[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Oct 22 09:12:15 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
608e5648 by security tracker role at 2024-10-22T08:12:07+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,75 @@
+CVE-2024-9677 (The insufficiently protected credentials vulnerability in the CLI comm ...)
+	TODO: check
+CVE-2024-9627 (The TeploBot - Telegram Bot for WP plugin for WordPress is vulnerable  ...)
+	TODO: check
+CVE-2024-9591 (The Category and Taxonomy Image plugin for WordPress is vulnerable to  ...)
+	TODO: check
+CVE-2024-9590 (The Category and Taxonomy Meta Fields plugin for WordPress is vulnerab ...)
+	TODO: check
+CVE-2024-9589 (The Category and Taxonomy Meta Fields plugin for WordPress is vulnerab ...)
+	TODO: check
+CVE-2024-9588 (The Category and Taxonomy Meta Fields plugin for WordPress is vulnerab ...)
+	TODO: check
+CVE-2024-9541 (The News Kit Elementor Addons plugin for WordPress is vulnerable to Se ...)
+	TODO: check
+CVE-2024-8901 (The  AWS ALB Route Directive Adapter For Istio repo https://github.com ...)
+	TODO: check
+CVE-2024-8852 (The All-in-One WP Migration and Backup plugin for WordPress is vulnera ...)
+	TODO: check
+CVE-2024-47224 (A vulnerability in the AWV (Audio, Web and Video Conferencing) compone ...)
+	TODO: check
+CVE-2024-41714 (A vulnerability in the Web Interface component of Mitel MiCollab throu ...)
+	TODO: check
+CVE-2024-41713 (A vulnerability in the NuPoint Unified Messaging (NPM) component of Mi ...)
+	TODO: check
+CVE-2024-41712 (A vulnerability in the Web Conferencing Component of Mitel MiCollab th ...)
+	TODO: check
+CVE-2024-40091 (Vilo 5 Mesh WiFi System <= 5.16.1.33 lacks authentication in the Boa w ...)
+	TODO: check
+CVE-2024-40090 (Vilo 5 Mesh WiFi System <= 5.16.1.33 is vulnerable to Information Disc ...)
+	TODO: check
+CVE-2024-40089 (A Command Injection vulnerability in Vilo 5 Mesh WiFi System <= 5.16.1 ...)
+	TODO: check
+CVE-2024-40088 (A Directory Traversal vulnerability in the Boa webserver of Vilo 5 Mes ...)
+	TODO: check
+CVE-2024-40087 (Vilo 5 Mesh WiFi System <= 5.16.1.33 is vulnerable to Insecure Permiss ...)
+	TODO: check
+CVE-2024-40086 (A Buffer Overflow vulnerability in the local_app_set_router_wifi_SSID_ ...)
+	TODO: check
+CVE-2024-40085 (A Buffer Overflow vulnerability in the local_app_set_router_wan functi ...)
+	TODO: check
+CVE-2024-40084 (A Buffer Overflow in the Boa webserver of Vilo 5 Mesh WiFi System <= 5 ...)
+	TODO: check
+CVE-2024-40083 (A Buffer Overflow vulnerabilty in the local_app_set_router_token funct ...)
+	TODO: check
+CVE-2024-35315 (A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1. ...)
+	TODO: check
+CVE-2024-35314 (A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1. ...)
+	TODO: check
+CVE-2024-35287 (A vulnerability in the NuPoint Messenger (NPM) component of Mitel MiCo ...)
+	TODO: check
+CVE-2024-35286 (A vulnerability in NuPoint Messenger (NPM) of Mitel MiCollab through 9 ...)
+	TODO: check
+CVE-2024-35285 (A vulnerability in NuPoint Messenger (NPM) of Mitel MiCollab through 9 ...)
+	TODO: check
+CVE-2024-30160 (A vulnerability in the Suite Applications Services component of Mitel  ...)
+	TODO: check
+CVE-2024-30159 (A vulnerability in the web conferencing component of Mitel MiCollab th ...)
+	TODO: check
+CVE-2024-30158 (A vulnerability in the web conferencing component of Mitel MiCollab th ...)
+	TODO: check
+CVE-2024-30157 (A vulnerability in the Suite Applications Services component of Mitel  ...)
+	TODO: check
+CVE-2024-10125 (The  Amazon.ApplicationLoadBalancer.Identity.AspNetCore repo https://g ...)
+	TODO: check
+CVE-2024-10003 (The Rover IDX plugin for WordPress is vulnerable to unauthorized acces ...)
+	TODO: check
+CVE-2024-10002 (The Rover IDX plugin for WordPress is vulnerable to Authentication Byp ...)
+	TODO: check
+CVE-2023-52919 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
+	TODO: check
+CVE-2023-52918 (In the Linux kernel, the following vulnerability has been resolved:  m ...)
+	TODO: check
 CVE-2024-8305 (prepareUnique index may cause secondaries to crash due to incorrect en ...)
 	- mongodb <removed>
 CVE-2024-49368 (Nginx UI is a web user interface for the Nginx web server. Prior to ve ...)
@@ -255699,6 +255771,7 @@ CVE-2021-36089 (Grok 7.6.6 through 9.2.0 has a heap-based buffer overflow in grk
 CVE-2021-36088 (Fluent Bit (aka fluent-bit) 1.7.0 through 1.7.4 has a double free in f ...)
 	NOT-FOR-US: Fluent Bit
 CVE-2021-36087 (The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in e ...)
+	{DLA-3930-1}
 	- libsepol 3.3-1 (bug #990526)
 	[buster] - libsepol <no-dsa> (Minor issue)
 	[stretch] - libsepol <no-dsa> (Minor issue)
@@ -255707,6 +255780,7 @@ CVE-2021-36087 (The CIL compiler in SELinux 3.2 has a heap-based buffer over-rea
 	NOTE: https://github.com/SELinuxProject/selinux/commit/bad0a746e9f4cf260dedba5828d9645d50176aac (3.3-rc1)
 	NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml
 CVE-2021-36086 (The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_clas ...)
+	{DLA-3930-1}
 	- libsepol 3.3-1 (bug #990526)
 	[buster] - libsepol <no-dsa> (Minor issue)
 	[stretch] - libsepol <no-dsa> (Minor issue)
@@ -255714,6 +255788,7 @@ CVE-2021-36086 (The CIL compiler in SELinux 3.2 has a use-after-free in cil_rese
 	NOTE: https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8 (3.3-rc1)
 	NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml
 CVE-2021-36085 (The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_c ...)
+	{DLA-3930-1}
 	- libsepol 3.3-1 (bug #990526)
 	[buster] - libsepol <no-dsa> (Minor issue)
 	[stretch] - libsepol <no-dsa> (Minor issue)
@@ -255721,6 +255796,7 @@ CVE-2021-36085 (The CIL compiler in SELinux 3.2 has a use-after-free in __cil_ve
 	NOTE: https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba (3.3-rc1)
 	NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml
 CVE-2021-36084 (The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_c ...)
+	{DLA-3930-1}
 	- libsepol 3.3-1 (bug #990526)
 	[buster] - libsepol <no-dsa> (Minor issue)
 	[stretch] - libsepol <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/608e5648c9a98d2ab9d75ac335f66270480cad31

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/608e5648c9a98d2ab9d75ac335f66270480cad31
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241022/4bcd8cdc/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list