[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7c23b22d by security tracker role at 2024-04-01T20:12:31+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,13 +1,103 @@
-CVE-2024-26655 [Fix memory leak in posix_clock_open()]
+CVE-2024-3135 (The web server lacked CSRF tokens allowing an attacker to host malicio ...)
+	TODO: check
+CVE-2024-3131 (A vulnerability was found in SourceCodester Computer Laboratory Manage ...)
+	TODO: check
+CVE-2024-3130 (Hard-coded Credentialsin CoolKit eWeLlink app are before 5.4.x on Andr ...)
+	TODO: check
+CVE-2024-3129 (A vulnerability was found in SourceCodester Image Accordion Gallery Ap ...)
+	TODO: check
+CVE-2024-3128 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified  ...)
+	TODO: check
+CVE-2024-3125 (A vulnerability classified as problematic was found in Zebra ZTC GK420 ...)
+	TODO: check
+CVE-2024-3124 (A vulnerability classified as problematic has been found in fridgecow  ...)
+	TODO: check
+CVE-2024-31099 (Missing Authorization vulnerability in Averta Shortcodes and extra fea ...)
+	TODO: check
+CVE-2024-30872 (netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /include/authr ...)
+	TODO: check
+CVE-2024-30871 (netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /WebPages/appl ...)
+	TODO: check
+CVE-2024-30870 (netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/address ...)
+	TODO: check
+CVE-2024-30868 (netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/add_get ...)
+	TODO: check
+CVE-2024-30867 (netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/edit_vi ...)
+	TODO: check
+CVE-2024-30866 (netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /3g/menu.php.)
+	TODO: check
+CVE-2024-30865 (netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/edit_us ...)
+	TODO: check
+CVE-2024-30864 (netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/config_ ...)
+	TODO: check
+CVE-2024-30863 (netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /WebPages/hist ...)
+	TODO: check
+CVE-2024-30862 (netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /3g/index.php.)
+	TODO: check
+CVE-2024-30861 (netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/configg ...)
+	TODO: check
+CVE-2024-30860 (netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/export_ ...)
+	TODO: check
+CVE-2024-30859 (netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/config_ ...)
+	TODO: check
+CVE-2024-30858 (netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/edit_fi ...)
+	TODO: check
+CVE-2024-29435 (An issue discovered in Alldata v0.4.6 allows attacker to run arbitrary ...)
+	TODO: check
+CVE-2024-29433 (A deserialization vulnerability in the FASTJSON component of Alldata v ...)
+	TODO: check
+CVE-2024-28232 (Go package IceWhaleTech/CasaOS-UserService provides user management fu ...)
+	TODO: check
+CVE-2024-25574 (SQL injection vulnerability exists in GetDIAE_usListParameters.)
+	TODO: check
+CVE-2024-25080 (WebMail in Axigen 10.x before 10.3.3.62 allows XSS via the image attac ...)
+	TODO: check
+CVE-2024-21473 (Memory corruption while redirecting log file to any file location with ...)
+	TODO: check
+CVE-2024-21472 (Memory corruption in Kernel while handling GPU operations.)
+	TODO: check
+CVE-2024-21470 (Memory corruption while allocating memory for graphics.)
+	TODO: check
+CVE-2024-21468 (Memory corruption when there is failed unmap operation in GPU.)
+	TODO: check
+CVE-2024-21463 (Memory corruption while processing Codec2 during v13k decoder pitch sy ...)
+	TODO: check
+CVE-2024-21454 (Transient DOS while decoding the ToBeSignedMessage in Automotive Telem ...)
+	TODO: check
+CVE-2024-21453 (Transient DOS while decoding message of size that exceeds the availabl ...)
+	TODO: check
+CVE-2024-21452 (Transient DOS while decoding an ASN.1 OER message containing a SEQUENC ...)
+	TODO: check
+CVE-2023-6154 (A configuration setting issue in seccenter.exe as used in Bitdefender  ...)
+	TODO: check
+CVE-2023-48906 (Stack Overflow vulnerability in Btstack 1.6 and earlier allows attacke ...)
+	TODO: check
+CVE-2023-43515 (Memory corruption in HLOS while running kernel address sanitizers (syz ...)
+	TODO: check
+CVE-2023-33115 (Memory corruption while processing buffer initialization, when trusted ...)
+	TODO: check
+CVE-2023-33111 (Information disclosure when VI calibration state set by ADSP is greate ...)
+	TODO: check
+CVE-2023-33101 (Transient DOS while processing DL NAS TRANSPORT message with payload l ...)
