remote Command program allows an attacker to get Remote Code
Execution ...)
+ TODO: check
+CVE-2024-27173 (Remote Command program allows an attacker to get Remote Code
Execution ...)
+ TODO: check
+CVE-2024-27172 (Remote Command program allows an attacker to get Remote Code
Execution ...)
+ TODO: check
+CVE-2024-27171 (A remote attacker using the insecure upload functionality will
be able ...)
+ TODO: check
+CVE-2024-27170 (It was observed that all the Toshiba printers contain
credentials used ...)
+ TODO: check
+CVE-2024-27169 (Toshiba printers provides API without authentication for
internal acce ...)
+ TODO: check
+CVE-2024-27168 (It appears that some hardcoded keys are used for
authentication to int ...)
+ TODO: check
+CVE-2024-27167 (Toshiba printers use Sendmail to send emails to recipients.
Sendmail i ...)
+ TODO: check
+CVE-2024-27166 (Coredump binaries in Toshiba printers have incorrect
permissions. A lo ...)
+ TODO: check
+CVE-2024-27165 (Toshiba printers contain a suidperl binary and it has a Local
Privileg ...)
+ TODO: check
+CVE-2024-27164 (Toshiba printers contain hardcoded credentials. As for the
affected pr ...)
+ TODO: check
+CVE-2024-27163 (Toshiba printers will display the password of the admin user
in clear- ...)
+ TODO: check
+CVE-2024-27162 (Toshiba printers provide a web interface that will load the
JavaScript ...)
+ TODO: check
+CVE-2024-27161 (all the Toshiba printers have programs containing a hardcoded
key used ...)
+ TODO: check
+CVE-2024-27160 (All the Toshiba printers contain a shell script using the same
hardcod ...)
+ TODO: check
+CVE-2024-27159 (All the Toshiba printers contain a shell script using the same
hardcod ...)
+ TODO: check
+CVE-2024-27158 (All the Toshiba printers share the same hardcoded root
password. As fo ...)
+ TODO: check
+CVE-2024-27157 (The sessions are stored in clear-text logs. An attacker can
retrieve a ...)
+ TODO: check
+CVE-2024-27156 (The session cookies, used for authentication, are stored in
clear-text ...)
+ TODO: check
+CVE-2024-27155 (The Toshiba printers are vulnerable to a Local Privilege
Escalation vu ...)
+ TODO: check
+CVE-2024-27154 (Passwords are stored in clear-text logs. An attacker can
retrieve pass ...)
+ TODO: check
+CVE-2024-27153 (The Toshiba printers are vulnerable to a Local Privilege
Escalation vu ...)
+ TODO: check
+CVE-2024-27152 (The Toshiba printers are vulnerable to a Local Privilege
Escalation vu ...)
+ TODO: check
+CVE-2024-27151 (The Toshiba printers are vulnerable to a Local Privilege
Escalation vu ...)
+ TODO: check
+CVE-2024-27150 (The Toshiba printers are vulnerable to a Local Privilege
Escalation vu ...)
+ TODO: check
+CVE-2024-27149 (The Toshiba printers are vulnerable to a Local Privilege
Escalation vu ...)
+ TODO: check
+CVE-2024-27148 (The Toshiba printers are vulnerable to a Local Privilege
Escalation vu ...)
+ TODO: check
+CVE-2024-27147 (The Toshiba printers are vulnerable to a Local Privilege
Escalation vu ...)
+ TODO: check
+CVE-2024-27146 (The Toshiba printers do not implement privileges separation.
As for th ...)
+ TODO: check
+CVE-2024-27145 (The Toshiba printers provide several ways to upload files
using the ad ...)
+ TODO: check
+CVE-2024-27144 (The Toshiba printers provide several ways to upload files
using the we ...)
+ TODO: check
+CVE-2024-27143 (Toshiba printers use SNMP for configuration. Using the private
communi ...)
+ TODO: check
+CVE-2024-27142 (Toshiba printers use XML communication for the API endpoint
provided b ...)
+ TODO: check
+CVE-2024-27141 (Toshiba printers use XML communication for the API endpoint
provided b ...)
+ TODO: check
+CVE-2024-23504 (Missing Authorization vulnerability in WPManageNinja LLC Ninja
Tables. ...)
+ TODO: check
+CVE-2024-1295 (The events-calendar-pro WordPress plugin before 6.4.0.1, The
Events Ca ...)
