Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
db127650 by security tracker role at 2024-05-30T20:11:53+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,393 +1,503 @@
-CVE-2024-36959 [pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map()]
+CVE-2024-5537
+ REJECTED
+CVE-2024-5521 (Two Cross-Site Scripting vulnerabilities have been discovered
in Alkac ...)
+ TODO: check
+CVE-2024-5520 (Two Cross-Site Scripting vulnerabilities have been discovered
in Alkac ...)
+ TODO: check
+CVE-2024-5519 (A vulnerability classified as critical was found in
ItsourceCode Learn ...)
+ TODO: check
+CVE-2024-5518 (A vulnerability classified as critical has been found in
itsourcecode ...)
+ TODO: check
+CVE-2024-5517 (A vulnerability was found in itsourcecode Online Blood Bank
Management ...)
+ TODO: check
+CVE-2024-5516 (A vulnerability was found in itsourcecode Online Blood Bank
Management ...)
+ TODO: check
+CVE-2024-5515 (A vulnerability was found in SourceCodester Stock Management
System 1. ...)
+ TODO: check
+CVE-2024-5326 (The Post Grid Gutenberg Blocks and WordPress Blog Plugin \u2013
PostX ...)
+ TODO: check
+CVE-2024-5271 (Fuji Electric Monitouch V-SFT is vulnerable to an out-of-bounds
write ...)
+ TODO: check
+CVE-2024-4842
+ REJECTED
+CVE-2024-4668 (The Gum Elementor Addon plugin for WordPress is vulnerable to
Stored C ...)
+ TODO: check
+CVE-2024-4427 (The Comparison Slider plugin for WordPress is vulnerable to
unauthoriz ...)
+ TODO: check
+CVE-2024-4426 (The Comparison Slider plugin for WordPress is vulnerable to
Cross-Site ...)
+ TODO: check
+CVE-2024-4422 (The Comparison Slider plugin for WordPress is vulnerable to
Stored Cro ...)
+ TODO: check
+CVE-2024-4355 (The Block Bad Bots and Stop Bad Bots Crawlers and Spiders and
Anti Spa ...)
+ TODO: check
+CVE-2024-4330 (A path traversal vulnerability was identified in the
parisneo/lollms-w ...)
+ TODO: check
+CVE-2024-3924 (A code injection vulnerability exists in the
huggingface/text-generati ...)
+ TODO: check
+CVE-2024-3584 (qdrant/qdrant version 1.9.0-dev is vulnerable to path traversal
due to ...)
+ TODO: check
+CVE-2024-3583 (The Simple Like Page Plugin plugin for WordPress is vulnerable
to Stor ...)
+ TODO: check
+CVE-2024-3301 (An unsafe .NET object deserialization vulnerability in DELMIA
Apriso R ...)
+ TODO: check
+CVE-2024-3300 (An unsafe .NET object deserialization vulnerability in DELMIA
Apriso R ...)
+ TODO: check
+CVE-2024-36118 (MeterSphere is a test management and interface testing tool.
In affect ...)
+ TODO: check
+CVE-2024-35504 (A cross-site scripting (XSS) vulnerability in the login page
of FineSo ...)
+ TODO: check
+CVE-2024-35469 (A SQL injection vulnerability in /hrm/user/ in SourceCodester
Human Re ...)
+ TODO: check
+CVE-2024-35468 (A SQL injection vulnerability in /hrm/index.php in
SourceCodester Huma ...)
+ TODO: check
+CVE-2024-35433 (ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Incorrect
Access Contro ...)
+ TODO: check
+CVE-2024-35432 (ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Cross Site
Scripting (X ...)
+ TODO: check
+CVE-2024-35431 (ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory
Traversal via ...)
+ TODO: check
+CVE-2024-35430 (In ZKTeco ZKBio CVSecurity v6.1.1 an authenticated user can
bypass pas ...)
+ TODO: check
+CVE-2024-35429 (ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory
Traversal via ...)
+ TODO: check
+CVE-2024-35428 (ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory
Traversal via ...)
+ TODO: check
+CVE-2024-35359 (A vulnerability has been discovered in Di\xf1o Physics School
Assistan ...)
