[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Jul 22 21:12:05 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
45c784c3 by security tracker role at 2024-07-22T20:11:45+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,211 @@
+CVE-2024-6675 (A deserialization of untrusted data vulnerability exists in NI VeriSta ...)
+ TODO: check
+CVE-2024-6638 (An integer overflow vulnerability due to improper input validation whe ...)
+ TODO: check
+CVE-2024-6542 (Improper neutralization of livestatus command delimiters in mknotifyd ...)
+ TODO: check
+CVE-2024-6122 (An incorrect permission in the installation directory for the shared N ...)
+ TODO: check
+CVE-2024-6121 (An out-of-date version of Redis shipped with NI SystemLink Server is s ...)
+ TODO: check
+CVE-2024-41880 (In veilid-core in Veilid before 0.3.4, the protocol's ping function ca ...)
+ TODO: check
+CVE-2024-41829 (In JetBrains TeamCity before 2024.07 an OAuth code for JetBrains Space ...)
+ TODO: check
+CVE-2024-41828 (In JetBrains TeamCity before 2024.07 comparison of authorization token ...)
+ TODO: check
+CVE-2024-41827 (In JetBrains TeamCity before 2024.07 access tokens could continue work ...)
+ TODO: check
+CVE-2024-41826 (In JetBrains TeamCity before 2024.07 stored XSS was possible on Show C ...)
+ TODO: check
+CVE-2024-41825 (In JetBrains TeamCity before 2024.07 stored XSS was possible on the Co ...)
+ TODO: check
+CVE-2024-41824 (In JetBrains TeamCity before 2024.07 parameters of the "password" type ...)
+ TODO: check
+CVE-2024-41320 (TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a comm ...)
+ TODO: check
+CVE-2024-41318 (TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a comm ...)
+ TODO: check
+CVE-2024-41317 (TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a comm ...)
+ TODO: check
+CVE-2024-41316 (TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a comm ...)
+ TODO: check
+CVE-2024-41315 (TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a comm ...)
+ TODO: check
+CVE-2024-41314 (TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a comm ...)
+ TODO: check
+CVE-2024-41132 (ImageSharp is a 2D graphics API. A vulnerability discovered in the Ima ...)
+ TODO: check
+CVE-2024-41131 (ImageSharp is a 2D graphics API. An Out-of-bounds Write vulnerability ...)
+ TODO: check
+CVE-2024-41130 (llama.cpp provides LLM inference in C/C++. Prior to b3427, llama.cpp c ...)
+ TODO: check
+CVE-2024-41129 (The ops library is a Python framework for developing and testing Kuber ...)
+ TODO: check
+CVE-2024-40634 (Argo CD is a declarative, GitOps continuous delivery tool for Kubernet ...)
+ TODO: check
+CVE-2024-40075 (Laravel v11.x was discovered to contain an XML External Entity (XXE) v ...)
+ TODO: check
+CVE-2024-40051 (IP Guard v4.81.0307.0 was discovered to contain an arbitrary file read ...)
+ TODO: check
+CVE-2024-39902 (Tuleap is an open source suite to improve management of software devel ...)
+ TODO: check
+CVE-2024-39688 (Bert-VITS2 is the VITS2 Backbone with multilingual bert. User input su ...)
+ TODO: check
+CVE-2024-39686 (Bert-VITS2 is the VITS2 Backbone with multilingual bert. User input su ...)
+ TODO: check
+CVE-2024-39685 (Bert-VITS2 is the VITS2 Backbone with multilingual bert. User input su ...)
+ TODO: check
+CVE-2024-39601 (A vulnerability has been identified in CPCI85 Central Processing/Commu ...)
+ TODO: check
+CVE-2024-39250 (EfroTech Timetrax v8.3 was discovered to contain an unauthenticated SQ ...)
+ TODO: check
+CVE-2024-38944 (An issue in Intelight X-1L Traffic controller Maxtime v.1.9.6 allows a ...)
+ TODO: check
+CVE-2024-38788 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2024-38773 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2024-38759 (Deserialization of Untrusted Data vulnerability in WP MEDIA SAS Search ...)
+ TODO: check
+CVE-2024-38755 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2024-38730 (Server-Side Request Forgery (SSRF) vulnerability in Noor alam Magical ...)