+ TODO: check
+CVE-2024-1094 (The Timetics- AI-powered Appointment Booking with Visual Seat
Plan and ...)
+ TODO: check
+CVE-2024-0892 (The Schema App Structured Data plugin for WordPress is
vulnerable to C ...)
+ TODO: check
+CVE-2024-0103 (NVIDIA Triton Inference Server for Linux contains a
vulnerability wher ...)
+ TODO: check
+CVE-2024-0099 (NVIDIA vGPU software for Linux contains a vulnerability in the
Virtual ...)
+ TODO: check
+CVE-2024-0095 (NVIDIA Triton Inference Server for Linux and Windows contains a
vulner ...)
+ TODO: check
+CVE-2024-0094 (NVIDIA vGPU software for Linux contains a vulnerability in the
Virtual ...)
+ TODO: check
+CVE-2024-0093 (NVIDIA GPU software for Linux contains a vulnerability where it
can ex ...)
+ TODO: check
+CVE-2024-0089 (NVIDIA GPU Display Driver for Windows contains a vulnerability
where t ...)
+ TODO: check
+CVE-2024-0086 (NVIDIA vGPU software for Linux contains a vulnerability where
the soft ...)
+ TODO: check
+CVE-2024-0085 (NVIDIA vGPU software for Windows and Linux contains a
vulnerability wh ...)
+ TODO: check
+CVE-2024-0084 (NVIDIA vGPU software for Linux contains a vulnerability in the
Virtual ...)
+ TODO: check
+CVE-2023-6492 (The Simple Sitemap \u2013 Create a Responsive HTML Sitemap
plugin for ...)
+ TODO: check
+CVE-2023-51523 (Missing Authorization vulnerability in WriterSystem
WooCommerce Easy D ...)
+ TODO: check
+CVE-2023-51516 (Missing Authorization vulnerability in Business Directory Team
Busines ...)
+ TODO: check
+CVE-2023-51507 (Missing Authorization vulnerability in ExpressTech Quiz And
Survey Mas ...)
+ TODO: check
+CVE-2023-51497 (Missing Authorization vulnerability in Woo WooCommerce Ship to
Multipl ...)
+ TODO: check
+CVE-2023-51496 (Missing Authorization vulnerability in Woo WooCommerce
Warranty Reques ...)
+ TODO: check
+CVE-2023-51495 (Missing Authorization vulnerability in Woo WooCommerce
Warranty Reques ...)
+ TODO: check
+CVE-2023-51377 (Missing Authorization vulnerability in WPEverest Everest
Forms.This is ...)
+ TODO: check
+CVE-2023-37394 (Missing Authorization vulnerability in Deepak anand WP Dummy
Content G ...)
+ TODO: check
+CVE-2023-36695 (Missing Authorization vulnerability in Maxime Schoeni
Sublanguage.This ...)
+ TODO: check
+CVE-2023-36694 (Missing Authorization vulnerability in Bryan Lee Kingkong
Board.This i ...)
+ TODO: check
+CVE-2023-36504 (Missing Authorization vulnerability in BBS e-Theme BBS
e-Popup.This is ...)
+ TODO: check
+CVE-2023-35045 (Missing Authorization vulnerability in Fat Rat Fat Rat
Collect.This is ...)
+ TODO: check
+CVE-2023-35040 (Missing Authorization vulnerability in SendPress SendPress
Newsletters ...)
+ TODO: check
CVE-2024-5952 (Deep Sea Electronics DSE855 Restart Missing Authentication
Denial-of-S ...)
NOT-FOR-US: Deep Sea Electronics DSE855 devices
CVE-2024-5951 (Deep Sea Electronics DSE855 Factory Reset Missing
Authentication Denia ...)
@@ -188,7 +508,7 @@ CVE-2023-35859 (A Reflected Cross-Site Scripting (XSS)
vulnerability in the blog
NOT-FOR-US: Modern Campus Omni CMS
CVE-2023-35858 (XPath Injection vulnerabilities in the blog and RSS functions
of Moder ...)
NOT-FOR-US: Modern Campus Omni CMS
-CVE-2024-5469
+CVE-2024-5469 (DoS in KAS in GitLab CE/EE affecting all versions from 16.10.0
prior t ...)