+ TODO: check
+CVE-2024-35358 (A vulnerability has been discovered in Di\xf1o Physics School
Assistan ...)
+ TODO: check
+CVE-2024-35357 (A vulnerability has been discovered in Di\xf1o Physics School
Assistan ...)
+ TODO: check
+CVE-2024-35356 (A vulnerability has been discovered in Di\xf1o Physics School
Assistan ...)
+ TODO: check
+CVE-2024-35355 (A vulnerability has been discovered in Di\xf1o Physics School
Assistan ...)
+ TODO: check
+CVE-2024-35354 (A vulnerability has been discovered in Di\xf1o Physics School
Assistan ...)
+ TODO: check
+CVE-2024-35353 (A vulnerability has been discovered in Di\xf1o Physics School
Assistan ...)
+ TODO: check
+CVE-2024-35352 (A vulnerability has been discovered in Di\xf1o Physics School
Assistan ...)
+ TODO: check
+CVE-2024-35351 (A vulnerability has been discovered in Di\xf1o Physics School
Assistan ...)
+ TODO: check
+CVE-2024-35350 (A vulnerability has been discovered in Di\xf1o Physics School
Assistan ...)
+ TODO: check
+CVE-2024-35349 (A vulnerability has been discovered in Di\xf1o Physics School
Assistan ...)
+ TODO: check
+CVE-2024-35345 (A vulnerability has been discovered in Di\xf1o Physics School
Assistan ...)
+ TODO: check
+CVE-2024-35228 (Wagtail is an open source content management system built on
Django. D ...)
+ TODO: check
+CVE-2024-35189 (Fides is an open-source privacy engineering platform. The
Fides webser ...)
+ TODO: check
+CVE-2024-34171 (Fuji Electric Monitouch V-SFT is vulnerable to a stack-based
buffer o ...)
+ TODO: check
+CVE-2024-32877 (Yii 2 is a PHP application framework. During internal
penetration test ...)
+ TODO: check
+CVE-2024-32029
+ REJECTED
+CVE-2024-2657 (The Font Farsi plugin for WordPress is vulnerable to Stored
Cross-Site ...)
+ TODO: check
+CVE-2024-2422 (LenelS2 NetBox access control and event monitoring system was
discover ...)
+ TODO: check
+CVE-2024-2421 (LenelS2 NetBox access control and event monitoring system was
discover ...)
+ TODO: check
+CVE-2024-2420 (LenelS2 NetBox access control and event monitoring system was
discover ...)
+ TODO: check
+CVE-2024-2089 (The Remote Content Shortcode plugin for WordPress is vulnerable
to Sto ...)
+ TODO: check
+CVE-2024-1100 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2024-36959 (In the Linux kernel, the following vulnerability has been
resolved: p ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/a0cedbcc8852d6c77b00634b81e41f17f29d9404 (6.9-rc7)
-CVE-2024-36958 [NFSD: Fix nfsd4_encode_fattr4() crasher]
+CVE-2024-36958 (In the Linux kernel, the following vulnerability has been
resolved: N ...)
- linux 6.8.11-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/18180a4550d08be4eb0387fe83f02f703f92d4e7 (6.9-rc7)
-CVE-2024-36957 [octeontx2-af: avoid off-by-one read from userspace]
+CVE-2024-36957 (In the Linux kernel, the following vulnerability has been
resolved: o ...)
- linux 6.8.11-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/f299ee709fb45036454ca11e90cb2810fe771878 (6.9-rc7)
-CVE-2024-36956 [thermal/debugfs: Free all thermal zone debug memory on zone
removal]
+CVE-2024-36956 (In the Linux kernel, the following vulnerability has been
resolved: t ...)
- linux 6.8.11-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/72c1afffa4c645fe0e0f1c03e5f34395ed65b5f4 (6.9-rc7)
-CVE-2024-36955 [ALSA: hda: intel-sdw-acpi: fix usage of
device_get_named_child_node()]
+CVE-2024-36955 (In the Linux kernel, the following vulnerability has been
resolved: A ...)
