[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Feb 1 20:12:15 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
03c25e13 by security tracker role at 2024-02-01T20:12:03+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,123 @@
+CVE-2024-24754 (Bref enable serverless PHP on AWS Lambda. When Bref is used with the E ...)
+ TODO: check
+CVE-2024-24753 (Bref enable serverless PHP on AWS Lambda. When Bref is used in combina ...)
+ TODO: check
+CVE-2024-24752 (Bref enable serverless PHP on AWS Lambda. When Bref is used with the E ...)
+ TODO: check
+CVE-2024-24570 (Statamic is a Laravel and Git powered CMS. HTML files crafted to look ...)
+ TODO: check
+CVE-2024-24569 (The Pixee Java Code Security Toolkit is a set of security APIs meant t ...)
+ TODO: check
+CVE-2024-24561 (Vyper is a pythonic Smart Contract Language for the ethereum virtual m ...)
+ TODO: check
+CVE-2024-24557 (Moby is an open-source project created by Docker to enable software co ...)
+ TODO: check
+CVE-2024-24062 (springboot-manager v1.6 is vulnerable to Cross Site Scripting (XSS) vi ...)
+ TODO: check
+CVE-2024-24061 (springboot-manager v1.6 is vulnerable to Cross Site Scripting (XSS) vi ...)
+ TODO: check
+CVE-2024-24060 (springboot-manager v1.6 is vulnerable to Cross Site Scripting (XSS) vi ...)
+ TODO: check
+CVE-2024-24059 (springboot-manager v1.6 is vulnerable to Arbitrary File Upload. The sy ...)
+ TODO: check
+CVE-2024-23832 (Mastodon is a free, open-source social network server based on Activit ...)
+ TODO: check
+CVE-2024-23645 (GLPI is a Free Asset and IT Management Software package. A malicious U ...)
+ TODO: check
+CVE-2024-23328 (Dataease is an open source data visualization analysis tool. A deseria ...)
+ TODO: check
+CVE-2024-22939 (Cross Site Request Forgery vulnerability in FlyCms v.1.0 allows a remo ...)
+ TODO: check
+CVE-2024-22936 (Cross-site scripting (XSS) vulnerability in Parents & Student Portal i ...)
+ TODO: check
+CVE-2024-22449 (Dell PowerScale OneFS versions 9.0.0.x through 9.6.0.x contains a miss ...)
+ TODO: check
+CVE-2024-22433 (Dell Data Protection Search 19.2.0 and above contain an exposed passwo ...)
+ TODO: check
+CVE-2024-22430 (Dell PowerScale OneFS versions 8.2.x through 9.6.0.x contains an incor ...)
+ TODO: check
+CVE-2024-22148 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2024-21750 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2024-1167 (When SEW-EURODRIVE MOVITOOLS MotionStudio processes XML information un ...)
+ TODO: check
+CVE-2024-1141 (A vulnerability was found in python-glance-store. The issue occurs whe ...)
+ TODO: check
+CVE-2024-0935 (An insertion of Sensitive Information into Log File vulnerability is a ...)
+ TODO: check
+CVE-2024-0704
+ REJECTED
+CVE-2023-6078 (An OS Command Injection vulnerability exists in BIOVIA Materials Studi ...)
+ TODO: check
+CVE-2023-5841 (Due to a failure in validating the number of scanline samples of a Ope ...)
+ TODO: check
+CVE-2023-52195 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-52194 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-52193 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-52192 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-52191 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-52189 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-52188 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-52175 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-52118 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-51835 (An issue in TRENDnet TEW-822DRE v.1.03B02 allows a local attacker to e ...)
+ TODO: check
+CVE-2023-51695 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-51694 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-51693 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-51691 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-51690 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-51689 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-51685 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-51684 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-51677 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-51674 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-51669 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-51666 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-51548 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-51540 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-51536 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-51534 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-51532 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-51520 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-51514 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-51509 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-51506 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-51446 (GLPI is a Free Asset and IT Management Software package. When authenti ...)
+ TODO: check
+CVE-2023-37621 (An issue in Fronius Datalogger Web v.2.0.5-4, allows remote attackers ...)
+ TODO: check
CVE-2024-24747 (MinIO is a High Performance Object Storage. When someone creates an ac ...)
- minio <itp> (bug #859207)
CVE-2024-24573 (facileManager is a modular suite of web apps built with the sysadmin i ...)
@@ -224,14 +344,17 @@ CVE-2023-5992 (A vulnerability was found in OpenSC where PKCS#1 encryption paddi
NOTE: https://github.com/OpenSC/OpenSC/wiki/CVE-2023-5992
NOTE: https://github.com/OpenSC/OpenSC/pull/2948
CVE-2024-1060 (Use after free in Canvas in Google Chrome prior to 121.0.6167.139 allo ...)
+ {DSA-5612-1}
- chromium 121.0.6167.139-1
[bullseye] - chromium <end-of-life> (see #1061268)
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2024-1059 (Use after free in Peer Connection in Google Chrome prior to 121.0.6167 ...)
+ {DSA-5612-1}
- chromium 121.0.6167.139-1
[bullseye] - chromium <end-of-life> (see #1061268)
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2024-1077 (Use after free in Network in Google Chrome prior to 121.0.6167.139 all ...)
+ {DSA-5612-1}
- chromium 121.0.6167.139-1
[bullseye] - chromium <end-of-life> (see #1061268)
[buster] - chromium <end-of-life> (see DSA 5046)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/03c25e133ca44db0104ed6c7657165738761f23d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/03c25e133ca44db0104ed6c7657165738761f23d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240201/d61b0af3/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list