Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1d8ffb3e by security tracker role at 2024-09-17T08:12:12+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,221 @@
+CVE-2024-8490 (The PropertyHive plugin for WordPress is vulnerable to
Cross-Site Requ ...)
+ TODO: check
+CVE-2024-8110 (Denial of Service (DoS) vulnerability has been found in
Dual-redundant ...)
+ TODO: check
+CVE-2024-8093 (The Posts reminder WordPress plugin through 0.20 does not have
CSRF ch ...)
+ TODO: check
+CVE-2024-8092 (The Accordion Image Menu WordPress plugin through 3.1.3 does
not have ...)
+ TODO: check
+CVE-2024-8091 (The Enhanced Search Box WordPress plugin through 0.6.1 does not
have C ...)
+ TODO: check
+CVE-2024-8052 (The Review Ratings WordPress plugin through 1.6 does not have
CSRF che ...)
+ TODO: check
+CVE-2024-8051 (The Special Feed Items WordPress plugin through 1.0.1 does not
have CS ...)
+ TODO: check
+CVE-2024-8047 (The Visual Sound (old) WordPress plugin through 1.06 does not
have CSR ...)
+ TODO: check
+CVE-2024-8044 (The infolinks Ad Wrap WordPress plugin through 1.0.2 does not
have CSR ...)
+ TODO: check
+CVE-2024-8043 (The Vikinghammer Tweet WordPress plugin through 0.2.4 does not
have CS ...)
+ TODO: check
+CVE-2024-7387 (A flaw was found in openshift/builder. This vulnerability
allows comma ...)
+ TODO: check
+CVE-2024-6685 (An issue was discovered in GitLab CE/EE affecting all versions
startin ...)
+ TODO: check
+CVE-2024-5170 (The Logo Manager For Enamad WordPress plugin through 0.7.1 does
not sa ...)
+ TODO: check
+CVE-2024-4283 (An issue has been discovered in GitLab EE affecting all
versions start ...)
+ TODO: check
+CVE-2024-45496 (A flaw was found in OpenShift. This issue occurs due to the
misuse of ...)
+ TODO: check
+CVE-2024-45416 (The HTTPD binary in multiple ZTE routers has a local file
inclusion vu ...)
+ TODO: check
+CVE-2024-45415 (The HTTPD binary in multiple ZTE routers has a stack-based
buffer over ...)
+ TODO: check
+CVE-2024-45414 (The HTTPD binary in multiple ZTE routers has a stack-based
buffer over ...)
+ TODO: check
+CVE-2024-45413 (The HTTPD binary in multiple ZTE routers has a stack-based
buffer over ...)
+ TODO: check
+CVE-2024-44202 (An authentication issue was addressed with improved state
management. ...)
+ TODO: check
+CVE-2024-44198 (An integer overflow was addressed through improved input
validation. T ...)
+ TODO: check
+CVE-2024-44191 (This issue was addressed through improved state management.
This issue ...)
+ TODO: check
+CVE-2024-44190 (A path handling issue was addressed with improved validation.
This iss ...)
+ TODO: check
+CVE-2024-44189 (The issue was addressed with improved checks. This issue is
fixed in m ...)
+ TODO: check
+CVE-2024-44188 (A permissions issue was addressed with additional
restrictions. This i ...)
+ TODO: check
+CVE-2024-44187 (A cross-origin issue existed with "iframe" elements. This was
addresse ...)
+ TODO: check
+CVE-2024-44186 (An access issue was addressed with additional sandbox
restrictions. Th ...)
+ TODO: check
+CVE-2024-44184 (A permissions issue was addressed with additional
restrictions. This i ...)
+ TODO: check
+CVE-2024-44183 (A logic error was addressed with improved error handling. This
issue i ...)
+ TODO: check
+CVE-2024-44182 (This issue was addressed with improved redaction of sensitive
informat ...)
+ TODO: check
+CVE-2024-44181 (An issue was addressed with improved handling of temporary
files. This ...)
+ TODO: check
+CVE-2024-44180 (The issue was addressed with improved checks. This issue is
fixed in i ...)
+ TODO: check
+CVE-2024-44178 (This issue was addressed with improved validation of symlinks.
This is ...)
+ TODO: check
+CVE-2024-44177 (A privacy issue was addressed by removing sensitive data. This
issue i ...)
+ TODO: check
+CVE-2024-44176 (An out-of-bounds access issue was addressed with improved
bounds check ...)
+ TODO: check
+CVE-2024-44171 (This issue was addressed through improved state management.
This issue ...)
+ TODO: check
+CVE-2024-44170 (A privacy issue was addressed by moving sensitive data to a
more secur ...)
