[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Aug 14 21:12:16 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
aaf3bb80 by security tracker role at 2024-08-14T20:11:53+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,11 +1,369 @@
-CVE-2024-7347
+CVE-2024-7792 (A vulnerability was found in SourceCodester Task Progress Tracker 1.0. ...)
+ TODO: check
+CVE-2024-7790 (A stored cross site scripting vulnerabilities exists in DevikaAI from ...)
+ TODO: check
+CVE-2024-7515 (CVE-2024-7515 IMPACT A denial-of-service vulnerability exists in the ...)
+ TODO: check
+CVE-2024-7513 (CVE-2024-7513 IMPACT A code execution vulnerability exists in the aff ...)
+ TODO: check
+CVE-2024-7507 (CVE-2024-7507 IMPACT A denial-of-service vulnerability exists in the ...)
+ TODO: check
+CVE-2024-6532 (The Sheet to Table Live Sync for Google Sheet plugin for WordPress is ...)
+ TODO: check
+CVE-2024-6078 (CVE-2024-6078 IMPACT An improper authentication vulnerability exists ...)
+ TODO: check
+CVE-2024-5916 (An information exposure vulnerability in Palo Alto Networks PAN-OS sof ...)
+ TODO: check
+CVE-2024-5915 (A privilege escalation (PE) vulnerability in the Palo Alto Networks Gl ...)
+ TODO: check
+CVE-2024-5914 (A command injection issue in Palo Alto Networks Cortex XSOAR CommonScr ...)
+ TODO: check
+CVE-2024-4389 (The Slider and Carousel slider by Depicter plugin for WordPress is vul ...)
+ TODO: check
+CVE-2024-42441 (Improper privilege management in the installer for Zoom Workplace Desk ...)
+ TODO: check
+CVE-2024-42440 (Improper privilege management in the installer for Zoom Workplace Desk ...)
+ TODO: check
+CVE-2024-42439 (Untrusted search path in the installer for Zoom Workplace Desktop App ...)
+ TODO: check
+CVE-2024-42438 (Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and ...)
+ TODO: check
+CVE-2024-42437 (Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and ...)
+ TODO: check
+CVE-2024-42436 (Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and ...)
+ TODO: check
+CVE-2024-42435 (Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Ro ...)
+ TODO: check
+CVE-2024-42434 (Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Ro ...)
+ TODO: check
+CVE-2024-42360 (SequenceServer lets you rapidly set up a BLAST+ server with an intuiti ...)
+ TODO: check
+CVE-2024-41866 (InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by ...)
+ TODO: check
+CVE-2024-41865 (Dimension versions 3.4.11 and earlier are affected by an Untrusted Sea ...)
+ TODO: check
+CVE-2024-41864 (Substance3D - Designer versions 13.1.2 and earlier are affected by an ...)
+ TODO: check
+CVE-2024-41863 (Substance3D - Sampler versions 4.5 and earlier are affected by an out- ...)
+ TODO: check
+CVE-2024-41862 (Substance3D - Sampler versions 4.5 and earlier are affected by an out- ...)
+ TODO: check
+CVE-2024-41861 (Substance3D - Sampler versions 4.5 and earlier are affected by an out- ...)
+ TODO: check
+CVE-2024-41860 (Substance3D - Sampler versions 4.5 and earlier are affected by an out- ...)
+ TODO: check
+CVE-2024-41858 (InCopy versions 18.5.2, 19.4 and earlier are affected by an Integer Ov ...)
+ TODO: check
+CVE-2024-41856 (Illustrator versions 28.5, 27.9.4 and earlier are affected by an Impro ...)
+ TODO: check
+CVE-2024-41854 (InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by ...)
+ TODO: check
+CVE-2024-41853 (InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by ...)
+ TODO: check
+CVE-2024-41852 (InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by ...)
+ TODO: check
+CVE-2024-41851 (InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by ...)
+ TODO: check
+CVE-2024-41850 (InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by ...)
