[Git][security-tracker-team/security-tracker][master] automatic update

Wed Aug 28 09:12:42 BST 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e62e3e42 by security tracker role at 2024-08-28T08:12:22+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,4 +1,66 @@
-CVE-2024-44943 [mm: gup: stop abusing try_grab_folio]
+CVE-2024-8231 (A vulnerability classified as critical has been found in Tenda O6 1.0. ...)
+	TODO: check
+CVE-2024-8230 (A vulnerability was found in Tenda O6 1.0.0.7(2054). It has been rated ...)
+	TODO: check
+CVE-2024-8229 (A vulnerability was found in Tenda O6 1.0.0.7(2054). It has been decla ...)
+	TODO: check
+CVE-2024-8228 (A vulnerability was found in Tenda O5 1.0.0.8(5017). It has been class ...)
+	TODO: check
+CVE-2024-8227 (A vulnerability was found in Tenda O1 1.0.0.7(10648) and classified as ...)
+	TODO: check
+CVE-2024-8226 (A vulnerability has been found in Tenda O1 1.0.0.7(10648) and classifi ...)
+	TODO: check
+CVE-2024-8225 (A vulnerability, which was classified as critical, was found in Tenda  ...)
+	TODO: check
+CVE-2024-8224 (A vulnerability, which was classified as critical, has been found in T ...)
+	TODO: check
+CVE-2024-8223 (A vulnerability classified as critical was found in SourceCodester Mus ...)
+	TODO: check
+CVE-2024-8222 (A vulnerability classified as critical has been found in SourceCodeste ...)
+	TODO: check
+CVE-2024-8221 (A vulnerability was found in SourceCodester Music Gallery Site 1.0. It ...)
+	TODO: check
+CVE-2024-8220 (A vulnerability was found in itsourcecode Tailoring Management System  ...)
+	TODO: check
+CVE-2024-8219 (A vulnerability was found in code-projects Responsive Hotel Site 1.0.  ...)
+	TODO: check
+CVE-2024-8218 (A vulnerability was found in code-projects Online Quiz Site 1.0 and cl ...)
+	TODO: check
+CVE-2024-8217 (A vulnerability has been found in SourceCodester E-Commerce Website 1. ...)
+	TODO: check
+CVE-2024-8216 (A vulnerability, which was classified as critical, has been found in n ...)
+	TODO: check
+CVE-2024-8030 (The Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Buil ...)
+	TODO: check
+CVE-2024-7573 (The Relevanssi Live Ajax Search plugin for WordPress is vulnerable to  ...)
+	TODO: check
+CVE-2024-6448 (The Mollie Payments for WooCommerce plugin for WordPress is vulnerable ...)
+	TODO: check
+CVE-2024-6312 (The Funnelforms Free plugin for WordPress is vulnerable to arbitrary f ...)
+	TODO: check
+CVE-2024-6311 (The Funnelforms Free plugin for WordPress is vulnerable to arbitrary f ...)
+	TODO: check
+CVE-2024-4556 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
+	TODO: check
+CVE-2024-4555 (Improper Privilege Management vulnerability in OpenText NetIQ Access M ...)
+	TODO: check
+CVE-2024-4554 (Improper Input Validation vulnerability in OpenText NetIQ Access Manag ...)
+	TODO: check
+CVE-2024-45346 (A code execution vulnerability exists in the XiaomiGetApps application ...)
+	TODO: check
+CVE-2024-45049 (Hydra is a Continuous Integration service for Nix based projects. It i ...)
+	TODO: check
+CVE-2024-45038 (Meshtastic device firmware is a firmware for meshtastic devices to run ...)
+	TODO: check
+CVE-2024-39771 (QBiC CLOUD CC-2L v1.1.30 and earlier and Safie One v1.8.2 and earlier  ...)
+	TODO: check
+CVE-2024-39584 (Dell Client Platform BIOS contains a Use of Default Cryptographic Key  ...)
+	TODO: check
+CVE-2023-45896 (ntfs3 in the Linux kernel before 6.5.11 allows a physically proximate  ...)
+	TODO: check
+CVE-2023-43078 (Dell Dock Firmware and Dell Client Platform contain an Improper Link R ...)
+	TODO: check
+CVE-2024-44943 (In the Linux kernel, the following vulnerability has been resolved:  m ...)