+	TODO: check
+CVE-2023-33100 (Transient DOS while processing DL NAS Transport message when message I ...)
+	TODO: check
+CVE-2023-33099 (Transient DOS while processing SMS container of non-standard size rece ...)
+	TODO: check
+CVE-2023-33023 (Memory corruption while processing finish_sign command to pass a rsp b ...)
+	TODO: check
+CVE-2022-4966 (A vulnerability was found in sequentech admin-console up to 6.1.7 and  ...)
+	TODO: check
+CVE-2024-26655 (In the Linux kernel, the following vulnerability has been resolved:  F ...)
 	- linux <unfixed>
 	[bookworm] - linux <not-affected> (Vulnerable code not present)
 	[bullseye] - linux <not-affected> (Vulnerable code not present)
 	[buster] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/5b4cdd9c5676559b8a7c944ac5269b914b8c0bb8 (6.9-rc2)
-CVE-2024-26654 [ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs]
+CVE-2024-26654 (In the Linux kernel, the following vulnerability has been resolved:  A ...)
 	- linux <unfixed>
 	NOTE: https://git.kernel.org/linus/051e0840ffa8ab25554d6b14b62c9ab9e4901457 (6.9-rc2)
-CVE-2024-26653 [usb: misc: ljca: Fix double free in error handling path]
+CVE-2024-26653 (In the Linux kernel, the following vulnerability has been resolved:  u ...)
 	- linux <unfixed>
 	[bookworm] - linux <not-affected> (Vulnerable code not present)
 	[bullseye] - linux <not-affected> (Vulnerable code not present)
@@ -2618,6 +2708,7 @@ CVE-2024-2579 (Improper Neutralization of Input During Web Page Generation ('Cro
 CVE-2024-2578 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-2494 (A flaw was found in the RPC library APIs of libvirt. The RPC server de ...)
+	{DLA-3778-1}
 	- libvirt <unfixed> (bug #1067461)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2270115
 	NOTE: https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/BKRQXPLPC6B7FLHJXSBQYW7HNDEBW6RJ/
@@ -5758,11 +5849,13 @@ CVE-2024-1696 (In Santesoft Sante FFT Imaging versions 1.4.1 and prior once a us
 CVE-2024-1487 (The Photos and Files Contest Gallery WordPress plugin before 21.3.1 do ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-2496 (A NULL pointer dereference flaw was found in the udevConnectListAllInt ...)
+	{DLA-3778-1}
 	- libvirt 9.8.0-1
 	[bookworm] - libvirt <no-dsa> (Minor issue)
 	[bullseye] - libvirt <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://gitlab.com/libvirt/libvirt/-/commit/2ca94317ac642a70921947150ced8acc674ccdc8 (v9.8.0-rc1)
 CVE-2024-1441 (An off-by-one error flaw was found in the udevListInterfacesByStatus() ...)
+	{DLA-3778-1}
 	- libvirt 10.1.0-1 (bug #1066058)
 	[bookworm] - libvirt <no-dsa> (Minor issue)
 	[bullseye] - libvirt <no-dsa> (Minor issue)
@@ -64890,8 +64983,8 @@ CVE-2023-28549 (Memory corruption in WLAN HAL while parsing Rx buffer in process
 	NOT-FOR-US: Qualcomm
 CVE-2023-28548 (Memory corruption in WLAN HAL while processing Tx/Rx commands from QDA ...)
 	NOT-FOR-US: Qualcomm
-CVE-2023-28547
-	RESERVED
+CVE-2023-28547 (Memory corruption in SPS Application while requesting for public key i ...)
+	TODO: check
 CVE-2023-28546 (Memory Corruption in SPS Application while exporting public key in sor ...)
 	NOT-FOR-US: Qualcomm
 CVE-2023-28545 (Memory corruption in TZ Secure OS while loading an app ELF.)
@@ -149949,6 +150042,7 @@ CVE-2022-0899 (The Header Footer Code Manager WordPress plugin before 1.1.24 doe
 CVE-2022-0898 (The IgniteUp WordPress plugin through 3.4.1 does not sanitise and esca ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-0897 (A flaw was found in the libvirt nwfilter driver. The virNWFilterObjLis ...)
+	{DLA-3778-1}
 	- libvirt 8.2.0-1 (bug #1009075)
 	[bullseye] - libvirt <no-dsa> (Minor issue)
 	[stretch] - libvirt <postponed> (Minor issue)
@@ -167490,6 +167584,7 @@ CVE-2021-4148 (A vulnerability was found in the Linux kernel's block_invalidatep
 	NOTE: https://lkml.org/lkml/2021/9/17/1037
 	NOTE: https://lkml.org/lkml/2021/9/12/323
 CVE-2021-4147 (A flaw was found in the libvirt libxl driver. A malicious guest could  ...)
