[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Aug 16 09:12:04 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3ed8a87f by security tracker role at 2024-08-16T08:11:46+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,4 +1,78 @@
-CVE-2024-43374
+CVE-2024-7868 (In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream ...)
+	TODO: check
+CVE-2024-7853 (A vulnerability was found in SourceCodester Yoga Class Registration Sy ...)
+	TODO: check
+CVE-2024-7852 (A vulnerability was found in SourceCodester Yoga Class Registration Sy ...)
+	TODO: check
+CVE-2024-7851 (A vulnerability has been found in SourceCodester Yoga Class Registrati ...)
+	TODO: check
+CVE-2024-7849 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified  ...)
+	TODO: check
+CVE-2024-7845 (A vulnerability was found in SourceCodester Online Graduate Tracer Sys ...)
+	TODO: check
+CVE-2024-7844 (A vulnerability has been found in SourceCodester Online Graduate Trace ...)
+	TODO: check
+CVE-2024-7843 (A vulnerability, which was classified as problematic, was found in Sou ...)
+	TODO: check
+CVE-2024-7842 (A vulnerability, which was classified as problematic, has been found i ...)
+	TODO: check
+CVE-2024-7841 (A vulnerability classified as critical was found in SourceCodester Cli ...)
+	TODO: check
+CVE-2024-7839 (A vulnerability classified as critical has been found in itsourcecode  ...)
+	TODO: check
+CVE-2024-7630 (The Relevanssi \u2013 A Better Search plugin for WordPress is vulnerab ...)
+	TODO: check
+CVE-2024-7501 (The Download Plugins and Themes in ZIP from Dashboard plugin for WordP ...)
+	TODO: check
+CVE-2024-7422 (The Theme My Login plugin for WordPress is vulnerable to Cross-Site Re ...)
+	TODO: check
+CVE-2024-7301 (The WordPress File Upload plugin for WordPress is vulnerable to Stored ...)
+	TODO: check
+CVE-2024-6460 (The Grow by Tradedoubler  WordPress plugin through 2.0.21 is vulnerabl ...)
+	TODO: check
+CVE-2024-6456 (AVEVA Historian Server has a vulnerability, if exploited, could allow  ...)
+	TODO: check
+CVE-2024-43378 (calamares-nixos-extensions provides Calamares branding and modules for ...)
+	TODO: check
+CVE-2024-43370 (gettext.js is a GNU gettext port for node and the browser. There is a  ...)
+	TODO: check
+CVE-2024-43369 (Ibexa RichText Field Type is a Field Type for supporting rich formatte ...)
+	TODO: check
+CVE-2024-43367 (Boa is an embeddable and experimental Javascript engine written in Rus ...)
+	TODO: check
+CVE-2024-43366 (zkvyper is a Vyper compiler. Starting in version 1.3.12 and prior to v ...)
+	TODO: check
+CVE-2024-42488 (Cilium is a networking, observability, and security solution with an e ...)
+	TODO: check
+CVE-2024-42487 (Cilium is a networking, observability, and security solution with an e ...)
+	TODO: check
+CVE-2024-34743 (In setTransactionState of SurfaceFlinger.cpp, there is a possible way  ...)
+	TODO: check
+CVE-2024-34742 (In shouldWrite of OwnersData.java, there is a possible edge case that  ...)
+	TODO: check
+CVE-2024-34741 (In setForceHideNonSystemOverlayWindowIfNeeded of WindowState.java, the ...)
+	TODO: check
+CVE-2024-34740 (In attributeBytesBase64 and attributeBytesHex of BinaryXmlSerializer.j ...)
+	TODO: check
+CVE-2024-34739 (In shouldRestrictOverlayActivities of UsbProfileGroupSettingsManager.j ...)
+	TODO: check
+CVE-2024-34738 (In multiple functions of AppOpsService.java, there is a possible way f ...)
+	TODO: check
+CVE-2024-34737 (In ensureSetPipAspectRatioQuotaTracker of ActivityClientController.jav ...)
+	TODO: check
+CVE-2024-34736 (In setupVideoEncoder of StagefrightRecorder.cpp, there is a possible a ...)
+	TODO: check
+CVE-2024-34734 (In onForegroundServiceButtonClicked of FooterActionsViewModel.kt, ther ...)
+	TODO: check
+CVE-2024-34731 (In multiple functions of TranscodingResourcePolicy.cpp, there is a pos ...)
+	TODO: check
+CVE-2024-34727 (In sdpu_compare_uuid_with_attr of sdp_utils.cc, there is a possible ou ...)
+	TODO: check
+CVE-2024-31333 (In _MMU_AllocLevel of mmu_common.c, there is a possible arbitrary code ...)
+	TODO: check
+CVE-2023-7049 (The Custom Field For WP Job Manager plugin for WordPress is vulnerable ...)
+	TODO: check
+CVE-2024-43374 (The UNIX editor Vim prior to version 9.1.0678 has a use-after-free err ...)
 	- vim <unfixed> (unimportant)
 	NOTE: Crash in CLI tool, no security impact
 	NOTE: https://github.com/vim/vim/security/GHSA-2w8m-443v-cgvw
@@ -139358,7 +139432,7 @@ CVE-2023-21353 (In NFA, there is a possible out of bounds read due to a missing
 	NOT-FOR-US: Android
 CVE-2023-21352 (In NFA, there is a possible out of bounds read due to a missing bounds ...)
 	NOT-FOR-US: Android
-CVE-2023-21351 (In Activity Manager, there is a possible background activity launch du ...)
+CVE-2023-21351 (In multiple locations, there is a possible background activity launch  ...)
 	NOT-FOR-US: Android
 CVE-2023-21350 (In Media Projection, there is a possible way to determine whether an a ...)
 	NOT-FOR-US: Android
@@ -140133,7 +140207,7 @@ CVE-2023-20973 (In btm_create_conn_cancel_complete of btm_sec.cc, there is a pos
 	NOT-FOR-US: Android
 CVE-2023-20972 (In btm_vendor_specific_evt of btm_devctl.cc, there is a possible out o ...)
 	NOT-FOR-US: Android
-CVE-2023-20971 (In updatePermissionTreeSourcePackage of PermissionManagerServiceImpl.j ...)
+CVE-2023-20971 (In removePermission of PermissionManagerServiceImpl.java, there is a p ...)
 	NOT-FOR-US: Android
 CVE-2023-20970 (In multiple locations of p2p_iface.cpp, there is a possible out of bou ...)
 	NOT-FOR-US: Android
@@ -149136,8 +149210,8 @@ CVE-2022-3401 (The Bricks theme for WordPress is vulnerable to remote code execu
 	NOT-FOR-US: Bricks theme for WordPress
 CVE-2022-3400 (The Bricks theme for WordPress is vulnerable to authorization bypass d ...)
 	NOT-FOR-US: Bricks theme for WordPress
-CVE-2022-3399
-	RESERVED
+CVE-2022-3399 (The Cookie Notice & Compliance for GDPR / CCPA plugin for WordPress is ...)
+	TODO: check
 CVE-2022-3398 (OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds W ...)
 	NOT-FOR-US: OMRON CX-Programmer
 CVE-2022-3397 (OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds W ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ed8a87ff2b918531344f0ddd8eaf020c98f7867

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ed8a87ff2b918531344f0ddd8eaf020c98f7867
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240816/ba68a08e/attachment.htm>

More information about the debian-security-tracker-commits mailing list