[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jan 23 08:12:05 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
53671dca by security tracker role at 2024-01-23T08:11:54+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,85 @@
+CVE-2024-23842 (Improper Input Validation in Hitron Systems DVR LGUVR-16H 1.02~4.02 al ...)
+	TODO: check
+CVE-2024-23678 (In Splunk Enterprise for Windows versions below 9.0.8 and 9.1.3, Splun ...)
+	TODO: check
+CVE-2024-23677 (In Splunk Enterprise versions below 9.0.8, the Splunk RapidDiag utilit ...)
+	TODO: check
+CVE-2024-23676 (In Splunk versions below 9.0.8 and 9.1.3, the \u201cmrollup\u201d SPL  ...)
+	TODO: check
+CVE-2024-23675 (In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key va ...)
+	TODO: check
+CVE-2024-23345 (Nautobot is a Network Source of Truth and Network Automation Platform  ...)
+	TODO: check
+CVE-2024-23342 (The `ecdsa` PyPI package is a pure Python implementation of ECC (Ellip ...)
+	TODO: check
+CVE-2024-23340 (@hono/node-server is an adapter that allows users to run Hono applicat ...)
+	TODO: check
+CVE-2024-23339 (hoolock is a suite of lightweight utilities designed to maintain a sma ...)
+	TODO: check
+CVE-2024-23224 (The issue was addressed with improved checks. This issue is fixed in m ...)
+	TODO: check
+CVE-2024-23223 (A privacy issue was addressed with improved handling of files. This is ...)
+	TODO: check
+CVE-2024-23222 (A type confusion issue was addressed with improved checks. This issue  ...)
+	TODO: check
+CVE-2024-23219 (The issue was addressed with improved authentication. This issue is fi ...)
+	TODO: check
+CVE-2024-23218 (A timing side-channel issue was addressed with improvements to constan ...)
+	TODO: check
+CVE-2024-23217 (A privacy issue was addressed with improved handling of temporary file ...)
+	TODO: check
+CVE-2024-23215 (An issue was addressed with improved handling of temporary files. This ...)
+	TODO: check
+CVE-2024-23214 (Multiple memory corruption issues were addressed with improved memory  ...)
+	TODO: check
+CVE-2024-23213 (The issue was addressed with improved memory handling. This issue is f ...)
+	TODO: check
+CVE-2024-23212 (The issue was addressed with improved memory handling. This issue is f ...)
+	TODO: check
+CVE-2024-23211 (A privacy issue was addressed with improved handling of user preferenc ...)
+	TODO: check
+CVE-2024-23210 (This issue was addressed with improved redaction of sensitive informat ...)
+	TODO: check
+CVE-2024-23209 (The issue was addressed with improved memory handling. This issue is f ...)
+	TODO: check
+CVE-2024-23208 (The issue was addressed with improved memory handling. This issue is f ...)
+	TODO: check
+CVE-2024-23207 (This issue was addressed with improved redaction of sensitive informat ...)
+	TODO: check
+CVE-2024-23206 (An access issue was addressed with improved access restrictions. This  ...)
+	TODO: check
+CVE-2024-23204 (The issue was addressed with additional permissions checks. This issue ...)
+	TODO: check
+CVE-2024-23203 (The issue was addressed with additional permissions checks. This issue ...)
+	TODO: check
+CVE-2024-22772 (Improper Input Validation in Hitron Systems DVR LGUVR-8H 1.02~4.02 all ...)
+	TODO: check
+CVE-2024-22771 (Improper Input Validation in Hitron Systems DVR LGUVR-4H 1.02~4.02 all ...)
+	TODO: check
+CVE-2024-22770 (Improper Input Validation in Hitron Systems DVR HVR-16781 1.03~4.02 al ...)
+	TODO: check