+	{DLA-3778-1}
 	- libvirt 7.10.0-2 (bug #1002535)
 	[bullseye] - libvirt <no-dsa> (Minor issue)
 	[stretch] - libvirt <no-dsa> (Minor issue)
@@ -172536,6 +172631,7 @@ CVE-2021-43999 (Apache Guacamole 1.2.0 and 1.3.0 do not properly validate respon
 CVE-2021-3976 (kimai2 is vulnerable to Cross-Site Request Forgery (CSRF))
 	NOT-FOR-US: kimai2
 CVE-2021-3975 (A use-after-free flaw was found in libvirt. The qemuMonitorUnregister( ...)
+	{DLA-3778-1}
 	- libvirt 7.6.0-1
 	[bullseye] - libvirt <no-dsa> (Minor issue)
 	[stretch] - libvirt <no-dsa> (Minor issue)
@@ -192973,6 +193069,7 @@ CVE-2021-37580 (A flaw was found in Apache ShenYu Admin. The incorrect use of JW
 CVE-2021-37579 (The Dubbo Provider will check the incoming request and the correspondi ...)
 	NOT-FOR-US: Apache Dubbo
 CVE-2021-3667 (An improper locking issue was found in the virStoragePoolLookupByTarge ...)
+	{DLA-3778-1}
 	- libvirt 7.6.0-1 (bug #991594)
 	[bullseye] - libvirt <no-dsa> (Minor issue)
 	[stretch] - libvirt <not-affected> (Introduced in 4.1)
@@ -196651,6 +196748,7 @@ CVE-2017-20006 (UnRAR 5.6.1.2 and 5.6.1.3 has a heap-based buffer overflow in Un
 	NOTE: https://github.com/aawc/unrar/commit/0ff832d31470471803b175cfff4e40c1b08ee779
 	NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/unrar/OSV-2017-104.yaml
 CVE-2021-3631 (A flaw was found in libvirt while it generates SELinux MCS category pa ...)
+	{DLA-3778-1}
 	- libvirt 7.6.0-1 (bug #990709)
 	[bullseye] - libvirt <no-dsa> (Minor issue)
 	[stretch] - libvirt <no-dsa> (Minor issue)
@@ -255421,7 +255519,7 @@ CVE-2020-25638 (A flaw was found in hibernate-core in versions prior to and incl
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1881353
 	NOTE: Fixed by https://github.com/hibernate/hibernate-orm/commit/59fede7acaaa1579b561407aefa582311f7ebe78
 CVE-2020-25637 (A double free memory issue was found to occur in the libvirt API, in v ...)
-	{DLA-2395-1}
+	{DLA-3778-1 DLA-2395-1}
 	- libvirt 6.8.0-1 (bug #971555)
 	NOTE: Introduced by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=0977b8aa071de550e1a013d35e2c72615e65d520 (v1.2.14-rc1)
 	NOTE: Fixed by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=955029bd0ad7ef96000f529ac38204a8f4a96401 (v6.8.0)
@@ -286409,6 +286507,7 @@ CVE-2020-12432 (The WOPI API integration for Vereign Collabora CODE through 4.2.
 CVE-2020-12431 (A Windows privilege change issue was discovered in Splashtop Software  ...)
 	NOT-FOR-US: Splashtop Software Updater
 CVE-2020-12430 (An issue was discovered in qemuDomainGetStatsIOThread in qemu/qemu_dri ...)
+	{DLA-3778-1}
 	[experimental] - libvirt 6.2.0-1
 	- libvirt 6.4.0-2 (low; bug #959447)
 	[stretch] - libvirt <not-affected> (Vulnerable code introduced later)
@@ -292632,6 +292731,7 @@ CVE-2020-10704 (A flaw was found when using samba as an Active Directory Domain
 	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14334
 	NOTE: https://www.samba.org/samba/security/CVE-2020-10704.html
 CVE-2020-10703 (A NULL pointer dereference was found in the libvirt API responsible in ...)
+	{DLA-3778-1}
 	- libvirt 6.0.0-2
 	[stretch] - libvirt <not-affected> (Vulnerable code introduced later)
 	[jessie] - libvirt <not-affected> (Vulnerable code introduced later)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7c23b22d2c9e778e9b62015826bde5104e204894

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7c23b22d2c9e778e9b62015826bde5104e204894
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240401/a9069da3/attachment.htm>