+ TODO: check
+CVE-2024-38728 (Server-Side Request Forgery (SSRF) vulnerability in Seraphinite Soluti ...)
+ TODO: check
+CVE-2024-38723 (Server-Side Request Forgery (SSRF) vulnerability in Bernhard Kux JSON ...)
+ TODO: check
+CVE-2024-38708 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2024-38701 (Authorization Bypass Through User-Controlled Key vulnerability in Acad ...)
+ TODO: check
+CVE-2024-38692 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2024-38503 (When editing a user, group or any object in the Syncope Console, HTML ...)
+ TODO: check
+CVE-2024-37998 (A vulnerability has been identified in CPCI85 Central Processing/Commu ...)
+ TODO: check
+CVE-2024-37942 (Server-Side Request Forgery (SSRF) vulnerability in Berqier Ltd BerqWP ...)
+ TODO: check
+CVE-2024-37445 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37436 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37434 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37433 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37432 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37429 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37428 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37422 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37416 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37414 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37409 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37380 (A misconfiguration on UniFi U6+ Access Point could cause an incorrect ...)
+ TODO: check
+CVE-2024-37278 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37275 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37271 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37267 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37265 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37264 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37263 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37262 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37261 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37259 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37258 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37257 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37246 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37245 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37244 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37239 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37229 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37223 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37221 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37219 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37217 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37216 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37215 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37211 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37206 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37199 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37122 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37121 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37120 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37117 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37116 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37114 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37101 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37100 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-37097 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-35656 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-34457 (On versions before 2.1.4, after a regular user successfully logs in, t ...)
+ TODO: check
+CVE-2024-34329 (Insecure permissions in Entrust Datacard XPS Card Printer Driver 8.4 a ...)
+ TODO: check
+CVE-2024-33933 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-32484 (An reflected XSS vulnerability exists in the handling of invalid paths ...)
+ TODO: check
+CVE-2024-32152 (A blocklist bypass vulnerability exists in the LaTeX functionality of ...)
+ TODO: check
+CVE-2024-29073 (An vulnerability in the handling of Latex exists in Ankitects Anki 24. ...)
+ TODO: check
+CVE-2024-28698 (Directory Traversal vulnerability in Marimer LLC CSLA .Net before 8.0 ...)
+ TODO: check
+CVE-2024-26020 (An arbitrary script execution vulnerability exists in the MPV function ...)
+ TODO: check
+CVE-2024-25638 (dnsjava is an implementation of DNS in Java. Records in DNS replies ar ...)
+ TODO: check
+CVE-2024-23321 (For RocketMQ versions 5.2.0 and below, under certain conditions, there ...)
+ TODO: check
+CVE-2024-21552 (All versions of `SuperAGI` are vulnerable to Arbitrary Code Execution ...)
+ TODO: check
CVE-2024-6970 (A vulnerability classified as critical has been found in itsourcecode ...)
NOT-FOR-US: itsourcecode Tailoring Management System
CVE-2024-6969 (A vulnerability was found in SourceCodester Clinics Patient Management ...)
@@ -239303,7 +239511,7 @@ CVE-2021-33629 (isula-build before 0.9.5-6 can cause a program crash, when build
NOT-FOR-US: isula-build
CVE-2021-33628
RESERVED
-CVE-2021-33627 (An issue was discovered in Insyde InsydeH2O 5.x, affecting FwBlockServ ...)
+CVE-2021-33627 (An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.09.11 ...)
NOT-FOR-US: Insyde
CVE-2021-33626 (A vulnerability exists in SMM (System Management Mode) branch that reg ...)
NOT-FOR-US: Insyde
@@ -295856,8 +296064,8 @@ CVE-2020-24104 (XSS on the PIX-Link Repeater/Router LV-WR07 with firmware v28K.R
NOT-FOR-US: PIX-Link Repeater/Router LV-WR07
CVE-2020-24103
RESERVED
-CVE-2020-24102
- RESERVED
+CVE-2020-24102 (Directory Traversal vulnerability in Punkbuster pbsv.d64 2.351, allows ...)
+ TODO: check
CVE-2020-24101
RESERVED
CVE-2020-24100
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/45c784c37da53613436b9c8c921b401a355710b5
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/45c784c37da53613436b9c8c921b401a355710b5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240722/9243c5ce/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list