[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Oct 17 23:43:46 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
92253377 by security tracker role at 2024-10-17T20:12:37+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,241 @@
+CVE-2024-9898 (The Parallax Image plugin for WordPress is vulnerable to Stored Cross- ...)
+ TODO: check
+CVE-2024-9414 (In LAquis SCADA version 4.7.1.511, a cross-site scripting vulnerabilit ...)
+ TODO: check
+CVE-2024-9184 (The SendPulse Free Web Push plugin for WordPress is vulnerable to Stor ...)
+ TODO: check
+CVE-2024-8920 (The Fonto \u2013 Custom Web Fonts Manager plugin for WordPress is vuln ...)
+ TODO: check
+CVE-2024-7755 (The EWON FLEXY 202 transmits credentials using a weak encoding method ...)
+ TODO: check
+CVE-2024-6333 (Authenticated Remote Code Execution in Altalink, Versalink & WorkCentr ...)
+ TODO: check
+CVE-2024-49580 (In JetBrains Ktor before 3.0.0 improper caching in HttpCache Plugin co ...)
+ TODO: check
+CVE-2024-49579 (In JetBrains YouTrack before 2024.3.47197 insecure plugin iframe allow ...)
+ TODO: check
+CVE-2024-49400 (Tacquito prior to commit 07b49d1358e6ec0b5aa482fcd284f509191119e2 was ...)
+ TODO: check
+CVE-2024-49399 (The affected product is vulnerable to an attacker being able to use co ...)
+ TODO: check
+CVE-2024-49398 (The affected product is vulnerable to unrestricted file uploads, which ...)
+ TODO: check
+CVE-2024-49397 (The affected product is vulnerable to a cross-site scripting attack wh ...)
+ TODO: check
+CVE-2024-49396 (The affected product is vulnerable due to insufficiently protected cre ...)
+ TODO: check
+CVE-2024-49392 (Stored cross-site scripting (XSS) vulnerability on enrollment invitati ...)
+ TODO: check
+CVE-2024-49391 (Local privilege escalation due to DLL hijacking vulnerability. The fol ...)
+ TODO: check
+CVE-2024-49390 (Local privilege escalation due to DLL hijacking vulnerability. The fol ...)
+ TODO: check
+CVE-2024-49389 (Local privilege escalation due to insecure folder permissions. The fol ...)
+ TODO: check
+CVE-2024-49386 (Sensitive information disclosure due to spell-jacking. The following p ...)
+ TODO: check
+CVE-2024-49322 (Incorrect Privilege Assignment vulnerability in CodePassenger Job Boar ...)
+ TODO: check
+CVE-2024-49320 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49319 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49318 (Deserialization of Untrusted Data vulnerability in Scott Olson My Read ...)
+ TODO: check
+CVE-2024-49317 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2024-49316 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49315 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
+ TODO: check
+CVE-2024-49314 (Unrestricted Upload of File with Dangerous Type vulnerability in \u917 ...)
+ TODO: check
+CVE-2024-49313 (Cross-Site Request Forgery (CSRF) vulnerability in RudeStan VKontakte ...)
+ TODO: check
+CVE-2024-49312 (Server-Side Request Forgery (SSRF) vulnerability in WisdmLabs Edwiser ...)
+ TODO: check
+CVE-2024-49311 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49310 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49309 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49308 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49307 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49305 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2024-49304 (Cross-Site Request Forgery (CSRF) vulnerability in PINPOINT.WORLD Pinp ...)
+ TODO: check
+CVE-2024-49302 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49301 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49299 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2024-49298 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49297 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2024-49296 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49295 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49292 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49291 (Unrestricted Upload of File with Dangerous Type vulnerability in Gora ...)
+ TODO: check
+CVE-2024-49289 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49288 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49287 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
+ TODO: check
+CVE-2024-49285 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
+ TODO: check
+CVE-2024-49284 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
+ TODO: check
+CVE-2024-49283 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49282 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49281 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49280 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49279 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49278 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49277 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49276 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49264 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49263 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49262 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49261 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49259 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49255 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49248 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49246 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2024-49244 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2024-49237 (Cross-Site Request Forgery (CSRF) vulnerability in Ahmet Imamoglu Ahme ...)
+ TODO: check
+CVE-2024-49235 (Insertion of Sensitive Information Into Sent Data vulnerability in Vid ...)
+ TODO: check
+CVE-2024-49229 (Cross-Site Request Forgery (CSRF) vulnerability in Arif Nezami Better ...)
+ TODO: check
+CVE-2024-49223 (Cross-Site Request Forgery (CSRF) vulnerability in Shibu Lijack a.K.A ...)
+ TODO: check
+CVE-2024-49221 (Cross-Site Request Forgery (CSRF) vulnerability in Julian Weinert // c ...)
