Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7e3d4a34 by security tracker role at 2024-12-16T20:12:12+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,337 @@
+CVE-2024-8058 (An improper parsing vulnerability was reported in the FileZ
client tha ...)
+ TODO: check
+CVE-2024-6002
+ REJECTED
+CVE-2024-6001 (An improper certificate validation vulnerability was reported
in LADM ...)
+ TODO: check
+CVE-2024-56015 (Cross-Site Request Forgery (CSRF) vulnerability in John Godley
Tidy Up ...)
+ TODO: check
+CVE-2024-56013 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
+ TODO: check
+CVE-2024-56012 (Cross-Site Request Forgery (CSRF) vulnerability in Pearlbells
Flash Ne ...)
+ TODO: check
+CVE-2024-56011 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2024-56009 (Missing Authorization vulnerability in spreadr Spreadr
Woocommerce all ...)
+ TODO: check
+CVE-2024-56007 (Missing Authorization vulnerability in Ram Segev Leader allows
Exploit ...)
+ TODO: check
+CVE-2024-56005 (Cross-Site Request Forgery (CSRF) vulnerability in Posti Posti
Shippin ...)
+ TODO: check
+CVE-2024-56004 (Missing Authorization vulnerability in Alex W Fowler Easy Site
Importe ...)
+ TODO: check
+CVE-2024-56003 (Missing Authorization vulnerability in David Cramer Caldera
SMTP Maile ...)
+ TODO: check
+CVE-2024-56001 (Missing Authorization vulnerability in Ksher Ksher allows
Exploiting I ...)
+ TODO: check
+CVE-2024-55999 (Missing Authorization vulnerability in Marco Giannini XML
Multilanguag ...)
+ TODO: check
+CVE-2024-55998 (Missing Authorization vulnerability in dusthazard Popup
Surveys & Poll ...)
+ TODO: check
+CVE-2024-55996 (Missing Authorization vulnerability in Dreamfox Dreamfox Media
Payment ...)
+ TODO: check
+CVE-2024-55994 (Missing Authorization vulnerability in
\u641c\u72d0\u7545\u8a00 \u7545 ...)
+ TODO: check
+CVE-2024-55993 (Missing Authorization vulnerability in PickPlugins Job Board
Manager a ...)
+ TODO: check
+CVE-2024-55992 (Missing Authorization vulnerability in Open Tools WooCommerce
Basic Or ...)
+ TODO: check
+CVE-2024-55990 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2024-55989 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2024-55988 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2024-55987 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2024-55986 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2024-55982 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2024-55981 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2024-55980 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2024-55979 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2024-55978 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2024-55977 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2024-55976 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2024-55974 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2024-55973 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2024-55972 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2024-55949 (MinIO is a high-performance, S3 compatible object store, open
sourced ...)
+ TODO: check
+CVE-2024-54682 (Mattermost versions 10.1.x <= 10.1.2, 10.0.x <= 10.0.2, 9.11.x
<= 9.11 ...)
+ TODO: check
+CVE-2024-54443 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2024-54442 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2024-54441 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2024-54440 (Cross-Site Request Forgery (CSRF) vulnerability in blueskyy
WP-Ban-Use ...)
+ TODO: check
+CVE-2024-54439 (Cross-Site Request Forgery (CSRF) vulnerability in Alok Tiwari
Amazon ...)
+ TODO: check
+CVE-2024-54438 (Cross-Site Request Forgery (CSRF) vulnerability in GAxx Gaxx
Keywords ...)
+ TODO: check
+CVE-2024-54437 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2024-54436 (Cross-Site Request Forgery (CSRF) vulnerability in Jettochkin
Jet Foot ...)
+ TODO: check
+CVE-2024-54435 (Cross-Site Request Forgery (CSRF) vulnerability in Thomas
Hoefter Only ...)
+ TODO: check
+CVE-2024-54434 (Cross-Site Request Forgery (CSRF) vulnerability in Phoetry
phZoom allo ...)
+ TODO: check
+CVE-2024-54433 (Cross-Site Request Forgery (CSRF) vulnerability in Simple
Booking Simp ...)
