Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
92253377 by security tracker role at 2024-10-17T20:12:37+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,241 @@
+CVE-2024-9898 (The Parallax Image plugin for WordPress is vulnerable to Stored
Cross- ...)
+ TODO: check
+CVE-2024-9414 (In LAquis SCADA version 4.7.1.511, a cross-site scripting
vulnerabilit ...)
+ TODO: check
+CVE-2024-9184 (The SendPulse Free Web Push plugin for WordPress is vulnerable
to Stor ...)
+ TODO: check
+CVE-2024-8920 (The Fonto \u2013 Custom Web Fonts Manager plugin for WordPress
is vuln ...)
+ TODO: check
+CVE-2024-7755 (The EWON FLEXY 202 transmits credentials using a weak encoding
method ...)
+ TODO: check
+CVE-2024-6333 (Authenticated Remote Code Execution in Altalink, Versalink &
WorkCentr ...)
+ TODO: check
+CVE-2024-49580 (In JetBrains Ktor before 3.0.0 improper caching in HttpCache
Plugin co ...)
+ TODO: check
+CVE-2024-49579 (In JetBrains YouTrack before 2024.3.47197 insecure plugin
iframe allow ...)
+ TODO: check
+CVE-2024-49400 (Tacquito prior to commit
07b49d1358e6ec0b5aa482fcd284f509191119e2 was ...)
+ TODO: check
+CVE-2024-49399 (The affected product is vulnerable to an attacker being able
to use co ...)
+ TODO: check
+CVE-2024-49398 (The affected product is vulnerable to unrestricted file
uploads, which ...)
+ TODO: check
+CVE-2024-49397 (The affected product is vulnerable to a cross-site scripting
attack wh ...)
+ TODO: check
+CVE-2024-49396 (The affected product is vulnerable due to insufficiently
protected cre ...)
+ TODO: check
+CVE-2024-49392 (Stored cross-site scripting (XSS) vulnerability on enrollment
invitati ...)
+ TODO: check
+CVE-2024-49391 (Local privilege escalation due to DLL hijacking vulnerability.
The fol ...)
+ TODO: check
+CVE-2024-49390 (Local privilege escalation due to DLL hijacking vulnerability.
The fol ...)
+ TODO: check
+CVE-2024-49389 (Local privilege escalation due to insecure folder permissions.
The fol ...)
+ TODO: check
+CVE-2024-49386 (Sensitive information disclosure due to spell-jacking. The
following p ...)
+ TODO: check
+CVE-2024-49322 (Incorrect Privilege Assignment vulnerability in CodePassenger
Job Boar ...)
+ TODO: check
+CVE-2024-49320 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-49319 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-49318 (Deserialization of Untrusted Data vulnerability in Scott Olson
My Read ...)
+ TODO: check
+CVE-2024-49317 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
+ TODO: check
+CVE-2024-49316 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-49315 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
+ TODO: check
+CVE-2024-49314 (Unrestricted Upload of File with Dangerous Type vulnerability
in \u917 ...)
+ TODO: check
+CVE-2024-49313 (Cross-Site Request Forgery (CSRF) vulnerability in RudeStan
VKontakte ...)
+ TODO: check
+CVE-2024-49312 (Server-Side Request Forgery (SSRF) vulnerability in WisdmLabs
Edwiser ...)
+ TODO: check
+CVE-2024-49311 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-49310 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-49309 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-49308 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-49307 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-49305 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2024-49304 (Cross-Site Request Forgery (CSRF) vulnerability in
PINPOINT.WORLD Pinp ...)
+ TODO: check
+CVE-2024-49302 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-49301 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-49299 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2024-49298 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-49297 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2024-49296 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-49295 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-49292 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-49291 (Unrestricted Upload of File with Dangerous Type vulnerability
in Gora ...)