+ TODO: check
+CVE-2024-41840 (Bridge versions 13.0.8, 14.1.1 and earlier are affected by an out-of-b ...)
+ TODO: check
+CVE-2024-41835 (Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.0 ...)
+ TODO: check
+CVE-2024-41834 (Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.0 ...)
+ TODO: check
+CVE-2024-41833 (Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.0 ...)
+ TODO: check
+CVE-2024-41832 (Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.0 ...)
+ TODO: check
+CVE-2024-41831 (Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.0 ...)
+ TODO: check
+CVE-2024-41830 (Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.0 ...)
+ TODO: check
+CVE-2024-41727 (In BIG-IP tenants running on r2000 and r4000 series hardware, or BIG-I ...)
+ TODO: check
+CVE-2024-41723 (Undisclosed requests to BIG-IP iControl REST can lead to information l ...)
+ TODO: check
+CVE-2024-41719 (When generating QKView of BIG-IP Next instance from the BIG-IP Next Ce ...)
+ TODO: check
+CVE-2024-41164 (When TCP profile with Multipath TCP enabled (MPTCP) is configured on a ...)
+ TODO: check
+CVE-2024-40620 (CVE-2024-40620 IMPACT A vulnerability exists in the affected product ...)
+ TODO: check
+CVE-2024-40619 (CVE-2024-40619 IMPACT A denial-of-service vulnerability exists in the ...)
+ TODO: check
+CVE-2024-39825 (Buffer overflow in some Zoom Workplace Apps and Rooms Clients may allo ...)
+ TODO: check
+CVE-2024-39824 (Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Ro ...)
+ TODO: check
+CVE-2024-39823 (Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Ro ...)
+ TODO: check
+CVE-2024-39822 (Sensitive information exposure in some Zoom Workplace Apps, SDKs, Room ...)
+ TODO: check
+CVE-2024-39818 (Protection mechanism failure for some Zoom Workplace Apps and SDKs may ...)
+ TODO: check
+CVE-2024-39809 (The Central Manager user session refresh token does not expire when a ...)
+ TODO: check
+CVE-2024-39792 (When the NGINX Plus is configured to use the MQTT pre-read module, und ...)
+ TODO: check
+CVE-2024-39778 (When a stateless virtual server is configured on BIG-IP system with a ...)
+ TODO: check
+CVE-2024-39426 (Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.0 ...)
+ TODO: check
+CVE-2024-39425 (Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.0 ...)
+ TODO: check
+CVE-2024-39424 (Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.0 ...)
+ TODO: check
+CVE-2024-39423 (Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.0 ...)
+ TODO: check
+CVE-2024-39422 (Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.0 ...)
+ TODO: check
+CVE-2024-39420 (Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.0 ...)
+ TODO: check
+CVE-2024-39419 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
+ TODO: check
+CVE-2024-39418 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
+ TODO: check
+CVE-2024-39417 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
+ TODO: check
+CVE-2024-39416 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
+ TODO: check
+CVE-2024-39415 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
+ TODO: check
+CVE-2024-39414 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
+ TODO: check
+CVE-2024-39413 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
+ TODO: check
+CVE-2024-39412 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
+ TODO: check
+CVE-2024-39411 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
+ TODO: check
+CVE-2024-39410 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
+ TODO: check
+CVE-2024-39409 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
+ TODO: check
+CVE-2024-39408 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
+ TODO: check
+CVE-2024-39407 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
+ TODO: check
+CVE-2024-39406 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
+ TODO: check
+CVE-2024-39405 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
+ TODO: check
+CVE-2024-39404 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
+ TODO: check
+CVE-2024-39403 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
+ TODO: check
+CVE-2024-39402 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
+ TODO: check
+CVE-2024-39401 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
+ TODO: check
+CVE-2024-39400 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
+ TODO: check
+CVE-2024-39399 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
+ TODO: check
+CVE-2024-39398 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
+ TODO: check
+CVE-2024-39397 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
+ TODO: check
+CVE-2024-39395 (InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by ...)
+ TODO: check
+CVE-2024-39394 (InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by ...)
