[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Jun 14 09:16:55 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
77194603 by security tracker role at 2024-06-14T08:14:28+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,323 @@
+CVE-2024-5995 (The notification emails sent by Soar Cloud HR Portal contain a link wi ...)
+ TODO: check
+CVE-2024-5994 (The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulne ...)
+ TODO: check
+CVE-2024-5985 (A vulnerability classified as critical has been found in SourceCodeste ...)
+ TODO: check
+CVE-2024-5984 (A vulnerability was found in itsourcecode Online Bookstore 1.0. It has ...)
+ TODO: check
+CVE-2024-5983 (A vulnerability was found in itsourcecode Online Bookstore 1.0. It has ...)
+ TODO: check
+CVE-2024-5981 (A vulnerability was found in itsourcecode Online House Rental System 1 ...)
+ TODO: check
+CVE-2024-5976 (A vulnerability was found in SourceCodester Employee and Visitor Gate ...)
+ TODO: check
+CVE-2024-5961 (Improper neutralization of input during web page generation vulnerabil ...)
+ TODO: check
+CVE-2024-5577 (The Where I Was, Where I Will Be plugin for WordPress is vulnerable to ...)
+ TODO: check
+CVE-2024-5551 (The WP STAGING Pro WordPress Backup Plugin plugin for WordPress is vul ...)
+ TODO: check
+CVE-2024-5465 (Function vulnerabilities in the Calendar module Impact: Successful exp ...)
+ TODO: check
+CVE-2024-5464 (Vulnerability of insufficient permission verification in the NearLink ...)
+ TODO: check
+CVE-2024-5155 (The Inquiry cart WordPress plugin through 3.4.2 does not have CSRF che ...)
+ TODO: check
+CVE-2024-4936 (The Canto plugin for WordPress is vulnerable to Remote File Inclusion ...)
+ TODO: check
+CVE-2024-4751 (The WP Prayer II WordPress plugin through 2.4.7 does not have CSRF che ...)
+ TODO: check
+CVE-2024-4480 (The WP Prayer II WordPress plugin through 2.4.7 does not have CSRF che ...)
+ TODO: check
+CVE-2024-4404 (The ElementsKit PRO plugin for WordPress is vulnerable to Server-Side ...)
+ TODO: check
+CVE-2024-4271 (The SVGator WordPress plugin through 1.2.6 does not sanitize SVG file ...)
+ TODO: check
+CVE-2024-4270 (The SVGMagic WordPress plugin through 1.1 does not sanitize SVG file c ...)
+ TODO: check
+CVE-2024-4005 (The Social Pixel WordPress plugin through 2.1 does not sanitise and es ...)
+ TODO: check
+CVE-2024-3993 (The AZAN Plugin WordPress plugin through 0.6 does not have CSRF check ...)
+ TODO: check
+CVE-2024-3992 (The Amen WordPress plugin through 3.3.1 does not sanitise and escape s ...)
+ TODO: check
+CVE-2024-3978 (The WordPress Jitsi Shortcode WordPress plugin through 0.1 does not va ...)
+ TODO: check
+CVE-2024-3977 (The WordPress Jitsi Shortcode WordPress plugin through 0.1 does not sa ...)
+ TODO: check
+CVE-2024-3972 (The Similarity WordPress plugin through 3.0 does not have CSRF check i ...)
+ TODO: check
+CVE-2024-3971 (The Similarity WordPress plugin through 3.0 does not have CSRF check i ...)
+ TODO: check
+CVE-2024-3966 (The Pray For Me WordPress plugin through 1.0.4 does not sanitise and e ...)
+ TODO: check
+CVE-2024-3965 (The Pray For Me WordPress plugin through 1.0.4 does not have CSRF chec ...)
+ TODO: check
+CVE-2024-3754 (The Alemha watermarker WordPress plugin through 1.3.1 does not sanitis ...)
+ TODO: check
+CVE-2024-3498 (Attackers can then execute malicious files by enabling certain service ...)
+ TODO: check
+CVE-2024-3497 (Path traversal vulnerability in the web server of the Toshiba printer ...)
+ TODO: check
+CVE-2024-3496 (Attackers can bypass the web login authentication process to gain acce ...)
+ TODO: check
+CVE-2024-3080 (Certain ASUS router models have authentication bypass vulnerability, a ...)
