Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d0883c68 by security tracker role at 2024-12-28T08:12:01+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,29 @@
+CVE-2024-54775 (Dcat-Admin v2.2.0-beta and v2.2.2-beta contains a Cross-Site
Scripting ...)
+ TODO: check
+CVE-2024-54774 (Dcat Admin v2.2.0-beta contains a cross-site scripting (XSS)
vulnerabi ...)
+ TODO: check
+CVE-2024-50717 (SQL injection vulnerability in Smart Agent v.1.1.0 allows a
remote att ...)
+ TODO: check
+CVE-2024-50716 (SQL injection vulnerability in Smart Agent v.1.1.0 allows a
remote att ...)
+ TODO: check
+CVE-2024-50715 (An issue in smarts-srl.com Smart Agent v.1.1.0 allows a remote
attacke ...)
+ TODO: check
+CVE-2024-50714 (A Server-Side Request Forgery (SSRF) in smarts-srl.com Smart
Agent v.1 ...)
+ TODO: check
+CVE-2024-50713 (SmartAgent v1.1.0 was discovered to contain a SQL injection
vulnerabil ...)
+ TODO: check
+CVE-2024-46973 (Software installed and run as a non-privileged user may
conduct improp ...)
+ TODO: check
+CVE-2024-46972 (Software installed and run as a non-privileged user may
conduct improp ...)
+ TODO: check
+CVE-2024-43705 (Software installed and run as a non-privileged user can
trigger the GP ...)
+ TODO: check
+CVE-2023-7266 (Some Huawei home routers have a connection hijacking
vulnerability. Su ...)
+ TODO: check
+CVE-2023-7263 (Some Huawei home music system products have a path traversal
vulnerabi ...)
+ TODO: check
+CVE-2023-52718 (A connection hijacking vulnerability exists in some Huawei
home router ...)
+ TODO: check
CVE-2024-56732 (HarfBuzz is a text shaping engine. Starting with 8.5.0 through
10.0.1, ...)
- harfbuzz <unfixed>
NOTE:
https://github.com/harfbuzz/harfbuzz/security/advisories/GHSA-qmp9-xqm5-jh6m
@@ -46645,7 +46671,7 @@ CVE-2024-38523 (Hush Line is a free and open-source,
anonymous-tip-line-as-a-ser
NOT-FOR-US: Hush Line
CVE-2024-38515
REJECTED
-CVE-2024-35260 (An authenticated attacker can exploit an Untrusted Search Path
vulnera ...)
+CVE-2024-35260 (An authenticated attacker can exploit an untrusted search path
vulnera ...)
NOT-FOR-US: Microsoft
CVE-2024-35153 (IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to
cross-si ...)
NOT-FOR-US: IBM
@@ -135890,8 +135916,8 @@ CVE-2022-48472 (A Huawei printer has a system command
injection vulnerability. S
NOT-FOR-US: Huawei
CVE-2022-48471 (There is a misinterpretation of input vulnerability in Huawei
Printer. ...)
NOT-FOR-US: Huawei
-CVE-2022-48470
- RESERVED
+CVE-2022-48470 (Huawei HiLink AI Life product has an identity authentication
bypass vu ...)
+ TODO: check
CVE-2022-48469 (There is a traffic hijacking vulnerability in Huawei routers.
Successf ...)
NOT-FOR-US: Huawei
CVE-2014-125099 (A vulnerability has been found in I Recommend This Plugin up
to 3.7.2 ...)
@@ -272536,8 +272562,8 @@ CVE-2021-37002 (There is a Memory out-of-bounds
access vulnerability in Huawei S
NOT-FOR-US: Huawei
CVE-2021-37001 (There is a Register tampering vulnerability in Huawei
Smartphone.Succe ...)
NOT-FOR-US: Huawei
-CVE-2021-37000
- RESERVED
+CVE-2021-37000 (Some Huawei wearables have a permission management
vulnerability.)
+ TODO: check
CVE-2021-36999 (There is a Buffer overflow vulnerability in Huawei
Smartphone.Successf ...)
NOT-FOR-US: Huawei
CVE-2021-36998 (There is an Improper verification vulnerability in Huawei
Smartphone.S ...)
@@ -309276,8 +309302,8 @@ CVE-2021-22486 (There is a issue of Unstandardized
field names in Huawei Smartph
NOT-FOR-US: Huawei
CVE-2021-22485 (There is a SSID vulnerability with Wi-Fi network connections
in Huawei ...)
NOT-FOR-US: Huawei
-CVE-2021-22484
- RESERVED
+CVE-2021-22484 (Some Huawei wearables have a vulnerability of not verifying
the actual ...)
+ TODO: check
CVE-2021-22483 (There is a issue of IP address spoofing in Huawei Smartphone.
Successf ...)
NOT-FOR-US: Huawei
CVE-2021-22482 (There is an Uninitialized variable vulnerability in Huawei
Smartphone. ...)
@@ -394523,16 +394549,16 @@ CVE-2020-1826 (Huawei Honor Magic2 mobile phones
with versions earlier than 10.0
NOT-FOR-US: Huawei
CVE-2020-1825 (FusionAccess with versions earlier than 6.5.1.SPC002 have a
Denial of ...)
NOT-FOR-US: Huawei
-CVE-2020-1824
- RESERVED
-CVE-2020-1823
- RESERVED
-CVE-2020-1822
- RESERVED
-CVE-2020-1821
- RESERVED
-CVE-2020-1820
- RESERVED
+CVE-2020-1824 (There are multiple out of bounds (OOB) read vulnerabilities in
the imp ...)
+ TODO: check
+CVE-2020-1823 (There are multiple out of bounds (OOB) read vulnerabilities in
the imp ...)
+ TODO: check
+CVE-2020-1822 (There are multiple out of bounds (OOB) read vulnerabilities in
the imp ...)
+ TODO: check
+CVE-2020-1821 (There are multiple out of bounds (OOB) read vulnerabilities in
the imp ...)
+ TODO: check
+CVE-2020-1820 (There are multiple out of bounds (OOB) read vulnerabilities in
the imp ...)
+ TODO: check
CVE-2020-1819 (There are multiple out of bounds (OOB) read vulnerabilities in
the imp ...)
NOT-FOR-US: Huawei
CVE-2020-1818 (There are multiple out of bounds (OOB) read vulnerabilities in
the imp ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d0883c68ef7b26c3c70345053e9b863f13a8a1ae
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d0883c68ef7b26c3c70345053e9b863f13a8a1ae
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
