[Git][security-tracker-team/security-tracker][master] automatic update

Tue Apr 23 21:11:55 BST 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3ccfd9a6 by security tracker role at 2024-04-23T20:11:43+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,4 +1,68 @@
-CVE-2024-26922 [drm/amdgpu: validate the parameters of bo mapping operations more clearly]
+CVE-2024-4065 (A vulnerability was found in Tenda AC8 16.03.34.09. It has been rated  ...)
+	TODO: check
+CVE-2024-4064 (A vulnerability was found in Tenda AC8 16.03.34.09. It has been declar ...)
+	TODO: check
+CVE-2024-4063 (A vulnerability was found in EZVIZ CS-C6-21WFR-8 5.2.7 Build 170628. I ...)
+	TODO: check
+CVE-2024-4062 (A vulnerability was found in Hualai Xiaofang iSC5 3.2.2_112 and classi ...)
+	TODO: check
+CVE-2024-3911 (An unauthenticated remote attacker candeceive users into performing un ...)
+	TODO: check
+CVE-2024-3732 (The GeoDirectory \u2013 WordPress Business Directory Plugin, or Classi ...)
+	TODO: check
+CVE-2024-3665 (The Rank Math SEO with AI SEO Tools plugin for WordPress is vulnerable ...)
+	TODO: check
+CVE-2024-3491 (The Schema & Structured Data for WP & AMP plugin for WordPress is vuln ...)
+	TODO: check
+CVE-2024-3185 (A key used in logging.json does not follow the least privilege princip ...)
+	TODO: check
+CVE-2024-33217 (Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based ...)
+	TODO: check
+CVE-2024-33215 (Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based ...)
+	TODO: check
+CVE-2024-33214 (Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based ...)
+	TODO: check
+CVE-2024-33213 (Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based ...)
+	TODO: check
+CVE-2024-33212 (Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based ...)
+	TODO: check
+CVE-2024-33211 (Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based ...)
+	TODO: check
+CVE-2024-32679 (Missing Authorization vulnerability in Shared Files PRO Shared Files.T ...)
+	TODO: check
+CVE-2024-32661 (FreeRDP is a free implementation of the Remote Desktop Protocol. FreeR ...)
+	TODO: check
+CVE-2024-32660 (FreeRDP is a free implementation of the Remote Desktop Protocol. Prior ...)
+	TODO: check
+CVE-2024-32659 (FreeRDP is a free implementation of the Remote Desktop Protocol. FreeR ...)
+	TODO: check
+CVE-2024-32658 (FreeRDP is a free implementation of the Remote Desktop Protocol. FreeR ...)
+	TODO: check
+CVE-2024-32482 (The Tillitis TKey signer device application is an ed25519 signing tool ...)
+	TODO: check
+CVE-2024-32258 (The network server of fceux 2.7.0 has a path traversal vulnerability,  ...)
+	TODO: check
+CVE-2024-31804 (An unquoted service path vulnerability in Terratec DMX_6Fire USB v.1.2 ...)
+	TODO: check
+CVE-2024-31208 (Synapse is an open-source Matrix homeserver. A remote Matrix user with ...)
+	TODO: check
+CVE-2024-30800 (PX4 Autopilot v.1.14 allows an attacker to fly the drone into no-fly z ...)
+	TODO: check
+CVE-2024-2477 (The wpDiscuz plugin for WordPress is vulnerable to Stored Cross-Site S ...)
+	TODO: check
+CVE-2024-28627 (An issue in Flipsnack v.18/03/2024 allows a local attacker to obtain s ...)
+	TODO: check
+CVE-2024-28130 (An incorrect type conversion vulnerability exists in the DVPSSoftcopyV ...)
+	TODO: check
+CVE-2024-21979 (An out of bounds write vulnerability in the AMD Radeon\u2122 user mode ...)
+	TODO: check
+CVE-2024-21972 (An out of bounds write vulnerability in the AMD Radeon\u2122 user mode ...)
+	TODO: check
+CVE-2024-0900 (The Elespare \u2013 Build Your Blog, News & Magazine Websites with Exp ...)
+	TODO: check
+CVE-2023-47731 (IBM QRadar Suite Software 1.10.12.0 through 1.10.19.0 and IBM Cloud Pa ...)
+	TODO: check
+CVE-2024-26922 (In the Linux kernel, the following vulnerability has been resolved:  d ...)
 	- linux <unfixed>
 	NOTE: https://git.kernel.org/linus/6fef2d4c00b5b8561ad68dd2b68173f5c6af1e75 (6.9-rc5)
 CVE-2024-4031 (Unquoted Search Path or Element vulnerability in Logitech MEVO WEBCAM  ...)
@@ -37,7 +101,7 @@ CVE-2024-2760 (Bkav Home v7816, build 2403161130 is vulnerable to a Memory Infor
 	NOT-FOR-US: Bkac
 CVE-2024-2493 (Session Hijacking vulnerability in Hitachi Ops Center Analyzer.This is ...)
 	NOT-FOR-US: Hitachi
-CVE-2024-29368 (An issue discovered in moziloCMS v2.0 allows attackers to bypass file  ...)
+CVE-2024-29368 (An arbitrary file upload vulnerability in the file handling module of  ...)
 	NOT-FOR-US: moziloCMS
 CVE-2024-28890 (Forminator prior to 1.29.0 contains an unrestricted upload of file wit ...)
 	NOT-FOR-US: WordPress plugin
@@ -862,6 +926,7 @@ CVE-2023-4232 (A flaw was found in ofono, an Open Source Telephony on Linux. A s
 	- ofono <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2255394
 CVE-2024-3914 (Use after free in V8 in Google Chrome prior to 124.0.6367.60 allowed a ...)
+	{DSA-5668-1}
 	- chromium 124.0.6367.60-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 	[buster] - chromium <end-of-life> (see DSA 5046)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ccfd9a688f95b660eacfb22c03f00cacb1fef01

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ccfd9a688f95b660eacfb22c03f00cacb1fef01
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240423/ec217201/attachment.htm>