+ TODO: check
+CVE-2024-3079 (Certain models of ASUS routers have buffer overflow vulnerabilities, a ...)
+ TODO: check
+CVE-2024-36503 (Memory management vulnerability in the Gralloc module Impact: Successf ...)
+ TODO: check
+CVE-2024-36502 (Out-of-bounds read vulnerability in the audio module Impact: Successfu ...)
+ TODO: check
+CVE-2024-36501 (Memory management vulnerability in the boottime module Impact: Success ...)
+ TODO: check
+CVE-2024-36500 (Privilege escalation vulnerability in the AMS module Impact: Successfu ...)
+ TODO: check
+CVE-2024-36499 (Vulnerability of unauthorized screenshot capturing in the WMS module I ...)
+ TODO: check
+CVE-2024-33253 (Cross-site scripting (XSS) vulnerability in GUnet OpenEclass E-learnin ...)
+ TODO: check
+CVE-2024-32930 (In plugin_ipc_handler of slc_plugin.c, there is a possible information ...)
+ TODO: check
+CVE-2024-32929 (In gpu_slc_get_region of pixel_gpu_slc.c, there is a possible EoP due ...)
+ TODO: check
+CVE-2024-32926 (there is a possible information disclosure due to side channel informa ...)
+ TODO: check
+CVE-2024-32925 (In dhd_prot_txstatus_process of dhd_msgbuf.c, there is a possible out ...)
+ TODO: check
+CVE-2024-32924 (In DeregAcceptProcINT of cn_NrmmStateDeregInit.cpp, there is a possibl ...)
+ TODO: check
+CVE-2024-32923 (there is a possible cellular denial of service due to a logic error in ...)
+ TODO: check
+CVE-2024-32922 (In gpu_pm_power_on_top_nolock of pixel_gpu_power.c, there is a possibl ...)
+ TODO: check
+CVE-2024-32921 (In lwis_initialize_transaction_fences of lwis_fence.c, there is a poss ...)
+ TODO: check
+CVE-2024-32920 (In set_secure_reg of sac_handler.c, there is a possible out of bounds ...)
+ TODO: check
+CVE-2024-32919 (In lwis_add_completion_fence of lwis_fence.c, there is a possible esca ...)
+ TODO: check
+CVE-2024-32918 (Permission Bypass allowing attackers to disable HDCP 2.2 encryption b ...)
+ TODO: check
+CVE-2024-32917 (In pl330_dma_from_peri_start() of fp_spi_dma.c, there is a possible ou ...)
+ TODO: check
+CVE-2024-32916 (In fvp_freq_histogram_init of fvp.c, there is a possible Information D ...)
+ TODO: check
+CVE-2024-32915 (In CellInfoListParserV2::FillCellInfo() of protocolnetadapter.cpp, the ...)
+ TODO: check
+CVE-2024-32914 (In tpu_get_int_state of tpu.c, there is a possible information disclos ...)
+ TODO: check
+CVE-2024-32913 (In wl_notify_rx_mgmt_frame of wl_cfg80211.c, there is a possible out o ...)
+ TODO: check
+CVE-2024-32912 (there is a possible persistent Denial of Service due to test/debugging ...)
+ TODO: check
+CVE-2024-32911 (There is a possible escalation of privilege due to improperly used cry ...)
+ TODO: check
+CVE-2024-32910 (In handle_msg_shm_map_req of trusty/user/base/lib/spi/srv/tipc/tipc.c, ...)
+ TODO: check
+CVE-2024-32909 (In handle_msg of main.cpp, there is a possible out of bounds write due ...)
+ TODO: check
+CVE-2024-32908 (In sec_media_protect of media.c, there is a possible permission bypass ...)
+ TODO: check
+CVE-2024-32907 (In memcall_add of memlog.c, there is a possible buffer overflow due to ...)
+ TODO: check
+CVE-2024-32906 (In AcvpOnMessage of avcp.cpp, there is a possible EOP due to uninitial ...)
+ TODO: check
+CVE-2024-32905 (In circ_read of link_device_memory_legacy.c, there is a possible out o ...)
+ TODO: check
+CVE-2024-32904 (In ProtocolVsimOperationAdapter() of protocolvsimadapter.cpp, there is ...)
+ TODO: check
+CVE-2024-32903 (In prepare_response_locked of lwis_transaction.c, there is a possible ...)