+ TODO: check
+CVE-2024-49289 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-49288 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-49287 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
+ TODO: check
+CVE-2024-49285 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
+ TODO: check
+CVE-2024-49284 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
+ TODO: check
+CVE-2024-49283 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-49282 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-49281 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-49280 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-49279 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-49278 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-49277 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-49276 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-49264 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-49263 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-49262 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-49261 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-49259 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-49255 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-49248 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-49246 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2024-49244 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2024-49237 (Cross-Site Request Forgery (CSRF) vulnerability in Ahmet
Imamoglu Ahme ...)
+ TODO: check
+CVE-2024-49235 (Insertion of Sensitive Information Into Sent Data
vulnerability in Vid ...)
+ TODO: check
+CVE-2024-49229 (Cross-Site Request Forgery (CSRF) vulnerability in Arif Nezami
Better ...)
+ TODO: check
+CVE-2024-49223 (Cross-Site Request Forgery (CSRF) vulnerability in Shibu
Lijack a.K.A ...)
+ TODO: check
+CVE-2024-49221 (Cross-Site Request Forgery (CSRF) vulnerability in Julian
Weinert // c ...)
+ TODO: check
+CVE-2024-49220 (Cross-Site Request Forgery (CSRF) vulnerability in Cookie
Scanner \u20 ...)
+ TODO: check
+CVE-2024-49219 (Incorrect Privilege Assignment vulnerability in themexpo
RS-Members al ...)
+ TODO: check
+CVE-2024-49217 (Incorrect Privilege Assignment vulnerability in Madiri Salman
Aashish ...)
+ TODO: check
+CVE-2024-48920 (PutongOJ is online judging software. Prior to version
2.1.0-beta.1, un ...)
+ TODO: check
+CVE-2024-48638 (D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were
discovered t ...)
+ TODO: check
+CVE-2024-48637 (D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were
discovered t ...)
+ TODO: check
+CVE-2024-48636 (D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were
discovered t ...)
+ TODO: check
+CVE-2024-48635 (D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were
discovered t ...)
+ TODO: check
+CVE-2024-48634 (D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were
discovered t ...)
+ TODO: check
+CVE-2024-48633 (D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were
discovered t ...)
+ TODO: check
+CVE-2024-48632 (D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were
discovered t ...)
+ TODO: check
+CVE-2024-48631 (D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were
discovered t ...)
+ TODO: check
+CVE-2024-48630 (D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were
discovered t ...)
+ TODO: check
+CVE-2024-48629 (D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were
discovered t ...)
+ TODO: check
+CVE-2024-48192 (Tenda G3 v15.01.0.5(2848_755)_EN was discovered to contain a
hardcoded ...)
+ TODO: check
+CVE-2024-48048 (Cross-Site Request Forgery (CSRF) vulnerability in WSIFY
\u2013 Sales ...)
+ TODO: check
+CVE-2024-48047 (Cross-Site Request Forgery (CSRF) vulnerability in Razon Komar
Pal Lin ...)
+ TODO: check
+CVE-2024-48046 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-48043 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2024-48038 (Cross-Site Request Forgery (CSRF) vulnerability in Hans Matzen
wp-Mona ...)
+ TODO: check
+CVE-2024-48037 (Cross-Site Request Forgery (CSRF) vulnerability in A WP Life
Contact F ...)
+ TODO: check
+CVE-2024-48036 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-48032 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-48031 (Cross-Site Request Forgery (CSRF) vulnerability in Sumit Surai
Feature ...)
+ TODO: check
+CVE-2024-48025 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-48024 (: Exposure of Sensitive System Information to an Unauthorized
Control ...)
+ TODO: check
+CVE-2024-48023 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-48022 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-48021 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-47459 (Substance3D - Sampler versions 4.5 and earlier are affected by
a NULL ...)
+ TODO: check
+CVE-2024-47312 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2024-47304 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2024-45713 (SolarWinds Kiwi CatTools is susceptible to a sensitive data
disclosure ...)
+ TODO: check
+CVE-2024-43997 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-10101 (A stored cross-site scripting (XSS) vulnerability exists in
binary-hus ...)