+ TODO: check
+CVE-2024-54432 (Cross-Site Request Forgery (CSRF) vulnerability in Shambhu
Prasad Patn ...)
+ TODO: check
+CVE-2024-54431 (Cross-Site Request Forgery (CSRF) vulnerability in Mohamed
Riyaz Admin ...)
+ TODO: check
+CVE-2024-54430 (Cross-Site Request Forgery (CSRF) vulnerability in Bastien Ho
EELV New ...)
+ TODO: check
+CVE-2024-54429 (Cross-Site Request Forgery (CSRF) vulnerability in Ivan
Ovsyannikov Ap ...)
+ TODO: check
+CVE-2024-54428 (Cross-Site Request Forgery (CSRF) vulnerability in onigetoc
Add image ...)
+ TODO: check
+CVE-2024-54427 (Cross-Site Request Forgery (CSRF) vulnerability in Linda
MacPhee-Cobb ...)
+ TODO: check
+CVE-2024-54426 (Cross-Site Request Forgery (CSRF) vulnerability in Andy
Fradelakis Lea ...)
+ TODO: check
+CVE-2024-54425 (Cross-Site Request Forgery (CSRF) vulnerability in
LionScripts.com Lio ...)
+ TODO: check
+CVE-2024-54424 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2024-54423 (Cross-Site Request Forgery (CSRF) vulnerability in Jesse
Overright Soc ...)
+ TODO: check
+CVE-2024-54422 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2024-54421 (Cross-Site Request Forgery (CSRF) vulnerability in Sanjay
Singh Negi F ...)
+ TODO: check
+CVE-2024-54420 (Cross-Site Request Forgery (CSRF) vulnerability in Aleksander
Novikov ...)
+ TODO: check
+CVE-2024-54419 (Cross-Site Request Forgery (CSRF) vulnerability in Mansur
Ahamed Ui Sl ...)
+ TODO: check
+CVE-2024-54418 (Cross-Site Request Forgery (CSRF) vulnerability in Diversified
Technol ...)
+ TODO: check
+CVE-2024-54417 (Missing Authorization vulnerability in Pixelgrade PixProof
allows Acce ...)
+ TODO: check
+CVE-2024-54416 (Cross-Site Request Forgery (CSRF) vulnerability in Navdeep
Kumar Wp Lo ...)
+ TODO: check
+CVE-2024-54415 (Cross-Site Request Forgery (CSRF) vulnerability in Cyle Conoly
WP-Hide ...)
+ TODO: check
+CVE-2024-54414 (Cross-Site Request Forgery (CSRF) vulnerability in geoWP
Geoportail Sh ...)
+ TODO: check
+CVE-2024-54413 (Cross-Site Request Forgery (CSRF) vulnerability in Stefan
Brandt Displ ...)
+ TODO: check
+CVE-2024-54412 (Cross-Site Request Forgery (CSRF) vulnerability in Ecommerce
Templates ...)
+ TODO: check
+CVE-2024-54411 (Cross-Site Request Forgery (CSRF) vulnerability in hosting.io,
campaig ...)
+ TODO: check
+CVE-2024-54410 (Cross-Site Request Forgery (CSRF) vulnerability in Toby Cox
SOPA Black ...)
+ TODO: check
+CVE-2024-54409 (Cross-Site Request Forgery (CSRF) vulnerability in fzmaster @
XPD XPD ...)
+ TODO: check
+CVE-2024-54408 (Cross-Site Request Forgery (CSRF) vulnerability in Jake H.
Youtube Vid ...)
+ TODO: check
+CVE-2024-54407 (Cross-Site Request Forgery (CSRF) vulnerability in
\u968f\u610f\u7684\ ...)
+ TODO: check
+CVE-2024-54406 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2024-54405 (Cross-Site Request Forgery (CSRF) vulnerability in Andy
Chapman ECT So ...)
+ TODO: check
+CVE-2024-54404 (Cross-Site Request Forgery (CSRF) vulnerability in Nazmul
Ahsan MDC Co ...)
+ TODO: check
+CVE-2024-54403 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2024-54402 (Missing Authorization vulnerability in Jozoor Arabic Webfonts
allows E ...)
