Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: d52480e8 by security tracker role at 2024-03-16T08:12:04+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,97 +1,163 @@ -CVE-2021-47135 [mt76: mt7921: fix possible AOOB issue in mt7921_mcu_tx_rate_report] +CVE-2024-2514 (A vulnerability classified as critical was found in MAGESH-K21 Online- ...) + TODO: check +CVE-2024-2308 (The ElementInvader Addons for Elementor plugin for WordPress is vulner ...) + TODO: check +CVE-2024-2294 (The Backuply \u2013 Backup, Restore, Migrate and Clone plugin for Word ...) + TODO: check +CVE-2024-2042 (The ElementsKit Elementor addons plugin for WordPress is vulnerable to ...) + TODO: check +CVE-2024-28862 (The Ruby One Time Password library (ROTP) is an open source library fo ...) + TODO: check +CVE-2024-28859 (Symfony1 is a community fork of symfony 1.4 with DIC, form enhancement ...) + TODO: check +CVE-2024-28640 (Buffer Overflow vulnerability in TOTOLink X5000R V9.1.0u.6118-B2020110 ...) + TODO: check +CVE-2024-28639 (Buffer Overflow vulnerability in TOTOLink X5000R V9.1.0u.6118-B2020110 ...) + TODO: check +CVE-2024-28070 (A vulnerability in the legacy chat component of Mitel MiContact Center ...) + TODO: check +CVE-2024-28069 (A vulnerability in the legacy chat component of Mitel MiContact Center ...) + TODO: check +CVE-2024-27197 (Cross-Site Request Forgery (CSRF) vulnerability in Bee BeePress allows ...) + TODO: check +CVE-2024-27195 (Cross-Site Request Forgery (CSRF) vulnerability in Sandi Verdev Waterm ...) + TODO: check +CVE-2024-27194 (Cross-Site Request Forgery (CSRF) vulnerability in Andrei Ivasiuc Font ...) + TODO: check +CVE-2024-24845 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...) + TODO: check +CVE-2024-24156 (Cross Site Scripting (XSS) vulnerability in Gnuboard g6 before Github ...) + TODO: check +CVE-2024-23523 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...) + TODO: check +CVE-2024-23298 (A logic issue was addressed with improved state management.) + TODO: check +CVE-2024-22513 (djangorestframework-simplejwt version 5.3.1 and before is vulnerable t ...) + TODO: check +CVE-2024-22259 (Applications that use UriComponentsBuilder in Spring Frameworkto parse ...) + TODO: check +CVE-2024-1733 (The Word Replacer Pro plugin for WordPress is vulnerable to unauthoriz ...) + TODO: check +CVE-2024-1685 (The Social Media Share Buttons plugin for WordPress is vulnerable to P ...) + TODO: check +CVE-2024-1239 (The ElementsKit Elementor addons plugin for WordPress is vulnerable to ...) + TODO: check +CVE-2023-6525 (The ElementsKit Elementor addons plugin for WordPress is vulnerable to ...) + TODO: check +CVE-2023-51521 (Cross-Site Request Forgery (CSRF) vulnerability in ExpressTech Quiz An ...) + TODO: check +CVE-2023-51512 (Cross Site Request Forgery (CSRF) vulnerability in WBW Product Table b ...) + TODO: check +CVE-2023-51510 (Cross-Site Request Forgery (CSRF) vulnerability in Atlas Gondal Export ...) + TODO: check +CVE-2023-51491 (Cross-Site Request Forgery (CSRF) vulnerability in Averta Depicter Sli ...) + TODO: check +CVE-2023-51489 (Cross-Site Request Forgery (CSRF) vulnerability in Automattic, Inc. Cr ...) + TODO: check +CVE-2023-51487 (Cross-Site Request Forgery (CSRF) vulnerability in ARI Soft ARI Stream ...) + TODO: check +CVE-2023-51486 (Cross-Site Request Forgery (CSRF) vulnerability in RedNao WooCommerce ...) + TODO: check +CVE-2023-51474 (Cross-Site Request Forgery (CSRF) vulnerability in Pixelemu TerraClass ...) + TODO: check +CVE-2023-51407 (Cross-Site Request Forgery (CSRF) vulnerability in Rocket Elements Spl ...) + TODO: check +CVE-2023-36483 (An authorization bypass was discovered in the Carrier MASmobile Classi ...) + TODO: check +CVE-2021-47135 (In the Linux kernel, the following vulnerability has been resolved: m ...) - linux <not-affected> (Vulnerable code not present) NOTE: https://git.kernel.org/linus/d874e6c06952382897d35bf4094193cd44ae91bd (5.13-rc5) -CVE-2021-47134 [efi/fdt: fix panic when no valid fdt