+ TODO: check
+CVE-2024-10100 (A path traversal vulnerability exists in
binary-husky/gpt_academic ver ...)
+ TODO: check
+CVE-2024-10099 (A stored cross-site scripting (XSS) vulnerability exists in
comfyanony ...)
+ TODO: check
+CVE-2024-10073 (A vulnerability, which was classified as critical, was found
in flairN ...)
+ TODO: check
+CVE-2024-10072 (A vulnerability, which was classified as critical, has been
found in E ...)
+ TODO: check
+CVE-2024-10071 (A vulnerability classified as critical was found in ESAFENET
CDG 5. Th ...)
+ TODO: check
+CVE-2024-10070 (A vulnerability classified as critical has been found in
ESAFENET CDG ...)
+ TODO: check
+CVE-2024-10069 (A vulnerability was found in ESAFENET CDG 5. It has been rated
as crit ...)
+ TODO: check
+CVE-2024-10068 (A vulnerability was found in OpenSight Software FlashFXP
5.4.0.3970. I ...)
+ TODO: check
+CVE-2024-10025 (A vulnerability in the .sdd file allows an attacker to read
default pa ...)
+ TODO: check
+CVE-2023-6729 (Nokia SR OS routers allow read-write access to the entire file
system ...)
+ TODO: check
+CVE-2023-6728 (Nokia SR OS bof.cfg file encryption is vulnerable to a brute
force att ...)
+ TODO: check
+CVE-2018-25104 (A vulnerability was found in CoinGate Plugin up to 1.2.7 on
PrestaShop ...)
+ TODO: check
+CVE-2005-10003 (A vulnerability classified as critical has been found in
mikexstudios ...)
+ TODO: check
CVE-2024-9951 (The WP Photo Album Plus plugin for WordPress is vulnerable to
Reflecte ...)
NOT-FOR-US: WordPress plugin
CVE-2024-9940 (The Calculated Fields Form plugin for WordPress is vulnerable
to HTML ...)
@@ -1594,7 +1832,7 @@ CVE-2024-46871 (In the Linux kernel, the following
vulnerability has been resolv
CVE-2024-46870 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 6.10.9-1
NOTE:
https://git.kernel.org/linus/7c70e60fbf4bff1123f0e8d5cb1ae71df6164d7f (6.11-rc1)
-CVE-2024-9683
+CVE-2024-9683 (A vulnerability was found in Quay, which allows successful
authenticat ...)
NOT-FOR-US: Quay
CVE-2024-6861
- foreman <itp> (bug #663101)
@@ -4533,25 +4771,25 @@ CVE-2024-47169 (Agnai is an
artificial-intelligence-agnostic multi-user, mult-bo
NOT-FOR-US: Agnai
CVE-2024-47145 (Mattermost versions 9.5.x <= 9.5.8 fail to properly authorize
access t ...)
- mattermost-server <itp> (bug #823556)
-CVE-2024-47130 (The goTenna Pro series allows unauthenticated attackers to
remotely up ...)
+CVE-2024-47130 (The goTenna Pro App allows unauthenticated attackers to
remotely updat ...)
NOT-FOR-US: goTenna Pro
-CVE-2024-47129 (The goTenna Pro has a payload length vulnerability that makes
it possi ...)
+CVE-2024-47129 (The goTenna Pro App does not inject extra characters into
broadcasted ...)
NOT-FOR-US: goTenna Pro
-CVE-2024-47128 (The goTenna Pro broadcast key name is always sent unencrypted
and coul ...)
+CVE-2024-47128 (The goTenna Pro App encryption key name is always sent
unencrypted whe ...)
NOT-FOR-US: goTenna Pro
-CVE-2024-47127 (In the goTenna Pro there is a vulnerability that makes it
possible to ...)
+CVE-2024-47127 (In the goTenna Pro App there is a vulnerability that makes it
possible ...)
