[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Jul 29 09:12:27 BST 2024



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7cf2ac1d by security tracker role at 2024-07-29T08:12:12+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,24 +1,92 @@
-CVE-2024-41019 [fs/ntfs3: Validate ff offset]
+CVE-2024-7202 (The query functionality of WinMatrix3 Web package from Simopro Technol ...)
+	TODO: check
+CVE-2024-7201 (The login functionality of WinMatrix3 Web package from Simopro Technol ...)
+	TODO: check
+CVE-2024-7190 (A vulnerability classified as critical was found in itsourcecode Socie ...)
+	TODO: check
+CVE-2024-7189 (A vulnerability classified as critical has been found in itsourcecode  ...)
+	TODO: check
+CVE-2024-7188 (A vulnerability was found in Bylancer Quicklancer 2.4. It has been rat ...)
+	TODO: check
+CVE-2024-7187 (A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. I ...)
+	TODO: check
+CVE-2024-7186 (A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. I ...)
+	TODO: check
+CVE-2024-7185 (A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102 an ...)
+	TODO: check
+CVE-2024-7184 (A vulnerability has been found in TOTOLINK A3600R 4.1.2cu.5182_B202011 ...)
+	TODO: check
+CVE-2024-7183 (A vulnerability, which was classified as critical, was found in TOTOLI ...)
+	TODO: check
+CVE-2024-7182 (A vulnerability, which was classified as critical, has been found in T ...)
+	TODO: check
+CVE-2024-7181 (A vulnerability classified as critical was found in TOTOLINK A3600R 4. ...)
+	TODO: check
+CVE-2024-7180 (A vulnerability classified as critical has been found in TOTOLINK A360 ...)
+	TODO: check
+CVE-2024-7179 (A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. I ...)
+	TODO: check
+CVE-2024-7178 (A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. I ...)
+	TODO: check
+CVE-2024-7177 (A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. I ...)
+	TODO: check
+CVE-2024-7176 (A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102 an ...)
+	TODO: check
+CVE-2024-7175 (A vulnerability has been found in TOTOLINK A3600R 4.1.2cu.5182_B202011 ...)
+	TODO: check
+CVE-2024-7174 (A vulnerability, which was classified as critical, was found in TOTOLI ...)
+	TODO: check
+CVE-2024-7173 (A vulnerability, which was classified as critical, has been found in T ...)
+	TODO: check
+CVE-2024-7172 (A vulnerability classified as critical was found in TOTOLINK A3600R 4. ...)
+	TODO: check
+CVE-2024-7171 (A vulnerability classified as critical has been found in TOTOLINK A360 ...)
+	TODO: check
+CVE-2024-7170 (A vulnerability was found in TOTOLINK A3000RU 5.9c.5185. It has been r ...)
+	TODO: check
+CVE-2024-6487 (The Inline Related Posts WordPress plugin before 3.8.0 does not saniti ...)
+	TODO: check
+CVE-2024-6366 (The User Profile Builder  WordPress plugin before 3.11.8 does not have ...)
+	TODO: check
+CVE-2024-6362 (The Ultimate Blocks  WordPress plugin before 3.2.0 does not validate a ...)
+	TODO: check
+CVE-2024-5883 (The Ultimate Classified Listings WordPress plugin before 1.3 does not  ...)
+	TODO: check
+CVE-2024-5882 (The Ultimate Classified Listings WordPress plugin before 1.3 does not  ...)
+	TODO: check
+CVE-2024-5670 (The web services of Softnext's products, Mail SQR Expert and Mail Arch ...)
+	TODO: check
+CVE-2024-5285 (The wp-affiliate-platform WordPress plugin before 6.5.2 does not have  ...)
+	TODO: check
+CVE-2024-4483 (The Email Encoder  WordPress plugin before 2.2.2 does not escape the W ...)