+ TODO: check
+CVE-2024-39393 (InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by ...)
+ TODO: check
+CVE-2024-39391 (InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by ...)
+ TODO: check
+CVE-2024-39390 (InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by ...)
+ TODO: check
+CVE-2024-39389 (InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by ...)
+ TODO: check
+CVE-2024-39388 (Substance3D - Stager versions 3.0.2 and earlier are affected by a Use ...)
+ TODO: check
+CVE-2024-39387 (Bridge versions 13.0.8, 14.1.1 and earlier are affected by an out-of-b ...)
+ TODO: check
+CVE-2024-39386 (Bridge versions 13.0.8, 14.1.1 and earlier are affected by an out-of-b ...)
+ TODO: check
+CVE-2024-39383 (Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.0 ...)
+ TODO: check
+CVE-2024-39283 (Incomplete filtering of special elements in Intel(R) TDX module softwa ...)
+ TODO: check
+CVE-2024-38483 (Dell BIOS contains an Improper Input Validation vulnerability in an ex ...)
+ TODO: check
+CVE-2024-37529 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 ...)
+ TODO: check
+CVE-2024-37028 (BIG-IP Next Central Manager may allow an attacker to lock out an accou ...)
+ TODO: check
+CVE-2024-35152 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 ...)
+ TODO: check
+CVE-2024-35136 (IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) fede ...)
+ TODO: check
+CVE-2024-34163 (Improper input validation in firmware for some Intel(R) NUC may allow ...)
+ TODO: check
+CVE-2024-34138 (Illustrator versions 28.5, 27.9.4 and earlier are affected by a NULL P ...)
+ TODO: check
+CVE-2024-34137 (Illustrator versions 28.5, 27.9.4 and earlier are affected by a NULL P ...)
+ TODO: check
+CVE-2024-34136 (Illustrator versions 28.5, 27.9.4 and earlier are affected by a NULL P ...)
+ TODO: check
+CVE-2024-34135 (Illustrator versions 28.5, 27.9.4 and earlier are affected by an out-o ...)
+ TODO: check
+CVE-2024-34134 (Illustrator versions 28.5, 27.9.4 and earlier are affected by an out-o ...)
+ TODO: check
+CVE-2024-34133 (Illustrator versions 28.5, 27.9.4 and earlier are affected by an out-o ...)
+ TODO: check
+CVE-2024-34127 (InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by ...)
+ TODO: check
+CVE-2024-34126 (Dimension versions 3.4.11 and earlier are affected by an out-of-bounds ...)
+ TODO: check
+CVE-2024-34125 (Dimension versions 3.4.11 and earlier are affected by an out-of-bounds ...)
+ TODO: check
+CVE-2024-34124 (Dimension versions 3.4.11 and earlier are affected by an out-of-bounds ...)
+ TODO: check
+CVE-2024-34118 (Illustrator versions 28.5, 27.9.4 and earlier are affected by an Impro ...)
+ TODO: check
+CVE-2024-34117 (Photoshop Desktop versions 24.7.3, 25.9.1 and earlier are affected by ...)
+ TODO: check
+CVE-2024-31882 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 ...)
+ TODO: check
+CVE-2024-29015 (Uncontrolled search path in some Intel(R) VTune(TM) Profiler software ...)
+ TODO: check
+CVE-2024-28953 (Uncontrolled search path in some EMON software before version 11.44 ma ...)
+ TODO: check
+CVE-2024-28947 (Improper input validation in kernel mode driver for some Intel(R) Serv ...)
+ TODO: check
+CVE-2024-28887 (Uncontrolled search path in some Intel(R) IPP software before version ...)
+ TODO: check
+CVE-2024-28876 (Uncontrolled search path for some Intel(R) MPI Library software before ...)
+ TODO: check
+CVE-2024-28799 (IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pa ...)
+ TODO: check
+CVE-2024-28172 (Uncontrolled search path for some Intel(R) Trace Analyzer and Collecto ...)