NOT-FOR-US: goTenna Pro
-CVE-2024-47126 (The goTenna Pro series does not use SecureRandom when
generating its c ...)
+CVE-2024-47126 (The goTenna Pro App does not use SecureRandom when generating
password ...)
NOT-FOR-US: goTenna Pro
-CVE-2024-47125 (The goTenna Pro series does not authenticate public keys which
allows ...)
+CVE-2024-47125 (The goTenna Pro App does not authenticate public keys which
allows an ...)
NOT-FOR-US: goTenna Pro
-CVE-2024-47124 (The goTenna pro series does not encrypt the callsigns of its
users. Th ...)
+CVE-2024-47124 (The goTenna Pro App does not encrypt callsigns in messages. It
is rec ...)
NOT-FOR-US: goTenna Pro
-CVE-2024-47123 (The goTenna Pro series use AES CTR mode for short, encrypted
messages ...)
+CVE-2024-47123 (The goTenna Pro App uses AES CTR type encryption for short,
encrypted ...)
NOT-FOR-US: goTenna Pro
-CVE-2024-47122 (In the goTenna Pro application, the encryption keys are stored
along w ...)
+CVE-2024-47122 (In the goTenna Pro App, the encryption keys are stored along
with a s ...)
NOT-FOR-US: goTenna Pro
-CVE-2024-47121 (The goTenna Pro series uses a weak password for the QR
broadcast messa ...)
+CVE-2024-47121 (The goTenna Pro App uses a weak password for sharing
encryption keys v ...)
NOT-FOR-US: goTenna Pro
CVE-2024-47075 (LayUI is a native minimalist modular Web UI component library.
Version ...)
NOT-FOR-US: LayUI
@@ -4593,31 +4831,31 @@ CVE-2024-45979 (A host header injection vulnerability
in Lines Police CAD 1.0 al
NOT-FOR-US: Lines Police CAD
CVE-2024-45843 (Mattermost versions 9.5.x <= 9.5.8 fail to include themetadata
endpoin ...)
- mattermost-server <itp> (bug #823556)
-CVE-2024-45838 (The goTenna Pro ATAK Plugin does not encrypt the callsigns of
its user ...)
+CVE-2024-45838 (The goTenna Pro ATAK Plugin does not encrypt callsigns in
messages. It ...)
NOT-FOR-US: goTenna Pro
CVE-2024-45723 (The goTenna Pro ATAK Plugin does not use SecureRandom when
generating ...)
NOT-FOR-US: goTenna Pro
-CVE-2024-45374 (In the goTenna Pro ATAK Plugin application, the encryption
keys are s ...)
+CVE-2024-45374 (The goTenna Pro ATAK plugin uses a weak password for sharing
encryptio ...)
NOT-FOR-US: goTenna Pro
CVE-2024-45042 (Ory Kratos is an identity, user management and authentication
system f ...)
NOT-FOR-US: Ory Kratos
CVE-2024-44860 (An information disclosure vulnerability in the
/Letter/PrintQr/ endpoi ...)
NOT-FOR-US: Solvait
-CVE-2024-43814 (goTenna Pro ATAK Plugin by default enables frequent
unencrypted Posit ...)
+CVE-2024-43814 (The goTenna Pro ATAK Plugin's default settings are to share
Automatic ...)
NOT-FOR-US: goTenna Pro
CVE-2024-43694 (In the goTenna Pro ATAK Plugin application, the encryption
keys are s ...)
NOT-FOR-US: goTenna Pro
CVE-2024-43191 (IBM ManageIQ could allow a remote authenticated attacker to
execute ar ...)
NOT-FOR-US: IBM
-CVE-2024-43108 (The goTenna Pro ATAK Plugin use AES CTR mode for short,
encrypted mes ...)
+CVE-2024-43108 (The goTenna Pro ATAK Plugin uses AES CTR type encryption for
short, e ...)
