Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
91a552af by security tracker role at 2024-01-12T08:12:02+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,130 @@
-CVE-2024-0443
+CVE-2024-23179 (An issue was discovered in the GlobalBlocking extension in
MediaWiki b ...)
+ TODO: check
+CVE-2024-23178 (An issue was discovered in the Phonos extension in MediaWiki
before 1. ...)
+ TODO: check
+CVE-2024-23177 (An issue was discovered in the WatchAnalytics extension in
MediaWiki b ...)
+ TODO: check
+CVE-2024-23174 (An issue was discovered in the PageTriage extension in
MediaWiki befor ...)
+ TODO: check
+CVE-2024-23173 (An issue was discovered in the Cargo extension in MediaWiki
before 1.3 ...)
+ TODO: check
+CVE-2024-23172 (An issue was discovered in the CheckUser extension in
MediaWiki before ...)
+ TODO: check
+CVE-2024-23171 (An issue was discovered in the CampaignEvents extension in
MediaWiki b ...)
+ TODO: check
+CVE-2024-22027 (Improper input validation vulnerability in WordPress Quiz
Maker Plugin ...)
+ TODO: check
+CVE-2024-21982 (ONTAP versions 9.4 and higher are susceptible to a
vulnerability whic ...)
+ TODO: check
+CVE-2024-21617 (An Incomplete Cleanup vulnerability in Nonstop active routing
(NSR) co ...)
+ TODO: check
+CVE-2024-21616 (An Improper Validation of Syntactic Correctness of Input
vulnerability ...)
+ TODO: check
+CVE-2024-21614 (An Improper Check for Unusual or Exceptional Conditions
vulnerability ...)
+ TODO: check
+CVE-2024-21613 (A Missing Release of Memory after Effective Lifetime
vulnerability in ...)
+ TODO: check
+CVE-2024-21612 (An Improper Handling of Syntactically Invalid Structure
vulnerability ...)
+ TODO: check
+CVE-2024-21611 (A Missing Release of Memory after Effective Lifetime
vulnerability in ...)
+ TODO: check
+CVE-2024-21607 (An Unsupported Feature in the UI vulnerability in Juniper
Networks Jun ...)
+ TODO: check
+CVE-2024-21606 (A Double Free vulnerability in the flow processing daemon
(flowd) of J ...)
+ TODO: check
+CVE-2024-21604 (An Allocation of Resources Without Limits or Throttling
vulnerability ...)
+ TODO: check
+CVE-2024-21603 (An Improper Check for Unusual or Exceptional Conditions
vulnerability ...)
+ TODO: check
+CVE-2024-21602 (A NULL Pointer Dereference vulnerability in Juniper Networks
Junos OS ...)
+ TODO: check
+CVE-2024-21601 (A Concurrent Execution using Shared Resource with Improper
Synchroniza ...)
+ TODO: check
+CVE-2024-21600 (An Improper Neutralization of Equivalent Special Elements
vulnerabilit ...)
+ TODO: check
+CVE-2024-21599 (A Missing Release of Memory after Effective Lifetime
vulnerability in ...)
+ TODO: check
+CVE-2024-21597 (An Exposure of Resource to Wrong Sphere vulnerability in the
Packet Fo ...)
+ TODO: check
+CVE-2024-21596 (A Heap-based Buffer Overflow vulnerability in the Routing
Protocol Dae ...)
+ TODO: check
+CVE-2024-21595 (An Improper Validation of Syntactic Correctness of Input
vulnerability ...)
+ TODO: check
+CVE-2024-21594 (A Heap-based Buffer Overflow vulnerability in the Network
Services Dae ...)
+ TODO: check
+CVE-2024-21591 (An Out-of-bounds Write vulnerability in J-Web of Juniper
Networks Juno ...)
+ TODO: check
+CVE-2024-21589 (An Improper Access Control vulnerability in the Juniper
Networks Parag ...)
+ TODO: check
+CVE-2024-21587 (An Improper Handling of Exceptional Conditions vulnerability
in the br ...)
+ TODO: check
+CVE-2024-21585 (An Improper Handling of Exceptional Conditions vulnerability
in BGP se ...)
+ TODO: check
+CVE-2024-21337 (Microsoft Edge (Chromium-based) Elevation of Privilege
Vulnerability)
+ TODO: check
+CVE-2024-20675 (Microsoft Edge (Chromium-based) Security Feature Bypass
Vulnerability)
+ TODO: check
+CVE-2024-0454 (ELAN Match-on-Chip FPR solution has design fault about
potential risk ...)
+ TODO: check
+CVE-2024-0426 (A vulnerability, which was classified as critical, has been
found in F ...)
+ TODO: check
+CVE-2024-0393
+ REJECTED
+CVE-2023-7226 (A vulnerability was found in meetyoucrop big-whale 1.1 and
classified ...)
+ TODO: check
+CVE-2023-6740 (Privilege escalation in jar_signature agent plugin in Checkmk
before 2 ...)
+ TODO: check
+CVE-2023-6735 (Privilege escalation in mk_tsm agent plugin in Checkmk before
2.2.0p17 ...)
+ TODO: check
+CVE-2023-6040 (An out-of-bounds access vulnerability involving netfilter was
reported ...)
+ TODO: check
+CVE-2023-52339 (In libebml before 1.4.5, an integer overflow in
MemIOCallback.cpp can ...)
+ TODO: check
+CVE-2023-51350 (A spoofing attack in ujcms v.8.0.2 allows a remote attacker to
obtain ...)
+ TODO: check
+CVE-2023-50920 (An issue was discovered on GL.iNet devices before version
4.5.0. They ...)
+ TODO: check
+CVE-2023-50919 (An issue was discovered on GL.iNet devices before version
4.5.0. There ...)
+ TODO: check
+CVE-2023-50129 (Missing encryption in the NFC tags of the Flient Smart Door
Lock v1.0 ...)
+ TODO: check
+CVE-2023-50128 (The remote keyless system of the Hozard alarm system
(alarmsystemen) v ...)
+ TODO: check
+CVE-2023-50127 (Hozard alarm system (Alarmsysteem) v1.0 is vulnerable to
Improper Auth ...)
+ TODO: check
+CVE-2023-50126 (Missing encryption in the RFID tags of the Hozard alarm system
(Alarms ...)
+ TODO: check
+CVE-2023-50125 (A default engineer password set on the Hozard alarm system
(Alarmsyste ...)
+ TODO: check
+CVE-2023-50124 (Flient Smart Door Lock v1.0 is vulnerable to Use of Default
Credential ...)
+ TODO: check
+CVE-2023-50123 (The number of attempts to bring the Hozard Alarm system
(alarmsystemen ...)
+ TODO: check
+CVE-2023-46474 (File Upload vulnerability PMB v.7.4.8 allows a remote attacker
to exec ...)
+ TODO: check
+CVE-2023-40362 (An issue was discovered in CentralSquare Click2Gov Building
Permit bef ...)
+ TODO: check
+CVE-2023-40250 (Buffer Copy without Checking Size of Input ('Classic Buffer
Overflow') ...)
+ TODO: check
+CVE-2023-37117 (A heap-use-after-free vulnerability was found in live555
version 2023. ...)
+ TODO: check
+CVE-2023-36842 (An Improper Check for Unusual or Exceptional Conditions
vulnerability ...)
+ TODO: check
+CVE-2023-34061 (Cloud Foundry routing release versions from v0.163.0 to
v0.283.0 are v ...)
+ TODO: check
+CVE-2022-4961 (A vulnerability was found in Weitong Mall 1.0.0. It has been
declared ...)
+ TODO: check
+CVE-2022-4960 (A vulnerability, which was classified as problematic, has been
found i ...)
+ TODO: check
+CVE-2022-4959 (A vulnerability classified as problematic was found in qkmc-rk
redbbs ...)
+ TODO: check
+CVE-2022-48620 (uev (aka libuev) before 2.4.1 has a buffer overflow in
epoll_wait if m ...)
+ TODO: check
+CVE-2022-48619 (An issue was discovered in drivers/input/input.c in the Linux
kernel b ...)
+ TODO: check
+CVE-2016-20021 (In Gentoo Portage before 3.0.47, there is missing PGP
validation of ex ...)
+ TODO: check
+CVE-2024-0443 (A flaw was found in the blkgs destruction path in
block/blk-cgroup.c i ...)
- linux 6.3.11-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
@@ -4394,7 +4520,7 @@ CVE-2023-32725 (The website configured in the URL widget
will receive a session
CVE-2023-32230 (An improper handling of a malformed API request to an API
server in Bo ...)
NOT-FOR-US: Bosch
CVE-2023-48795 (The SSH transport protocol with certain OpenSSH extensions,
found in O ...)
- {DSA-5591-1 DSA-5588-1 DSA-5586-1 DLA-3694-1}
+ {DSA-5601-1 DSA-5600-1 DSA-5599-1 DSA-5591-1 DSA-5588-1 DSA-5586-1
DLA-3694-1}
- dropbear <unfixed> (bug #1059001)
[bookworm] - dropbear <no-dsa> (Minor issue)
[bullseye] - dropbear <no-dsa> (Minor issue)
@@ -11414,7 +11540,7 @@ CVE-2023-4249 (Zavio CF7500, CF7300, CF7201, CF7501,
CB3211, CB3212, CB5220, CB
NOT-FOR-US: Zavio
CVE-2023-47613 (A CWE-23: Relative Path Traversal vulnerability exists in
Telit Cinter ...)
NOT-FOR-US: Telit Cinterion
-CVE-2023-47489 (An issue in Combodo iTop v.3.1.0-2-11973 allows a local
attacker to ex ...)
+CVE-2023-47489 (CSV injection in export as csv in Combodo iTop v.3.1.0-2-11973
allows ...)
NOT-FOR-US: Combodo iTop
CVE-2023-47488 (Cross Site Scripting vulnerability in Combodo iTop
v.3.1.0-2-11973 all ...)
NOT-FOR-US: Combodo iTop
@@ -37487,8 +37613,8 @@ CVE-2023-31213 (Auth. (contributor+) Stored Cross-Site
Scripting (XSS) vulnerabi
NOT-FOR-US: WordPress plugin
CVE-2023-31212 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-31211
- RESERVED
+CVE-2023-31211 (Insufficient authentication flow in Checkmk before 2.2.0p17,
2.1.0p37 ...)
+ TODO: check
CVE-2023-31210 (Usage of user controlled LD_LIBRARY_PATH in agent in Checkmk
2.2.0p10 ...)
- check-mk <removed>
CVE-2023-31209 (Improper neutralization of active check command arguments in
Checkmk < ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/91a552afe26808dcf6c3a7ee1d9e482c6af879dc
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/91a552afe26808dcf6c3a7ee1d9e482c6af879dc
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
