[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Fri, 09 Aug 2024 01:12:14 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
cf1c2ddc by security tracker role at 2024-08-09T08:11:46+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,4 +1,56 @@
-CVE-2024-7557
+CVE-2024-7633
+       REJECTED
+CVE-2024-7616 (A vulnerability was found in Edimax IC-6220DC and IC-5150W up 
to 3.06. ...)
+       TODO: check
+CVE-2024-7615 (A vulnerability was found in Tenda FH1206 1.2.0.8. It has been 
declare ...)
+       TODO: check
+CVE-2024-7614 (A vulnerability was found in Tenda FH1206 1.2.0.8(8155). It has 
been c ...)
+       TODO: check
+CVE-2024-7613 (A vulnerability was found in Tenda FH1206 1.2.0.8(8155) and 
classified ...)
+       TODO: check
+CVE-2024-7512 (Concrete CMS versions 9.0.0 through 9.3.2 are affected by a 
stored XSS ...)
+       TODO: check
+CVE-2024-7399 (Improper limitation of a pathname to a restricted directory 
vulnerabil ...)
+       TODO: check
+CVE-2024-7272 (A vulnerability, which was classified as critical, was found in 
FFmpeg ...)
+       TODO: check
+CVE-2024-6158 (The Category Posts Widget WordPress plugin before 4.9.17, 
term-and-cat ...)
+       TODO: check
+CVE-2024-6136 (The wp-cart-for-digital-products WordPress plugin before 8.5.6 
does no ...)
+       TODO: check
+CVE-2024-6133 (The wp-cart-for-digital-products WordPress plugin before 8.5.6 
does no ...)
+       TODO: check
+CVE-2024-5445 (Ecosystem Agent version 4 < 4.5.1.2597 and Ecosystem Agent 
version 5 < ...)
+       TODO: check
+CVE-2024-4360 (The Element Pack Elementor Addons (Header Footer, Template 
Library, Dy ...)
+       TODO: check
+CVE-2024-4359 (The Element Pack Elementor Addons (Header Footer, Template 
Library, Dy ...)
+       TODO: check
+CVE-2024-4350 (Concrete CMS versions 9.0.0 to 9.3.2 and below 8.5.18 are 
vulnerable t ...)
+       TODO: check
+CVE-2024-41482 (Typora before 1.9.3 Markdown editor has a cross-site scripting 
(XSS) v ...)
+       TODO: check
+CVE-2024-41481 (Typora before 1.9.3 Markdown editor has a cross-site scripting 
(XSS) v ...)
+       TODO: check
+CVE-2024-40474 (A Reflected Cross Site Scripting (XSS) vulnerability was found 
in "edi ...)
+       TODO: check
+CVE-2024-40473 (A Stored Cross Site Scripting (XSS) vulnerability was found in 
"manage ...)
+       TODO: check
+CVE-2024-3279 (An improper access control vulnerability exists in the 
mintplex-labs/a ...)
+       TODO: check
+CVE-2024-38219 (Microsoft Edge (Chromium-based) Remote Code Execution 
Vulnerability)
+       TODO: check
+CVE-2024-38218 (Microsoft Edge (HTML-based) Memory Corruption Vulnerability)
+       TODO: check
+CVE-2024-38200 (Microsoft Office Spoofing Vulnerability)
+       TODO: check
+CVE-2024-37283 (An issue was discovered whereby Elastic Agent will leak 
secrets from t ...)
+       TODO: check
+CVE-2024-0115 (NVIDIA CV-CUDA for Ubuntu 20.04, Ubuntu 22.04, and Jetpack 
contains a  ...)
+       TODO: check
+CVE-2024-0113 (NVIDIA Mellanox OS, ONYX, Skyway, and MetroX-3 XCC contain a 
vulnerabi ...)
+       TODO: check
+CVE-2024-7557 (A vulnerability was found in OpenShift AI that allows for 
authenticati ...)
        NOT-FOR-US: OpenShift
 CVE-2024-7610 (A Denial of Service (DoS) condition has been discovered in 
GitLab CE/E ...)
        - gitlab <unfixed>
@@ -227,13 +279,13 @@ CVE-2024-22069 (There is a permission and access control 
vulnerability of ZTE's
        NOT-FOR-US: ZTE
 CVE-2024-21302 (Summary: Microsoft was notified that an elevation of privilege 
vulnera ...)
        NOT-FOR-US: Microsoft
-CVE-2024-43168
+CVE-2024-43168 (A heap-buffer-overflow flaw was found in the cfg_mark_ports 
function w ...)
        - unbound 1.20.0-1
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2303462
        NOTE: https://github.com/NLnetLabs/unbound/issues/1039
        NOTE: https://github.com/NLnetLabs/unbound/pull/1040
        NOTE: Fixed by: 
https://github.com/NLnetLabs/unbound/commit/193401e7543a1e561dd634a3eaae932fa462a2b9
 (release-1.20.0rc1)
-CVE-2024-43167
+CVE-2024-43167 (A NULL pointer dereference flaw was found in the 
ub_ctx_set_fwd functi ...)
        - unbound <unfixed>
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2303456
        NOTE: https://github.com/NLnetLabs/unbound/issues/1072
@@ -957,7 +1009,7 @@ CVE-2024-7537 (oFono QMI SMS Handling Out-Of-Bounds Read 
Information Disclosure
        [bookworm] - ofono <postponed> (Revisit when/if fixed upstream)
        [bullseye] - ofono <postponed> (Revisit when/if fixed upstream)
        NOTE: https://www.zerodayinitiative.com/advisories/ZDI-24-1077/
-CVE-2024-7006 [NULL pointer dereference in tif_dirinfo.c]
+CVE-2024-7006 (A null pointer dereference flaw was found in Libtiff via 
`tif_dirinfo. ...)
        - tiff <unfixed>
        [bookworm] - tiff <no-dsa> (Minor issue)
        [bullseye] - tiff <no-dsa> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cf1c2ddc43e1688a250a4844ee2ab6151409e18c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cf1c2ddc43e1688a250a4844ee2ab6151409e18c
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to