NOT-FOR-US: goTenna Pro
CVE-2024-42406 (Mattermost versions 9.11.x <= 9.11.0, 9.10.x <= 9.10.1, 9.9.x
<= 9.9.2 ...)
- mattermost-server <itp> (bug #823556)
-CVE-2024-41931 (The goTenna Pro ATAK Plugin broadcast key name is always sent
unencryp ...)
+CVE-2024-41931 (The goTenna Pro ATAK Plugin encryption key name is always sent
unencr ...)
NOT-FOR-US: goTenna Pro
CVE-2024-41722 (In the goTenna Pro ATAK Plugin there is a vulnerability that
makes it ...)
NOT-FOR-US: goTenna Pro
-CVE-2024-41715 (The goTenna Pro ATAK Plugin has a payload length vulnerability
that m ...)
+CVE-2024-41715 (The goTenna Pro ATAK Plugin does not inject extra characters
into bro ...)
NOT-FOR-US: goTenna Pro
CVE-2024-41605 (In Foxit PDF Reader before 2024.3, and PDF Editor before
2024.3 and 13 ...)
NOT-FOR-US: Foxit PDF Reader
@@ -17868,7 +18106,7 @@ CVE-2024-3986 (The SportsPress WordPress plugin before
2.7.22 does not sanitise
NOT-FOR-US: WordPress plugin
CVE-2024-3669 (The Web Directory Free WordPress plugin before 1.7.2 does not
sanitise ...)
NOT-FOR-US: WordPress plugin
-CVE-2024-3219 (There is a MEDIUM severity vulnerability affecting CPython.
The \u20 ...)
+CVE-2024-3219 (The \u201csocket\u201d module provides a pure-Python fallback
to the ...)
- python3.13 <not-affected> (Windows-specific)
- python3.12 <not-affected> (Windows-specific)
- python3.11 <not-affected> (Windows-specific)
@@ -63285,17 +63523,17 @@ CVE-2023-45600 (A CWE-613 \u201cInsufficient Session
Expiration\u201d vulnerabil
NOT-FOR-US: AiLux imx6
CVE-2023-45599 (A CWE-646 \u201cReliance on File Name or Extension of
Externally-Suppl ...)
NOT-FOR-US: AiLux imx6
-CVE-2023-45598 (A CWE-862 \u201cMissing Authorization\u201d vulnerability in
the \u201 ...)
+CVE-2023-45598 (A CWE-425 \u201cDirect Request ('Forced Browsing')\u201d
vulnerability ...)
NOT-FOR-US: AiLux imx6
CVE-2023-45597 (A CWE-1236 \u201cImproper Neutralization of Formula Elements
in a CSV ...)
NOT-FOR-US: AiLux imx6
-CVE-2023-45596 (A CWE-862 \u201cMissing Authorization\u201d vulnerability in
the \u201 ...)
+CVE-2023-45596 (A CWE-425 \u201cDirect Request ('Forced Browsing')\u201d
vulnerability ...)
NOT-FOR-US: AiLux imx6
CVE-2023-45595 (A CWE-434 \u201cUnrestricted Upload of File with Dangerous
Type\u201d ...)
NOT-FOR-US: AiLux imx6
CVE-2023-45594 (A CWE-552 \u201cFiles or Directories Accessible to External
Parties\u2 ...)
NOT-FOR-US: AiLux imx6
-CVE-2023-45593 (A CWE-693 \u201cProtection Mechanism Failure\u201d
vulnerability in th ...)
+CVE-2023-45593 (A CWE-184 \u201cIncomplete List of Disallowed Inputs\u201d
vulnerabili ...)
NOT-FOR-US: AiLux imx6
CVE-2023-45592 (A CWE-250 \u201cExecution with Unnecessary Privileges\u201d
vulnerabil ...)
NOT-FOR-US: AiLux imx6
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/922533772811dbd1bb44d56e9d073a4d4999fa01
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/922533772811dbd1bb44d56e9d073a4d4999fa01
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