- linux 6.8.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/c158cf914713efc3bcdc25680c7156c48c12ef6a (6.9-rc7)
-CVE-2024-36954 [tipc: fix a possible memleak in tipc_buf_append]
+CVE-2024-36954 (In the Linux kernel, the following vulnerability has been
resolved: t ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/97bf6f81b29a8efaf5d0983251a7450e5794370d (6.9-rc7)
-CVE-2024-36953 [KVM: arm64: vgic-v2: Check for non-NULL vCPU in
vgic_v2_parse_attr()]
+CVE-2024-36953 (In the Linux kernel, the following vulnerability has been
resolved: K ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/6ddb4f372fc63210034b903d96ebbeb3c7195adb (6.9-rc7)
-CVE-2024-36952 [scsi: lpfc: Move NPIV's transport unregistration to after
resource clean up]
+CVE-2024-36952 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/4ddf01f2f1504fa08b766e8cfeec558e9f8eef6c (6.9-rc2)
-CVE-2024-36951 [drm/amdkfd: range check cp bad op exception interrupts]
+CVE-2024-36951 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/0cac183b98d8a8c692c98e8dba37df15a9e9210d (6.9-rc2)
-CVE-2024-36950 [firewire: ohci: mask bus reset interrupts between ISR and
bottom half]
+CVE-2024-36950 (In the Linux kernel, the following vulnerability has been
resolved: f ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/752e3c53de0fa3b7d817a83050b6699b8e9c6ec9 (6.9-rc3)
-CVE-2024-36949 [amd/amdkfd: sync all devices to wait all processes being
evicted]
+CVE-2024-36949 (In the Linux kernel, the following vulnerability has been
resolved: a ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/d06af584be5a769d124b7302b32a033e9559761d (6.9-rc4)
-CVE-2024-36948 [drm/xe/xe_migrate: Cast to output precision before multiplying
operands]
+CVE-2024-36948 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/9cb46b31f3d08ed3fce86349e8c12f96d7c88717 (6.9-rc4)
-CVE-2024-36947 [qibfs: fix dentry leak]
+CVE-2024-36947 (In the Linux kernel, the following vulnerability has been
resolved: q ...)
- linux 6.8.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/aa23317d0268b309bb3f0801ddd0d61813ff5afb (6.9)
-CVE-2024-36946 [phonet: fix rtm_phonet_notify() skb allocation]
+CVE-2024-36946 (In the Linux kernel, the following vulnerability has been
resolved: p ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/d8cac8568618dcb8a51af3db1103e8d4cc4aeea7 (6.9)
-CVE-2024-36945 [net/smc: fix neighbour and rtable leak in smc_ib_find_route()]
+CVE-2024-36945 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.8.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/2ddc0dd7fec86ee53b8928a5cca5fbddd4fc7c06 (6.9)
-CVE-2024-36944 [Reapply "drm/qxl: simplify qxl_fence_wait"]
+CVE-2024-36944 (In the Linux kernel, the following vulnerability has been
resolved: R ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/3628e0383dd349f02f882e612ab6184e4bb3dc10 (6.9)
-CVE-2024-36943 [fs/proc/task_mmu: fix loss of young/dirty bits during pagemap
scan]
+CVE-2024-36943 (In the Linux kernel, the following vulnerability has been
resolved: f ...)
- linux 6.8.11-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/c70dce4982ce1718bf978a35f8e26160b82081f4 (6.9)
-CVE-2024-36942 [Bluetooth: qca: fix firmware check error path]
+CVE-2024-36942 (In the Linux kernel, the following vulnerability has been
resolved: B ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/40d442f969fb1e871da6fca73d3f8aef1f888558 (6.9)
-CVE-2024-36941 [wifi: nl80211: don't free NULL coalescing rule]
+CVE-2024-36941 (In the Linux kernel, the following vulnerability has been
resolved: w ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/801ea33ae82d6a9d954074fbcf8ea9d18f1543a7 (6.9-rc6)
-CVE-2024-36940 [pinctrl: core: delete incorrect free in pinctrl_enable()]
+CVE-2024-36940 (In the Linux kernel, the following vulnerability has been
resolved: p ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/5038a66dad0199de60e5671603ea6623eb9e5c79 (6.9-rc7)
-CVE-2024-36939 [nfs: Handle error of rpc_proc_register() in nfs_net_init().]