 	- linux 6.10.3-1
 	[bookworm] - linux <not-affected> (Vulnerable code not present)
 	[bullseye] - linux <not-affected> (Vulnerable code not present)
@@ -30383,7 +30445,7 @@ CVE-2024-4068 (The NPM package `braces`, versions prior to 3.0.3, fails to limit
 	[bullseye] - node-braces <no-dsa> (Minor issue)
 	[buster] - node-braces <postponed> (Minor issue)
 	NOTE: https://github.com/micromatch/braces/issues/35
-CVE-2024-4067 (The NPM package `micromatch` is vulnerable to Regular Expression Denia ...)
+CVE-2024-4067 (The NPM package `micromatch` prior to 4.0.8 is vulnerable to Regular E ...)
 	- node-micromatch 4.0.7+~4.0.7-1 (bug #1071631)
 	[bookworm] - node-micromatch <no-dsa> (Minor issue)
 	[bullseye] - node-micromatch <no-dsa> (Minor issue)
@@ -117411,14 +117473,14 @@ CVE-2023-26326 (The BuddyForms WordPress plugin, in versions prior to 2.7.8, was
 	NOT-FOR-US: WordPress plugin
 CVE-2023-26325 (The 'rx_export_review' action in the ReviewX WordPress Plugin, is affe ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2023-26324
-	RESERVED
-CVE-2023-26323
-	RESERVED
-CVE-2023-26322
-	RESERVED
-CVE-2023-26321
-	RESERVED
+CVE-2023-26324 (A code execution vulnerability exists in the XiaomiGetApps application ...)
+	TODO: check
+CVE-2023-26323 (A code execution vulnerability exists in the Xiaomi App market product ...)
+	TODO: check
+CVE-2023-26322 (A code execution vulnerability exists in the XiaomiGetApps application ...)
+	TODO: check
+CVE-2023-26321 (A path traversal vulnerability exists in the Xiaomi File Manager appli ...)
+	TODO: check
 CVE-2023-26320 (Improper Neutralization of Special Elements used in a Command ('Comman ...)
 	NOT-FOR-US: Xiaomi
 CVE-2023-26319 (Improper Neutralization of Special Elements used in a Command ('Comman ...)
@@ -237503,12 +237565,12 @@ CVE-2021-38124 (Remote Code Execution vulnerability in Micro Focus ArcSight Ente
 	NOT-FOR-US: Micro Focus
 CVE-2021-38123 (Open Redirect vulnerability in Micro Focus Network Automation, affecti ...)
 	NOT-FOR-US: Micro Focus
-CVE-2021-38122
-	RESERVED
-CVE-2021-38121
-	RESERVED
-CVE-2021-38120
-	RESERVED
+CVE-2021-38122 (A Cross-Site Scripting vulnerable identified in NetIQ Advance Authenti ...)
+	TODO: check
+CVE-2021-38121 (Insufficient or weak TLS protocol version identified in Advance authen ...)
+	TODO: check
+CVE-2021-38120 (A vulnerability identified in Advance Authentication that allows bash  ...)
+	TODO: check
 CVE-2021-38119
 	RESERVED
 CVE-2021-38118
@@ -277000,10 +277062,10 @@ CVE-2021-22532
 	RESERVED
 CVE-2021-22531 (A bug exist in the input parameter of Access Manager that allows suppl ...)
 	NOT-FOR-US: Microfocus
-CVE-2021-22530
-	RESERVED
-CVE-2021-22529
-	RESERVED
+CVE-2021-22530 (A vulnerability identified in NetIQ Advance Authentication that doesn' ...)
+	TODO: check
+CVE-2021-22529 (A vulnerability identified in NetIQ Advance Authentication that leaks  ...)
+	TODO: check
 CVE-2021-22528 (Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Man ...)
 	NOT-FOR-US: NetIQ Access Manager
 CVE-2021-22527 (Information leakage vulnerability in NetIQ Access Manager prior to 5.0 ...)
@@ -277042,8 +277104,8 @@ CVE-2021-22511 (Improper Certificate Validation vulnerability in Micro Focus App
 	NOT-FOR-US: Jenkins plugin
 CVE-2021-22510 (Reflected XSS vulnerability in Micro Focus Application Automation Tool ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2021-22509
-	RESERVED
+CVE-2021-22509 (A vulnerability identified in storing and reusing information in Advan ...)
+	TODO: check
 CVE-2021-22508 (A potential vulnerability has been identified for OpenText Operations  ...)
 	NOT-FOR-US: OpenText Operations Bridge Reporter
 CVE-2021-22507 (Authentication bypass vulnerability in Micro Focus Operations Bridge M ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e62e3e429f440335aec65c3d3d30c0e60637e9bd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e62e3e429f440335aec65c3d3d30c0e60637e9bd
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240828/d3e97a5c/attachment.htm>