+ TODO: check
+CVE-2024-44169 (The issue was addressed with improved memory handling. This
issue is f ...)
+ TODO: check
+CVE-2024-44168 (A library injection issue was addressed with additional
restrictions. ...)
+ TODO: check
+CVE-2024-44167 (This issue was addressed by removing the vulnerable code. This
issue i ...)
+ TODO: check
+CVE-2024-44166 (A privacy issue was addressed with improved private data
redaction for ...)
+ TODO: check
+CVE-2024-44165 (A logic issue was addressed with improved checks. This issue
is fixed ...)
+ TODO: check
+CVE-2024-44164 (This issue was addressed with improved checks. This issue is
fixed in ...)
+ TODO: check
+CVE-2024-44163 (The issue was addressed with improved checks. This issue is
fixed in m ...)
+ TODO: check
+CVE-2024-44162 (This issue was addressed by enabling hardened runtime. This
issue is f ...)
+ TODO: check
+CVE-2024-44161 (An out-of-bounds read was addressed with improved bounds
checking. Thi ...)
+ TODO: check
+CVE-2024-44160 (A buffer overflow issue was addressed with improved memory
handling. T ...)
+ TODO: check
+CVE-2024-44158 (This issue was addressed with improved redaction of sensitive
informat ...)
+ TODO: check
+CVE-2024-44154 (A memory initialization issue was addressed with improved
memory handl ...)
+ TODO: check
+CVE-2024-44153 (The issue was addressed with improved permissions logic. This
issue is ...)
+ TODO: check
+CVE-2024-44152 (A privacy issue was addressed with improved private data
redaction for ...)
+ TODO: check
+CVE-2024-44151 (A permissions issue was addressed with additional
restrictions. This i ...)
+ TODO: check
+CVE-2024-44149 (A permissions issue was addressed with additional
restrictions. This i ...)
+ TODO: check
+CVE-2024-44148 (This issue was addressed with improved validation of file
attributes. ...)
+ TODO: check
+CVE-2024-44147 (This issue was addressed through improved state management.
This issue ...)
+ TODO: check
+CVE-2024-44146 (A logic issue was addressed with improved file handling. This
issue is ...)
+ TODO: check
+CVE-2024-44139 (The issue was addressed with improved checks. This issue is
fixed in i ...)
+ TODO: check
+CVE-2024-44135 (A permissions issue was addressed with additional
restrictions. This i ...)
+ TODO: check
+CVE-2024-44134 (This issue was addressed with improved redaction of sensitive
informat ...)
+ TODO: check
+CVE-2024-44133 (This issue was addressed by removing the vulnerable code. This
issue i ...)
+ TODO: check
+CVE-2024-44132 (This issue was addressed with improved handling of symlinks.
This issu ...)
+ TODO: check
+CVE-2024-44131 (This issue was addressed with improved validation of symlinks.
This is ...)
+ TODO: check
+CVE-2024-44130 (This issue was addressed with improved data protection. This
issue is ...)
+ TODO: check
+CVE-2024-44129 (The issue was addressed with improved checks. This issue is
fixed in m ...)
+ TODO: check
+CVE-2024-44128 (This issue was addressed by adding an additional prompt for
user conse ...)
+ TODO: check
+CVE-2024-44127 (This issue was addressed through improved state management.
This issue ...)
+ TODO: check
+CVE-2024-44125 (The issue was addressed with improved checks. This issue is
fixed in m ...)
+ TODO: check
+CVE-2024-44124 (This issue was addressed through improved state management.
This issue ...)
+ TODO: check
+CVE-2024-40866 (The issue was addressed with improved UI. This issue is fixed
in Safar ...)
+ TODO: check
+CVE-2024-40863 (This issue was addressed with improved data protection. This
issue is ...)
+ TODO: check
+CVE-2024-40862 (A privacy issue was addressed by removing sensitive data. This
issue i ...)
+ TODO: check
+CVE-2024-40861 (The issue was addressed with improved checks. This issue is
fixed in m ...)
+ TODO: check
+CVE-2024-40860 (A logic issue was addressed with improved checks. This issue
is fixed ...)
+ TODO: check
+CVE-2024-40859 (A permissions issue was addressed with additional
restrictions. This i ...)
+ TODO: check
+CVE-2024-40857 (This issue was addressed through improved state management.
This issue ...)
+ TODO: check
+CVE-2024-40856 (An integrity issue was addressed with Beacon Protection. This
issue is ...)
+ TODO: check
+CVE-2024-40852 (This issue was addressed by restricting options offered on a
locked de ...)
+ TODO: check
+CVE-2024-40850 (A file access issue was addressed with improved input
validation. This ...)
