[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Sep 30 21:12:50 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ccc1f310 by security tracker role at 2024-09-30T20:12:43+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,70 @@
-CVE-2024-46869 [Bluetooth: btintel_pcie: Allocate memory for driver private data]
+CVE-2024-9158 (A stored cross site scripting vulnerability exists in Nessus Network M ...)
+ TODO: check
+CVE-2024-6394 (A Local File Inclusion vulnerability exists in parisneo/lollms-webui v ...)
+ TODO: check
+CVE-2024-6051 (Cross Application Scripting vulnerability in Vercom S.A. Redlink SDKin ...)
+ TODO: check
+CVE-2024-47641 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-47536 (Citizen is a MediaWiki skin that makes extensions part of the cohesive ...)
+ TODO: check
+CVE-2024-47532 (RestrictedPython is a restricted execution environment for Python to r ...)
+ TODO: check
+CVE-2024-47531 (Scout is a web-based visualizer for VCF-files. Due to the lack of sani ...)
+ TODO: check
+CVE-2024-47530 (Scout is a web-based visualizer for VCF-files. Open redirect vulnerabi ...)
+ TODO: check
+CVE-2024-47178 (basic-auth-connect is Connect's Basic Auth middleware in its own modul ...)
+ TODO: check
+CVE-2024-47172 (Computer Vision Annotation Tool (CVAT) is an interactive video and ima ...)
+ TODO: check
+CVE-2024-47067 (AList is a file list program that supports multiple storages. AList co ...)
+ TODO: check
+CVE-2024-47064 (Computer Vision Annotation Tool (CVAT) is an interactive video and ima ...)
+ TODO: check
+CVE-2024-47063 (Computer Vision Annotation Tool (CVAT) is an interactive video and ima ...)
+ TODO: check
+CVE-2024-46635 (An issue in the API endpoint /AccountMaster/GetCurrentUserInfo of INRO ...)
+ TODO: check
+CVE-2024-46549 (An issue in the TP-Link MQTT Broker and API gateway of TP-Link Kasa KP ...)
+ TODO: check
+CVE-2024-46548 (TP-Link Tapo P125M and Kasa KP125M v1.0.3 was discovered to improperly ...)
+ TODO: check
+CVE-2024-46540 (A remote code execution (RCE) vulnerability in the component /admin/st ...)
+ TODO: check
+CVE-2024-46511 (LoadZilla LLC LoadLogic v1.4.3 was discovered to contain insecure perm ...)
+ TODO: check
+CVE-2024-46510 (ESAFENET CDG v5 was discovered to contain a SQL injection vulnerabilit ...)
+ TODO: check
+CVE-2024-46475 (A reflected cross-site scripting (XSS) vulnerability on the homepage o ...)
+ TODO: check
+CVE-2024-46313 (TP-Link WR941ND V6 has a stack overflow vulnerability in the ssid para ...)
+ TODO: check
+CVE-2024-46293 (Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to In ...)
+ TODO: check
+CVE-2024-46280 (PIX-LINK LV-WR22 RE3002-P1-01_V117.0 is vulnerable to Improper Access ...)
+ TODO: check
+CVE-2024-45993 (Giflib Project v5.2.2 is vulnerable to a heap buffer overflow via gif2 ...)
+ TODO: check
+CVE-2024-45920 (A Stored Cross-Site Scripting (XSS) vulnerability in Solvait 24.4.2 al ...)
+ TODO: check
+CVE-2024-45792 (Mantis Bug Tracker (MantisBT) is an open source issue tracker. Using a ...)
+ TODO: check
+CVE-2024-42017 (An issue was discovered in Atos Eviden iCare 2.7.1 through 2.7.11. The ...)
+ TODO: check
+CVE-2024-35495 (An Information Disclosure vulnerability in the Telemetry component in ...)
+ TODO: check
+CVE-2024-28813 (An issue was discovered in Infinera hiT 7300 5.60.50. Undocumented pri ...)
+ TODO: check
+CVE-2024-28812 (An issue was discovered in Infinera hiT 7300 5.60.50. A hidden SSH ser ...)
+ TODO: check
+CVE-2024-28811 (An issue was discovered in Infinera hiT 7300 5.60.50. A web applicatio ...)
+ TODO: check
+CVE-2024-28810 (An issue was discovered in Infinera hiT 7300 5.60.50. Sensitive inform ...)
+ TODO: check
+CVE-2024-28809 (An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storag ...)
+ TODO: check
+CVE-2024-46869 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
@@ -49,7 +115,7 @@ CVE-2024-3635 (The Post Grid WordPress plugin before 7.5.0 does not sanitise an
NOT-FOR-US: WordPress plugin
CVE-2024-9327 (A vulnerability was found in code-projects Blood Bank System 1.0. It h ...)
NOT-FOR-US: code-projects Blood Bank System
-CVE-2024-45772
+CVE-2024-45772 (Deserialization of Untrusted Data vulnerability in Apache Lucene Repli ...)
NOT-FOR-US: Apache Lucene Replicator
CVE-2024-9326 (A vulnerability classified as critical was found in PHPGurukul Online ...)
NOT-FOR-US: PHPGurukul
@@ -1585,7 +1651,8 @@ CVE-2024-8883 (A misconfiguration flaw was found in Keycloak. This issue can all
NOT-FOR-US: Keycloak
CVE-2024-8698 (A flaw exists in the SAML signature validation method within the Keycl ...)
NOT-FOR-US: Keycloak
-CVE-2024-7207 (A flaw was found in Envoy. It is possible to modify or manipulate head ...)
+CVE-2024-7207
+ REJECTED
- envoyproxy <itp> (bug #987544)
CVE-2024-45410 (Traefik is a golang, Cloud Native Application Proxy. When a HTTP reque ...)
- traefik <itp> (bug #983289)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ccc1f310df1ef2cf8006549b30a59740d25ec233
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ccc1f310df1ef2cf8006549b30a59740d25ec233
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240930/f08cf889/attachment.htm>
More information about the debian-security-tracker-commits
mailing list