[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jul 23 21:12:43 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
61b7067d by security tracker role at 2024-07-23T20:12:20+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,53 @@
+CVE-2024-7014 (EvilVideo vulnerability allows sending malicious apps disguised as vid ...)
+	TODO: check
+CVE-2024-6783 (A vulnerability has been discovered in Vue, that allows an attacker to ...)
+	TODO: check
+CVE-2024-6714 (An issue was discovered in provd before version 0.1.5 with a setuid bi ...)
+	TODO: check
+CVE-2024-5602 (A stack-based buffer overflow vulnerability due to a missing bounds ch ...)
+	TODO: check
+CVE-2024-4081 (A memory corruption issue due to an improper length check in NI LabVIE ...)
+	TODO: check
+CVE-2024-4080 (A memory corruption issue due to an improper length check in LabVIEW t ...)
+	TODO: check
+CVE-2024-4079 (An out of bounds read due to a missing bounds check in LabVIEW may dis ...)
+	TODO: check
+CVE-2024-4076 (Client queries that trigger serving stale data and that also require l ...)
+	TODO: check
+CVE-2024-41839 (Adobe Experience Manager versions 6.5.20 and earlier are affected by a ...)
+	TODO: check
+CVE-2024-41836 (InDesign Desktop versions ID18.5.2, ID19.3 and earlier are affected by ...)
+	TODO: check
+CVE-2024-41668 (The cBioPortal for Cancer Genomics provides visualization, analysis, a ...)
+	TODO: check
+CVE-2024-41665 (Ampache, a web based audio/video streaming application and file manage ...)
+	TODO: check
+CVE-2024-41664 (Canarytokens help track activity and actions on a network. Prior to `s ...)
+	TODO: check
+CVE-2024-41663 (Canarytokens help track activity and actions on a network.  A Cross-Si ...)
+	TODO: check
+CVE-2024-41661 (reNgine is an automated reconnaissance framework for web applications. ...)
+	TODO: check
+CVE-2024-41655 (TF2 Item Format helps users format TF2 items to the community standard ...)
+	TODO: check
+CVE-2024-41319 (TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a comm ...)
+	TODO: check
+CVE-2024-41178 (Exposure of temporary credentials in logsin Apache Arrow Rust Object S ...)
+	TODO: check
+CVE-2024-40060 (go-chart v2.1.1 was discovered to contain an infinite loop via the dra ...)
+	TODO: check
+CVE-2024-39702 (In lj_str_hash.c in OpenResty 1.19.3.1 through 1.25.3.1, the string ha ...)
+	TODO: check
+CVE-2024-34128 (Adobe Experience Manager versions 6.5.20 and earlier are affected by a ...)
+	TODO: check
+CVE-2024-29070 (On versions before 2.1.4,session is not invalidated after logout. When ...)
+	TODO: check
+CVE-2024-1975 (If a server hosts a zone containing a "KEY" Resource Record, or a reso ...)
+	TODO: check
+CVE-2024-1737 (Resolver caches and authoritative zone databases that hold significant ...)
+	TODO: check
+CVE-2024-0760 (A malicious client can send many DNS messages over TCP, potentially ca ...)
+	TODO: check
 CVE-2024-6913 (Execution with unnecessary privileges in PerkinElmer ProcessPlus allow ...)
 	NOT-FOR-US: PerkinElmer ProcessPlus
 CVE-2024-6912 (Use of hard-coded MSSQL credentials in PerkinElmer ProcessPlus on Wind ...)
@@ -326603,10 +326653,10 @@ CVE-2020-11642 (The local file inclusion vulnerability present in B&R SiteManage
 	NOT-FOR-US: B&R SiteManager
 CVE-2020-11641 (A local file inclusion vulnerability in B&R SiteManager versions <9.2. ...)
 	NOT-FOR-US: B&R GateManager
-CVE-2020-11640
-	RESERVED
-CVE-2020-11639
-	RESERVED
+CVE-2020-11640 (AdvaBuild uses a command queue to launch certain operations. An attack ...)
+	TODO: check
+CVE-2020-11639 (An attacker could exploit the vulnerability by injecting garbage data  ...)
+	TODO: check
 CVE-2020-11638
 	RESERVED
 CVE-2020-11637 (A memory leak in the TFTP service in B&R Automation Runtime versions < ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/61b7067d3a5a0e418f73ca09e08b3b1bbf64fdf9

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/61b7067d3a5a0e418f73ca09e08b3b1bbf64fdf9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240723/4222b067/attachment.htm>

More information about the debian-security-tracker-commits mailing list