+ TODO: check
+CVE-2024-54401 (Cross-Site Request Forgery (CSRF) vulnerability in Turcu
Ciprian Advan ...)
+ TODO: check
+CVE-2024-54400 (Cross-Site Request Forgery (CSRF) vulnerability in MELONIQ.NET
AppMaps ...)
+ TODO: check
+CVE-2024-54399 (Cross-Site Request Forgery (CSRF) vulnerability in CRUDLab
CRUDLab Goo ...)
+ TODO: check
+CVE-2024-54398 (Cross-Site Request Forgery (CSRF) vulnerability in Project
Caruso Flam ...)
+ TODO: check
+CVE-2024-54397 (Cross-Site Request Forgery (CSRF) vulnerability in Antonio
Gocaj Go An ...)
+ TODO: check
+CVE-2024-54396 (Cross-Site Request Forgery (CSRF) vulnerability in Ryan Bet
sport Free ...)
+ TODO: check
+CVE-2024-54395 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2024-54394 (Cross-Site Request Forgery (CSRF) vulnerability in Web
solution soft M ...)
+ TODO: check
+CVE-2024-54393 (Cross-Site Request Forgery (CSRF) vulnerability in Sheikh
Heera WP Fid ...)
+ TODO: check
+CVE-2024-54392 (Cross-Site Request Forgery (CSRF) vulnerability in Midoks
WP\u5fae\u4f ...)
+ TODO: check
+CVE-2024-54391 (Cross-Site Request Forgery (CSRF) vulnerability in Matt
Walters WordPr ...)
+ TODO: check
+CVE-2024-54390 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2024-54389 (Cross-Site Request Forgery (CSRF) vulnerability in Eduardo
Chiaro addW ...)
+ TODO: check
+CVE-2024-54388 (Cross-Site Request Forgery (CSRF) vulnerability in Phuc Pham
Multiple ...)
+ TODO: check
+CVE-2024-54387 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2024-54386 (Cross-Site Request Forgery (CSRF) vulnerability in Get Push
Monkey LLC ...)
+ TODO: check
+CVE-2024-54385 (Server-Side Request Forgery (SSRF) vulnerability in SoftLab
Radio Play ...)
+ TODO: check
+CVE-2024-54384 (Missing Authorization vulnerability in eLightUp Falcon \u2013
WordPres ...)
+ TODO: check
+CVE-2024-54382 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
+ TODO: check
+CVE-2024-54380 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
+ TODO: check
+CVE-2024-54379 (Missing Authorization vulnerability in Blokhaus Minterpress
allows Pri ...)
+ TODO: check
+CVE-2024-54378 (Missing Authorization vulnerability in Quietly Quietly
Insights allows ...)
+ TODO: check
+CVE-2024-54376 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
+ TODO: check
+CVE-2024-54375 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
+ TODO: check
+CVE-2024-54374 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
+ TODO: check
+CVE-2024-54373 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
+ TODO: check
+CVE-2024-54372 (Cross-Site Request Forgery (CSRF) vulnerability in Sourov Amin
Inserti ...)
+ TODO: check
+CVE-2024-54370 (Unrestricted Upload of File with Dangerous Type vulnerability
in Suite ...)
+ TODO: check
+CVE-2024-54369 (Missing Authorization vulnerability in ThemeHunk Zita Site
Builder all ...)
+ TODO: check
+CVE-2024-54368 (Cross-Site Request Forgery (CSRF) vulnerability in Ruben
Garza, Jr. Gi ...)
+ TODO: check
+CVE-2024-54367 (Deserialization of Untrusted Data vulnerability in ForumWP
ForumWP all ...)
+ TODO: check
+CVE-2024-54366 (Generation of Error Message Containing Sensitive Information
vulnerabi ...)
+ TODO: check
+CVE-2024-54365 (Incorrect Privilege Assignment vulnerability in Halim KH Easy
User Set ...)
+ TODO: check
+CVE-2024-54364 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2024-54363 (Incorrect Privilege Assignment vulnerability in nssTheme Wp
NssUser Re ...)
+ TODO: check
+CVE-2024-54361 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2024-54360 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2024-54359 (Missing Authorization vulnerability in Saul Morales Pacheco
Banner Sys ...)
+ TODO: check
+CVE-2024-54358 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2024-54357 (Cross-Site Request Forgery (CSRF) vulnerability in ThemeFusion
Avada.T ...)
+ TODO: check
+CVE-2024-54356 (Cross-Site Request Forgery (CSRF) vulnerability in vCita.com
Online Bo ...)
+ TODO: check
+CVE-2024-54355 (Cross-Site Request Forgery (CSRF) vulnerability in brandtoss
WP Mailst ...)
+ TODO: check
+CVE-2024-54354 (Missing Authorization vulnerability in Beat Kueffer
Termin-Kalender al ...)
+ TODO: check
+CVE-2024-54353 (Cross-Site Request Forgery (CSRF) vulnerability in WPGear
Hack-Info al ...)
+ TODO: check
+CVE-2024-54352 (Cross-Site Request Forgery (CSRF) vulnerability in Sabri Taieb
Sogrid ...)
+ TODO: check
+CVE-2024-54348 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2024-54332 (Cross-Site Request Forgery (CSRF) vulnerability in WPFactory
WP Curren ...)
+ TODO: check
+CVE-2024-54331 (Cross-Site Request Forgery (CSRF) vulnerability in Micha I
Plant A Tre ...)
+ TODO: check
+CVE-2024-54285 (Unrestricted Upload of File with Dangerous Type vulnerability
in SeedP ...)
+ TODO: check
+CVE-2024-54284 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2024-54283 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2024-54280 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2024-54279 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
+ TODO: check
+CVE-2024-54257 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2024-54249 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2024-54229 (Incorrect Privilege Assignment vulnerability in
Straightvisions GmbH S ...)
+ TODO: check
+CVE-2024-54083 (Mattermost versions 10.1.x <= 10.1.2, 10.0.x <= 10.0.2, 9.11.x
<= 9.11 ...)
+ TODO: check
+CVE-2024-4762 (An improper validation vulnerability was reported in the
firmware upda ...)
+ TODO: check
+CVE-2024-49775 (A vulnerability has been identified in Opcenter Execution
Foundation ( ...)
+ TODO: check
+CVE-2024-48872 (Mattermost versions 10.1.x <= 10.1.2, 10.0.x <= 10.0.2, 9.11.x
<= 9.11 ...)
+ TODO: check
+CVE-2024-43234 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
+ TODO: check
+CVE-2024-37251 (Cross-Site Request Forgery (CSRF) vulnerability in WPENGINE,
INC. Adva ...)
+ TODO: check
+CVE-2024-12687 (Deserialization of Untrusted Data vulnerability in PlexTrac
(Runbooks ...)
+ TODO: check
+CVE-2024-12668 (Velocidex WinPmem versions below 4.1 suffer from an Out of
Bounds Writ ...)
+ TODO: check
+CVE-2024-12667 (A vulnerability was found in InvoicePlane up to 1.6.1 and
classified a ...)
+ TODO: check
+CVE-2024-12666 (A vulnerability has been found in ClassCMS up to 4.8 and
classified as ...)
+ TODO: check
+CVE-2024-12665 (A vulnerability, which was classified as problematic, was
found in rui ...)
+ TODO: check
+CVE-2024-12664 (A vulnerability, which was classified as problematic, has been
found i ...)
+ TODO: check
+CVE-2024-12663 (A vulnerability classified as problematic was found in
funnyzpc Mee-Ad ...)
+ TODO: check
+CVE-2024-12662 (A vulnerability classified as problematic has been found in
IObit Adva ...)
+ TODO: check
+CVE-2024-12661 (A vulnerability was found in IObit Advanced SystemCare Utimate
up to 1 ...)
+ TODO: check
+CVE-2024-12660 (A vulnerability was found in IObit Advanced SystemCare Utimate
up to 1 ...)
+ TODO: check
+CVE-2024-12659 (A vulnerability was found in IObit Advanced SystemCare Utimate
up to 1 ...)
+ TODO: check
+CVE-2024-12658 (A vulnerability was found in IObit Advanced SystemCare Utimate
up to 1 ...)
