[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Fri, 16 Aug 2024 01:12:19 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
3ed8a87f by security tracker role at 2024-08-16T08:11:46+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,4 +1,78 @@
-CVE-2024-43374
+CVE-2024-7868 (In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) 
stream ...)
+       TODO: check
+CVE-2024-7853 (A vulnerability was found in SourceCodester Yoga Class 
Registration Sy ...)
+       TODO: check
+CVE-2024-7852 (A vulnerability was found in SourceCodester Yoga Class 
Registration Sy ...)
+       TODO: check
+CVE-2024-7851 (A vulnerability has been found in SourceCodester Yoga Class 
Registrati ...)
+       TODO: check
+CVE-2024-7849 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was 
classified  ...)
+       TODO: check
+CVE-2024-7845 (A vulnerability was found in SourceCodester Online Graduate 
Tracer Sys ...)
+       TODO: check
+CVE-2024-7844 (A vulnerability has been found in SourceCodester Online 
Graduate Trace ...)
+       TODO: check
+CVE-2024-7843 (A vulnerability, which was classified as problematic, was found 
in Sou ...)
+       TODO: check
+CVE-2024-7842 (A vulnerability, which was classified as problematic, has been 
found i ...)
+       TODO: check
+CVE-2024-7841 (A vulnerability classified as critical was found in 
SourceCodester Cli ...)
+       TODO: check
+CVE-2024-7839 (A vulnerability classified as critical has been found in 
itsourcecode  ...)
+       TODO: check
+CVE-2024-7630 (The Relevanssi \u2013 A Better Search plugin for WordPress is 
vulnerab ...)
+       TODO: check
+CVE-2024-7501 (The Download Plugins and Themes in ZIP from Dashboard plugin 
for WordP ...)
+       TODO: check
+CVE-2024-7422 (The Theme My Login plugin for WordPress is vulnerable to 
Cross-Site Re ...)
+       TODO: check
+CVE-2024-7301 (The WordPress File Upload plugin for WordPress is vulnerable to 
Stored ...)
+       TODO: check
+CVE-2024-6460 (The Grow by Tradedoubler  WordPress plugin through 2.0.21 is 
vulnerabl ...)
+       TODO: check
+CVE-2024-6456 (AVEVA Historian Server has a vulnerability, if exploited, could 
allow  ...)
+       TODO: check
+CVE-2024-43378 (calamares-nixos-extensions provides Calamares branding and 
modules for ...)
+       TODO: check
+CVE-2024-43370 (gettext.js is a GNU gettext port for node and the browser. 
There is a  ...)
+       TODO: check
+CVE-2024-43369 (Ibexa RichText Field Type is a Field Type for supporting rich 
formatte ...)
+       TODO: check
+CVE-2024-43367 (Boa is an embeddable and experimental Javascript engine 
written in Rus ...)
+       TODO: check
+CVE-2024-43366 (zkvyper is a Vyper compiler. Starting in version 1.3.12 and 
prior to v ...)
+       TODO: check
+CVE-2024-42488 (Cilium is a networking, observability, and security solution 
with an e ...)
+       TODO: check
+CVE-2024-42487 (Cilium is a networking, observability, and security solution 
with an e ...)
+       TODO: check
+CVE-2024-34743 (In setTransactionState of SurfaceFlinger.cpp, there is a 
possible way  ...)
+       TODO: check
+CVE-2024-34742 (In shouldWrite of OwnersData.java, there is a possible edge 
case that  ...)
+       TODO: check
+CVE-2024-34741 (In setForceHideNonSystemOverlayWindowIfNeeded of 
WindowState.java, the ...)
+       TODO: check
+CVE-2024-34740 (In attributeBytesBase64 and attributeBytesHex of 
BinaryXmlSerializer.j ...)
+       TODO: check
+CVE-2024-34739 (In shouldRestrictOverlayActivities of 
UsbProfileGroupSettingsManager.j ...)