+	TODO: check
+CVE-2024-41637 (RaspAP before 3.1.5 allows an attacker to escalate privileges: the www ...)
+	TODO: check
+CVE-2024-37381 (An unspecified SQL Injection vulnerability in Core server of Ivanti EP ...)
+	TODO: check
+CVE-2024-32671 (Heap-based Buffer Overflow vulnerability in Samsung Open Source Escarg ...)
+	TODO: check
+CVE-2024-41019 (In the Linux kernel, the following vulnerability has been resolved:  f ...)
 	- linux 6.9.12-1
 	NOTE: https://git.kernel.org/linus/50c47879650b4c97836a0086632b3a2e300b0f06 (6.11-rc1)
-CVE-2024-41018 [fs/ntfs3: Add a check for attr_names and oatbl]
+CVE-2024-41018 (In the Linux kernel, the following vulnerability has been resolved:  f ...)
 	- linux 6.9.12-1
 	[bookworm] - linux <not-affected> (Vulnerable code not present)
 	[bullseye] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/702d4930eb06dcfda85a2fa67e8a1a27bfa2a845 (6.11-rc1)
-CVE-2024-41017 [jfs: don't walk off the end of ealist]
+CVE-2024-41017 (In the Linux kernel, the following vulnerability has been resolved:  j ...)
 	- linux 6.9.12-1
 	NOTE: https://git.kernel.org/linus/d0fa70aca54c8643248e89061da23752506ec0d4 (6.11-rc1)
-CVE-2024-41016 [ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry()]
+CVE-2024-41016 (In the Linux kernel, the following vulnerability has been resolved:  o ...)
 	- linux <unfixed>
 	NOTE: https://git.kernel.org/linus/af77c4fc1871847b528d58b7fdafb4aa1f6a9262 (6.11-rc1)
-CVE-2024-41015 [ocfs2: add bounds checking to ocfs2_check_dir_entry()]
+CVE-2024-41015 (In the Linux kernel, the following vulnerability has been resolved:  o ...)
 	- linux 6.9.12-1
 	NOTE: https://git.kernel.org/linus/255547c6bb8940a97eea94ef9d464ea5967763fb (6.11-rc1)
-CVE-2024-41014 [xfs: add bounds checking to xlog_recover_process_data]
+CVE-2024-41014 (In the Linux kernel, the following vulnerability has been resolved:  x ...)
 	- linux <unfixed>
 	NOTE: https://git.kernel.org/linus/fb63435b7c7dc112b1ae1baea5486e0a6e27b196 (6.11-rc1)
-CVE-2024-41013 [xfs: don't walk off the end of a directory data block]
+CVE-2024-41013 (In the Linux kernel, the following vulnerability has been resolved:  x ...)
 	- linux <unfixed>
 	NOTE: https://git.kernel.org/linus/0c7fcdb6d06cdf8b19b57c17605215b06afa864a (6.11-rc1)
 CVE-2024-7169 (A vulnerability classified as problematic has been found in SourceCode ...)
@@ -406,10 +474,10 @@ CVE-2024-41136 (An authenticated command injection vulnerability exists in the H
 	NOT-FOR-US: HPE Aruba Networking EdgeConnect SD-WAN gateways
 CVE-2024-0231 (A resource misdirection vulnerability in GitLab CE/EE versions 12.0 pr ...)
 	- gitlab <unfixed>
-CVE-2024-41091
+CVE-2024-41091 (In the Linux kernel, the following vulnerability has been resolved:  t ...)
 	- linux 6.9.12-1
 	NOTE: https://git.kernel.org/linus/049584807f1d797fc3078b68035450a9769eb5c3
-CVE-2024-41090
+CVE-2024-41090 (In the Linux kernel, the following vulnerability has been resolved:  t ...)
 	- linux 6.9.12-1
 	NOTE: https://git.kernel.org/linus/ed7f2afdd0e043a397677e597ced0830b83ba0b3
 CVE-2024-7005



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7cf2ac1d0c529d2cb7e768feb63dbf2dc00bac39

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7cf2ac1d0c529d2cb7e768feb63dbf2dc00bac39
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240729/d82fb2fa/attachment.htm>


More information about the debian-security-tracker-commits mailing list