+ TODO: check
+CVE-2024-12657 (A vulnerability has been found in IObit Advanced SystemCare
Utimate up ...)
+ TODO: check
+CVE-2024-12656 (A vulnerability, which was classified as problematic, was
found in Fab ...)
+ TODO: check
+CVE-2024-12655 (A vulnerability, which was classified as problematic, has been
found i ...)
+ TODO: check
+CVE-2024-12654 (A vulnerability classified as problematic was found in
FabulaTech USB ...)
+ TODO: check
+CVE-2024-12653 (A vulnerability classified as problematic has been found in
FabulaTech ...)
+ TODO: check
+CVE-2024-12478 (A vulnerability was found in InvoicePlane up to 1.6.1. It has
been dec ...)
+ TODO: check
+CVE-2024-12362 (A vulnerability was found in InvoicePlane up to 1.6.1. It has
been cla ...)
+ TODO: check
+CVE-2024-12092 (A stored Cross-site Scripting (XSS) vulnerability affecting
ENOVIA Col ...)
+ TODO: check
+CVE-2024-12091 (A stored Cross-site Scripting (XSS) vulnerability affecting
ENOVIA Col ...)
+ TODO: check
+CVE-2024-12090 (A stored Cross-site Scripting (XSS) vulnerability affecting
ENOVIA Col ...)
+ TODO: check
+CVE-2024-12089 (A stored Cross-site Scripting (XSS) vulnerability affecting
ENOVIA Col ...)
+ TODO: check
+CVE-2024-11358 (Mattermost Android Mobile Apps versions <=2.21.0 fail to
properly conf ...)
+ TODO: check
+CVE-2024-11144 (The server lacks thread safety and can be crashed by anomalous
data se ...)
+ TODO: check
+CVE-2024-10972 (Velocidex WinPmem versions 4.1 and below suffer from an
Improper Input ...)
+ TODO: check
+CVE-2024-10095 (In Progress Telerik UI for WPF versions prior to 2024 Q4
(2024.4.1213) ...)
+ TODO: check
CVE-2024-55919 [Improper input validation on generic SSO login]
- sympa <unfixed> (bug #1090188)
NOTE: https://www.sympa.community/security/2024-001.html
@@ -744,7 +1078,7 @@ CVE-2024-55876 (XWiki Platform is a generic wiki platform.
Starting in version 1
NOT-FOR-US: XWiki
CVE-2024-55875 (http4k is a functional toolkit for Kotlin HTTP applications.
Prior to ...)
NOT-FOR-US: http4k
-CVE-2024-55663 (XWiki Platform is a generic wiki platform. Starting in version
11.10.6 ...)
+CVE-2024-55663 (XWiki Platform is a generic wiki platform. Starting in version
6.3-mil ...)
NOT-FOR-US: XWiki
CVE-2024-55662 (XWiki Platform is a generic wiki platform. Starting in version
3.3-mil ...)
NOT-FOR-US: XWiki
@@ -1281,7 +1615,7 @@ CVE-2024-47607 (GStreamer is a library for constructing
graphs of media-handling
NOTE: Fixed by:
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/2838374d6ee4a0c9c4c4221ac46d5c1688f26e59
NOTE: Fixed by:
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/804eca458fb547942ed70b88c021b996be9228a2
(1.24.10)
CVE-2024-47606 (GStreamer is a library for constructing graphs of
media-handling compo ...)
- {DLA-3994-1}
+ {DSA-5832-1 DLA-3994-1}
- gstreamer1.0 1.24.10-1
- gstreamer0.10 <removed>
- gst-plugins-good1.0 1.24.10-1
@@ -1725,7 +2059,7 @@ CVE-2024-49538 (Illustrator versions 29.0.0, 28.7.2 and
earlier are affected by
NOT-FOR-US: Adobe
CVE-2024-49537 (After Effects versions 24.6.2, 25.0.1 and earlier are affected
by a St ...)
NOT-FOR-US: Adobe
-CVE-2024-49513 (Not a product versions 21.0.0.5 and earlier are affected by an
out-of- ...)
+CVE-2024-49513 (PDFL SDK versions 21.0.0.5 and earlier are affected by an
out-of-bound ...)