+CVE-2024-36939 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/24457f1be29f1e7042e50a7749f5c2dde8c433c8 (6.9-rc7)
-CVE-2024-36938 [bpf, skmsg: Fix NULL pointer dereference in
sk_psock_skb_ingress_enqueue]
+CVE-2024-36938 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 6.8.11-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/6648e613226e18897231ab5e42ffc29e63fa3365 (6.9-rc7)
-CVE-2024-36937 [xdp: use flags field to disambiguate broadcast redirect]
+CVE-2024-36937 (In the Linux kernel, the following vulnerability has been
resolved: x ...)
- linux 6.8.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/5bcf0dcbf9066348058b88a510c57f70f384c92c (6.9-rc7)
-CVE-2024-36936 [efi/unaccepted: touch soft lockup during memory accept]
+CVE-2024-36936 (In the Linux kernel, the following vulnerability has been
resolved: e ...)
- linux 6.8.11-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/1c5a1627f48105cbab81d25ec2f72232bfaa8185 (6.9-rc7)
-CVE-2024-36935 [ice: ensure the copied buf is NUL terminated]
+CVE-2024-36935 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 6.8.11-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/666854ea9cad844f75a068f32812a2d78004914a (6.9-rc7)
-CVE-2024-36934 [bna: ensure the copied buf is NUL terminated]
+CVE-2024-36934 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/8c34096c7fdf272fd4c0c37fe411cd2e3ed0ee9f (6.9-rc7)
-CVE-2024-36933 [nsh: Restore skb->{protocol,data,mac_header} for outer header
in nsh_gso_segment().]
+CVE-2024-36933 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/4b911a9690d72641879ea6d13cce1de31d346d79 (6.9-rc7)
-CVE-2024-36932 [thermal/debugfs: Prevent use-after-free from occurring after
cdev removal]
+CVE-2024-36932 (In the Linux kernel, the following vulnerability has been
resolved: t ...)
- linux 6.8.11-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/d351eb0ab04c3e8109895fc33250cebbce9c11da (6.9-rc7)
-CVE-2024-36931 [s390/cio: Ensure the copied buf is NUL terminated]
+CVE-2024-36931 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.8.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/da7c622cddd4fe36be69ca61e8c42e43cde94784 (6.9-rc7)
-CVE-2024-36930 [spi: fix null pointer dereference within spi_sync]
+CVE-2024-36930 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.8.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/4756fa529b2f12b7cb8f21fe229b0f6f47190829 (6.9-rc7)
-CVE-2024-36929 [net: core: reject skb_copy(_expand) for fraglist GSO skbs]
+CVE-2024-36929 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.8.11-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/d091e579b864fa790dd6a0cd537a22c383126681 (6.9-rc7)
-CVE-2024-36928 [s390/qeth: Fix kernel panic after setting hsuid]
+CVE-2024-36928 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.8.11-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/8a2e4d37afb8500b276e5ee903dee06f50ab0494 (6.9-rc7)
-CVE-2024-36927 [ipv4: Fix uninit-value access in __ip_make_skb()]
+CVE-2024-36927 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/fc1092f51567277509563800a3c56732070b6aa4 (6.9-rc7)
-CVE-2024-36926 [powerpc/pseries/iommu: LPAR panics during boot up with a
frozen PE]
+CVE-2024-36926 (In the Linux kernel, the following vulnerability has been
resolved: p ...)