found] +CVE-2021-47134 (In the Linux kernel, the following vulnerability has been resolved: e ...) - linux 5.10.46-1 [buster] - linux <not-affected> (Vulnerable code not present) NOTE: https://git.kernel.org/linus/668a84c1bfb2b3fd5a10847825a854d63fac7baa (5.13-rc5) -CVE-2021-47133 [HID: amd_sfh: Fix memory leak in amd_sfh_work] +CVE-2021-47133 (In the Linux kernel, the following vulnerability has been resolved: H ...) - linux <not-affected> (Vulnerable code not present) NOTE: https://git.kernel.org/linus/5ad755fd2b326aa2bc8910b0eb351ee6aece21b1 (5.13-rc5) -CVE-2021-47132 [mptcp: fix sk_forward_memory corruption on retransmission] +CVE-2021-47132 (In the Linux kernel, the following vulnerability has been resolved: m ...) - linux <not-affected> (Vulnerable code not present) NOTE: https://git.kernel.org/linus/b5941f066b4ca331db225a976dae1d6ca8cf0ae3 (5.13-rc5) -CVE-2021-47131 [net/tls: Fix use-after-free after the TLS device goes down and up] +CVE-2021-47131 (In the Linux kernel, the following vulnerability has been resolved: n ...) - linux 5.10.46-1 NOTE: https://git.kernel.org/linus/c55dcdd435aa6c6ad6ccac0a4c636d010ee367a4 (5.13-rc5) -CVE-2021-47130 [nvmet: fix freeing unallocated p2pmem] +CVE-2021-47130 (In the Linux kernel, the following vulnerability has been resolved: n ...) - linux 5.10.46-1 [buster] - linux <not-affected> (Vulnerable code not present) NOTE: https://git.kernel.org/linus/bcd9a0797d73eeff659582f23277e7ab6e5f18f3 (5.13-rc5) -CVE-2021-47129 [netfilter: nft_ct: skip expectations for confirmed conntrack] +CVE-2021-47129 (In the Linux kernel, the following vulnerability has been resolved: n ...) - linux 5.10.46-1 [buster] - linux <not-affected> (Vulnerable code not present) NOTE: https://git.kernel.org/linus/1710eb913bdcda3917f44d383c32de6bdabfc836 (5.13-rc5) -CVE-2021-47128 [bpf, lockdown, audit: Fix buggy SELinux lockdown permission checks] +CVE-2021-47128 (In the Linux kernel, the following vulnerability has been resolved: b ...) - linux 5.10.46-1 [buster] - linux <not-affected> (Vulnerable code not present) NOTE: https://git.kernel.org/linus/ff40e51043af63715ab413995ff46996ecf9583f (5.13-rc5) -CVE-2021-47127 [ice: track AF_XDP ZC enabled queues in bitmap] +CVE-2021-47127 (In the Linux kernel, the following vulnerability has been resolved: i ...) - linux <not-affected> (Vulnerable code not present) NOTE: https://git.kernel.org/linus/e102db780e1c14f10c70dafa7684af22a745b51d (5.13-rc5) -CVE-2021-47126 [ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions] +CVE-2021-47126 (In the Linux kernel, the following vulnerability has been resolved: i ...) - linux 5.10.46-1 [buster] - linux <not-affected> (Vulnerable code not present) NOTE: https://git.kernel.org/linus/821bbf79fe46a8b1d18aa456e8ed0a3c208c3754 (5.13-rc5) -CVE-2021-47125 [sch_htb: fix refcount leak in htb_parent_to_leaf_offload] +CVE-2021-47125 (In the Linux kernel, the following vulnerability has been resolved: s ...) - linux <not-affected> (Vulnerable code not present) NOTE: https://git.kernel.org/linus/944d671d5faa0d78980a3da5c0f04960ef1ad893 (5.13-rc5) -CVE-2021-47124 [io_uring: fix link timeout refs] +CVE-2021-47124 (In the Linux kernel, the following vulnerability has been resolved: i ...) - linux 5.14.6-1 [bullseye] - linux 5.10.70-1 [buster] - linux <not-affected> (Vulnerable code not present) NOTE: https://git.kernel.org/linus/a298232ee6b9a1d5d732aa497ff8be0d45b5bd82 (5.13-rc2) -CVE-2021-47123 [io_uring: fix ltout double free on completion race] +CVE-2021-47123 (In the Linux kernel, the following vulnerability has been resolved: i ...) - linux <not-affected> (Vulnerable code not present) NOTE: https://git.kernel.org/linus/447c19f3b5074409c794b350b10306e1da1ef4ba (5.13-rc2) -CVE-2021-47122 [net: caif: fix memory leak in caif_device_notify] +CVE-2021-47122 (In the Linux kernel, the following vulnerability has been resolved: n ...) - linux 5.10.46-1 [buster] - linux 4.19.194-1 NOTE: https://git.kernel.org/linus/b53558a950a89824938e9811eddfc8efcd94e1bb (5.13-rc5) -CVE-2021-47121 [net: caif: fix memory leak in cfusbl_device_notify] +CVE-2021-47121 (In the Linux kernel, the following vulnerability has been resolved: n ...) - linux 5.10.46-1 [buster] - linux 4.19.194-1 NOTE: https://git.kernel.org/linus/7f5d86669fa4d485523ddb1d212e0a2d90bd62bb (5.13-rc5) -CVE-2021-47120 [HID: magicmouse: fix NULL-deref on disconnect] +CVE-2021-47120 (In the Linux kernel, the following vulnerability has been resolved: H ...) - linux 5.10.46-1 [buster] - linux <not-affected> (Vulnerable code not present) NOTE: https://git.kernel.org/linus/4b4f6cecca446abcb686c6e6c451d4f1ec1a7497 (5.13-rc5) -CVE-2021-47119 [ext4: fix memory leak in ext4_fill_super] +CVE-2021-47119 (In the Linux kernel, the following vulnerability has been resolved: e ...) - linux 5.10.46-1 NOTE: https://git.kernel.org/linus/afd09b617db3786b6ef3dc43e28fe728cfea84df (5.13-rc5) -CVE-2021-47118 [pid: take a reference when initializing `cad_pid`] +CVE-2021-47118 (In the Linux kernel, the following vulnerability has been resolved: p ...) - linux 5.10.46-1 [buster] - linux 4.19.194-1 NOTE: https://git.kernel.org/linus/0711f0d7050b9e07c44bc159bbc64ac0a1022c7f (5.13-rc5) -CVE-2021-47117 [ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed] +CVE-2021-47117 (In the Linux kernel, the following vulnerability has been resolved: e ...) - linux 5.10.46-1 [buster] - linux 4.19.194-1 NOTE: https://git.kernel.org/linus/082cd4ec240b8734a82a89ffb890216ac98fec68 (5.13-rc5) -CVE-2021-47116 [ext4: fix memory leak in ext4_mb_init_backend on error path.] +CVE-2021-47116 (In the Linux kernel, the following vulnerability has been resolved: e ...) - linux 5.10.46-1 NOTE: https://git.kernel.org/linus/a8867f4e3809050571c98de7a2d465aff5e4daf5 (5.13-rc5) -CVE-2021-47115 [nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect] +CVE-2021-47115 (In the Linux kernel, the following vulnerability has been resolved: n ...) - linux 5.10.46-1 [buster] - linux 4.19.194-1 NOTE: https://git.kernel.org/linus/4ac06a1e013cf5fdd963317ffd3b968560f33bba (5.13-rc5) -CVE-2021-47114 [ocfs2: fix data corruption by fallocate] +CVE-2021-47114 (In the Linux kernel, the following vulnerability has been resolved: o ...) - linux 5.10.46-1 [buster] - linux 4.19.194-1 NOTE: https://git.kernel.org/linus/6bba4471f0cc1296fe3c2089b9e52442d3074b2e (5.13-rc5) -CVE-2021-47113 [btrfs: abort in rename_exchange if we fail to insert the second ref] +CVE-2021-47113 (In the Linux kernel, the following vulnerability has been resolved: b ...) - linux 5.10.46-1 NOTE: https://git.kernel.org/linus/dc09ef3562726cd520c8338c1640872a60187af5 (5.13-rc5) -CVE-2021-47112 [x86/kvm: Teardown PV features on boot CPU as well] +CVE-2021-47112 (In the Linux kernel, the following vulnerability has been resolved: x ...) - linux 5.10.46-1 NOTE: https://git.kernel.org/linus/8b79feffeca28c5459458fe78676b081e87c93a4 (5.13-rc2) -CVE-2021-47111 [xen-netback: take a reference to the RX task thread] +CVE-2021-47111 (In the Linux kernel, the following vulnerability has been resolved: x ...) - linux 5.10.46-1 [buster] - linux <not-affected> (Vulnerable code not present) NOTE: https://git.kernel.org/linus/107866a8eb0b664675a260f1ba0655010fac1e08 (5.13-rc6) -CVE-2021-47110 [x86/kvm: Disable kvmclock on all CPUs on shutdown] +CVE-2021-47110 (In the Linux kernel, the following vulnerability has been resolved: x ...) - linux 5.10.46-1 NOTE: https://git.kernel.org/linus/c02027b5742b5aa804ef08a4a9db433295533046 (5.13-rc2) -CVE-2021-47109 [neighbour: allow NUD_NOARP entries to be forced GCed] +CVE-2021-47109 (In the Linux kernel, the following vulnerability has been resolved: n ...) - linux 5.10.46-1 [buster] - linux <not-affected> (Vulnerable code not present) NOTE: https://git.kernel.org/linus/7a6b1ab7475fd6478eeaf5c9d1163e7a18125c8f (5.13-rc7) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d52480e8cf8f326b605955977c6c8c7c004b032b -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d52480e8cf8f326b605955977c6c8c7c004b032b You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits