[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Sep 17 09:12:19 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1d8ffb3e by security tracker role at 2024-09-17T08:12:12+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,221 @@
+CVE-2024-8490 (The PropertyHive plugin for WordPress is vulnerable to Cross-Site Requ ...)
+	TODO: check
+CVE-2024-8110 (Denial of Service (DoS) vulnerability has been found in Dual-redundant ...)
+	TODO: check
+CVE-2024-8093 (The Posts reminder WordPress plugin through 0.20 does not have CSRF ch ...)
+	TODO: check
+CVE-2024-8092 (The Accordion Image Menu WordPress plugin through 3.1.3 does not have  ...)
+	TODO: check
+CVE-2024-8091 (The Enhanced Search Box WordPress plugin through 0.6.1 does not have C ...)
+	TODO: check
+CVE-2024-8052 (The Review Ratings WordPress plugin through 1.6 does not have CSRF che ...)
+	TODO: check
+CVE-2024-8051 (The Special Feed Items WordPress plugin through 1.0.1 does not have CS ...)
+	TODO: check
+CVE-2024-8047 (The Visual Sound (old) WordPress plugin through 1.06 does not have CSR ...)
+	TODO: check
+CVE-2024-8044 (The infolinks Ad Wrap WordPress plugin through 1.0.2 does not have CSR ...)
+	TODO: check
+CVE-2024-8043 (The Vikinghammer Tweet WordPress plugin through 0.2.4 does not have CS ...)
+	TODO: check
+CVE-2024-7387 (A flaw was found in openshift/builder. This vulnerability allows comma ...)
+	TODO: check
+CVE-2024-6685 (An issue was discovered in GitLab CE/EE affecting all versions startin ...)
+	TODO: check
+CVE-2024-5170 (The Logo Manager For Enamad WordPress plugin through 0.7.1 does not sa ...)
+	TODO: check
+CVE-2024-4283 (An issue has been discovered in GitLab EE affecting all versions start ...)
+	TODO: check
+CVE-2024-45496 (A flaw was found in OpenShift. This issue occurs due to the misuse of  ...)
+	TODO: check
+CVE-2024-45416 (The HTTPD binary in multiple ZTE routers has a local file inclusion vu ...)
+	TODO: check
+CVE-2024-45415 (The HTTPD binary in multiple ZTE routers has a stack-based buffer over ...)
+	TODO: check
+CVE-2024-45414 (The HTTPD binary in multiple ZTE routers has a stack-based buffer over ...)
+	TODO: check
+CVE-2024-45413 (The HTTPD binary in multiple ZTE routers has a stack-based buffer over ...)
+	TODO: check
+CVE-2024-44202 (An authentication issue was addressed with improved state management.  ...)
+	TODO: check
+CVE-2024-44198 (An integer overflow was addressed through improved input validation. T ...)
+	TODO: check
+CVE-2024-44191 (This issue was addressed through improved state management. This issue ...)
+	TODO: check
+CVE-2024-44190 (A path handling issue was addressed with improved validation. This iss ...)
+	TODO: check
+CVE-2024-44189 (The issue was addressed with improved checks. This issue is fixed in m ...)
+	TODO: check
+CVE-2024-44188 (A permissions issue was addressed with additional restrictions. This i ...)
+	TODO: check
+CVE-2024-44187 (A cross-origin issue existed with "iframe" elements. This was addresse ...)
+	TODO: check
+CVE-2024-44186 (An access issue was addressed with additional sandbox restrictions. Th ...)
+	TODO: check
+CVE-2024-44184 (A permissions issue was addressed with additional restrictions. This i ...)
+	TODO: check
+CVE-2024-44183 (A logic error was addressed with improved error handling. This issue i ...)
+	TODO: check
+CVE-2024-44182 (This issue was addressed with improved redaction of sensitive informat ...)
+	TODO: check
+CVE-2024-44181 (An issue was addressed with improved handling of temporary files. This ...)
+	TODO: check
+CVE-2024-44180 (The issue was addressed with improved checks. This issue is fixed in i ...)
+	TODO: check
+CVE-2024-44178 (This issue was addressed with improved validation of symlinks. This is ...)
+	TODO: check
+CVE-2024-44177 (A privacy issue was addressed by removing sensitive data. This issue i ...)
+	TODO: check
+CVE-2024-44176 (An out-of-bounds access issue was addressed with improved bounds check ...)
+	TODO: check
+CVE-2024-44171 (This issue was addressed through improved state management. This issue ...)
+	TODO: check
+CVE-2024-44170 (A privacy issue was addressed by moving sensitive data to a more secur ...)