+       TODO: check
+CVE-2024-34738 (In multiple functions of AppOpsService.java, there is a 
possible way f ...)
+       TODO: check
+CVE-2024-34737 (In ensureSetPipAspectRatioQuotaTracker of 
ActivityClientController.jav ...)
+       TODO: check
+CVE-2024-34736 (In setupVideoEncoder of StagefrightRecorder.cpp, there is a 
possible a ...)
+       TODO: check
+CVE-2024-34734 (In onForegroundServiceButtonClicked of 
FooterActionsViewModel.kt, ther ...)
+       TODO: check
+CVE-2024-34731 (In multiple functions of TranscodingResourcePolicy.cpp, there 
is a pos ...)
+       TODO: check
+CVE-2024-34727 (In sdpu_compare_uuid_with_attr of sdp_utils.cc, there is a 
possible ou ...)
+       TODO: check
+CVE-2024-31333 (In _MMU_AllocLevel of mmu_common.c, there is a possible 
arbitrary code ...)
+       TODO: check
+CVE-2023-7049 (The Custom Field For WP Job Manager plugin for WordPress is 
vulnerable ...)
+       TODO: check
+CVE-2024-43374 (The UNIX editor Vim prior to version 9.1.0678 has a 
use-after-free err ...)
        - vim <unfixed> (unimportant)
        NOTE: Crash in CLI tool, no security impact
        NOTE: https://github.com/vim/vim/security/GHSA-2w8m-443v-cgvw
@@ -139358,7 +139432,7 @@ CVE-2023-21353 (In NFA, there is a possible out of 
bounds read due to a missing
        NOT-FOR-US: Android
 CVE-2023-21352 (In NFA, there is a possible out of bounds read due to a 
missing bounds ...)
        NOT-FOR-US: Android
-CVE-2023-21351 (In Activity Manager, there is a possible background activity 
launch du ...)
+CVE-2023-21351 (In multiple locations, there is a possible background activity 
launch  ...)
        NOT-FOR-US: Android
 CVE-2023-21350 (In Media Projection, there is a possible way to determine 
whether an a ...)
        NOT-FOR-US: Android
@@ -140133,7 +140207,7 @@ CVE-2023-20973 (In btm_create_conn_cancel_complete of 
btm_sec.cc, there is a pos
        NOT-FOR-US: Android
 CVE-2023-20972 (In btm_vendor_specific_evt of btm_devctl.cc, there is a 
possible out o ...)
        NOT-FOR-US: Android
-CVE-2023-20971 (In updatePermissionTreeSourcePackage of 
PermissionManagerServiceImpl.j ...)
+CVE-2023-20971 (In removePermission of PermissionManagerServiceImpl.java, 
there is a p ...)
        NOT-FOR-US: Android
 CVE-2023-20970 (In multiple locations of p2p_iface.cpp, there is a possible 
out of bou ...)
        NOT-FOR-US: Android
@@ -149136,8 +149210,8 @@ CVE-2022-3401 (The Bricks theme for WordPress is 
vulnerable to remote code execu
        NOT-FOR-US: Bricks theme for WordPress
 CVE-2022-3400 (The Bricks theme for WordPress is vulnerable to authorization 
bypass d ...)
        NOT-FOR-US: Bricks theme for WordPress
-CVE-2022-3399
-       RESERVED
+CVE-2022-3399 (The Cookie Notice & Compliance for GDPR / CCPA plugin for 
WordPress is ...)
+       TODO: check
 CVE-2022-3398 (OMRON CX-Programmer 9.78 and prior is vulnerable to an 
Out-of-Bounds W ...)
        NOT-FOR-US: OMRON CX-Programmer
 CVE-2022-3397 (OMRON CX-Programmer 9.78 and prior is vulnerable to an 
Out-of-Bounds W ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ed8a87ff2b918531344f0ddd8eaf020c98f7867

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ed8a87ff2b918531344f0ddd8eaf020c98f7867
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to