+ TODO: check
+CVE-2024-32902 (Remote prevention of access to cellular service with no user interacti ...)
+ TODO: check
+CVE-2024-32901 (In v4l2_smfc_qbuf of smfc-v4l2-ioctls.c, there is a possible out of bo ...)
+ TODO: check
+CVE-2024-32900 (In lwis_fence_signal of lwis_debug.c, there is a possible Use after Fr ...)
+ TODO: check
+CVE-2024-32899 (In gpu_pm_power_off_top_nolock of pixel_gpu_power.c, there is a possib ...)
+ TODO: check
+CVE-2024-32898 (In ProtocolCellIdentityParserV4::Parse() of protocolnetadapter.cpp, th ...)
+ TODO: check
+CVE-2024-32897 (In ProtocolCdmaCallWaitingIndAdapter::GetCwInfo() of protocolsmsadapte ...)
+ TODO: check
+CVE-2024-32896 (there is a possible way to bypass due to a logic error in the code. T ...)
+ TODO: check
+CVE-2024-32895 (In BCMFASTPATH of dhd_msgbuf.c, there is a possible out of bounds writ ...)
+ TODO: check
+CVE-2024-32894 (In bc_get_converted_received_bearer of bc_utilities.c, there is a poss ...)
+ TODO: check
+CVE-2024-32893 (In _s5e9865_mif_set_rate of exynos_dvfs.c, there is a possible out of ...)
+ TODO: check
+CVE-2024-32892 (In handle_init of goodix/main/main.c, there is a possible memory corru ...)
+ TODO: check
+CVE-2024-32891 (In sec_media_unprotect of media.c, there is a possible memory corrupti ...)
+ TODO: check
+CVE-2024-31777 (File Upload vulnerability in openeclass v.3.15 and before allows an at ...)
+ TODO: check
+CVE-2024-31163 (ASUS Download Master has a buffer overflow vulnerability. An unauthent ...)
+ TODO: check
+CVE-2024-31162 (The specific function parameter of ASUS Download Master does not prope ...)
+ TODO: check
+CVE-2024-31161 (The upload functionality of ASUS Download Master does not properly fil ...)
+ TODO: check
+CVE-2024-31160 (The parameter used in the certain page of ASUS Download Master is not ...)
+ TODO: check
+CVE-2024-31159 (The parameter used in the certain page of ASUS Download Master is not ...)
+ TODO: check
+CVE-2024-2218 (The LuckyWP Table of Contents WordPress plugin through 2.1.4 does not ...)
+ TODO: check
+CVE-2024-2122 (The Best WordPress Gallery Plugin \u2013 FooGallery plugin for WordPre ...)
+ TODO: check
+CVE-2024-29787 (In lwis_process_transactions_in_queue of lwis_transaction.c, there is ...)
+ TODO: check
+CVE-2024-29786 (In pktproc_fill_data_addr_without_bm of link_rx_pktproc.c, there is a ...)
+ TODO: check
+CVE-2024-29785 (In aur_get_state of aurora.c, there is a possible information disclosu ...)
+ TODO: check
+CVE-2024-29784 (In prepare_response of lwis_periodic_io.c, there is a possible out of ...)
+ TODO: check
+CVE-2024-29781 (In ss_AnalyzeOssReturnResUssdArgIe of ss_OssAsnManagement.c, there is ...)
+ TODO: check
+CVE-2024-29780 (In hwbcc_ns_deprivilege of trusty/user/base/lib/hwbcc/client/hwbcc.c, ...)
+ TODO: check
+CVE-2024-29778 (In ProtocolPsDedicatedBearInfoAdapter::processQosSession of protocolps ...)
+ TODO: check
+CVE-2024-27180 (An attacker with admin access can install rogue applications. As for t ...)
+ TODO: check
+CVE-2024-27179 (Admin cookies are written in clear-text in logs. An attacker can retri ...)
+ TODO: check
+CVE-2024-27178 (An attacker can get Remote Code Execution by overwriting files. Overw ...)
+ TODO: check
+CVE-2024-27177 (An attacker can get Remote Code Execution by overwriting files. Overw ...)
+ TODO: check
+CVE-2024-27176 (An attacker can get Remote Code Execution by overwriting files. Overwr ...)
