[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Apr 6 21:12:05 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1842a9d7 by security tracker role at 2024-04-06T20:11:53+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,33 @@
+CVE-2024-3413 (A vulnerability has been found in SourceCodester Human Resource Inform ...)
+	TODO: check
+CVE-2024-3378 (A vulnerability has been found in iboss Secure Web Gateway up to 10.1  ...)
+	TODO: check
+CVE-2024-3377 (A vulnerability classified as problematic was found in SourceCodester  ...)
+	TODO: check
+CVE-2024-3376 (A vulnerability classified as critical has been found in SourceCodeste ...)
+	TODO: check
+CVE-2024-3369 (A vulnerability, which was classified as critical, has been found in c ...)
+	TODO: check
+CVE-2024-3366 (A vulnerability classified as problematic was found in Xuxueli xxl-job ...)
+	TODO: check
+CVE-2024-3365 (A vulnerability was found in SourceCodester Online Library System 1.0. ...)
+	TODO: check
+CVE-2024-3364 (A vulnerability was found in SourceCodester Online Library System 1.0. ...)
+	TODO: check
+CVE-2024-3363 (A vulnerability was found in SourceCodester Online Library System 1.0. ...)
+	TODO: check
+CVE-2024-2296 (The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery plugin ...)
+	TODO: check
+CVE-2024-2132 (The Ultimate Bootstrap Elements for Elementor plugin for WordPress is  ...)
+	TODO: check
+CVE-2024-28741 (Cross Site Scripting vulnerability in EginDemirbilek NorthStar C2 v1 a ...)
+	TODO: check
+CVE-2024-27620 (An issue in Ladder v.0.0.1 thru v.0.0.21 allows a remote attacker to o ...)
+	TODO: check
+CVE-2024-25029 (IBM Personal Communications 14.0.6 through 15.0.1 includes a Windows s ...)
+	TODO: check
+CVE-2024-22328 (IBM Maximo Application Suite 8.10 and 8.11 could allow a remote attack ...)
+	TODO: check
 CVE-2024-XXXX [RUSTSEC-2024-0332: Degradation of service in h2 servers with CONTINUATION Flood]
 	- rust-h2 <unfixed>
 	NOTE: https://rustsec.org/advisories/RUSTSEC-2024-0332.html
@@ -204,7 +234,7 @@ CVE-2024-26812 (In the Linux kernel, the following vulnerability has been resolv
 CVE-2024-26810 (In the Linux kernel, the following vulnerability has been resolved:  v ...)
 	- linux <unfixed>
 	NOTE: https://git.kernel.org/linus/810cd4bb53456d0503cc4e7934e063835152c1b7 (6.9-rc1)
-CVE-2024-24746
+CVE-2024-24746 (Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability i ...)
 	NOT-FOR-US: Apache NimBLE
 CVE-2024-3321 (A vulnerability classified as problematic has been found in SourceCode ...)
 	NOT-FOR-US: SourceCodester eLearning System
@@ -1448,17 +1478,17 @@ CVE-2023-35764 (Insufficient verification of data authenticity issue in Survey M
 	NOT-FOR-US: Survey Maker
 CVE-2023-34423 (Survey Maker prior to 3.6.4 contains a stored cross-site scripting vul ...)
 	NOT-FOR-US: Survey Maker
-CVE-2024-3159
+CVE-2024-3159 (Out of bounds memory access in V8 in Google Chrome prior to 123.0.6312 ...)
 	{DSA-5654-1}
 	- chromium 123.0.6312.105-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 	[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2024-3158
+CVE-2024-3158 (Use after free in Bookmarks in Google Chrome prior to 123.0.6312.105 a ...)
 	{DSA-5654-1}
 	- chromium 123.0.6312.105-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 	[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2024-3156
+CVE-2024-3156 (Inappropriate implementation in V8 in Google Chrome prior to 123.0.631 ...)
 	{DSA-5654-1}
 	- chromium 123.0.6312.105-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
@@ -16321,7 +16351,7 @@ CVE-2023-47355 (The com.eypcnnapps.quickreboot (aka Eyuep Can Yilmaz {ROOT] Quic
 	NOT-FOR-US: com.eypcnnapps.quickreboot application
 CVE-2021-4436 (The 3DPrint Lite WordPress plugin before 1.9.1.5 does not have any aut ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2024-0406
+CVE-2024-0406 (A flaw was discovered in the mholt/archiver package. This flaw allows  ...)
 	NOT-FOR-US: mholt/archiver Go package
 CVE-2024-25089 (Malwarebytes Binisoft Windows Firewall Control before 6.9.9.2 allows r ...)
 	NOT-FOR-US: Malwarebytes Binisoft Windows Firewall Control



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1842a9d767012a4ffeaf4a1ecfd330af962a8624

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1842a9d767012a4ffeaf4a1ecfd330af962a8624
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240406/75b874be/attachment.htm>

More information about the debian-security-tracker-commits mailing list