Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
53671dca by security tracker role at 2024-01-23T08:11:54+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,85 @@
+CVE-2024-23842 (Improper Input Validation in Hitron Systems DVR LGUVR-16H
1.02~4.02 al ...)
+ TODO: check
+CVE-2024-23678 (In Splunk Enterprise for Windows versions below 9.0.8 and
9.1.3, Splun ...)
+ TODO: check
+CVE-2024-23677 (In Splunk Enterprise versions below 9.0.8, the Splunk
RapidDiag utilit ...)
+ TODO: check
+CVE-2024-23676 (In Splunk versions below 9.0.8 and 9.1.3, the
\u201cmrollup\u201d SPL ...)
+ TODO: check
+CVE-2024-23675 (In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk
app key va ...)
+ TODO: check
+CVE-2024-23345 (Nautobot is a Network Source of Truth and Network Automation
Platform ...)
+ TODO: check
+CVE-2024-23342 (The `ecdsa` PyPI package is a pure Python implementation of
ECC (Ellip ...)
+ TODO: check
+CVE-2024-23340 (@hono/node-server is an adapter that allows users to run Hono
applicat ...)
+ TODO: check
+CVE-2024-23339 (hoolock is a suite of lightweight utilities designed to
maintain a sma ...)
+ TODO: check
+CVE-2024-23224 (The issue was addressed with improved checks. This issue is
fixed in m ...)
+ TODO: check
+CVE-2024-23223 (A privacy issue was addressed with improved handling of files.
This is ...)
+ TODO: check
+CVE-2024-23222 (A type confusion issue was addressed with improved checks.
This issue ...)
+ TODO: check
+CVE-2024-23219 (The issue was addressed with improved authentication. This
issue is fi ...)
+ TODO: check
+CVE-2024-23218 (A timing side-channel issue was addressed with improvements to
constan ...)
+ TODO: check
+CVE-2024-23217 (A privacy issue was addressed with improved handling of
temporary file ...)
+ TODO: check
+CVE-2024-23215 (An issue was addressed with improved handling of temporary
files. This ...)
+ TODO: check
+CVE-2024-23214 (Multiple memory corruption issues were addressed with improved
memory ...)
+ TODO: check
+CVE-2024-23213 (The issue was addressed with improved memory handling. This
issue is f ...)
+ TODO: check
+CVE-2024-23212 (The issue was addressed with improved memory handling. This
issue is f ...)
+ TODO: check
+CVE-2024-23211 (A privacy issue was addressed with improved handling of user
preferenc ...)
+ TODO: check
+CVE-2024-23210 (This issue was addressed with improved redaction of sensitive
informat ...)
+ TODO: check
+CVE-2024-23209 (The issue was addressed with improved memory handling. This
issue is f ...)
+ TODO: check
+CVE-2024-23208 (The issue was addressed with improved memory handling. This
issue is f ...)
+ TODO: check
+CVE-2024-23207 (This issue was addressed with improved redaction of sensitive
informat ...)
+ TODO: check
+CVE-2024-23206 (An access issue was addressed with improved access
restrictions. This ...)
+ TODO: check
+CVE-2024-23204 (The issue was addressed with additional permissions checks.
This issue ...)
+ TODO: check
+CVE-2024-23203 (The issue was addressed with additional permissions checks.
This issue ...)
+ TODO: check
+CVE-2024-22772 (Improper Input Validation in Hitron Systems DVR LGUVR-8H
1.02~4.02 all ...)
+ TODO: check
+CVE-2024-22771 (Improper Input Validation in Hitron Systems DVR LGUVR-4H
1.02~4.02 all ...)
+ TODO: check
+CVE-2024-22770 (Improper Input Validation in Hitron Systems DVR HVR-16781
1.03~4.02 al ...)
+ TODO: check
+CVE-2024-22769 (Improper Input Validation in Hitron Systems DVR HVR-8781
1.03~4.02 all ...)
