[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Oct 7 09:12:34 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1c762eec by security tracker role at 2024-10-07T08:12:24+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,47 @@
+CVE-2024-9565 (A vulnerability has been found in D-Link DIR-605L 2.13B01 BETA and cla ...)
+	TODO: check
+CVE-2024-9564 (A vulnerability, which was classified as critical, was found in D-Link ...)
+	TODO: check
+CVE-2024-9563 (A vulnerability, which was classified as critical, has been found in D ...)
+	TODO: check
+CVE-2024-9562 (A vulnerability classified as critical was found in D-Link DIR-605L 2. ...)
+	TODO: check
+CVE-2024-9561 (A vulnerability classified as critical has been found in D-Link DIR-60 ...)
+	TODO: check
+CVE-2024-9560 (A vulnerability was found in ESAFENET CDG V5. It has been rated as cri ...)
+	TODO: check
+CVE-2024-47344 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
+	TODO: check
+CVE-2024-47335 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+	TODO: check
+CVE-2024-20103 (In wlan firmware, there is a possible out of bounds write due to impro ...)
+	TODO: check
+CVE-2024-20102 (In wlan driver, there is a possible out of bounds read due to improper ...)
+	TODO: check
+CVE-2024-20101 (In wlan driver, there is a possible out of bounds write due to imprope ...)
+	TODO: check
+CVE-2024-20100 (In wlan driver, there is a possible out of bounds write due to imprope ...)
+	TODO: check
+CVE-2024-20099 (In power, there is a possible out of bounds write due to a missing bou ...)
+	TODO: check
+CVE-2024-20098 (In power, there is a possible out of bounds write due to a missing bou ...)
+	TODO: check
+CVE-2024-20097 (In vdec, there is a possible out of bounds read due to a missing bound ...)
+	TODO: check
+CVE-2024-20096 (In m4u, there is a possible out of bounds read due to a missing bounds ...)
+	TODO: check
+CVE-2024-20095 (In m4u, there is a possible out of bounds read due to a missing bounds ...)
+	TODO: check
+CVE-2024-20094 (In Modem, there is a possible system crash due to a missing bounds che ...)
+	TODO: check
+CVE-2024-20093 (In vdec, there is a possible out of bounds read due to a missing bound ...)
+	TODO: check
+CVE-2024-20092 (In vdec, there is a possible out of bounds write due to a missing boun ...)
+	TODO: check
+CVE-2024-20091 (In vdec, there is a possible out of bounds read due to a missing bound ...)
+	TODO: check
+CVE-2024-20090 (In vdec, there is a possible out of bounds write due to a missing boun ...)
+	TODO: check
 CVE-2024-9559 (A vulnerability was found in D-Link DIR-605L 2.13B01 BETA. It has been ...)
 	NOT-FOR-US: D-Link
 CVE-2024-9558 (A vulnerability was found in D-Link DIR-605L 2.13B01 BETA and classifi ...)
@@ -514,7 +558,7 @@ CVE-2024-6442 (In ascs_cp_rsp_add in /subsys/bluetooth/audio/ascs.c, an unchecke
 CVE-2024-47855 (util/JSONTokener.java in JSON-lib before 3.1.0 mishandles an unbalance ...)
 	- libjson-java <unfixed> (bug #1084191)
 	NOTE: Fixed by: https://github.com/kordamp/json-lib/commit/a0c4a0eae277130e22979cf307c95dec4005a78e (v3.1.0)
-CVE-2024-47854 (A vulnerability was discovered in Veritas Data Insight before 7.1. It  ...)
+CVE-2024-47854 (An XSS vulnerability was discovered in Veritas Data Insight before 7.1 ...)
 	NOT-FOR-US: Veritas Data Insight
 CVE-2024-47850 (CUPS cups-browsed before 2.5b1 will send an HTTP POST request to an ar ...)
 	- cups-filters <unfixed>
@@ -574,7 +618,7 @@ CVE-2024-45871 (Bandisoft BandiView 7.05 is Incorrect Access Control via sub_0x2
 CVE-2024-45870 (Bandisoft BandiView 7.05 is vulnerable to Incorrect Access Control in  ...)
 	NOT-FOR-US: Bandisoft BandiView
 CVE-2024-42415 (An integer overflow vulnerability exists in the Compound Document Bina ...)
-	{DSA-5786-1}
+	{DSA-5786-1 DLA-3911-1}
 	- libgsf <unfixed> (bug #1084056)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2024-2069
 	NOTE: https://gitlab.gnome.org/GNOME/libgsf/-/issues/34
@@ -618,7 +662,7 @@ CVE-2024-41163 (A directory traversal vulnerability exists in the archive downlo
 CVE-2024-39755 (A privilege escalation vulnerability exists in the Veertu Anka Build 1 ...)
 	NOT-FOR-US: Veertu Anka
 CVE-2024-36474 (An integer overflow vulnerability exists in the Compound Document Bina ...)
-	{DSA-5786-1}
+	{DSA-5786-1 DLA-3911-1}
 	- libgsf <unfixed> (bug #1084056)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2024-2068
 	NOTE: https://gitlab.gnome.org/GNOME/libgsf/-/issues/34



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c762eec8ec73c98f4826566c8e3faae0700b561

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c762eec8ec73c98f4826566c8e3faae0700b561
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241007/56375e19/attachment.htm>

More information about the debian-security-tracker-commits mailing list