+ TODO: check
+CVE-2024-28050 (Improper access control in some Intel(R) Arc(TM) & Iris(R) Xe Graphics ...)
+ TODO: check
+CVE-2024-28046 (Uncontrolled search path in some Intel(R) GPA software before version ...)
+ TODO: check
+CVE-2024-27461 (Incorrect default permissions in software installer for Intel(R) MAS ( ...)
+ TODO: check
+CVE-2024-27267 (The Object Request Broker (ORB) in IBM SDK, Java Technology Edition 7. ...)
+ TODO: check
+CVE-2024-27120 (A Local File Inclusion vulnerability has been found in ComfortKey, a p ...)
+ TODO: check
+CVE-2024-26027 (Uncontrolled search path for some Intel(R) Simics Package Manager soft ...)
+ TODO: check
+CVE-2024-26025 (Incorrect default permissions for some Intel(R) Advisor software befor ...)
+ TODO: check
+CVE-2024-26022 (Improper access control in some Intel(R) UEFI Integrator Tools on Apti ...)
+ TODO: check
+CVE-2024-25939 (Mirrored regions with different values in 3rd Generation Intel(R) Xeon ...)
+ TODO: check
+CVE-2024-25576 (improper access control in firmware for some Intel(R) FPGA products be ...)
+ TODO: check
+CVE-2024-25562 (Improper buffer restrictions in some Intel(R) Distribution for GDB sof ...)
+ TODO: check
+CVE-2024-25561 (Insecure inherited permissions in some Intel(R) HID Event Filter softw ...)
+ TODO: check
+CVE-2024-25157 (An authentication bypass vulnerability in GoAnywhere MFT prior to 7.6. ...)
+ TODO: check
+CVE-2024-24986 (Improper access control in Linux kernel mode driver for some Intel(R) ...)
+ TODO: check
+CVE-2024-24983 (Protection mechanism failure in firmware for some Intel(R) Ethernet Ne ...)
+ TODO: check
+CVE-2024-24980 (Protection mechanism failure in some 3rd, 4th, and 5th Generation Inte ...)
+ TODO: check
+CVE-2024-24977 (Uncontrolled search path for some Intel(R) License Manager for FLEXlm ...)
+ TODO: check
+CVE-2024-24973 (Improper input validation for some Intel(R) Distribution for GDB softw ...)
+ TODO: check
+CVE-2024-24853 (Incorrect behavior order in transition between executive monitor and S ...)
+ TODO: check
+CVE-2024-24580 (Improper conditions check in some Intel(R) Data Center GPU Max Series ...)
+ TODO: check
+CVE-2024-23981 (Wrap-around error in Linux kernel mode driver for some Intel(R) Ethern ...)
+ TODO: check
+CVE-2024-23974 (Incorrect default permissions in some Intel(R) ISH software installers ...)
+ TODO: check
+CVE-2024-23909 (Uncontrolled search path in some Intel(R) FPGA SDK for OpenCL(TM) soft ...)
+ TODO: check
+CVE-2024-23908 (Insecure inherited permissions in some Flexlm License Daemons for Inte ...)
+ TODO: check
+CVE-2024-23907 (Uncontrolled search path in some Intel(R) High Level Synthesis Compile ...)
+ TODO: check
+CVE-2024-23499 (Protection mechanism failure in Linux kernel mode driver for some Inte ...)
+ TODO: check
+CVE-2024-23497 (Out-of-bounds write in Linux kernel mode driver for some Intel(R) Ethe ...)
+ TODO: check
+CVE-2024-23495 (Incorrect default permissions in some Intel(R) Distribution for GDB so ...)
+ TODO: check
+CVE-2024-23491 (Uncontrolled search path in some Intel(R) Distribution for GDB softwar ...)
+ TODO: check
+CVE-2024-23489 (Uncontrolled search path for some Intel(R) VROC software before versio ...)
+ TODO: check
+CVE-2024-22378 (Incorrect default permissions in some Intel Unite(R) Client Extended D ...)
