Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
84ea7961 by security tracker role at 2024-11-03T20:12:10+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,25 @@
+CVE-2024-10740 (A vulnerability, which was classified as critical, was found
in code-p ...)
+ TODO: check
+CVE-2024-10739 (A vulnerability, which was classified as critical, has been
found in c ...)
+ TODO: check
+CVE-2024-10738 (A vulnerability classified as critical was found in
itsourcecode Farm ...)
+ TODO: check
+CVE-2024-10737 (A vulnerability classified as critical has been found in
Codezips Free ...)
+ TODO: check
+CVE-2024-10736 (A vulnerability was found in Codezips Free Exam Hall Seating
Managemen ...)
+ TODO: check
+CVE-2024-10735 (A vulnerability was found in Project Worlds Life Insurance
Management ...)
+ TODO: check
+CVE-2024-10734 (A vulnerability was found in Project Worlds Life Insurance
Management ...)
+ TODO: check
+CVE-2024-10733 (A vulnerability was found in code-projects Restaurant Order
System 1.0 ...)
+ TODO: check
+CVE-2024-10732 (A vulnerability has been found in Tongda OA 2017 up to 11.10
and class ...)
+ TODO: check
+CVE-2024-10731 (A vulnerability, which was classified as critical, was found
in Tongda ...)
+ TODO: check
+CVE-2024-10730 (A vulnerability, which was classified as critical, has been
found in T ...)
+ TODO: check
CVE-2024-XXXX [Guix build user takeover vulnerability]
- guix 1.4.0-8
NOTE:
https://guix.gnu.org/en/blog/2024/build-user-takeover-vulnerability/
@@ -1228,7 +1250,7 @@ CVE-2019-25219 (Asio C++ Library before 1.13.0 lacks a
fallback error code in th
CVE-2017-20195 (A vulnerability was found in LUNAD3v AreaLoad up to
1a1103182ed63a06dd ...)
NOT-FOR-US: LUNAD3v
CVE-2024-10467 (Memory safety bugs present in Firefox 131, Firefox ESR 128.3,
and Thun ...)
- {DSA-5801-1 DLA-3943-1}
+ {DSA-5801-1 DLA-3944-1 DLA-3943-1}
- firefox 132.0-1
- firefox-esr 128.4.0esr-1
- thunderbird 1:128.4.0esr-1
@@ -1236,7 +1258,7 @@ CVE-2024-10467 (Memory safety bugs present in Firefox
131, Firefox ESR 128.3, an
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-56/#CVE-2024-10467
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-58/#CVE-2024-10467
CVE-2024-10466 (By sending a specially crafted push message, a remote server
could hav ...)
- {DSA-5801-1 DLA-3943-1}
+ {DSA-5801-1 DLA-3944-1 DLA-3943-1}
- firefox 132.0-1
- firefox-esr 128.4.0esr-1
- thunderbird 1:128.4.0esr-1
@@ -1244,7 +1266,7 @@ CVE-2024-10466 (By sending a specially crafted push
message, a remote server cou
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-56/#CVE-2024-10466
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-58/#CVE-2024-10466
CVE-2024-10465 (A clipboard "paste" button could persist across tabs which
allowed a s ...)
- {DSA-5801-1 DLA-3943-1}
+ {DSA-5801-1 DLA-3944-1 DLA-3943-1}
- firefox 132.0-1
- firefox-esr 128.4.0esr-1
- thunderbird 1:128.4.0esr-1
@@ -1252,7 +1274,7 @@ CVE-2024-10465 (A clipboard "paste" button could persist
across tabs which allow
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-56/#CVE-2024-10465
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-58/#CVE-2024-10465
CVE-2024-10464 (Repeated writes to history interface attributes could have
been used t ...)
- {DSA-5801-1 DLA-3943-1}
+ {DSA-5801-1 DLA-3944-1 DLA-3943-1}
- firefox 132.0-1
- firefox-esr 128.4.0esr-1
- thunderbird 1:128.4.0esr-1
@@ -1263,7 +1285,7 @@ CVE-2024-10468 (Potential race conditions in IndexedDB
could have caused memory
- firefox 132.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-55/#CVE-2024-10468
CVE-2024-10463 (Video frames could have been leaked between origins in some
situations ...)
