Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0406ed0a by security tracker role at 2024-06-17T08:11:46+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,39 @@
+CVE-2024-6048 (Openfind's MailGates and MailAudit fail to properly filter user
input ...)
+ TODO: check
+CVE-2024-6047 (Certain EOL GeoVision devices fail to properly filter user
input for t ...)
+ TODO: check
+CVE-2024-6046 (SECOM WRTR-304GN-304TW-UPSC V02(unsupported-when-assigned) does
not pr ...)
+ TODO: check
+CVE-2024-6045 (Certain models of D-Link wireless routers contain an
undisclosed facto ...)
+ TODO: check
+CVE-2024-6044 (Certain models of D-Link wireless routers have a path traversal
vulner ...)
+ TODO: check
+CVE-2024-6043 (A vulnerability classified as critical has been found in
SourceCodeste ...)
+ TODO: check
+CVE-2024-6042 (A vulnerability was found in itsourcecode Real Estate
Management Syste ...)
+ TODO: check
+CVE-2024-6041 (A vulnerability was found in itsourcecode Gym Management System
1.0. I ...)
+ TODO: check
+CVE-2024-6039 (A vulnerability, which was classified as critical, was found in
Feng O ...)
+ TODO: check
+CVE-2024-5650 (DLL Hijacking vulnerability has been found in CENTUM CAMS Log
server p ...)
+ TODO: check
+CVE-2024-5163 (Improper permission settings for mobile applications
(com.transsion.ca ...)
+ TODO: check
+CVE-2024-4305 (The Post Grid Gutenberg Blocks and WordPress Blog Plugin
WordPress pl ...)
+ TODO: check
+CVE-2024-3236 (The Popup Builder WordPress plugin before 1.1.33 does not
sanitise and ...)
+ TODO: check
+CVE-2024-38396 (An issue was discovered in iTerm2 3.5.x before 3.5.2.
Unfiltered use o ...)
+ TODO: check
+CVE-2024-36289 (Reusing a nonce, key pair in encryption issue exists in
"FreeFrom - th ...)
+ TODO: check
+CVE-2024-36279 (Reliance on obfuscation or encryption of security-relevant
inputs with ...)
+ TODO: check
+CVE-2024-36277 (Improper verification of cryptographic signature issue exists
in "Free ...)
+ TODO: check
+CVE-2024-34451 (Ghost through 5.85.1 allows remote attackers to bypass an
authenticati ...)
+ TODO: check
CVE-2024-38468 (Shenzhen Guoxin Synthesis image system before 8.3.0 allows
unauthorize ...)
NOT-FOR-US: Shenzhen Guoxin Synthesis image system
CVE-2024-38467 (Shenzhen Guoxin Synthesis image system before 8.3.0 allows
unauthorize ...)
@@ -3723,6 +3759,7 @@ CVE-2024-5171 (Integer overflow in libaom internal
functionimg_alloc_helper can
NOTE:
https://aomedia.googlesource.com/aom/+/19d9966572a410804349e1a8ee2017fed49a6dab
NOTE:
https://aomedia.googlesource.com/aom/+/8156fb76d88845d716867d20333fd27001be47a8
CVE-2024-5197 (There exists interger overflows in libvpx in versions prior to
1.14.1. ...)
+ {DLA-3830-1}
- libvpx 1.14.1-1
NOTE: https://issues.chromium.org/issues/332382766
NOTE:
https://github.com/webmproject/libvpx/commit/c5640e3300690705c336966e2a8bb346a388c829
@@ -95617,8 +95654,8 @@ CVE-2023-27638 (An issue was discovered in the
tshirtecommerce (aka Custom Produ
NOT-FOR-US: tshirtecommerce
CVE-2023-27637 (An issue was discovered in the tshirtecommerce (aka Custom
Product Des ...)
NOT-FOR-US: tshirtecommerce
-CVE-2023-27636
- RESERVED
+CVE-2023-27636 (Progress Sitefinity before 15.0.0 allows XSS by authenticated
users vi ...)
+ TODO: check
CVE-2023-1184 (A vulnerability, which was classified as problematic, has been
found i ...)
NOT-FOR-US: ECshop
CVE-2023-1183 (A flaw was found in the Libreoffice package. An attacker can
craft an ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0406ed0a3e748d9de5f1998b8824fe14c857c2c8
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0406ed0a3e748d9de5f1998b8824fe14c857c2c8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