+ TODO: check
+CVE-2024-22376 (Uncontrolled search path element in some installation software for Int ...)
+ TODO: check
+CVE-2024-22374 (Insufficient control flow management for some Intel(R) Xeon Processors ...)
+ TODO: check
+CVE-2024-22184 (Uncontrolled search path for some Intel(R) Quartus(R) Prime Pro Editio ...)
+ TODO: check
+CVE-2024-21857 (Uncontrolled search path for some Intel(R) oneAPI Compiler software be ...)
+ TODO: check
+CVE-2024-21844 (Integer overflow in firmware for some Intel(R) CSME may allow an unaut ...)
+ TODO: check
+CVE-2024-21810 (Improper input validation in the Linux kernel mode driver for some Int ...)
+ TODO: check
+CVE-2024-21807 (Improper initialization in the Linux kernel mode driver for some Intel ...)
+ TODO: check
+CVE-2024-21806 (Improper conditions check in Linux kernel mode driver for some Intel(R ...)
+ TODO: check
+CVE-2024-21801 (Insufficient control flow management in some Intel(R) TDX module softw ...)
+ TODO: check
+CVE-2024-21787 (Inadequate encryption strength for some BMRA software before version 2 ...)
+ TODO: check
+CVE-2024-21784 (Uncontrolled search path for some Intel(R) IPP Cryptography software b ...)
+ TODO: check
+CVE-2024-21769 (Uncontrolled search path in some Intel(R) Ethernet Connection I219-LM ...)
+ TODO: check
+CVE-2024-21766 (Uncontrolled search path for some Intel(R) oneAPI Math Kernel Library ...)
+ TODO: check
+CVE-2024-20790 (Dimension versions 3.4.11 and earlier are affected by an out-of-bounds ...)
+ TODO: check
+CVE-2024-20789 (Dimension versions 3.4.11 and earlier are affected by a Use After Free ...)
+ TODO: check
+CVE-2023-50315 (IBM WebSphere Application Server 8.5 and 9.0 could allow an attacker w ...)
+ TODO: check
+CVE-2023-50314 (IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.8 cou ...)
+ TODO: check
+CVE-2023-49144 (Out of bounds read in OpenBMC Firmware for some Intel(R) Server Platfo ...)
+ TODO: check
+CVE-2023-49141 (Improper isolation in some Intel(R) Processors stream cache mechanism ...)
+ TODO: check
+CVE-2023-48361 (Improper initialization in firmware for some Intel(R) CSME may allow a ...)
+ TODO: check
+CVE-2023-43747 (Incorrect default permissions for some Intel(R) Connectivity Performan ...)
+ TODO: check
+CVE-2023-43489 (Improper access control for some Intel(R) CIP software before version ...)
+ TODO: check
+CVE-2023-42667 (Improper isolation in the Intel(R) Core(TM) Ultra Processor stream cac ...)
+ TODO: check
+CVE-2023-40067 (Unchecked return value in firmware for some Intel(R) CSME may allow an ...)
+ TODO: check
+CVE-2023-38655 (Improper buffer restrictions in firmware for some Intel(R) AMT and Int ...)
+ TODO: check
+CVE-2023-35123 (Uncaught exception in OpenBMC Firmware for some Intel(R) Server Platfo ...)
+ TODO: check
+CVE-2023-34424 (Improper input validation in firmware for some Intel(R) CSME may allow ...)
+ TODO: check
+CVE-2024-7347 (NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_ ...)
- nginx <unfixed>
[bookworm] - nginx <no-dsa> (Minor issue)
[bullseye] - nginx <no-dsa> (Minor issue)
NOTE: https://github.com/nginx/nginx/commit/88955b1044ef38315b77ad1a509d63631a790a0f (release-1.27.1)
NOTE: https://github.com/nginx/nginx/commit/7362d01658b61184108c21278443910da68f93b4 (release-1.27.1)
NOTE: https://forum.nginx.org/read.php?27,300027
-CVE-2024-42259 [drm/i915/gem: Fix Virtual Memory mapping boundaries calculation]
+CVE-2024-42259 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/8bdd9ef7e9b1b2a73e394712b72b22055e0e26c3 (6.11-rc3)
CVE-2024-42472
@@ -939,6 +1297,7 @@ CVE-2024-7512 (Concrete CMS versions 9.0.0 through 9.3.2 are affected by a store
CVE-2024-7399 (Improper limitation of a pathname to a restricted directory vulnerabil ...)
