Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: ef852fb3 by Moritz Muehlenhoff at 2024-05-04T20:46:09+02:00 bugnums - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -2252,10 +2252,10 @@ CVE-2024-0334 (The Jeg Elementor Kit plugin for WordPress is vulnerable to Store CVE-2023-7241 (Privilege Escalationin WRSA.EXE in Webroot Antivirus 8.0.1X- 9.0.35.12 ...) NOT-FOR-US: Webroot Antivirus CVE-2023-49606 (A use-after-free vulnerability exists in the HTTP Connection Headers p ...) - - tinyproxy <unfixed> + - tinyproxy <unfixed> (bug #1070395) NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1889 CVE-2023-47212 (A heap-based buffer overflow vulnerability exists in the comment funct ...) - - libstb <unfixed> + - libstb <unfixed> (bug #1070394) NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1846 CVE-2023-47166 (A firmware update vulnerability exists in the luci2-io file-import fun ...) NOT-FOR-US: Milesight UR32L @@ -2264,7 +2264,7 @@ CVE-2023-46295 (An issue was discovered in Teledyne FLIR M300 2.00-19. Unauthent CVE-2023-46294 (An issue was discovered in Teledyne FLIR M300 2.00-19. User account pa ...) NOT-FOR-US: Teledyne FLIR M300 CVE-2023-40533 (An uninitialized memory use vulnerability exists in Tinyproxy 1.11.1 w ...) - - tinyproxy <unfixed> + - tinyproxy <unfixed> (bug #1070395) NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1902 CVE-2024-27392 (In the Linux kernel, the following vulnerability has been resolved: n ...) - linux <not-affected> (Vulnerable code not present) @@ -3409,7 +3409,7 @@ CVE-2023-48684 (Sensitive information disclosure and manipulation due to missing CVE-2023-48683 (Sensitive information disclosure and manipulation due to missing autho ...) NOT-FOR-US: Acronis Cyber Protect Cloud Agent CVE-2023-46565 (Buffer Overflow vulnerability in osrg gobgp commit 419c50dfac578daa4d1 ...) - - gobgp <unfixed> + - gobgp <unfixed> (bug #1070393) NOTE: https://github.com/osrg/gobgp/issues/2725 CVE-2023-46270 (MacPaw The Unarchiver before 4.3.6 contains vulnerability related to m ...) NOT-FOR-US: MacPaw The Unarchiver @@ -22042,7 +22042,7 @@ CVE-2024-25909 (Unrestricted Upload of File with Dangerous Type vulnerability in CVE-2024-25770 (libming 0.4.8 contains a memory leak vulnerability in /libming/src/act ...) - ming <removed> CVE-2024-25768 (OpenDMARC 1.4.2 contains a null pointer dereference vulnerability in / ...) - - opendmarc <unfixed> + - opendmarc <unfixed> (bug #1070390) [bookworm] - opendmarc <no-dsa> (Minor issue) [bullseye] - opendmarc <no-dsa> (Minor issue) [buster] - opendmarc <no-dsa> (Minor issue) @@ -25146,7 +25146,7 @@ CVE-2024-25360 (A hidden interface in Motorola CX2L Router firmware v1.0.1 leaks NOT-FOR-US: Motorola CVE-2024-25112 (Exiv2 is a command-line utility and C++ library for reading, writing, ...) [experimental] - exiv2 0.28.2+dfsg-1 - - exiv2 <unfixed> + - exiv2 <unfixed> (bug #1070392) [bookworm] - exiv2 <no-dsa> (Minor issue) [bullseye] - exiv2 <no-dsa> (Minor issue) [buster] - exiv2 <no-dsa> (Minor issue) @@ -25174,7 +25174,7 @@ CVE-2024-24875 (Cross-Site Request Forgery (CSRF) vulnerability in Yannick Lefeb NOT-FOR-US: WordPress plugin CVE-2024-24826 (Exiv2 is a command-line utility and C++ library for reading, writing, ...) [experimental] - exiv2 0.28.2+dfsg-1 - - exiv2 <unfixed> + - exiv2 <unfixed> (bug #1070392) [bookworm] - exiv2 <no-dsa> (Minor issue) [bullseye] - exiv2 <no-dsa> (Minor issue) [buster] - exiv2 <no-dsa> (Minor issue) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ef852fb39e30f07a3c0071ee27a717b2881f7300 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ef852fb39e30f07a3c0071ee27a717b2881f7300 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits