[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Apr 8 09:12:01 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1f72ca01 by security tracker role at 2024-04-08T08:11:46+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,101 @@
+CVE-2024-3437 (A vulnerability was found in SourceCodester Prison Management System 1 ...)
+	TODO: check
+CVE-2024-3436 (A vulnerability was found in SourceCodester Prison Management System 1 ...)
+	TODO: check
+CVE-2024-3434 (A vulnerability classified as critical was found in CP Plus Wi-Fi Came ...)
+	TODO: check
+CVE-2024-3433 (A vulnerability classified as problematic has been found in PuneethRed ...)
+	TODO: check
+CVE-2024-3432 (A vulnerability was found in PuneethReddyHC Event Management 1.0. It h ...)
+	TODO: check
+CVE-2024-3431 (A vulnerability was found in EyouCMS 1.6.5. It has been declared as cr ...)
+	TODO: check
+CVE-2024-3430 (A vulnerability was found in QKSMS up to 3.9.4 on Android. It has been ...)
+	TODO: check
+CVE-2024-31951 (In the Opaque LSA Extended Link parser in FRRouting (FRR) through 9.1, ...)
+	TODO: check
+CVE-2024-31950 (In FRRouting (FRR) through 9.1, there can be a buffer overflow and dae ...)
+	TODO: check
+CVE-2024-31949 (In FRRouting (FRR) through 9.1, an infinite loop can occur when receiv ...)
+	TODO: check
+CVE-2024-31948 (In FRRouting (FRR) through 9.1, an attacker using a malformed Prefix S ...)
+	TODO: check
+CVE-2024-31022 (An issue was discovered in CandyCMS version 1.0.0, allows remote attac ...)
+	TODO: check
+CVE-2024-30675 (Unauthorized node injection vulnerability in ROS2 Iron Irwini in ROS_V ...)
+	TODO: check
+CVE-2024-30674 (Unauthorized access vulnerability in ROS2 Iron Irwini in ROS_VERSION i ...)
+	TODO: check
+CVE-2024-30672 (Arbitrary file upload vulnerability in ROS (Robot Operating System) Me ...)
+	TODO: check
+CVE-2024-30667 (Insecure deserialization vulnerability in ROS (Robot Operating System) ...)
+	TODO: check
+CVE-2024-30666 (A buffer overflow vulnerability has been discovered in the C++ compone ...)
+	TODO: check
+CVE-2024-30665 (An OS command injection vulnerability has been discovered in ROS (Robo ...)
+	TODO: check
+CVE-2024-30663 (An issue was discovered in the default configurations of ROS (Robot Op ...)
+	TODO: check
+CVE-2024-30662 (An issue was discovered in ROS (Robot Operating System) Melodic Moreni ...)
+	TODO: check
+CVE-2024-30661 (An unauthorized access vulnerability has been discovered in ROS Melodi ...)
+	TODO: check
+CVE-2024-30659 (Shell Injection vulnerability in ROS (Robot Operating System) Melodic  ...)
+	TODO: check
+CVE-2024-28744 (The password is empty in the initial configuration of ACERA 9010-08 fi ...)
+	TODO: check
+CVE-2024-27488 (Incorrect Access Control vulnerability in ZLMediaKit versions 1.0 thro ...)
+	TODO: check
+CVE-2024-23658 (In camera driver, there is a possible use after free due to a logic er ...)
+	TODO: check
+CVE-2024-1958 (The wpb-show-core WordPress plugin before 2.7 does not sanitise and es ...)
+	TODO: check
+CVE-2024-1956 (The wpb-show-core WordPress plugin before 2.7 does not sanitise and es ...)
+	TODO: check
+CVE-2024-1752 (The Font Farsi WordPress plugin through 1.6.6 does not sanitise and es ...)
+	TODO: check
+CVE-2024-1589 (The SendPress Newsletters WordPress plugin through 1.23.11.6 does not  ...)
+	TODO: check
+CVE-2024-1588 (The SendPress Newsletters WordPress plugin through 1.23.11.6 does not  ...)
+	TODO: check
+CVE-2024-1292 (The wpb-show-core WordPress plugin before 2.6 does not sanitise and es ...)
+	TODO: check
+CVE-2023-52536 (In faceid service, there is a possible out of bounds read due to a mis ...)
+	TODO: check
+CVE-2023-52535 (In vsp driver, there is a possible missing verification incorrect inpu ...)
+	TODO: check
+CVE-2023-52534 (In ngmm, there is a possible undefined behavior due to incorrect error ...)
+	TODO: check
+CVE-2023-52533 (In modem-ps-nas-ngmm, there is a possible undefined behavior due to in ...)
+	TODO: check
+CVE-2023-52352 (In Network Adapter Service, there is a possible missing permission che ...)
+	TODO: check
+CVE-2023-52351 (In ril service, there is a possible out of bounds write due to a missi ...)
+	TODO: check
+CVE-2023-52350 (In ril service, there is a possible out of bounds write due to a missi ...)
+	TODO: check
+CVE-2023-52349 (In ril service, there is a possible out of bounds write due to a missi ...)
+	TODO: check
+CVE-2023-52348 (In ril service, there is a possible out of bounds write due to a missi ...)
+	TODO: check
+CVE-2023-52347 (In ril service, there is a possible out of bounds write due to a missi ...)
+	TODO: check
+CVE-2023-52346 (In modem driver, there is a possible system crash due to improper inpu ...)
+	TODO: check
+CVE-2023-52345 (In modem driver, there is a possible system crash due to improper inpu ...)
+	TODO: check
+CVE-2023-52344 (In modem-ps-nas-ngmm, there is a possible undefined behavior due to in ...)
+	TODO: check
+CVE-2023-52343 (In SecurityCommand message after as security has been actived., there  ...)
+	TODO: check
+CVE-2023-52342 (In modem-ps-nas-ngmm, there is a possible undefined behavior due to in ...)
+	TODO: check
+CVE-2023-52341 (In Plaintext COUNTER CHECK message accepted before AS security activat ...)
+	TODO: check
+CVE-2021-47208 (The Mojolicious module before 9.11 for Perl has a bug in format detect ...)
+	TODO: check
+CVE-2020-36829 (The Mojolicious module before 8.65 for Perl is vulnerable to secure_co ...)
+	TODO: check
 CVE-2024-3428 (A vulnerability has been found in SourceCodester Online Courseware 1.0 ...)
 	NOT-FOR-US: SourceCodester Online Courseware
 CVE-2024-3427 (A vulnerability, which was classified as problematic, was found in Sou ...)
@@ -356,7 +454,7 @@ CVE-2024-3311 (A vulnerability was found in Dreamer CMS up to 4.1.3.0. It has be
 	NOT-FOR-US: Dreamer CMS
 CVE-2024-3217 (The WP Directory Kit plugin for WordPress is vulnerable to SQL Injecti ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2024-31498 (ykman-gui (aka YubiKey Manager GUI) before 1.2.6 on Windows, when Edge ...)
+CVE-2024-31498 (Yubico ykman-gui (aka YubiKey Manager GUI) before 1.2.6 on Windows, wh ...)
 	- yubikey-manager-qt <not-affected> (Only affects ykman-gui on Windows)
 	NOTE: https://www.yubico.com/support/security-advisories/ysa-2024-01/
 CVE-2024-31212 (InstantCMS is a free and open source content management system. A SQL  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1f72ca01b1166f2c5b72a9310bac8586a493d566

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1f72ca01b1166f2c5b72a9310bac8586a493d566
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240408/fac04e1f/attachment.htm>

More information about the debian-security-tracker-commits mailing list