+ TODO: check
+CVE-2024-22768 (Improper Input Validation in Hitron Systems DVR HVR-4781
1.03~4.02 all ...)
+ TODO: check
+CVE-2024-0587 (The AMP for WP \u2013 Accelerated Mobile Pages plugin for
WordPress is ...)
+ TODO: check
+CVE-2023-47141 (IIBM Db2 for Linux, UNIX and Windows (includes Db2 Connect
Server) 11. ...)
+ TODO: check
+CVE-2023-42937 (A privacy issue was addressed with improved private data
redaction for ...)
+ TODO: check
+CVE-2023-42935 (An authentication issue was addressed with improved state
management. ...)
+ TODO: check
+CVE-2023-42915 (Multiple issues were addressed by updating to curl version
8.4.0. This ...)
+ TODO: check
+CVE-2023-42888 (The issue was addressed with improved checks. This issue is
fixed in i ...)
+ TODO: check
+CVE-2023-42887 (An access issue was addressed with additional sandbox
restrictions. Th ...)
+ TODO: check
+CVE-2023-42881 (The issue was addressed with improved memory handling. This
issue is f ...)
+ TODO: check
+CVE-2023-40528 (This issue was addressed by removing the vulnerable code. This
issue i ...)
+ TODO: check
CVE-2024-22895 (DedeCMS 5.7.112 has a File Upload vulnerability via
uploads/dede/modul ...)
NOT-FOR-US: DedeCMS
CVE-2024-22233 (In Spring Framework versions 6.0.15 and 6.1.2, it is possible
for a us ...)
@@ -13258,7 +13340,7 @@ CVE-2023-39198 (A race condition was found in the QXL
driver in the Linux kernel
- linux 6.4.13-1
[bookworm] - linux 6.1.52-1
NOTE:
https://git.kernel.org/linus/c611589b4259ed63b9b77be6872b1ce07ec0ac16 (6.5-rc7)
-CVE-2023-39197
+CVE-2023-39197 (An out-of-bounds read vulnerability was found in Netfilter
Connection ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
@@ -61148,8 +61230,8 @@ CVE-2023-24137
RESERVED
CVE-2023-24136
RESERVED
-CVE-2023-24135
- RESERVED
+CVE-2023-24135 (Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was
discovered to c ...)
+ TODO: check
CVE-2023-24134 (Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was
discovered to c ...)
NOT-FOR-US: Jensen of Scandinavia Eagle 1200AC
CVE-2023-24133 (Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was
discovered to c ...)
@@ -163826,8 +163908,8 @@ CVE-2021-42143
RESERVED
CVE-2021-42142
RESERVED
-CVE-2021-42141
- RESERVED
+CVE-2021-42141 (An issue was discovered in Contiki-NG tinyDTLS through
2018-08-30. One ...)
+ TODO: check
CVE-2021-42140
RESERVED
CVE-2021-42139 (Deno Standard Modules before 0.107.0 allows Code Injection via
an untr ...)
@@ -263270,7 +263352,7 @@ CVE-2020-14500 (Secomea GateManager all versions
prior to 9.2c, An attacker can
NOT-FOR-US: Secomea GateManager
CVE-2020-14499 (Advantech iView, versions 5.6 and prior, has an improper
access contro ...)
NOT-FOR-US: Advantech
-CVE-2020-14498 (HMS Industrial Networks AB eCatcher all versions prior to
6.5.5. The a ...)
+CVE-2020-14498 (HMS Industrial Networks AB eCatcher all versions prior to
6.5.5 is vul ...)
NOT-FOR-US: HMS Industrial Networks AB eCatche
CVE-2020-14497 (Advantech iView, versions 5.6 and prior, contains multiple SQL
injecti ...)
NOT-FOR-US: Advantech
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/53671dca8fdbd65c70856a743bbc39d26777e708
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/53671dca8fdbd65c70856a743bbc39d26777e708
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