+ TODO: check
+CVE-2024-49220 (Cross-Site Request Forgery (CSRF) vulnerability in Cookie Scanner \u20 ...)
+ TODO: check
+CVE-2024-49219 (Incorrect Privilege Assignment vulnerability in themexpo RS-Members al ...)
+ TODO: check
+CVE-2024-49217 (Incorrect Privilege Assignment vulnerability in Madiri Salman Aashish ...)
+ TODO: check
+CVE-2024-48920 (PutongOJ is online judging software. Prior to version 2.1.0-beta.1, un ...)
+ TODO: check
+CVE-2024-48638 (D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered t ...)
+ TODO: check
+CVE-2024-48637 (D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered t ...)
+ TODO: check
+CVE-2024-48636 (D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered t ...)
+ TODO: check
+CVE-2024-48635 (D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered t ...)
+ TODO: check
+CVE-2024-48634 (D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered t ...)
+ TODO: check
+CVE-2024-48633 (D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered t ...)
+ TODO: check
+CVE-2024-48632 (D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered t ...)
+ TODO: check
+CVE-2024-48631 (D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered t ...)
+ TODO: check
+CVE-2024-48630 (D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered t ...)
+ TODO: check
+CVE-2024-48629 (D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered t ...)
+ TODO: check
+CVE-2024-48192 (Tenda G3 v15.01.0.5(2848_755)_EN was discovered to contain a hardcoded ...)
+ TODO: check
+CVE-2024-48048 (Cross-Site Request Forgery (CSRF) vulnerability in WSIFY \u2013 Sales ...)
+ TODO: check
+CVE-2024-48047 (Cross-Site Request Forgery (CSRF) vulnerability in Razon Komar Pal Lin ...)
+ TODO: check
+CVE-2024-48046 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-48043 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2024-48038 (Cross-Site Request Forgery (CSRF) vulnerability in Hans Matzen wp-Mona ...)
+ TODO: check
+CVE-2024-48037 (Cross-Site Request Forgery (CSRF) vulnerability in A WP Life Contact F ...)
+ TODO: check
+CVE-2024-48036 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-48032 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-48031 (Cross-Site Request Forgery (CSRF) vulnerability in Sumit Surai Feature ...)
+ TODO: check
+CVE-2024-48025 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-48024 (: Exposure of Sensitive System Information to an Unauthorized Control ...)
+ TODO: check
+CVE-2024-48023 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-48022 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-48021 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-47459 (Substance3D - Sampler versions 4.5 and earlier are affected by a NULL ...)
+ TODO: check
+CVE-2024-47312 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2024-47304 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2024-45713 (SolarWinds Kiwi CatTools is susceptible to a sensitive data disclosure ...)
+ TODO: check
+CVE-2024-43997 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-10101 (A stored cross-site scripting (XSS) vulnerability exists in binary-hus ...)
+ TODO: check
+CVE-2024-10100 (A path traversal vulnerability exists in binary-husky/gpt_academic ver ...)
+ TODO: check
+CVE-2024-10099 (A stored cross-site scripting (XSS) vulnerability exists in comfyanony ...)
+ TODO: check
+CVE-2024-10073 (A vulnerability, which was classified as critical, was found in flairN ...)
+ TODO: check
+CVE-2024-10072 (A vulnerability, which was classified as critical, has been found in E ...)
+ TODO: check
+CVE-2024-10071 (A vulnerability classified as critical was found in ESAFENET CDG 5. Th ...)
+ TODO: check
+CVE-2024-10070 (A vulnerability classified as critical has been found in ESAFENET CDG ...)
+ TODO: check
+CVE-2024-10069 (A vulnerability was found in ESAFENET CDG 5. It has been rated as crit ...)
+ TODO: check
+CVE-2024-10068 (A vulnerability was found in OpenSight Software FlashFXP 5.4.0.3970. I ...)
+ TODO: check
+CVE-2024-10025 (A vulnerability in the .sdd file allows an attacker to read default pa ...)
+ TODO: check
+CVE-2023-6729 (Nokia SR OS routers allow read-write access to the entire file system ...)
+ TODO: check
+CVE-2023-6728 (Nokia SR OS bof.cfg file encryption is vulnerable to a brute force att ...)
+ TODO: check
+CVE-2018-25104 (A vulnerability was found in CoinGate Plugin up to 1.2.7 on PrestaShop ...)
+ TODO: check
+CVE-2005-10003 (A vulnerability classified as critical has been found in mikexstudios ...)
+ TODO: check
CVE-2024-9951 (The WP Photo Album Plus plugin for WordPress is vulnerable to Reflecte ...)
NOT-FOR-US: WordPress plugin
CVE-2024-9940 (The Calculated Fields Form plugin for WordPress is vulnerable to HTML ...)