NOT-FOR-US: Samsung
CVE-2024-7272 (A vulnerability, which was classified as critical, was found in FFmpeg ...)
+ {DSA-5748-1}
- ffmpeg 7:6.0-4
NOTE: https://trac.ffmpeg.org/ticket/9908
NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=9903ba28c28ab18dc7b7b6fb8571cc8b5caae1a6 (n6.0)
@@ -1826,6 +2185,7 @@ CVE-2024-7084 (The Ajax Search Lite WordPress plugin before 4.12.1 does not sani
CVE-2024-7082 (The Easy Table of Contents WordPress plugin before 2.0.68 does not san ...)
NOT-FOR-US: WordPress plugin
CVE-2024-7055 (A vulnerability was found in FFmpeg up to 7.0.1. It has been classifie ...)
+ {DSA-5748-1}
- ffmpeg 7:7.0.2-1
NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=3faadbe2a27e74ff5bb5f7904ec27bb1f5287dc8 (master)
NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=587acd0d4020859e67d1f07aeff2c885797ebcce (n7.0.2)
@@ -54052,7 +54412,7 @@ CVE-2023-35121 (Improper access control in the Intel(R) oneAPI DPC++/C++ Compile
NOT-FOR-US: Intel
CVE-2023-35062 (Improper access control in some Intel(R) DSA software before version 2 ...)
NOT-FOR-US: Intel
-CVE-2023-35061 (Improper initialization for some Intel(R) PROSet/Wireless and Intel(R) ...)
+CVE-2023-35061 (Improper initialization for the Intel(R) PROSet/Wireless and Intel(R) ...)
- firmware-nonfree 20240610-1 (bug #1064229)
[bookworm] - firmware-nonfree <no-dsa> (Non-free not supported)
[bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
@@ -54681,7 +55041,7 @@ CVE-2024-0248 (The EazyDocs WordPress plugin before 2.4.0 re-introduced CVE-2023
NOT-FOR-US: WordPress plugin
CVE-2024-0170 (Dell Unity, versions prior to 5.4, contains an OS Command Injection Vu ...)
NOT-FOR-US: Dell
-CVE-2024-0169 (Dell Unity, versions prior to 5.4, contains a cross-site scripting (XS ...)
+CVE-2024-0169 (Dell Unity, version(s) 5.3 and prior, contain(s) an Improper Neutraliz ...)
NOT-FOR-US: Dell
CVE-2024-0168 (Dell Unity, versions prior to 5.4, contains a Command Injection Vulner ...)
NOT-FOR-US: Dell
@@ -62992,7 +63352,7 @@ CVE-2023-5877 (The affiliate-toolkit WordPress plugin before 3.4.3 lacks authori
NOT-FOR-US: WordPress plugin
CVE-2023-50096 (STMicroelectronics STSAFE-A1xx middleware before 3.3.7 allows MCU code ...)
NOT-FOR-US: STMicroelectronics STSAFE-A1xx middleware
-CVE-2023-50094 (reNgine through 2.0.2 allows OS Command Injection if an adversary has ...)
+CVE-2023-50094 (reNgine before 2.1.2 allows OS Command Injection if an adversary has a ...)
NOT-FOR-US: reNgine
CVE-2024-21732 (FlyCms through abbaa5a allows XSS via the permission management featur ...)
NOT-FOR-US: FlyCms
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aaf3bb80de7e848c4c68b5f57e2b067056608eb6
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aaf3bb80de7e848c4c68b5f57e2b067056608eb6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240814/97dd7b8b/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list