- linux 6.8.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/49a940dbdc3107fecd5e6d3063dc07128177e058 (6.9-rc7)
-CVE-2024-36925 [swiotlb: initialise restricted pool list_head when
SWIOTLB_DYNAMIC=y]
+CVE-2024-36925 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.8.11-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/75961ffb5cb3e5196f19cae7683f35cc88b50800 (6.9-rc7)
-CVE-2024-36924 [scsi: lpfc: Release hbalock before calling
lpfc_worker_wake_up()]
+CVE-2024-36924 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/ded20192dff31c91cef2a04f7e20e60e9bb887d3 (6.9-rc2)
-CVE-2024-36923 [fs/9p: fix uninitialized values during inode evict]
+CVE-2024-36923 (In the Linux kernel, the following vulnerability has been
resolved: f ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/6630036b7c228f57c7893ee0403e92c2db2cd21d (6.9-rc2)
-CVE-2024-36922 [wifi: iwlwifi: read txq->read_ptr under lock]
+CVE-2024-36922 (In the Linux kernel, the following vulnerability has been
resolved: w ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/c2ace6300600c634553657785dfe5ea0ed688ac2 (6.9-rc2)
-CVE-2024-36921 [wifi: iwlwifi: mvm: guard against invalid STA ID on removal]
+CVE-2024-36921 (In the Linux kernel, the following vulnerability has been
resolved: w ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/17f64517bf5c26af56b6c3566273aad6646c3c4f (6.9-rc2)
-CVE-2024-36920 [scsi: mpi3mr: Avoid memcpy field-spanning write WARNING]
+CVE-2024-36920 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/429846b4b6ce9853e0d803a2357bb2e55083adf0 (6.9-rc2)
-CVE-2024-36919 [scsi: bnx2fc: Remove spin_lock_bh while releasing resources
after upload]
+CVE-2024-36919 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/c214ed2a4dda35b308b0b28eed804d7ae66401f9 (6.9-rc2)
-CVE-2024-36918 [bpf: Check bloom filter map value size]
+CVE-2024-36918 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/a8d89feba7e54e691ca7c4efc2a6264fa83f3687 (6.9-rc2)
-CVE-2024-36917 [block: fix overflow in blk_ioctl_discard()]
+CVE-2024-36917 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/22d24a544b0d49bbcbd61c8c0eaf77d3c9297155 (6.9-rc3)
-CVE-2024-36916 [blk-iocost: avoid out of bounds shift]
+CVE-2024-36916 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/beaa51b36012fad5a4d3c18b88a617aea7a9b96d (6.9-rc4)
-CVE-2024-36915 [nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies]
+CVE-2024-36915 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/7a87441c9651ba37842f4809224aca13a554a26f (6.9-rc4)
-CVE-2024-36914 [drm/amd/display: Skip on writeback when it's not applicable]
+CVE-2024-36914 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/ecedd99a9369fb5cde601ae9abd58bca2739f1ae (6.9-rc4)
-CVE-2024-36913 [Drivers: hv: vmbus: Leak pages if set_memory_encrypted() fails]
+CVE-2024-36913 (In the Linux kernel, the following vulnerability has been
resolved: D ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/03f5a999adba062456c8c818a683beb1b498983a (6.9-rc4)
-CVE-2024-36912 [Drivers: hv: vmbus: Track decrypted status in vmbus_gpadl]
+CVE-2024-36912 (In the Linux kernel, the following vulnerability has been
resolved: D ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/211f514ebf1ef5de37b1cf6df9d28a56cfd242ca (6.9-rc4)
-CVE-2024-36911 [hv_netvsc: Don't free decrypted memory]
+CVE-2024-36911 (In the Linux kernel, the following vulnerability has been
resolved: h ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/bbf9ac34677b57506a13682b31a2a718934c0e31 (6.9-rc4)
-CVE-2024-36910 [uio_hv_generic: Don't free decrypted memory]
+CVE-2024-36910 (In the Linux kernel, the following vulnerability has been
resolved: u ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/3d788b2fbe6a1a1a9e3db09742b90809d51638b7 (6.9-rc4)
-CVE-2024-36909 [Drivers: hv: vmbus: Don't free ring buffers that couldn't be
re-encrypted]
+CVE-2024-36909 (In the Linux kernel, the following vulnerability has been
resolved: D ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/30d18df6567be09c1433e81993e35e3da573ac48 (6.9-rc4)
-CVE-2024-36908 [blk-iocost: do not WARN if iocg was already offlined]
+CVE-2024-36908 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/01bc4fda9ea0a6b52f12326486f07a4910666cf6 (6.9-rc5)
-CVE-2024-36907 [SUNRPC: add a missing rpc_stat for TCP TLS]
+CVE-2024-36907 (In the Linux kernel, the following vulnerability has been
resolved: S ...)