+	TODO: check
+CVE-2024-44169 (The issue was addressed with improved memory handling. This issue is f ...)
+	TODO: check
+CVE-2024-44168 (A library injection issue was addressed with additional restrictions.  ...)
+	TODO: check
+CVE-2024-44167 (This issue was addressed by removing the vulnerable code. This issue i ...)
+	TODO: check
+CVE-2024-44166 (A privacy issue was addressed with improved private data redaction for ...)
+	TODO: check
+CVE-2024-44165 (A logic issue was addressed with improved checks. This issue is fixed  ...)
+	TODO: check
+CVE-2024-44164 (This issue was addressed with improved checks. This issue is fixed in  ...)
+	TODO: check
+CVE-2024-44163 (The issue was addressed with improved checks. This issue is fixed in m ...)
+	TODO: check
+CVE-2024-44162 (This issue was addressed by enabling hardened runtime. This issue is f ...)
+	TODO: check
+CVE-2024-44161 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
+	TODO: check
+CVE-2024-44160 (A buffer overflow issue was addressed with improved memory handling. T ...)
+	TODO: check
+CVE-2024-44158 (This issue was addressed with improved redaction of sensitive informat ...)
+	TODO: check
+CVE-2024-44154 (A memory initialization issue was addressed with improved memory handl ...)
+	TODO: check
+CVE-2024-44153 (The issue was addressed with improved permissions logic. This issue is ...)
+	TODO: check
+CVE-2024-44152 (A privacy issue was addressed with improved private data redaction for ...)
+	TODO: check
+CVE-2024-44151 (A permissions issue was addressed with additional restrictions. This i ...)
+	TODO: check
+CVE-2024-44149 (A permissions issue was addressed with additional restrictions. This i ...)
+	TODO: check
+CVE-2024-44148 (This issue was addressed with improved validation of file attributes.  ...)
+	TODO: check
+CVE-2024-44147 (This issue was addressed through improved state management. This issue ...)
+	TODO: check
+CVE-2024-44146 (A logic issue was addressed with improved file handling. This issue is ...)
+	TODO: check
+CVE-2024-44139 (The issue was addressed with improved checks. This issue is fixed in i ...)
+	TODO: check
+CVE-2024-44135 (A permissions issue was addressed with additional restrictions. This i ...)
+	TODO: check
+CVE-2024-44134 (This issue was addressed with improved redaction of sensitive informat ...)
+	TODO: check
+CVE-2024-44133 (This issue was addressed by removing the vulnerable code. This issue i ...)
+	TODO: check
+CVE-2024-44132 (This issue was addressed with improved handling of symlinks. This issu ...)
+	TODO: check
+CVE-2024-44131 (This issue was addressed with improved validation of symlinks. This is ...)
+	TODO: check
+CVE-2024-44130 (This issue was addressed with improved data protection. This issue is  ...)
+	TODO: check
+CVE-2024-44129 (The issue was addressed with improved checks. This issue is fixed in m ...)
+	TODO: check
+CVE-2024-44128 (This issue was addressed by adding an additional prompt for user conse ...)
+	TODO: check
+CVE-2024-44127 (This issue was addressed through improved state management. This issue ...)
+	TODO: check
+CVE-2024-44125 (The issue was addressed with improved checks. This issue is fixed in m ...)
+	TODO: check
+CVE-2024-44124 (This issue was addressed through improved state management. This issue ...)
+	TODO: check
+CVE-2024-40866 (The issue was addressed with improved UI. This issue is fixed in Safar ...)
+	TODO: check
+CVE-2024-40863 (This issue was addressed with improved data protection. This issue is  ...)
+	TODO: check
+CVE-2024-40862 (A privacy issue was addressed by removing sensitive data. This issue i ...)
+	TODO: check
+CVE-2024-40861 (The issue was addressed with improved checks. This issue is fixed in m ...)
+	TODO: check
+CVE-2024-40860 (A logic issue was addressed with improved checks. This issue is fixed  ...)
+	TODO: check
+CVE-2024-40859 (A permissions issue was addressed with additional restrictions. This i ...)
+	TODO: check
+CVE-2024-40857 (This issue was addressed through improved state management. This issue ...)
+	TODO: check
+CVE-2024-40856 (An integrity issue was addressed with Beacon Protection. This issue is ...)
+	TODO: check
+CVE-2024-40852 (This issue was addressed by restricting options offered on a locked de ...)
+	TODO: check
+CVE-2024-40850 (A file access issue was addressed with improved input validation. This ...)