+ TODO: check
+CVE-2024-27175 (Remote Command program allows an attacker to read any file using a Loc ...)
+ TODO: check
+CVE-2024-27174 (Remote Command program allows an attacker to get Remote Code Execution ...)
+ TODO: check
+CVE-2024-27173 (Remote Command program allows an attacker to get Remote Code Execution ...)
+ TODO: check
+CVE-2024-27172 (Remote Command program allows an attacker to get Remote Code Execution ...)
+ TODO: check
+CVE-2024-27171 (A remote attacker using the insecure upload functionality will be able ...)
+ TODO: check
+CVE-2024-27170 (It was observed that all the Toshiba printers contain credentials used ...)
+ TODO: check
+CVE-2024-27169 (Toshiba printers provides API without authentication for internal acce ...)
+ TODO: check
+CVE-2024-27168 (It appears that some hardcoded keys are used for authentication to int ...)
+ TODO: check
+CVE-2024-27167 (Toshiba printers use Sendmail to send emails to recipients. Sendmail i ...)
+ TODO: check
+CVE-2024-27166 (Coredump binaries in Toshiba printers have incorrect permissions. A lo ...)
+ TODO: check
+CVE-2024-27165 (Toshiba printers contain a suidperl binary and it has a Local Privileg ...)
+ TODO: check
+CVE-2024-27164 (Toshiba printers contain hardcoded credentials. As for the affected pr ...)
+ TODO: check
+CVE-2024-27163 (Toshiba printers will display the password of the admin user in clear- ...)
+ TODO: check
+CVE-2024-27162 (Toshiba printers provide a web interface that will load the JavaScript ...)
+ TODO: check
+CVE-2024-27161 (all the Toshiba printers have programs containing a hardcoded key used ...)
+ TODO: check
+CVE-2024-27160 (All the Toshiba printers contain a shell script using the same hardcod ...)
+ TODO: check
+CVE-2024-27159 (All the Toshiba printers contain a shell script using the same hardcod ...)
+ TODO: check
+CVE-2024-27158 (All the Toshiba printers share the same hardcoded root password. As fo ...)
+ TODO: check
+CVE-2024-27157 (The sessions are stored in clear-text logs. An attacker can retrieve a ...)
+ TODO: check
+CVE-2024-27156 (The session cookies, used for authentication, are stored in clear-text ...)
+ TODO: check
+CVE-2024-27155 (The Toshiba printers are vulnerable to a Local Privilege Escalation vu ...)
+ TODO: check
+CVE-2024-27154 (Passwords are stored in clear-text logs. An attacker can retrieve pass ...)
+ TODO: check
+CVE-2024-27153 (The Toshiba printers are vulnerable to a Local Privilege Escalation vu ...)
+ TODO: check
+CVE-2024-27152 (The Toshiba printers are vulnerable to a Local Privilege Escalation vu ...)
+ TODO: check
+CVE-2024-27151 (The Toshiba printers are vulnerable to a Local Privilege Escalation vu ...)
+ TODO: check
+CVE-2024-27150 (The Toshiba printers are vulnerable to a Local Privilege Escalation vu ...)
+ TODO: check
+CVE-2024-27149 (The Toshiba printers are vulnerable to a Local Privilege Escalation vu ...)
+ TODO: check
+CVE-2024-27148 (The Toshiba printers are vulnerable to a Local Privilege Escalation vu ...)
+ TODO: check
+CVE-2024-27147 (The Toshiba printers are vulnerable to a Local Privilege Escalation vu ...)
+ TODO: check
+CVE-2024-27146 (The Toshiba printers do not implement privileges separation. As for th ...)
+ TODO: check
+CVE-2024-27145 (The Toshiba printers provide several ways to upload files using the ad ...)
+ TODO: check
+CVE-2024-27144 (The Toshiba printers provide several ways to upload files using the we ...)
+ TODO: check
+CVE-2024-27143 (Toshiba printers use SNMP for configuration. Using the private communi ...)
+ TODO: check
+CVE-2024-27142 (Toshiba printers use XML communication for the API endpoint provided b ...)
+ TODO: check
+CVE-2024-27141 (Toshiba printers use XML communication for the API endpoint provided b ...)
+ TODO: check
+CVE-2024-23504 (Missing Authorization vulnerability in WPManageNinja LLC Ninja Tables. ...)
