[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Wed, 25 Dec 2024 12:12:32 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
747cf529 by security tracker role at 2024-12-25T20:12:11+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,55 @@
+CVE-2024-8950 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
+       TODO: check
+CVE-2024-56431 (oc_huff_tree_unpack in huffdec.c in libtheora in Theora 
through 1.0 71 ...)
+       TODO: check
+CVE-2024-56430 (OpenFHE through 1.2.3 has a NULL pointer dereference in 
BinFHEContext: ...)
+       TODO: check
+CVE-2024-53291 (Dell NativeEdge, version(s) 2.1.0.0, contain(s) an Exposure of 
Sensiti ...)
+       TODO: check
+CVE-2024-52906 (IBM AIX7.2, 7.3, VIOS 3.1, and 4.1    could allow a 
non-privileged loc ...)
+       TODO: check
+CVE-2024-52543 (Dell NativeEdge, version(s) 2.1.0.0, contain(s) a Creation of 
Temporar ...)
+       TODO: check
+CVE-2024-52535 (Dell SupportAssist for Home PCs versions 4.6.1 and prior and 
Dell Supp ...)
+       TODO: check
+CVE-2024-52534 (Dell ECS, version(s) prior to ECS 3.8.1.3, contain(s) an 
Authenticatio ...)
+       TODO: check
+CVE-2024-52046 (The ObjectSerializationDecoder in Apache MINA uses Java\u2019s 
native  ...)
+       TODO: check
+CVE-2024-47978 (Dell NativeEdge, version(s) 2.1.0.0, contain(s) an Execution 
with Unne ...)
+       TODO: check
+CVE-2024-47102 (IBM AIX7.2, 7.3, VIOS 3.1, and 4.1  could allow a 
non-privileged local ...)
+       TODO: check
+CVE-2024-39727 (IBM Engineering Lifecycle Optimization - Engineering Insights 
7.0.2 an ...)
+       TODO: check
+CVE-2024-39725 (IBM Engineering Lifecycle Optimization - Engineering Insights 
7.0.2 an ...)
+       TODO: check
+CVE-2024-1609 (In OPPOStore iOS App, there's a possible escalation of 
privilege due t ...)
+       TODO: check
+CVE-2024-12926 (A vulnerability classified as critical was found in Codezips 
Project M ...)
+       TODO: check
+CVE-2024-12636 (The Privacy Policy Generator, Terms & Conditions Generator 
WordPress P ...)
+       TODO: check
+CVE-2024-12428 (The WP Data Access \u2013 App, Table, Form and Chart Builder 
plugin pl ...)
+       TODO: check
+CVE-2024-12413 (The MarketKing \u2014 Ultimate WooCommerce Multivendor 
Marketplace Sol ...)
+       TODO: check
+CVE-2024-12335 (The Avada (Fusion) Builder plugin for WordPress is vulnerable 
to Infor ...)
+       TODO: check
+CVE-2024-12272 (The WP Travel Engine \u2013 Elementor Widgets | Create Travel 
Booking  ...)
+       TODO: check
+CVE-2024-12190 (The Contact Form by Bit Form: Multi Step Form, Calculation 
Contact For ...)
+       TODO: check
+CVE-2024-12032 (The Tourfic \u2013 Ultimate Hotel Booking, Travel Booking & 
Apartment  ...)
+       TODO: check
+CVE-2024-11281 (The WooCommerce Point of Sale plugin for WordPress is 
vulnerable to pr ...)
+       TODO: check
+CVE-2024-10862 (The NEX-Forms \u2013 Ultimate Form Builder \u2013 Contact 
forms and mu ...)
+       TODO: check
+CVE-2024-10858 (The Jetpack  WordPress plugin before 14.1 does not properly 
checks the ...)
+       TODO: check
+CVE-2023-5117 (An issue was discovered in GitLab CE/EE affecting all versions 
before  ...)
+       TODO: check
 CVE-2024-8721 (The Tracking Code Manager plugin for WordPress is vulnerable to 
Stored ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-53163 (In the Linux kernel, the following vulnerability has been 
resolved:  c ...)
@@ -6020,7 +6072,8 @@ CVE-2024-36611 (In Symfony v7.07, a security 
vulnerability was identified in the
        - symfony <unfixed> (bug #1088817)
        NOTE: 
https://github.com/symfony/symfony/commit/a804ca15fcad279d7727b91d12a667fd5b925995
 (v7.1.0-BETA1)
        NOTE: Not considered a security issue by upstream: 
https://github.com/symfony/symfony/issues/59077#issuecomment-2513935018
-CVE-2024-36610 (A deserialization vulnerability exists in the Stub class of 
the VarDum ...)
+CVE-2024-36610
+       REJECTED
        - symfony 6.4.4+dfsg-3 (unimportant)
        NOTE: Fixed by: 
https://github.com/symfony/symfony/commit/3ffd495bb3cc4d2e24e35b2d83c5b909cab7e259
 (v6.4.4)
        NOTE: Not considered a security issue by upstream: 
https://github.com/symfony/symfony/issues/59077#issuecomment-2513935018



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/747cf5297cf0ee992023ca42dc85ec7090163c79

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/747cf5297cf0ee992023ca42dc85ec7090163c79
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to