+	TODO: check
+CVE-2024-40848 (A downgrade issue was addressed with additional code-signing restricti ...)
+	TODO: check
+CVE-2024-40847 (The issue was addressed with additional code-signing restrictions. Thi ...)
+	TODO: check
+CVE-2024-40846 (The issue was addressed with improved memory handling. This issue is f ...)
+	TODO: check
+CVE-2024-40845 (The issue was addressed with improved memory handling. This issue is f ...)
+	TODO: check
+CVE-2024-40844 (A privacy issue was addressed with improved handling of temporary file ...)
+	TODO: check
+CVE-2024-40843 (The issue was addressed with improved checks. This issue is fixed in m ...)
+	TODO: check
+CVE-2024-40842 (An issue was addressed with improved validation of environment variabl ...)
+	TODO: check
+CVE-2024-40841 (An out-of-bounds write issue was addressed with improved bounds checki ...)
+	TODO: check
+CVE-2024-40840 (This issue was addressed through improved state management. This issue ...)
+	TODO: check
+CVE-2024-40838 (A privacy issue was addressed by moving sensitive data to a protected  ...)
+	TODO: check
+CVE-2024-40837 (A permissions issue was addressed with additional restrictions. This i ...)
+	TODO: check
+CVE-2024-40831 (A permissions issue was addressed with additional restrictions. This i ...)
+	TODO: check
+CVE-2024-40830 (This issue was addressed with improved data protection. This issue is  ...)
+	TODO: check
+CVE-2024-40826 (A privacy issue was addressed with improved handling of files. This is ...)
+	TODO: check
+CVE-2024-40825 (The issue was addressed with improved checks. This issue is fixed in v ...)
+	TODO: check
+CVE-2024-40801 (A permissions issue was addressed with additional restrictions. This i ...)
+	TODO: check
+CVE-2024-40797 (This issue was addressed through improved state management. This issue ...)
+	TODO: check
+CVE-2024-40791 (A privacy issue was addressed with improved private data redaction for ...)
+	TODO: check
+CVE-2024-40790 (The issue was addressed with improved handling of caches. This issue i ...)
+	TODO: check
+CVE-2024-40770 (A permissions issue was addressed with additional restrictions. This i ...)
+	TODO: check
+CVE-2024-27880 (An out-of-bounds read issue was addressed with improved input validati ...)
+	TODO: check
+CVE-2024-27879 (The issue was addressed with improved bounds checks. This issue is fix ...)
+	TODO: check
+CVE-2024-27876 (A race condition was addressed with improved locking. This issue is fi ...)
+	TODO: check
+CVE-2024-27875 (A logic issue was addressed with improved state management. This issue ...)
+	TODO: check
+CVE-2024-27874 (This issue was addressed through improved state management. This issue ...)
+	TODO: check
+CVE-2024-27869 (The issue was addressed with improved checks. This issue is fixed in i ...)
+	TODO: check
+CVE-2024-27861 (The issue was addressed with improved memory handling. This issue is f ...)
+	TODO: check
+CVE-2024-27860 (The issue was addressed with improved memory handling. This issue is f ...)
+	TODO: check
+CVE-2024-27858 (A permissions issue was addressed with additional restrictions. This i ...)
+	TODO: check
+CVE-2024-27795 (A permissions issue was addressed with additional restrictions. This i ...)
+	TODO: check
+CVE-2024-23237 (The issue was addressed with improved memory handling. This issue is f ...)
+	TODO: check
 CVE-2024-8766 (Local privilege escalation due to DLL hijacking vulnerability. The fol ...)
 	NOT-FOR-US: Acronis Cyber Protect Cloud Agent (Windows)
 CVE-2024-8752 (The Windows version of WebIQ 2.15.9 is affected by a directory travers ...)
@@ -28,6 +246,7 @@ CVE-2024-45801 (DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer
 	NOTE: Fixed by: https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21 (3.1.3)
 	NOTE: Fixed by: https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc (2.5.3)
 CVE-2024-45800 (Snappymail is an open source web-based email client. SnappyMail uses t ...)
+	TODO: check
 CVE-2024-45799 (FluxCP is a web-based Control Panel for rAthena servers written in PHP ...)
 	NOT-FOR-US: rAthena FluxCP
 CVE-2024-44623 (An issue in TuomoKu SPx-GC v.1.3.0 and before allows a remote attacker ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1d8ffb3e3677953c35a88846f7cc86aa41192a11

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1d8ffb3e3677953c35a88846f7cc86aa41192a11
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240917/3aa98223/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list