- gitlab <unfixed>
CVE-2024-5787 (The PowerPack Addons for Elementor (Free Widgets, Extensions
and Templ ...)
NOT-FOR-US: WordPress plugin
@@ -1179,7 +1499,7 @@ CVE-2024-5693 (Offscreen Canvas did not properly track
cross-origin tainting, wh
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-25/#CVE-2024-5693
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-26/#CVE-2024-5693
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-28/#CVE-2024-5693
-CVE-2024-5692 (On Windows, when using the 'Save As' functionality, an attacker
could ...)
+CVE-2024-5692 (On Windows 10, when using the 'Save As' functionality, an
attacker cou ...)
- firefox <not-affected> (Windows-specific)
- firefox-esr <not-affected> (Windows-specific)
- thunderbird <not-affected> (Windows-specific)
@@ -1217,6 +1537,7 @@ CVE-2024-5687 (If a specific sequence of actions is
performed when opening a new
- firefox <not-affected> (Android-specific)
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-25/#CVE-2024-5687
CVE-2024-35235 (OpenPrinting CUPS is an open source printing system for Linux
and othe ...)
+ {DLA-3826-1}
- cups 2.4.7-2 (bug #1073002)
[bookworm] - cups <no-dsa> (Minor issue)
[bullseye] - cups <no-dsa> (Minor issue)
@@ -1980,7 +2301,8 @@ CVE-2024-5742 (A vulnerability was found in GNU Nano that
allows a possible priv
NOTE: Fixed by:
https://git.savannah.gnu.org/cgit/nano.git/commit/?id=5e7a3c2e7e118c7f12d5dfda9f9140f638976aa2
(v8.0)
CVE-2024-5770 (The WP Force SSL & HTTPS SSL Redirect plugin for WordPress is
vulnerab ...)
NOT-FOR-US: WordPress plugin
-CVE-2024-5758 (The Post Grid Gutenberg Blocks and WordPress Blog Plugin \u2013
PostX ...)
+CVE-2024-5758
+ REJECTED
NOT-FOR-US: WordPress plugin
CVE-2024-5663 (The Cards for Beaver Builder plugin for WordPress is vulnerable
to Sto ...)
NOT-FOR-US: WordPress plugin
@@ -2006,7 +2328,7 @@ CVE-2023-49224 (Precor touchscreen console P62, P80, and
P82 contains a default
NOT-FOR-US: Precor touchscreen console
CVE-2023-49223 (Precor touchscreen console P62, P80, and P82 could allow a
remote atta ...)
NOT-FOR-US: Precor touchscreen console
-CVE-2024-0092
+CVE-2024-0092 (NVIDIA GPU Driver for Windows and Linux contains a
vulnerability where ...)
- nvidia-graphics-drivers <unfixed> (bug #1072792)
[bookworm] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
[bullseye] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -2029,14 +2351,14 @@ CVE-2024-0092
- nvidia-open-gpu-kernel-modules <unfixed> (bug #1072800)
[bookworm] - nvidia-open-gpu-kernel-modules <no-dsa> (Contrib not
supported)
NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5551
-CVE-2024-0091
+CVE-2024-0091 (NVIDIA GPU Display Driver for Windows and Linux contains a
vulnerabili ...)
- nvidia-graphics-drivers <unfixed> (bug #1072792)
[bookworm] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
[bullseye] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
- nvidia-open-gpu-kernel-modules <unfixed> (bug #1072800)
[bookworm] - nvidia-open-gpu-kernel-modules <no-dsa> (Contrib not
supported)
NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5551
-CVE-2024-0090
+CVE-2024-0090 (NVIDIA GPU driver for Windows and Linux contains a
vulnerability where ...)
- nvidia-graphics-drivers <unfixed> (bug #1072792)
[bookworm] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
[bullseye] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -89643,8 +89965,8 @@ CVE-2023-29176
RESERVED
CVE-2023-29175 (An improper certificate validation vulnerability [CWE-295] in
FortiOS ...)
NOT-FOR-US: FortiGuard
-CVE-2023-29174
- RESERVED
+CVE-2023-29174 (Missing Authorization vulnerability in NervyThemes SKU Label
Changer F ...)
+ TODO: check
CVE-2023-29173
RESERVED
CVE-2023-29172 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Property ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/771946036475c77c23a02538a2ad8c099ea635c4
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/771946036475c77c23a02538a2ad8c099ea635c4
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
