Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d52480e8 by security tracker role at 2024-03-16T08:12:04+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,97 +1,163 @@
-CVE-2021-47135 [mt76: mt7921: fix possible AOOB issue in
mt7921_mcu_tx_rate_report]
+CVE-2024-2514 (A vulnerability classified as critical was found in MAGESH-K21
Online- ...)
+ TODO: check
+CVE-2024-2308 (The ElementInvader Addons for Elementor plugin for WordPress is
vulner ...)
+ TODO: check
+CVE-2024-2294 (The Backuply \u2013 Backup, Restore, Migrate and Clone plugin
for Word ...)
+ TODO: check
+CVE-2024-2042 (The ElementsKit Elementor addons plugin for WordPress is
vulnerable to ...)
+ TODO: check
+CVE-2024-28862 (The Ruby One Time Password library (ROTP) is an open source
library fo ...)
+ TODO: check
+CVE-2024-28859 (Symfony1 is a community fork of symfony 1.4 with DIC, form
enhancement ...)
+ TODO: check
+CVE-2024-28640 (Buffer Overflow vulnerability in TOTOLink X5000R
V9.1.0u.6118-B2020110 ...)
+ TODO: check
+CVE-2024-28639 (Buffer Overflow vulnerability in TOTOLink X5000R
V9.1.0u.6118-B2020110 ...)
+ TODO: check
+CVE-2024-28070 (A vulnerability in the legacy chat component of Mitel
MiContact Center ...)
+ TODO: check
+CVE-2024-28069 (A vulnerability in the legacy chat component of Mitel
MiContact Center ...)
+ TODO: check
+CVE-2024-27197 (Cross-Site Request Forgery (CSRF) vulnerability in Bee
BeePress allows ...)
+ TODO: check
+CVE-2024-27195 (Cross-Site Request Forgery (CSRF) vulnerability in Sandi
Verdev Waterm ...)
+ TODO: check
+CVE-2024-27194 (Cross-Site Request Forgery (CSRF) vulnerability in Andrei
Ivasiuc Font ...)
+ TODO: check
+CVE-2024-24845 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
+ TODO: check
+CVE-2024-24156 (Cross Site Scripting (XSS) vulnerability in Gnuboard g6 before
Github ...)
+ TODO: check
+CVE-2024-23523 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
+ TODO: check
+CVE-2024-23298 (A logic issue was addressed with improved state management.)
+ TODO: check
+CVE-2024-22513 (djangorestframework-simplejwt version 5.3.1 and before is
vulnerable t ...)
+ TODO: check
+CVE-2024-22259 (Applications that use UriComponentsBuilder in Spring
Frameworkto parse ...)
+ TODO: check
+CVE-2024-1733 (The Word Replacer Pro plugin for WordPress is vulnerable to
unauthoriz ...)
+ TODO: check
+CVE-2024-1685 (The Social Media Share Buttons plugin for WordPress is
vulnerable to P ...)
+ TODO: check
+CVE-2024-1239 (The ElementsKit Elementor addons plugin for WordPress is
vulnerable to ...)
+ TODO: check
+CVE-2023-6525 (The ElementsKit Elementor addons plugin for WordPress is
vulnerable to ...)
+ TODO: check
+CVE-2023-51521 (Cross-Site Request Forgery (CSRF) vulnerability in ExpressTech
Quiz An ...)
+ TODO: check
+CVE-2023-51512 (Cross Site Request Forgery (CSRF) vulnerability in WBW Product
Table b ...)
+ TODO: check
+CVE-2023-51510 (Cross-Site Request Forgery (CSRF) vulnerability in Atlas
Gondal Export ...)
+ TODO: check
+CVE-2023-51491 (Cross-Site Request Forgery (CSRF) vulnerability in Averta
Depicter Sli ...)
+ TODO: check
+CVE-2023-51489 (Cross-Site Request Forgery (CSRF) vulnerability in Automattic,
Inc. Cr ...)
+ TODO: check
+CVE-2023-51487 (Cross-Site Request Forgery (CSRF) vulnerability in ARI Soft
ARI Stream ...)
+ TODO: check
+CVE-2023-51486 (Cross-Site Request Forgery (CSRF) vulnerability in RedNao
WooCommerce ...)
+ TODO: check
+CVE-2023-51474 (Cross-Site Request Forgery (CSRF) vulnerability in Pixelemu
TerraClass ...)
+ TODO: check
+CVE-2023-51407 (Cross-Site Request Forgery (CSRF) vulnerability in Rocket
Elements Spl ...)
+ TODO: check
+CVE-2023-36483 (An authorization bypass was discovered in the Carrier
MASmobile Classi ...)
+ TODO: check
+CVE-2021-47135 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/d874e6c06952382897d35bf4094193cd44ae91bd (5.13-rc5)
-CVE-2021-47134 [efi/fdt: fix panic when no valid fdt found]
+CVE-2021-47134 (In the Linux kernel, the following vulnerability has been
resolved: e ...)
- linux 5.10.46-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/668a84c1bfb2b3fd5a10847825a854d63fac7baa (5.13-rc5)
-CVE-2021-47133 [HID: amd_sfh: Fix memory leak in amd_sfh_work]
+CVE-2021-47133 (In the Linux kernel, the following vulnerability has been
resolved: H ...)
- linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/5ad755fd2b326aa2bc8910b0eb351ee6aece21b1 (5.13-rc5)
-CVE-2021-47132 [mptcp: fix sk_forward_memory corruption on retransmission]
+CVE-2021-47132 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/b5941f066b4ca331db225a976dae1d6ca8cf0ae3 (5.13-rc5)
-CVE-2021-47131 [net/tls: Fix use-after-free after the TLS device goes down and
up]
+CVE-2021-47131 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 5.10.46-1
NOTE:
https://git.kernel.org/linus/c55dcdd435aa6c6ad6ccac0a4c636d010ee367a4 (5.13-rc5)
-CVE-2021-47130 [nvmet: fix freeing unallocated p2pmem]
+CVE-2021-47130 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 5.10.46-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/bcd9a0797d73eeff659582f23277e7ab6e5f18f3 (5.13-rc5)
-CVE-2021-47129 [netfilter: nft_ct: skip expectations for confirmed conntrack]
+CVE-2021-47129 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 5.10.46-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/1710eb913bdcda3917f44d383c32de6bdabfc836 (5.13-rc5)
-CVE-2021-47128 [bpf, lockdown, audit: Fix buggy SELinux lockdown permission
checks]
+CVE-2021-47128 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 5.10.46-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/ff40e51043af63715ab413995ff46996ecf9583f (5.13-rc5)
-CVE-2021-47127 [ice: track AF_XDP ZC enabled queues in bitmap]
+CVE-2021-47127 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/e102db780e1c14f10c70dafa7684af22a745b51d (5.13-rc5)
-CVE-2021-47126 [ipv6: Fix KASAN: slab-out-of-bounds Read in
fib6_nh_flush_exceptions]
+CVE-2021-47126 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 5.10.46-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/821bbf79fe46a8b1d18aa456e8ed0a3c208c3754 (5.13-rc5)
-CVE-2021-47125 [sch_htb: fix refcount leak in htb_parent_to_leaf_offload]
+CVE-2021-47125 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/944d671d5faa0d78980a3da5c0f04960ef1ad893 (5.13-rc5)
-CVE-2021-47124 [io_uring: fix link timeout refs]
+CVE-2021-47124 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 5.14.6-1
[bullseye] - linux 5.10.70-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/a298232ee6b9a1d5d732aa497ff8be0d45b5bd82 (5.13-rc2)
-CVE-2021-47123 [io_uring: fix ltout double free on completion race]
+CVE-2021-47123 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/447c19f3b5074409c794b350b10306e1da1ef4ba (5.13-rc2)
-CVE-2021-47122 [net: caif: fix memory leak in caif_device_notify]
+CVE-2021-47122 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 5.10.46-1
[buster] - linux 4.19.194-1
NOTE:
https://git.kernel.org/linus/b53558a950a89824938e9811eddfc8efcd94e1bb (5.13-rc5)
-CVE-2021-47121 [net: caif: fix memory leak in cfusbl_device_notify]
+CVE-2021-47121 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 5.10.46-1
[buster] - linux 4.19.194-1
NOTE:
https://git.kernel.org/linus/7f5d86669fa4d485523ddb1d212e0a2d90bd62bb (5.13-rc5)
-CVE-2021-47120 [HID: magicmouse: fix NULL-deref on disconnect]
+CVE-2021-47120 (In the Linux kernel, the following vulnerability has been
resolved: H ...)
- linux 5.10.46-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/4b4f6cecca446abcb686c6e6c451d4f1ec1a7497 (5.13-rc5)
-CVE-2021-47119 [ext4: fix memory leak in ext4_fill_super]
+CVE-2021-47119 (In the Linux kernel, the following vulnerability has been
resolved: e ...)
- linux 5.10.46-1
NOTE:
https://git.kernel.org/linus/afd09b617db3786b6ef3dc43e28fe728cfea84df (5.13-rc5)
-CVE-2021-47118 [pid: take a reference when initializing `cad_pid`]
+CVE-2021-47118 (In the Linux kernel, the following vulnerability has been
resolved: p ...)
- linux 5.10.46-1
[buster] - linux 4.19.194-1
NOTE:
https://git.kernel.org/linus/0711f0d7050b9e07c44bc159bbc64ac0a1022c7f (5.13-rc5)
-CVE-2021-47117 [ext4: fix bug on in ext4_es_cache_extent as
ext4_split_extent_at failed]
+CVE-2021-47117 (In the Linux kernel, the following vulnerability has been
resolved: e ...)
- linux 5.10.46-1
[buster] - linux 4.19.194-1
NOTE:
https://git.kernel.org/linus/082cd4ec240b8734a82a89ffb890216ac98fec68 (5.13-rc5)
-CVE-2021-47116 [ext4: fix memory leak in ext4_mb_init_backend on error path.]
+CVE-2021-47116 (In the Linux kernel, the following vulnerability has been
resolved: e ...)
- linux 5.10.46-1
NOTE:
https://git.kernel.org/linus/a8867f4e3809050571c98de7a2d465aff5e4daf5 (5.13-rc5)
-CVE-2021-47115 [nfc: fix NULL ptr dereference in llcp_sock_getname() after
failed connect]
+CVE-2021-47115 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 5.10.46-1
[buster] - linux 4.19.194-1
NOTE:
https://git.kernel.org/linus/4ac06a1e013cf5fdd963317ffd3b968560f33bba (5.13-rc5)
-CVE-2021-47114 [ocfs2: fix data corruption by fallocate]
+CVE-2021-47114 (In the Linux kernel, the following vulnerability has been
resolved: o ...)
- linux 5.10.46-1
[buster] - linux 4.19.194-1
NOTE:
https://git.kernel.org/linus/6bba4471f0cc1296fe3c2089b9e52442d3074b2e (5.13-rc5)
-CVE-2021-47113 [btrfs: abort in rename_exchange if we fail to insert the
second ref]
+CVE-2021-47113 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 5.10.46-1
NOTE:
https://git.kernel.org/linus/dc09ef3562726cd520c8338c1640872a60187af5 (5.13-rc5)
-CVE-2021-47112 [x86/kvm: Teardown PV features on boot CPU as well]
+CVE-2021-47112 (In the Linux kernel, the following vulnerability has been
resolved: x ...)
- linux 5.10.46-1
NOTE:
https://git.kernel.org/linus/8b79feffeca28c5459458fe78676b081e87c93a4 (5.13-rc2)
-CVE-2021-47111 [xen-netback: take a reference to the RX task thread]
+CVE-2021-47111 (In the Linux kernel, the following vulnerability has been
resolved: x ...)
- linux 5.10.46-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/107866a8eb0b664675a260f1ba0655010fac1e08 (5.13-rc6)
-CVE-2021-47110 [x86/kvm: Disable kvmclock on all CPUs on shutdown]
+CVE-2021-47110 (In the Linux kernel, the following vulnerability has been
resolved: x ...)
- linux 5.10.46-1
NOTE:
https://git.kernel.org/linus/c02027b5742b5aa804ef08a4a9db433295533046 (5.13-rc2)
-CVE-2021-47109 [neighbour: allow NUD_NOARP entries to be forced GCed]
+CVE-2021-47109 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 5.10.46-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/7a6b1ab7475fd6478eeaf5c9d1163e7a18125c8f (5.13-rc7)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d52480e8cf8f326b605955977c6c8c7c004b032b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d52480e8cf8f326b605955977c6c8c7c004b032b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