- {DSA-5801-1 DLA-3943-1}
+ {DSA-5801-1 DLA-3944-1 DLA-3943-1}
- firefox 132.0-1
- firefox-esr 128.4.0esr-1
- thunderbird 1:128.4.0esr-1
@@ -1271,7 +1293,7 @@ CVE-2024-10463 (Video frames could have been leaked
between origins in some situ
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-56/#CVE-2024-10463
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-58/#CVE-2024-10463
CVE-2024-10462 (Truncation of a long URL could have allowed origin spoofing in
a permi ...)
- {DSA-5801-1 DLA-3943-1}
+ {DSA-5801-1 DLA-3944-1 DLA-3943-1}
- firefox 132.0-1
- firefox-esr 128.4.0esr-1
- thunderbird 1:128.4.0esr-1
@@ -1279,7 +1301,7 @@ CVE-2024-10462 (Truncation of a long URL could have
allowed origin spoofing in a
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-56/#CVE-2024-10462
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-58/#CVE-2024-10462
CVE-2024-10461 (In multipart/x-mixed-replace responses, `Content-Disposition:
attachme ...)
- {DSA-5801-1 DLA-3943-1}
+ {DSA-5801-1 DLA-3944-1 DLA-3943-1}
- firefox 132.0-1
- firefox-esr 128.4.0esr-1
- thunderbird 1:128.4.0esr-1
@@ -1287,7 +1309,7 @@ CVE-2024-10461 (In multipart/x-mixed-replace responses,
`Content-Disposition: at
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-56/#CVE-2024-10461
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-58/#CVE-2024-10461
CVE-2024-10460 (The origin of an external protocol handler prompt could have
been obsc ...)
- {DSA-5801-1 DLA-3943-1}
+ {DSA-5801-1 DLA-3944-1 DLA-3943-1}
- firefox 132.0-1
- firefox-esr 128.4.0esr-1
- thunderbird 1:128.4.0esr-1
@@ -1295,7 +1317,7 @@ CVE-2024-10460 (The origin of an external protocol
handler prompt could have bee
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-56/#CVE-2024-10460
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-58/#CVE-2024-10460
CVE-2024-10459 (An attacker could have caused a use-after-free when
accessibility was ...)
- {DSA-5801-1 DLA-3943-1}
+ {DSA-5801-1 DLA-3944-1 DLA-3943-1}
- firefox 132.0-1
- firefox-esr 128.4.0esr-1
- thunderbird 1:128.4.0esr-1
@@ -1303,7 +1325,7 @@ CVE-2024-10459 (An attacker could have caused a
use-after-free when accessibilit
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-56/#CVE-2024-10459
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-58/#CVE-2024-10459
CVE-2024-10458 (A permission leak could have occurred from a trusted site to
an untrus ...)
- {DSA-5801-1 DLA-3943-1}
+ {DSA-5801-1 DLA-3944-1 DLA-3943-1}
- firefox 132.0-1
- firefox-esr 128.4.0esr-1
- thunderbird 1:128.4.0esr-1
@@ -74527,7 +74549,7 @@ CVE-2024-1309 (Uncontrolled Resource Consumption
vulnerability in Honeywell Niag
NOT-FOR-US: Honeywell
CVE-2024-1216
REJECTED
-CVE-2024-1163 (Uncontrolled Resource Consumption in GitHub repository
mbloch/mapshape ...)
+CVE-2024-1163 (The attacker may exploit a path traversal vulnerability leading
to inf ...)
NOT-FOR-US: mapshaper
CVE-2024-1160 (The Bold Page Builder plugin for WordPress is vulnerable to
Stored Cro ...)
NOT-FOR-US: WordPress plugin
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84ea79614a5008b3720d2c2dc2b1c10306b35fe0
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84ea79614a5008b3720d2c2dc2b1c10306b35fe0
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