+ TODO: check
+CVE-2024-40848 (A downgrade issue was addressed with additional code-signing
restricti ...)
+ TODO: check
+CVE-2024-40847 (The issue was addressed with additional code-signing
restrictions. Thi ...)
+ TODO: check
+CVE-2024-40846 (The issue was addressed with improved memory handling. This
issue is f ...)
+ TODO: check
+CVE-2024-40845 (The issue was addressed with improved memory handling. This
issue is f ...)
+ TODO: check
+CVE-2024-40844 (A privacy issue was addressed with improved handling of
temporary file ...)
+ TODO: check
+CVE-2024-40843 (The issue was addressed with improved checks. This issue is
fixed in m ...)
+ TODO: check
+CVE-2024-40842 (An issue was addressed with improved validation of environment
variabl ...)
+ TODO: check
+CVE-2024-40841 (An out-of-bounds write issue was addressed with improved
bounds checki ...)
+ TODO: check
+CVE-2024-40840 (This issue was addressed through improved state management.
This issue ...)
+ TODO: check
+CVE-2024-40838 (A privacy issue was addressed by moving sensitive data to a
protected ...)
+ TODO: check
+CVE-2024-40837 (A permissions issue was addressed with additional
restrictions. This i ...)
+ TODO: check
+CVE-2024-40831 (A permissions issue was addressed with additional
restrictions. This i ...)
+ TODO: check
+CVE-2024-40830 (This issue was addressed with improved data protection. This
issue is ...)
+ TODO: check
+CVE-2024-40826 (A privacy issue was addressed with improved handling of files.
This is ...)
+ TODO: check
+CVE-2024-40825 (The issue was addressed with improved checks. This issue is
fixed in v ...)
+ TODO: check
+CVE-2024-40801 (A permissions issue was addressed with additional
restrictions. This i ...)
+ TODO: check
+CVE-2024-40797 (This issue was addressed through improved state management.
This issue ...)
+ TODO: check
+CVE-2024-40791 (A privacy issue was addressed with improved private data
redaction for ...)
+ TODO: check
+CVE-2024-40790 (The issue was addressed with improved handling of caches. This
issue i ...)
+ TODO: check
+CVE-2024-40770 (A permissions issue was addressed with additional
restrictions. This i ...)
+ TODO: check
+CVE-2024-27880 (An out-of-bounds read issue was addressed with improved input
validati ...)
+ TODO: check
+CVE-2024-27879 (The issue was addressed with improved bounds checks. This
issue is fix ...)
+ TODO: check
+CVE-2024-27876 (A race condition was addressed with improved locking. This
issue is fi ...)
+ TODO: check
+CVE-2024-27875 (A logic issue was addressed with improved state management.
This issue ...)
+ TODO: check
+CVE-2024-27874 (This issue was addressed through improved state management.
This issue ...)
+ TODO: check
+CVE-2024-27869 (The issue was addressed with improved checks. This issue is
fixed in i ...)
+ TODO: check
+CVE-2024-27861 (The issue was addressed with improved memory handling. This
issue is f ...)
+ TODO: check
+CVE-2024-27860 (The issue was addressed with improved memory handling. This
issue is f ...)
+ TODO: check
+CVE-2024-27858 (A permissions issue was addressed with additional
restrictions. This i ...)
+ TODO: check
+CVE-2024-27795 (A permissions issue was addressed with additional
restrictions. This i ...)
+ TODO: check
+CVE-2024-23237 (The issue was addressed with improved memory handling. This
issue is f ...)
+ TODO: check
CVE-2024-8766 (Local privilege escalation due to DLL hijacking vulnerability.
The fol ...)
NOT-FOR-US: Acronis Cyber Protect Cloud Agent (Windows)
CVE-2024-8752 (The Windows version of WebIQ 2.15.9 is affected by a directory
travers ...)
@@ -28,6 +246,7 @@ CVE-2024-45801 (DOMPurify is a DOM-only, super-fast,
uber-tolerant XSS sanitizer
NOTE: Fixed by:
https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21
(3.1.3)
NOTE: Fixed by:
https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc
(2.5.3)
CVE-2024-45800 (Snappymail is an open source web-based email client.
SnappyMail uses t ...)
+ TODO: check
CVE-2024-45799 (FluxCP is a web-based Control Panel for rAthena servers
written in PHP ...)
NOT-FOR-US: rAthena FluxCP
CVE-2024-44623 (An issue in TuomoKu SPx-GC v.1.3.0 and before allows a remote
attacker ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1d8ffb3e3677953c35a88846f7cc86aa41192a11
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1d8ffb3e3677953c35a88846f7cc86aa41192a11
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
