[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Apr 7 21:12:07 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
49c2eef2 by security tracker role at 2024-04-07T20:11:53+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,93 @@
+CVE-2024-3428 (A vulnerability has been found in SourceCodester Online Courseware 1.0 ...)
+	TODO: check
+CVE-2024-3427 (A vulnerability, which was classified as problematic, was found in Sou ...)
+	TODO: check
+CVE-2024-3426 (A vulnerability, which was classified as problematic, has been found i ...)
+	TODO: check
+CVE-2024-3425 (A vulnerability classified as critical was found in SourceCodester Onl ...)
+	TODO: check
+CVE-2024-3424 (A vulnerability classified as critical has been found in SourceCodeste ...)
+	TODO: check
+CVE-2024-3423 (A vulnerability was found in SourceCodester Online Courseware 1.0. It  ...)
+	TODO: check
+CVE-2024-3422 (A vulnerability was found in SourceCodester Online Courseware 1.0. It  ...)
+	TODO: check
+CVE-2024-3421 (A vulnerability was found in SourceCodester Online Courseware 1.0. It  ...)
+	TODO: check
+CVE-2024-3420 (A vulnerability was found in SourceCodester Online Courseware 1.0 and  ...)
+	TODO: check
+CVE-2024-3419 (A vulnerability has been found in SourceCodester Online Courseware 1.0 ...)
+	TODO: check
+CVE-2024-3418 (A vulnerability, which was classified as critical, was found in Source ...)
+	TODO: check
+CVE-2024-31349 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+	TODO: check
+CVE-2024-31348 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+	TODO: check
+CVE-2024-31346 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+	TODO: check
+CVE-2024-31345 (Unrestricted Upload of File with Dangerous Type vulnerability in Sukhc ...)
+	TODO: check
+CVE-2024-31344 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+	TODO: check
+CVE-2024-31308 (Deserialization of Untrusted Data vulnerability in VJInfotech WP Impor ...)
+	TODO: check
+CVE-2024-31306 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+	TODO: check
+CVE-2024-31296 (Authorization Bypass Through User-Controlled Key vulnerability in Repu ...)
+	TODO: check
+CVE-2024-31292 (Unrestricted Upload of File with Dangerous Type vulnerability in Moove ...)
+	TODO: check
+CVE-2024-31291 (Authorization Bypass Through User-Controlled Key vulnerability in Meta ...)
+	TODO: check
+CVE-2024-31288 (Server-Side Request Forgery (SSRF) vulnerability in RapidLoad RapidLoa ...)
+	TODO: check
+CVE-2024-31286 (Unrestricted Upload of File with Dangerous Type vulnerability in J.N.  ...)
+	TODO: check
+CVE-2024-31280 (Unrestricted Upload of File with Dangerous Type vulnerability in Andy  ...)
+	TODO: check
+CVE-2024-31277 (Deserialization of Untrusted Data vulnerability in PickPlugins Product ...)
+	TODO: check
+CVE-2024-31260 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+	TODO: check
+CVE-2024-31258 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+	TODO: check
+CVE-2024-31257 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+	TODO: check
+CVE-2024-31256 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+	TODO: check
+CVE-2024-31255 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+	TODO: check
+CVE-2024-31241 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+	TODO: check
+CVE-2024-31236 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+	TODO: check
+CVE-2024-31234 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+	TODO: check
+CVE-2024-31233 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+	TODO: check
+CVE-2024-30418 (Vulnerability of insufficient permission verification in the app manag ...)
+	TODO: check
+CVE-2024-30417 (Path traversal vulnerability in the Bluetooth-based sharing module. Im ...)
+	TODO: check
+CVE-2024-30416 (Use After Free (UAF) vulnerability in the underlying driver module. Im ...)
+	TODO: check
+CVE-2024-22155 (Cross-Site Request Forgery (CSRF) vulnerability in Automattic WooComme ...)
+	TODO: check
+CVE-2023-52717 (Permission verification vulnerability in the lock screen module. Impac ...)
+	TODO: check
+CVE-2023-52716 (Vulnerability of starting activities in the background in the Activity ...)
+	TODO: check
+CVE-2023-52715 (The SystemUI module has a vulnerability in permission management. Impa ...)
+	TODO: check
+CVE-2023-52714 (Vulnerability of defects introduced in the design process in the hwnff ...)
+	TODO: check
+CVE-2023-52713 (Vulnerability of improper permission control in the window management  ...)
+	TODO: check
+CVE-2023-52382 (Vulnerability of improper control over foreground service notification ...)
+	TODO: check
+CVE-2021-4438 (A vulnerability, which was classified as critical, has been found in k ...)
+	TODO: check
 CVE-2024-3417 (A vulnerability, which was classified as critical, has been found in S ...)
 	NOT-FOR-US: SourceCodester Online Courseware
 CVE-2024-3416 (A vulnerability classified as critical was found in SourceCodester Onl ...)
@@ -213286,12 +213376,14 @@ CVE-2021-30500 (Null pointer dereference was found in upx PackLinuxElf::canUnpac
 	NOTE: https://github.com/upx/upx/issues/485
 	NOTE: https://github.com/upx/upx/commit/be050693f229d629f56650f67f612fc68e285600 (v3.99)
 CVE-2021-30499 (A flaw was found in libcaca. A buffer overflow of export.c in function ...)
+	{DLA-3784-1}
 	- libcaca 0.99.beta19-3 (bug #987278)
 	[bullseye] - libcaca <no-dsa> (Minor issue)
 	[stretch] - libcaca <postponed> (Minor issue; can be fixed in next update)
 	NOTE: https://github.com/cacalabs/libcaca/issues/54
 	NOTE: Fixed by: https://github.com/cacalabs/libcaca/commit/ab04483ee1a846d6b74b2e6248e980152baec3f6 (v0.99.beta20)
 CVE-2021-30498 (A flaw was found in libcaca. A heap buffer overflow in export.c in fun ...)
+	{DLA-3784-1}
 	- libcaca 0.99.beta19-3 (bug #987278)
 	[bullseye] - libcaca <no-dsa> (Minor issue)
 	[stretch] - libcaca <postponed> (Minor issue; can be fixed in next update)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/49c2eef2c0bf2b501d964d14f22f44f96b17b566

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/49c2eef2c0bf2b501d964d14f22f44f96b17b566
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240407/6ed00e98/attachment.htm>

More information about the debian-security-tracker-commits mailing list