[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Apr 27 09:11:45 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5a993a91 by security tracker role at 2024-04-27T08:11:30+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,51 @@
+CVE-2024-4245 (A vulnerability, which was classified as critical, has been found in T ...)
+	TODO: check
+CVE-2024-4244 (A vulnerability classified as critical was found in Tenda W9 1.0.0.7(4 ...)
+	TODO: check
+CVE-2024-4243 (A vulnerability classified as critical has been found in Tenda W9 1.0. ...)
+	TODO: check
+CVE-2024-4242 (A vulnerability was found in Tenda W9 1.0.0.7(4456). It has been rated ...)
+	TODO: check
+CVE-2024-4241 (A vulnerability was found in Tenda W9 1.0.0.7(4456). It has been decla ...)
+	TODO: check
+CVE-2024-4240 (A vulnerability was found in Tenda W9 1.0.0.7(4456). It has been class ...)
+	TODO: check
+CVE-2024-4239 (A vulnerability was found in Tenda AX1806 1.0.0.1 and classified as cr ...)
+	TODO: check
+CVE-2024-3052 (Malformed S2 Nonce Get command classes can be sent to crash the gatewa ...)
+	TODO: check
+CVE-2024-3051 (Malformed Device Reset Locally command classes can be sent to temporar ...)
+	TODO: check
+CVE-2024-3034 (The BackUpWordPress plugin for WordPress is vulnerable to Directory Tr ...)
+	TODO: check
+CVE-2024-32887 (Sidekiq is simple, efficient background processing for Ruby. Sidekiq i ...)
+	TODO: check
+CVE-2024-32883 (MCUboot is a secure bootloader for 32-bits microcontrollers. MCUboot u ...)
+	TODO: check
+CVE-2024-32881 (Danswer is the AI Assistant connected to company's docs, apps, and peo ...)
+	TODO: check
+CVE-2024-32878 (Llama.cpp is LLM inference in C/C++. There is a use of uninitialized h ...)
+	TODO: check
+CVE-2024-31828 (Cross Site Scripting vulnerability in Lavalite CMS v.10.1.0 allows att ...)
+	TODO: check
+CVE-2024-31741 (Cross Site Scripting vulnerability in MiniCMS v.1.11 allows a remote a ...)
+	TODO: check
+CVE-2024-31601 (An issue in Beijing Panabit Network Software Co., Ltd Panalog big data ...)
+	TODO: check
+CVE-2024-31551 (Directory Traversal vulnerability in lib/admin/image.admin.php in cmse ...)
+	TODO: check
+CVE-2024-31502 (An issue in Insurance Management System v.1.0.0 and before allows a re ...)
+	TODO: check
+CVE-2024-30804 (An issue discovered in the DeviceIoControl component in ASUS Fan_Xpert ...)
+	TODO: check
+CVE-2024-2859 (By default, SANnav OVA is shipped with root user login enabled.  While ...)
+	TODO: check
+CVE-2024-2838 (The WPC Composite Products for WooCommerce plugin for WordPress is vul ...)
+	TODO: check
+CVE-2024-2258 (The Form Maker by 10Web \u2013 Mobile-Friendly Drag & Drop Contact For ...)
+	TODO: check
+CVE-2024-28322 (SQL Injection vulnerability in /event-management-master/backend/regist ...)
+	TODO: check
 CVE-2024-4238 (A vulnerability has been found in Tenda AX1806 1.0.0.1 and classified  ...)
 	TODO: check
 CVE-2024-4237 (A vulnerability, which was classified as critical, was found in Tenda  ...)
@@ -1201,13 +1249,13 @@ CVE-2024-29965 (In Brocade SANnav before v2.3.1, and v2.3.0a, it is possible to
 	NOT-FOR-US: Brocade SANnav
 CVE-2024-29964 (Brocade SANnav versions before v2.3.0a do not correctly set permission ...)
 	NOT-FOR-US: Brocade SANnav
-CVE-2024-29963 (Brocade SANnav OVA before v2.3.1, and v2.3.0a, contain hardcoded keys  ...)
+CVE-2024-29963 (Brocade SANnav OVA before v2.3.1, and v2.3.0a, contain hardcoded TLS k ...)
 	NOT-FOR-US: Brocade SANnav
 CVE-2024-29962 (Brocade SANnav OVA before v2.3.1 and v2.3.0a have an insecure file per ...)
 	NOT-FOR-US: Brocade SANnav
 CVE-2024-29961 (A vulnerability affects Brocade SANnav before v2.3.1 and v2.3.0a. It a ...)
 	NOT-FOR-US: Brocade SANnav
-CVE-2024-29960 (In the Brocade SANnav server versions before v2.3.1 and v2.3.0a, the S ...)
+CVE-2024-29960 (In Brocade SANnav server before v2.3.1 and v2.3.0a, the SSH keys insid ...)
 	NOT-FOR-US: Brocade SANnav
 CVE-2024-29959 (A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints Bro ...)
 	NOT-FOR-US: Brocade SANnav



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5a993a911078a8b61b85a31f3dc2f6ff91d339a5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5a993a911078a8b61b85a31f3dc2f6ff91d339a5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240427/de39278d/attachment.htm>

More information about the debian-security-tracker-commits mailing list