+ TODO: check
+CVE-2024-1295 (The events-calendar-pro WordPress plugin before 6.4.0.1, The Events Ca ...)
+ TODO: check
+CVE-2024-1094 (The Timetics- AI-powered Appointment Booking with Visual Seat Plan and ...)
+ TODO: check
+CVE-2024-0892 (The Schema App Structured Data plugin for WordPress is vulnerable to C ...)
+ TODO: check
+CVE-2024-0103 (NVIDIA Triton Inference Server for Linux contains a vulnerability wher ...)
+ TODO: check
+CVE-2024-0099 (NVIDIA vGPU software for Linux contains a vulnerability in the Virtual ...)
+ TODO: check
+CVE-2024-0095 (NVIDIA Triton Inference Server for Linux and Windows contains a vulner ...)
+ TODO: check
+CVE-2024-0094 (NVIDIA vGPU software for Linux contains a vulnerability in the Virtual ...)
+ TODO: check
+CVE-2024-0093 (NVIDIA GPU software for Linux contains a vulnerability where it can ex ...)
+ TODO: check
+CVE-2024-0089 (NVIDIA GPU Display Driver for Windows contains a vulnerability where t ...)
+ TODO: check
+CVE-2024-0086 (NVIDIA vGPU software for Linux contains a vulnerability where the soft ...)
+ TODO: check
+CVE-2024-0085 (NVIDIA vGPU software for Windows and Linux contains a vulnerability wh ...)
+ TODO: check
+CVE-2024-0084 (NVIDIA vGPU software for Linux contains a vulnerability in the Virtual ...)
+ TODO: check
+CVE-2023-6492 (The Simple Sitemap \u2013 Create a Responsive HTML Sitemap plugin for ...)
+ TODO: check
+CVE-2023-51523 (Missing Authorization vulnerability in WriterSystem WooCommerce Easy D ...)
+ TODO: check
+CVE-2023-51516 (Missing Authorization vulnerability in Business Directory Team Busines ...)
+ TODO: check
+CVE-2023-51507 (Missing Authorization vulnerability in ExpressTech Quiz And Survey Mas ...)
+ TODO: check
+CVE-2023-51497 (Missing Authorization vulnerability in Woo WooCommerce Ship to Multipl ...)
+ TODO: check
+CVE-2023-51496 (Missing Authorization vulnerability in Woo WooCommerce Warranty Reques ...)
+ TODO: check
+CVE-2023-51495 (Missing Authorization vulnerability in Woo WooCommerce Warranty Reques ...)
+ TODO: check
+CVE-2023-51377 (Missing Authorization vulnerability in WPEverest Everest Forms.This is ...)
+ TODO: check
+CVE-2023-37394 (Missing Authorization vulnerability in Deepak anand WP Dummy Content G ...)
+ TODO: check
+CVE-2023-36695 (Missing Authorization vulnerability in Maxime Schoeni Sublanguage.This ...)
+ TODO: check
+CVE-2023-36694 (Missing Authorization vulnerability in Bryan Lee Kingkong Board.This i ...)
+ TODO: check
+CVE-2023-36504 (Missing Authorization vulnerability in BBS e-Theme BBS e-Popup.This is ...)
+ TODO: check
+CVE-2023-35045 (Missing Authorization vulnerability in Fat Rat Fat Rat Collect.This is ...)
+ TODO: check
+CVE-2023-35040 (Missing Authorization vulnerability in SendPress SendPress Newsletters ...)
+ TODO: check
CVE-2024-5952 (Deep Sea Electronics DSE855 Restart Missing Authentication Denial-of-S ...)
NOT-FOR-US: Deep Sea Electronics DSE855 devices
CVE-2024-5951 (Deep Sea Electronics DSE855 Factory Reset Missing Authentication Denia ...)
@@ -188,7 +508,7 @@ CVE-2023-35859 (A Reflected Cross-Site Scripting (XSS) vulnerability in the blog
NOT-FOR-US: Modern Campus Omni CMS
CVE-2023-35858 (XPath Injection vulnerabilities in the blog and RSS functions of Moder ...)
NOT-FOR-US: Modern Campus Omni CMS
-CVE-2024-5469
+CVE-2024-5469 (DoS in KAS in GitLab CE/EE affecting all versions from 16.10.0 prior t ...)
- gitlab <unfixed>
CVE-2024-5787 (The PowerPack Addons for Elementor (Free Widgets, Extensions and Templ ...)
NOT-FOR-US: WordPress plugin
@@ -1179,7 +1499,7 @@ CVE-2024-5693 (Offscreen Canvas did not properly track cross-origin tainting, wh
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-25/#CVE-2024-5693
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-26/#CVE-2024-5693
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-28/#CVE-2024-5693
-CVE-2024-5692 (On Windows, when using the 'Save As' functionality, an attacker could ...)
+CVE-2024-5692 (On Windows 10, when using the 'Save As' functionality, an attacker cou ...)
- firefox <not-affected> (Windows-specific)
- firefox-esr <not-affected> (Windows-specific)
- thunderbird <not-affected> (Windows-specific)
@@ -1217,6 +1537,7 @@ CVE-2024-5687 (If a specific sequence of actions is performed when opening a new
- firefox <not-affected> (Android-specific)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-25/#CVE-2024-5687
CVE-2024-35235 (OpenPrinting CUPS is an open source printing system for Linux and othe ...)
+ {DLA-3826-1}
- cups 2.4.7-2 (bug #1073002)
[bookworm] - cups <no-dsa> (Minor issue)
[bullseye] - cups <no-dsa> (Minor issue)
@@ -1980,7 +2301,8 @@ CVE-2024-5742 (A vulnerability was found in GNU Nano that allows a possible priv
NOTE: Fixed by: https://git.savannah.gnu.org/cgit/nano.git/commit/?id=5e7a3c2e7e118c7f12d5dfda9f9140f638976aa2 (v8.0)
CVE-2024-5770 (The WP Force SSL & HTTPS SSL Redirect plugin for WordPress is vulnerab ...)
NOT-FOR-US: WordPress plugin
-CVE-2024-5758 (The Post Grid Gutenberg Blocks and WordPress Blog Plugin \u2013 PostX ...)
+CVE-2024-5758
+ REJECTED
NOT-FOR-US: WordPress plugin
CVE-2024-5663 (The Cards for Beaver Builder plugin for WordPress is vulnerable to Sto ...)
NOT-FOR-US: WordPress plugin
@@ -2006,7 +2328,7 @@ CVE-2023-49224 (Precor touchscreen console P62, P80, and P82 contains a default
NOT-FOR-US: Precor touchscreen console
CVE-2023-49223 (Precor touchscreen console P62, P80, and P82 could allow a remote atta ...)
NOT-FOR-US: Precor touchscreen console
-CVE-2024-0092
+CVE-2024-0092 (NVIDIA GPU Driver for Windows and Linux contains a vulnerability where ...)
- nvidia-graphics-drivers <unfixed> (bug #1072792)
[bookworm] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
[bullseye] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -2029,14 +2351,14 @@ CVE-2024-0092
- nvidia-open-gpu-kernel-modules <unfixed> (bug #1072800)
[bookworm] - nvidia-open-gpu-kernel-modules <no-dsa> (Contrib not supported)
NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5551
-CVE-2024-0091
+CVE-2024-0091 (NVIDIA GPU Display Driver for Windows and Linux contains a vulnerabili ...)
- nvidia-graphics-drivers <unfixed> (bug #1072792)
[bookworm] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
[bullseye] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
- nvidia-open-gpu-kernel-modules <unfixed> (bug #1072800)
[bookworm] - nvidia-open-gpu-kernel-modules <no-dsa> (Contrib not supported)
NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5551
-CVE-2024-0090
+CVE-2024-0090 (NVIDIA GPU driver for Windows and Linux contains a vulnerability where ...)
- nvidia-graphics-drivers <unfixed> (bug #1072792)
[bookworm] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
[bullseye] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -89643,8 +89965,8 @@ CVE-2023-29176
RESERVED
CVE-2023-29175 (An improper certificate validation vulnerability [CWE-295] in FortiOS ...)
NOT-FOR-US: FortiGuard
-CVE-2023-29174
- RESERVED
+CVE-2023-29174 (Missing Authorization vulnerability in NervyThemes SKU Label Changer F ...)
+ TODO: check
CVE-2023-29173
RESERVED
CVE-2023-29172 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Property ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/771946036475c77c23a02538a2ad8c099ea635c4
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/771946036475c77c23a02538a2ad8c099ea635c4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240614/64d8f819/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list