@@ -1594,7 +1832,7 @@ CVE-2024-46871 (In the Linux kernel, the following vulnerability has been resolv
CVE-2024-46870 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.10.9-1
NOTE: https://git.kernel.org/linus/7c70e60fbf4bff1123f0e8d5cb1ae71df6164d7f (6.11-rc1)
-CVE-2024-9683
+CVE-2024-9683 (A vulnerability was found in Quay, which allows successful authenticat ...)
NOT-FOR-US: Quay
CVE-2024-6861
- foreman <itp> (bug #663101)
@@ -4533,25 +4771,25 @@ CVE-2024-47169 (Agnai is an artificial-intelligence-agnostic multi-user, mult-bo
NOT-FOR-US: Agnai
CVE-2024-47145 (Mattermost versions 9.5.x <= 9.5.8 fail to properly authorize access t ...)
- mattermost-server <itp> (bug #823556)
-CVE-2024-47130 (The goTenna Pro series allows unauthenticated attackers to remotely up ...)
+CVE-2024-47130 (The goTenna Pro App allows unauthenticated attackers to remotely updat ...)
NOT-FOR-US: goTenna Pro
-CVE-2024-47129 (The goTenna Pro has a payload length vulnerability that makes it possi ...)
+CVE-2024-47129 (The goTenna Pro App does not inject extra characters into broadcasted ...)
NOT-FOR-US: goTenna Pro
-CVE-2024-47128 (The goTenna Pro broadcast key name is always sent unencrypted and coul ...)
+CVE-2024-47128 (The goTenna Pro App encryption key name is always sent unencrypted whe ...)
NOT-FOR-US: goTenna Pro
-CVE-2024-47127 (In the goTenna Pro there is a vulnerability that makes it possible to ...)
+CVE-2024-47127 (In the goTenna Pro App there is a vulnerability that makes it possible ...)
NOT-FOR-US: goTenna Pro
-CVE-2024-47126 (The goTenna Pro series does not use SecureRandom when generating its c ...)
+CVE-2024-47126 (The goTenna Pro App does not use SecureRandom when generating password ...)
NOT-FOR-US: goTenna Pro
-CVE-2024-47125 (The goTenna Pro series does not authenticate public keys which allows ...)
+CVE-2024-47125 (The goTenna Pro App does not authenticate public keys which allows an ...)
NOT-FOR-US: goTenna Pro
-CVE-2024-47124 (The goTenna pro series does not encrypt the callsigns of its users. Th ...)
+CVE-2024-47124 (The goTenna Pro App does not encrypt callsigns in messages. It is rec ...)
NOT-FOR-US: goTenna Pro
-CVE-2024-47123 (The goTenna Pro series use AES CTR mode for short, encrypted messages ...)
+CVE-2024-47123 (The goTenna Pro App uses AES CTR type encryption for short, encrypted ...)
NOT-FOR-US: goTenna Pro
-CVE-2024-47122 (In the goTenna Pro application, the encryption keys are stored along w ...)
+CVE-2024-47122 (In the goTenna Pro App, the encryption keys are stored along with a s ...)
NOT-FOR-US: goTenna Pro
-CVE-2024-47121 (The goTenna Pro series uses a weak password for the QR broadcast messa ...)
+CVE-2024-47121 (The goTenna Pro App uses a weak password for sharing encryption keys v ...)
NOT-FOR-US: goTenna Pro
CVE-2024-47075 (LayUI is a native minimalist modular Web UI component library. Version ...)
NOT-FOR-US: LayUI
@@ -4593,31 +4831,31 @@ CVE-2024-45979 (A host header injection vulnerability in Lines Police CAD 1.0 al
NOT-FOR-US: Lines Police CAD
CVE-2024-45843 (Mattermost versions 9.5.x <= 9.5.8 fail to include themetadata endpoin ...)
- mattermost-server <itp> (bug #823556)
-CVE-2024-45838 (The goTenna Pro ATAK Plugin does not encrypt the callsigns of its user ...)
+CVE-2024-45838 (The goTenna Pro ATAK Plugin does not encrypt callsigns in messages. It ...)
NOT-FOR-US: goTenna Pro
CVE-2024-45723 (The goTenna Pro ATAK Plugin does not use SecureRandom when generating ...)
NOT-FOR-US: goTenna Pro
-CVE-2024-45374 (In the goTenna Pro ATAK Plugin application, the encryption keys are s ...)
+CVE-2024-45374 (The goTenna Pro ATAK plugin uses a weak password for sharing encryptio ...)
NOT-FOR-US: goTenna Pro
CVE-2024-45042 (Ory Kratos is an identity, user management and authentication system f ...)
NOT-FOR-US: Ory Kratos
CVE-2024-44860 (An information disclosure vulnerability in the /Letter/PrintQr/ endpoi ...)