NOT-FOR-US: Adobe
CVE-2024-45156 (Animate versions 23.0.8, 24.0.5 and earlier are affected by a
NULL Poi ...)
NOT-FOR-US: Adobe
@@ -1894,7 +2228,7 @@ CVE-2024-53242 (A vulnerability has been identified in
Teamcenter Visualization
NOT-FOR-US: Siemens
CVE-2024-53041 (A vulnerability has been identified in Teamcenter
Visualization V14.2 ...)
NOT-FOR-US: Siemens
-CVE-2024-52538 (Dell Avamar, version(s) 19.9, contain(s) an Improper
Neutralization of ...)
+CVE-2024-52538 (Dell Avamar, version(s) 19.x, contain(s) an Improper
Neutralization of ...)
NOT-FOR-US: Dell
CVE-2024-52051 (A vulnerability has been identified in SIMATIC S7-PLCSIM V17
(All vers ...)
NOT-FOR-US: Siemens
@@ -2078,9 +2412,9 @@ CVE-2024-49059 (Microsoft Office Elevation of Privilege
Vulnerability)
NOT-FOR-US: Microsoft
CVE-2024-49057 (Microsoft Defender for Endpoint on Android Spoofing
Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2024-47977 (Dell Avamar, version(s) 19.9, contain(s) an Improper
Neutralization of ...)
+CVE-2024-47977 (Dell Avamar, version(s) 19.x, contain(s) an Improper
Neutralization of ...)
NOT-FOR-US: Dell
-CVE-2024-47484 (Dell Avamar, version(s) 19.9, contain(s) an Improper
Neutralization of ...)
+CVE-2024-47484 (Dell Avamar, version(s) 19.x, contain(s) an Improper
Neutralization of ...)
NOT-FOR-US: Dell
CVE-2024-47117 (IBM Carbon Design System (Carbon Charts 0.4.0 through 1.13.16)
is vuln ...)
NOT-FOR-US: IBM
@@ -86433,7 +86767,7 @@ CVE-2024-25623 (Mastodon is a free, open-source social
network server based on A
CVE-2024-1633 (During the secure boot, bl2 (the second stage of the
bootloader) loops ...)
NOT-FOR-US: Renesas
CVE-2024-1597 (pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject
SQL if u ...)
- {DLA-3812-1}
+ {DLA-3995-1 DLA-3812-1}
- libpgjava 42.7.2-1
[bookworm] - libpgjava <no-dsa> (Minor issue)
NOTE:
https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-24rp-q3w6-vc56
@@ -182494,7 +182828,7 @@ CVE-2022-41948 (DHIS 2 is an open source information
system for data capture, ma
CVE-2022-41947 (DHIS 2 is an open source information system for data capture,
manageme ...)
NOT-FOR-US: DHIS
CVE-2022-41946 (pgjdbc is an open source postgresql JDBC Driver. In affected
versions ...)
- {DLA-3218-1}
+ {DLA-3995-1 DLA-3218-1}
- libpgjava 42.5.1-1
NOTE:
https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-562r-vg33-8x8h
NOTE:
https://github.com/pgjdbc/pgjdbc/commit/9008dc9aade6dbfe4efafcd6872ebc55f4699cf5
(REL42.5.1-rc1)
@@ -212131,7 +212465,7 @@ CVE-2022-1797 (A malformed Class 3 common industrial
protocol message with a cac
CVE-2022-31198 (OpenZeppelin Contracts is a library for secure smart contract
developm ...)
NOT-FOR-US: OpenZeppelin
CVE-2022-31197 (PostgreSQL JDBC Driver (PgJDBC for short) allows Java programs
to conn ...)
- {DLA-3140-1}
+ {DLA-3995-1 DLA-3140-1}
- libpgjava 42.4.1-1 (bug #1016662)
NOTE:
https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-r38f-c4h4-hqq2
NOTE:
https://github.com/pgjdbc/pgjdbc/commit/739e599d52ad80f8dcd6efedc6157859b1a9d637
(REL42.4.1-rc1)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7e3d4a34cbc63954701fcdc823f11c40dae4b400
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7e3d4a34cbc63954701fcdc823f11c40dae4b400
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
