Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ccc1f310 by security tracker role at 2024-09-30T20:12:43+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,70 @@
-CVE-2024-46869 [Bluetooth: btintel_pcie: Allocate memory for driver private
data]
+CVE-2024-9158 (A stored cross site scripting vulnerability exists in Nessus
Network M ...)
+ TODO: check
+CVE-2024-6394 (A Local File Inclusion vulnerability exists in
parisneo/lollms-webui v ...)
+ TODO: check
+CVE-2024-6051 (Cross Application Scripting vulnerability in Vercom S.A.
Redlink SDKin ...)
+ TODO: check
+CVE-2024-47641 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-47536 (Citizen is a MediaWiki skin that makes extensions part of the
cohesive ...)
+ TODO: check
+CVE-2024-47532 (RestrictedPython is a restricted execution environment for
Python to r ...)
+ TODO: check
+CVE-2024-47531 (Scout is a web-based visualizer for VCF-files. Due to the lack
of sani ...)
+ TODO: check
+CVE-2024-47530 (Scout is a web-based visualizer for VCF-files. Open redirect
vulnerabi ...)
+ TODO: check
+CVE-2024-47178 (basic-auth-connect is Connect's Basic Auth middleware in its
own modul ...)
+ TODO: check
+CVE-2024-47172 (Computer Vision Annotation Tool (CVAT) is an interactive video
and ima ...)
+ TODO: check
+CVE-2024-47067 (AList is a file list program that supports multiple storages.
AList co ...)
+ TODO: check
+CVE-2024-47064 (Computer Vision Annotation Tool (CVAT) is an interactive video
and ima ...)
+ TODO: check
+CVE-2024-47063 (Computer Vision Annotation Tool (CVAT) is an interactive video
and ima ...)
+ TODO: check
+CVE-2024-46635 (An issue in the API endpoint /AccountMaster/GetCurrentUserInfo
of INRO ...)
+ TODO: check
+CVE-2024-46549 (An issue in the TP-Link MQTT Broker and API gateway of TP-Link
Kasa KP ...)
+ TODO: check
+CVE-2024-46548 (TP-Link Tapo P125M and Kasa KP125M v1.0.3 was discovered to
improperly ...)
+ TODO: check
+CVE-2024-46540 (A remote code execution (RCE) vulnerability in the component
/admin/st ...)
+ TODO: check
+CVE-2024-46511 (LoadZilla LLC LoadLogic v1.4.3 was discovered to contain
insecure perm ...)
+ TODO: check
+CVE-2024-46510 (ESAFENET CDG v5 was discovered to contain a SQL injection
vulnerabilit ...)
+ TODO: check
+CVE-2024-46475 (A reflected cross-site scripting (XSS) vulnerability on the
homepage o ...)
+ TODO: check
+CVE-2024-46313 (TP-Link WR941ND V6 has a stack overflow vulnerability in the
ssid para ...)
+ TODO: check
+CVE-2024-46293 (Sourcecodester Online Medicine Ordering System 1.0 is
vulnerable to In ...)
+ TODO: check
+CVE-2024-46280 (PIX-LINK LV-WR22 RE3002-P1-01_V117.0 is vulnerable to Improper
Access ...)
+ TODO: check
+CVE-2024-45993 (Giflib Project v5.2.2 is vulnerable to a heap buffer overflow
via gif2 ...)
+ TODO: check
+CVE-2024-45920 (A Stored Cross-Site Scripting (XSS) vulnerability in Solvait
24.4.2 al ...)
+ TODO: check
+CVE-2024-45792 (Mantis Bug Tracker (MantisBT) is an open source issue tracker.
Using a ...)
+ TODO: check
+CVE-2024-42017 (An issue was discovered in Atos Eviden iCare 2.7.1 through
2.7.11. The ...)
+ TODO: check
+CVE-2024-35495 (An Information Disclosure vulnerability in the Telemetry
component in ...)
+ TODO: check
+CVE-2024-28813 (An issue was discovered in Infinera hiT 7300 5.60.50.
Undocumented pri ...)
+ TODO: check
+CVE-2024-28812 (An issue was discovered in Infinera hiT 7300 5.60.50. A hidden
SSH ser ...)
+ TODO: check
+CVE-2024-28811 (An issue was discovered in Infinera hiT 7300 5.60.50. A web
applicatio ...)
+ TODO: check
+CVE-2024-28810 (An issue was discovered in Infinera hiT 7300 5.60.50.
Sensitive inform ...)
+ TODO: check
+CVE-2024-28809 (An issue was discovered in Infinera hiT 7300 5.60.50.
Cleartext storag ...)
+ TODO: check
+CVE-2024-46869 (In the Linux kernel, the following vulnerability has been
resolved: B ...)
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
@@ -49,7 +115,7 @@ CVE-2024-3635 (The Post Grid WordPress plugin before 7.5.0
does not sanitise an
NOT-FOR-US: WordPress plugin
CVE-2024-9327 (A vulnerability was found in code-projects Blood Bank System
1.0. It h ...)
NOT-FOR-US: code-projects Blood Bank System
-CVE-2024-45772
+CVE-2024-45772 (Deserialization of Untrusted Data vulnerability in Apache
Lucene Repli ...)
NOT-FOR-US: Apache Lucene Replicator
CVE-2024-9326 (A vulnerability classified as critical was found in PHPGurukul
Online ...)
NOT-FOR-US: PHPGurukul
@@ -1585,7 +1651,8 @@ CVE-2024-8883 (A misconfiguration flaw was found in
Keycloak. This issue can all
NOT-FOR-US: Keycloak
CVE-2024-8698 (A flaw exists in the SAML signature validation method within
the Keycl ...)
NOT-FOR-US: Keycloak
-CVE-2024-7207 (A flaw was found in Envoy. It is possible to modify or
manipulate head ...)
+CVE-2024-7207
+ REJECTED
- envoyproxy <itp> (bug #987544)
CVE-2024-45410 (Traefik is a golang, Cloud Native Application Proxy. When a
HTTP reque ...)
- traefik <itp> (bug #983289)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ccc1f310df1ef2cf8006549b30a59740d25ec233
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ccc1f310df1ef2cf8006549b30a59740d25ec233
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