NOT-FOR-US: Solvait
-CVE-2024-43814 (goTenna Pro ATAK Plugin by default enables frequent unencrypted Posit ...)
+CVE-2024-43814 (The goTenna Pro ATAK Plugin's default settings are to share Automatic ...)
NOT-FOR-US: goTenna Pro
CVE-2024-43694 (In the goTenna Pro ATAK Plugin application, the encryption keys are s ...)
NOT-FOR-US: goTenna Pro
CVE-2024-43191 (IBM ManageIQ could allow a remote authenticated attacker to execute ar ...)
NOT-FOR-US: IBM
-CVE-2024-43108 (The goTenna Pro ATAK Plugin use AES CTR mode for short, encrypted mes ...)
+CVE-2024-43108 (The goTenna Pro ATAK Plugin uses AES CTR type encryption for short, e ...)
NOT-FOR-US: goTenna Pro
CVE-2024-42406 (Mattermost versions 9.11.x <= 9.11.0, 9.10.x <= 9.10.1, 9.9.x <= 9.9.2 ...)
- mattermost-server <itp> (bug #823556)
-CVE-2024-41931 (The goTenna Pro ATAK Plugin broadcast key name is always sent unencryp ...)
+CVE-2024-41931 (The goTenna Pro ATAK Plugin encryption key name is always sent unencr ...)
NOT-FOR-US: goTenna Pro
CVE-2024-41722 (In the goTenna Pro ATAK Plugin there is a vulnerability that makes it ...)
NOT-FOR-US: goTenna Pro
-CVE-2024-41715 (The goTenna Pro ATAK Plugin has a payload length vulnerability that m ...)
+CVE-2024-41715 (The goTenna Pro ATAK Plugin does not inject extra characters into bro ...)
NOT-FOR-US: goTenna Pro
CVE-2024-41605 (In Foxit PDF Reader before 2024.3, and PDF Editor before 2024.3 and 13 ...)
NOT-FOR-US: Foxit PDF Reader
@@ -17868,7 +18106,7 @@ CVE-2024-3986 (The SportsPress WordPress plugin before 2.7.22 does not sanitise
NOT-FOR-US: WordPress plugin
CVE-2024-3669 (The Web Directory Free WordPress plugin before 1.7.2 does not sanitise ...)
NOT-FOR-US: WordPress plugin
-CVE-2024-3219 (There is a MEDIUM severity vulnerability affecting CPython. The \u20 ...)
+CVE-2024-3219 (The \u201csocket\u201d module provides a pure-Python fallback to the ...)
- python3.13 <not-affected> (Windows-specific)
- python3.12 <not-affected> (Windows-specific)
- python3.11 <not-affected> (Windows-specific)
@@ -63285,17 +63523,17 @@ CVE-2023-45600 (A CWE-613 \u201cInsufficient Session Expiration\u201d vulnerabil
NOT-FOR-US: AiLux imx6
CVE-2023-45599 (A CWE-646 \u201cReliance on File Name or Extension of Externally-Suppl ...)
NOT-FOR-US: AiLux imx6
-CVE-2023-45598 (A CWE-862 \u201cMissing Authorization\u201d vulnerability in the \u201 ...)
+CVE-2023-45598 (A CWE-425 \u201cDirect Request ('Forced Browsing')\u201d vulnerability ...)
NOT-FOR-US: AiLux imx6
CVE-2023-45597 (A CWE-1236 \u201cImproper Neutralization of Formula Elements in a CSV ...)
NOT-FOR-US: AiLux imx6
-CVE-2023-45596 (A CWE-862 \u201cMissing Authorization\u201d vulnerability in the \u201 ...)
+CVE-2023-45596 (A CWE-425 \u201cDirect Request ('Forced Browsing')\u201d vulnerability ...)
NOT-FOR-US: AiLux imx6
CVE-2023-45595 (A CWE-434 \u201cUnrestricted Upload of File with Dangerous Type\u201d ...)
NOT-FOR-US: AiLux imx6
CVE-2023-45594 (A CWE-552 \u201cFiles or Directories Accessible to External Parties\u2 ...)
NOT-FOR-US: AiLux imx6
-CVE-2023-45593 (A CWE-693 \u201cProtection Mechanism Failure\u201d vulnerability in th ...)
+CVE-2023-45593 (A CWE-184 \u201cIncomplete List of Disallowed Inputs\u201d vulnerabili ...)
NOT-FOR-US: AiLux imx6
CVE-2023-45592 (A CWE-250 \u201cExecution with Unnecessary Privileges\u201d vulnerabil ...)
NOT-FOR-US: AiLux imx6
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/922533772811dbd1bb44d56e9d073a4d4999fa01
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/922533772811dbd1bb44d56e9d073a4d4999fa01
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241017/6b325636/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list