+CVE-2024-22769 (Improper Input Validation in Hitron Systems DVR HVR-8781 1.03~4.02 all ...)
+	TODO: check
+CVE-2024-22768 (Improper Input Validation in Hitron Systems DVR HVR-4781 1.03~4.02 all ...)
+	TODO: check
+CVE-2024-0587 (The AMP for WP \u2013 Accelerated Mobile Pages plugin for WordPress is ...)
+	TODO: check
+CVE-2023-47141 (IIBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11. ...)
+	TODO: check
+CVE-2023-42937 (A privacy issue was addressed with improved private data redaction for ...)
+	TODO: check
+CVE-2023-42935 (An authentication issue was addressed with improved state management.  ...)
+	TODO: check
+CVE-2023-42915 (Multiple issues were addressed by updating to curl version 8.4.0. This ...)
+	TODO: check
+CVE-2023-42888 (The issue was addressed with improved checks. This issue is fixed in i ...)
+	TODO: check
+CVE-2023-42887 (An access issue was addressed with additional sandbox restrictions. Th ...)
+	TODO: check
+CVE-2023-42881 (The issue was addressed with improved memory handling. This issue is f ...)
+	TODO: check
+CVE-2023-40528 (This issue was addressed by removing the vulnerable code. This issue i ...)
+	TODO: check
 CVE-2024-22895 (DedeCMS 5.7.112 has a File Upload vulnerability via uploads/dede/modul ...)
 	NOT-FOR-US: DedeCMS
 CVE-2024-22233 (In Spring Framework versions 6.0.15 and 6.1.2, it is possible for a us ...)
@@ -13258,7 +13340,7 @@ CVE-2023-39198 (A race condition was found in the QXL driver in the Linux kernel
 	- linux 6.4.13-1
 	[bookworm] - linux 6.1.52-1
 	NOTE: https://git.kernel.org/linus/c611589b4259ed63b9b77be6872b1ce07ec0ac16 (6.5-rc7)
-CVE-2023-39197
+CVE-2023-39197 (An out-of-bounds read vulnerability was found in Netfilter Connection  ...)
 	- linux 6.4.4-1
 	[bookworm] - linux 6.1.52-1
 	[bullseye] - linux 5.10.191-1
@@ -61148,8 +61230,8 @@ CVE-2023-24137
 	RESERVED
 CVE-2023-24136
 	RESERVED
-CVE-2023-24135
-	RESERVED
+CVE-2023-24135 (Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to c ...)
+	TODO: check
 CVE-2023-24134 (Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to c ...)
 	NOT-FOR-US: Jensen of Scandinavia Eagle 1200AC
 CVE-2023-24133 (Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to c ...)
@@ -163826,8 +163908,8 @@ CVE-2021-42143
 	RESERVED
 CVE-2021-42142
 	RESERVED
-CVE-2021-42141
-	RESERVED
+CVE-2021-42141 (An issue was discovered in Contiki-NG tinyDTLS through 2018-08-30. One ...)
+	TODO: check
 CVE-2021-42140
 	RESERVED
 CVE-2021-42139 (Deno Standard Modules before 0.107.0 allows Code Injection via an untr ...)
@@ -263270,7 +263352,7 @@ CVE-2020-14500 (Secomea GateManager all versions prior to 9.2c, An attacker can
 	NOT-FOR-US: Secomea GateManager
 CVE-2020-14499 (Advantech iView, versions 5.6 and prior, has an improper access contro ...)
 	NOT-FOR-US: Advantech
-CVE-2020-14498 (HMS Industrial Networks AB eCatcher all versions prior to 6.5.5. The a ...)
+CVE-2020-14498 (HMS Industrial Networks AB eCatcher all versions prior to 6.5.5 is vul ...)
 	NOT-FOR-US: HMS Industrial Networks AB eCatche
 CVE-2020-14497 (Advantech iView, versions 5.6 and prior, contains multiple SQL injecti ...)
 	NOT-FOR-US: Advantech



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/53671dca8fdbd65c70856a743bbc39d26777e708

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/53671dca8fdbd65c70856a743bbc39d26777e708
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240123/3ea04d1a/attachment.htm>

More information about the debian-security-tracker-commits mailing list