- linux 6.8.11-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/8e088a20dbe33919695a8082c0b32deb62d23b4a (6.9-rc7)
-CVE-2024-36906 [ARM: 9381/1: kasan: clear stale stack poison]
+CVE-2024-36906 (In the Linux kernel, the following vulnerability has been
resolved: A ...)
- linux 6.8.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/c4238686f9093b98bd6245a348bcf059cdce23af (6.9)
-CVE-2024-36905 [tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets]
+CVE-2024-36905 (In the Linux kernel, the following vulnerability has been
resolved: t ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/94062790aedb505bdda209b10bea47b294d6394f (6.9)
-CVE-2024-36904 [tcp: Use refcount_inc_not_zero() in tcp_twsk_unique().]
+CVE-2024-36904 (In the Linux kernel, the following vulnerability has been
resolved: t ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/f2db7230f73a80dbb179deab78f88a7947f0ab7e (6.9)
-CVE-2024-36903 [ipv6: Fix potential uninit-value access in __ip6_make_skb()]
+CVE-2024-36903 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/4e13d3a9c25b7080f8a619f961e943fe08c2672c (6.9)
-CVE-2024-36902 [ipv6: fib6_rules: avoid possible NULL dereference in
fib6_rule_action()]
+CVE-2024-36902 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/d101291b2681e5ab938554e3e323f7a7ee33e3aa (6.9)
-CVE-2024-36901 [ipv6: prevent NULL dereference in ip6_output()]
+CVE-2024-36901 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/4db783d68b9b39a411a96096c10828ff5dfada7a (6.9)
-CVE-2024-36900 [net: hns3: fix kernel crash when devlink reload during
initialization]
+CVE-2024-36900 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.8.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/35d92abfbad88cf947c010baf34b075e40566095 (6.9)
-CVE-2024-36899 [gpiolib: cdev: Fix use after free in lineinfo_changed_notify]
+CVE-2024-36899 (In the Linux kernel, the following vulnerability has been
resolved: g ...)
- linux 6.8.11-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/02f6b0e1ec7e0e7d059dddc893645816552039da (6.9)
-CVE-2024-36898 [gpiolib: cdev: fix uninitialised kfifo]
+CVE-2024-36898 (In the Linux kernel, the following vulnerability has been
resolved: g ...)
- linux 6.8.11-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/ee0166b637a5e376118e9659e5b4148080f1d27e (6.9)
-CVE-2024-36897 [drm/amd/display: Atom Integrated System Info v2_2 for DCN35]
+CVE-2024-36897 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/9a35d205f466501dcfe5625ca313d944d0ac2d60 (6.9-rc7)
-CVE-2024-36896 [USB: core: Fix access violation during port device removal]
+CVE-2024-36896 (In the Linux kernel, the following vulnerability has been
resolved: U ...)
- linux 6.8.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/a4b46d450c49f32e9d4247b421e58083fde304ce (6.9-rc7)
-CVE-2024-36895 [usb: gadget: uvc: use correct buffer size when parsing
configfs lists]
+CVE-2024-36895 (In the Linux kernel, the following vulnerability has been
resolved: u ...)
- linux 6.8.11-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/650ae71c80749fc7cb8858c8049f532eaec64410 (6.9-rc7)
-CVE-2024-36894 [usb: gadget: f_fs: Fix race between aio_cancel() and AIO
request complete]
+CVE-2024-36894 (In the Linux kernel, the following vulnerability has been
resolved: u ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/24729b307eefcd7c476065cd7351c1a018082c19 (6.9-rc7)
-CVE-2024-36893 [usb: typec: tcpm: Check for port partner validity before
consuming it]
+CVE-2024-36893 (In the Linux kernel, the following vulnerability has been
resolved: u ...)
