[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Dec 5 08:12:12 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
330e241d by security tracker role at 2024-12-05T08:12:05+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,45 @@
+CVE-2024-54675 (app/webroot/js/workflows-editor/workflows-editor.js in MISP through 2. ...)
+ TODO: check
+CVE-2024-54674 (app/View/GalaxyClusters/cluster_export_misp_galaxy.ctp in MISP through ...)
+ TODO: check
+CVE-2024-54221 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2024-54014 (Improper authorization in handler for custom URL scheme issue in 'Skyl ...)
+ TODO: check
+CVE-2024-53982 (ZOO-Project is a C-based WPS (Web Processing Service) implementation. ...)
+ TODO: check
+CVE-2024-51210 (Firepad through 1.5.11 allows remote attackers, who have knowledge of ...)
+ TODO: check
+CVE-2024-50947 (An issue in kmqtt v0.2.7 allows attackers to cause a Denial of Service ...)
+ TODO: check
+CVE-2024-42195 (HCL DevOps Deploy / HCL Launch is vulnerable to HTML injection. This v ...)
+ TODO: check
+CVE-2024-39219 (An issue in Aginode GigaSwitch V5 before version 7.06G allows authenti ...)
+ TODO: check
+CVE-2024-38829 (A vulnerability in VMware Tanzu Spring LDAP allows data exposure for c ...)
+ TODO: check
+CVE-2024-12188 (A vulnerability was found in 1000 Projects Library Management System 1 ...)
+ TODO: check
+CVE-2024-12187 (A vulnerability was found in 1000 Projects Library Management System 1 ...)
+ TODO: check
+CVE-2024-12186 (A vulnerability was found in code-projects Hotel Management System 1.0 ...)
+ TODO: check
+CVE-2024-12185 (A vulnerability has been found in code-projects Hotel Management Syste ...)
+ TODO: check
+CVE-2024-12183 (A vulnerability, which was classified as problematic, was found in Ded ...)
+ TODO: check
+CVE-2024-12182 (A vulnerability, which was classified as problematic, has been found i ...)
+ TODO: check
+CVE-2024-12181 (A vulnerability classified as problematic was found in DedeCMS 5.7.116 ...)
+ TODO: check
+CVE-2024-12180 (A vulnerability classified as problematic has been found in DedeCMS 5. ...)
+ TODO: check
+CVE-2024-11429 (The Free Responsive Testimonials, Social Proof Reviews, and Customer R ...)
+ TODO: check
+CVE-2024-10881 (The LUNA RADIO PLAYER plugin for WordPress is vulnerable to Stored Cro ...)
+ TODO: check
+CVE-2024-10178 (The Gutentor \u2013 Gutenberg Blocks \u2013 Page Builder for Gutenberg ...)
+ TODO: check
CVE-2024-8962 (The WPBITS Addons For Elementor Page Builder plugin for WordPress is v ...)
NOT-FOR-US: WordPress plugin
CVE-2024-8894 (Out-of-bounds Writevulnerability was discovered in Open Design Allianc ...)
@@ -23867,10 +23909,12 @@ CVE-2024-32668 (An insufficient boundary validation in the USB code could lead t
CVE-2024-2166 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: Forcepoint Email Security
CVE-2024-20506 (A vulnerability in the ClamD service module of Clam AntiVirus (ClamAV) ...)
+ {DLA-3983-1}
- clamav 1.4.1+dfsg-1 (bug #1080962)
[bookworm] - clamav 1.0.7+dfsg-1~deb12u1
NOTE: https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html
CVE-2024-20505 (A vulnerability in the PDF parsing module of Clam AntiVirus (ClamAV) v ...)
+ {DLA-3983-1}
- clamav 1.4.1+dfsg-1 (bug #1080962)
[bookworm] - clamav 1.0.7+dfsg-1~deb12u1
NOTE: https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html
@@ -476258,10 +476302,10 @@ CVE-2018-9465 (In task_get_unused_fd_flags of binder.c, there is a possible memo
NOTE: https://git.kernel.org/linus/7f3dc0088b98533f17128058fac73cd8b2752ef1
CVE-2018-9464
RESERVED
-CVE-2018-9463
- RESERVED
-CVE-2018-9462
- RESERVED
+CVE-2018-9463 (In sw49408_irq_runtime_engine_debug of touch_sw49408.c, there is a pos ...)
+ TODO: check
+CVE-2018-9462 (In store_cmd of ftm4_pdc.c, there is a possible out of bounds write du ...)
+ TODO: check
CVE-2018-9461
RESERVED
CVE-2018-9460
@@ -476306,8 +476350,8 @@ CVE-2018-9441 (In sdp_copy_raw_data of sdp_discovery.cc, there is a possible out
NOT-FOR-US: Android
CVE-2018-9440 (In parse of M3UParser.cpp there is a possible resource exhaustion due ...)
NOT-FOR-US: Android Media Framework
-CVE-2018-9439
- RESERVED
+CVE-2018-9439 (In __unregister_prot_hook and packet_release of af_packet.c, there is ...)
+ TODO: check
CVE-2018-9438 (When a device connects only over WiFi VPN, the device may not receive ...)
NOT-FOR-US: Android
CVE-2018-9437 (In getstring of ID3.cpp there is a possible out-of-bounds read due to ...)
@@ -476355,8 +476399,7 @@ CVE-2018-9418 (In handle_app_cur_val_response of dtif_rc.cc, there is a possible
NOT-FOR-US: Android
CVE-2018-9417 (In f_hidg_read and hidg_disable of f_hid.c, there is a possible use-af ...)
NOT-FOR-US: Android kernel (no source release, so not from upstream kernel)
-CVE-2018-9416
- RESERVED
+CVE-2018-9416 (In sg_remove_scat of scsi/sg.c, there is a possible memory corruption ...)
NOT-FOR-US: Android kernel (no source release, so not from upstream kernel)
CVE-2018-9415 (In driver_override_store and driver_override_show of bus.c, there is a ...)
- linux 4.16.12-1
@@ -476376,32 +476419,32 @@ CVE-2018-9410 (In analyzeAxes of FontUtils.cpp, there is a possible out of bound
NOT-FOR-US: Android
CVE-2018-9409 (In HWCSession::SetColorModeById of hwc_session.cpp, there is a possibl ...)
NOT-FOR-US: Android
-CVE-2018-9408
- RESERVED
-CVE-2018-9407
- RESERVED
+CVE-2018-9408 (In m3326_gps_write and m3326_gps_read of gps.s, there is a possible Ou ...)
+ TODO: check
+CVE-2018-9407 (In emmc_rpmb_ioctl of emmc_rpmb.c, there is an Information Disclosure ...)
+ TODO: check
CVE-2018-9406
RESERVED
CVE-2018-9405
RESERVED
-CVE-2018-9404
- RESERVED
-CVE-2018-9403
- RESERVED
-CVE-2018-9402
- RESERVED
+CVE-2018-9404 (In oemCallback of ril.cpp, there is a possible out of bounds write due ...)
+ TODO: check
+CVE-2018-9403 (In the MTK_FLP_MSG_HAL_DIAG_REPORT_DATA_NTF handler of flp2hal_- i ...)
+ TODO: check
+CVE-2018-9402 (In multiple functions of gl_proc.c, there is a buffer overwrite due to ...)
+ TODO: check
CVE-2018-9401
RESERVED
-CVE-2018-9400
- RESERVED
-CVE-2018-9399
- RESERVED
-CVE-2018-9398
- RESERVED
-CVE-2018-9397
- RESERVED
-CVE-2018-9396
- RESERVED
+CVE-2018-9400 (In gt1x_debug_write_proc and gt1x_tool_write of drivers/input/touc ...)
+ TODO: check
+CVE-2018-9399 (In /proc/driver/wmt_dbg driver, there are several possible out of boun ...)
+ TODO: check
+CVE-2018-9398 (In fm_set_stat of mediatek FM radio driver, there is a possible OOB wr ...)
+ TODO: check
+CVE-2018-9397 (In WMT_unlocked_ioctl of MTK WMT device driver, there is a possible OO ...)
+ TODO: check
+CVE-2018-9396 (In rpc_msg_handler and related handlers of drivers/misc/mediatek/eccci ...)
+ TODO: check
CVE-2018-9395 (In mtk_cfg80211_vendor_packet_keep_alive_start and mtk_cfg80211_vendor ...)
NOT-FOR-US: Android
CVE-2018-9394 (In mtk_p2p_wext_set_key of drivers/misc/mediatek/connectivity/wlan/gen ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/330e241d95cc581f18bd029e3ab5834e38256423
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/330e241d95cc581f18bd029e3ab5834e38256423
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241205/38afa41c/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list