- linux 6.8.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/ae11f04b452b5205536e1c02d31f8045eba249dd (6.9-rc7)
-CVE-2024-36892 [mm/slub: avoid zeroing outside-object freepointer for single
free]
+CVE-2024-36892 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 6.8.11-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/8f828aa48812ced28aa39cb3cfe55ef2444d03dd (6.9)
-CVE-2024-36891 [maple_tree: fix mas_empty_area_rev() null pointer dereference]
+CVE-2024-36891 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 6.8.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/955a923d2809803980ff574270f81510112be9cf (6.9)
-CVE-2024-36890 [mm/slab: make __free(kfree) accept error pointers]
+CVE-2024-36890 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 6.8.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/cd7eb8f83fcf258f71e293f7fc52a70be8ed0128 (6.9)
-CVE-2024-36889 [mptcp: ensure snd_nxt is properly initialized on connect]
+CVE-2024-36889 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 6.8.11-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/fb7a0d334894206ae35f023a82cad5a290fd7386 (6.9-rc7)
-CVE-2024-36888 [workqueue: Fix selection of wake_cpu in kick_pool()]
+CVE-2024-36888 (In the Linux kernel, the following vulnerability has been
resolved: w ...)
- linux 6.8.11-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/57a01eafdcf78f6da34fad9ff075ed5dfdd9f420 (6.9-rc7)
-CVE-2024-36887 [e1000e: change usleep_range to udelay in PHY mdic access]
+CVE-2024-36887 (In the Linux kernel, the following vulnerability has been
resolved: e ...)
- linux 6.8.11-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/387f295cb2150ed164905b648d76dfcbd3621778 (6.9-rc7)
-CVE-2024-36886 [tipc: fix UAF in error path]
+CVE-2024-36886 (In the Linux kernel, the following vulnerability has been
resolved: t ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/080cbb890286cd794f1ee788bbc5463e2deb7c2b (6.9-rc7)
-CVE-2024-36885 [drm/nouveau/firmware: Fix SG_DEBUG error with
nvkm_firmware_ctor()]
+CVE-2024-36885 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/52a6947bf576b97ff8e14bb0a31c5eaf2d0d96e2 (6.9-rc7)
-CVE-2024-36884 [iommu/arm-smmu: Use the correct type in
nvidia_smmu_context_fault()]
+CVE-2024-36884 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 6.8.11-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/65ade5653f5ab5a21635e51d0c65e95f490f5b6f (6.9)
-CVE-2024-36883 [net: fix out-of-bounds access in ops_init]
+CVE-2024-36883 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/a26ff37e624d12e28077e5b24d2b264f62764ad6 (6.9)
-CVE-2024-36882 [mm: use memalloc_nofs_save() in page_cache_ra_order()]
+CVE-2024-36882 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 6.8.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/30153e4466647a17eebfced13eede5cbe4290e69 (6.9)
-CVE-2024-36881 [mm/userfaultfd: reset ptes when close() for wr-protected ones]
+CVE-2024-36881 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 6.8.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/c88033efe9a391e72ba6b5df4b01d6e628f4e734 (6.9)
-CVE-2024-36880 [Bluetooth: qca: add missing firmware sanity checks]
+CVE-2024-36880 (In the Linux kernel, the following vulnerability has been
resolved: B ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/2e4edfa1e2bd821a317e7d006517dcf2f3fac68d (6.9)
-CVE-2024-36033 [Bluetooth: qca: fix info leak when fetching board id]
+CVE-2024-36033 (In the Linux kernel, the following vulnerability has been
resolved: B ...)
- linux 6.8.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/0adcf6be1445ed50bfd4a451a7a782568f270197 (6.9)
-CVE-2024-36032 [Bluetooth: qca: fix info leak when fetching fw build id]
+CVE-2024-36032 (In the Linux kernel, the following vulnerability has been
resolved: B ...)
- linux 6.8.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/cda0d6a198e2a7ec6f176c36173a57bdd8af7af2 (6.9)
-CVE-2024-36031 [keys: Fix overwrite of key expiration on instantiation]
+CVE-2024-36031 (In the Linux kernel, the following vulnerability has been
resolved: k ...)
- linux 6.8.11-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/9da27fb65a14c18efd4473e2e82b76b53ba60252 (6.10-rc1)
-CVE-2024-36030 [octeontx2-af: fix the double free in rvu_npc_freemem()]
+CVE-2024-36030 (In the Linux kernel, the following vulnerability has been
resolved: o ...)
- linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/6e965eba43e9724f3e603d7b7cc83e53b23d155e (6.9-rc6)
-CVE-2024-36029 [mmc: sdhci-msm: pervent access to suspended controller]
+CVE-2024-36029 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.90-1
NOTE:
https://git.kernel.org/linus/f8def10f73a516b771051a2f70f2f0446902cb4f (6.9-rc6)
-CVE-2024-36028 [mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when
dissolve_free_hugetlb_folio()]
+CVE-2024-36028 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 6.8.9-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/52ccdde16b6540abe43b6f8d8e1e1ec90b0983af (6.9-rc6)
-CVE-2024-36027 [btrfs: zoned: do not flag ZEROOUT on non-dirty extent buffer]
+CVE-2024-36027 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/68879386180c0efd5a11e800b0525a01068c9457 (6.9-rc5)
-CVE-2024-36026 [drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11]
+CVE-2024-36026 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.90-1
NOTE:
https://git.kernel.org/linus/31729e8c21ecfd671458e02b6511eb68c2225113 (6.9-rc4)
-CVE-2024-36025 [scsi: qla2xxx: Fix off by one in qla_edif_app_getstats()]
+CVE-2024-36025 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.90-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/4406e4176f47177f5e51b4cc7e6a7a2ff3dbfbbd (6.9-rc4)
-CVE-2024-36024 [drm/amd/display: Disable idle reallow as part of command/gpint
execution]
+CVE-2024-36024 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 6.8.9-1
NOTE:
https://git.kernel.org/linus/6226a5aa77370329e01ee8abe50a95e60618ce97 (6.9-rc1)
-CVE-2024-36023 [Julia Lawall reported this null pointer dereference, this
should fix it.]
+CVE-2024-36023 (In the Linux kernel, the following vulnerability has been
resolved: J ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.90-1
NOTE:
https://git.kernel.org/linus/9bf93dcfc453fae192fe5d7874b89699e8f800ac (6.9-rc1)
-CVE-2024-36022 [drm/amdgpu: Init zone device and drm client after mode-1 reset
on reload]
+CVE-2024-36022 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 6.8.9-1
NOTE:
https://git.kernel.org/linus/f679fd6057fbf5ab34aaee28d58b7f81af0cbf48 (6.9-rc1)
-CVE-2024-36021 [net: hns3: fix kernel crash when devlink reload during pf
initialization]
+CVE-2024-36021 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/93305b77ffcb042f1538ecc383505e87d95aa05a (6.9-rc2)
-CVE-2024-36020 [i40e: fix vf may be used uninitialized in this function
warning]
+CVE-2024-36020 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 6.8.9-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux 5.10.216-1
NOTE:
https://git.kernel.org/linus/f37c4eac99c258111d414d31b740437e1925b8e8 (6.9-rc3)
-CVE-2024-36019 [regmap: maple: Fix cache corruption in regcache_maple_drop()]
+CVE-2024-36019 (In the Linux kernel, the following vulnerability has been
resolved: r ...)
- linux 6.8.9-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/00bb549d7d63a21532e76e4a334d7807a54d9f31 (6.9-rc3)
-CVE-2024-36018 [nouveau/uvmm: fix addr/range calcs for remap operations]
+CVE-2024-36018 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.8.9-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/be141849ec00ef39935bf169c0f194ac70bf85ce (6.9-rc3)
-CVE-2024-36017 [rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute
validation]
+CVE-2024-36017 (In the Linux kernel, the following vulnerability has been
resolved: r ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/1aec77b2bb2ed1db0f5efc61c4c1ca3813307489 (6.9)
-CVE-2023-52882 [clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change]
+CVE-2023-52882 (In the Linux kernel, the following vulnerability has been
resolved: c ...)
- linux 6.8.11-1
NOTE:
https://git.kernel.org/linus/7e91ed763dc07437777bd012af7a2bd4493731ff (6.9-rc7)
CVE-2024-5514 (MinMax CMS fromMinMax Digital Technology contains a hidden
administrat ...)
@@ -20433,7 +20543,8 @@ CVE-2024-27908 (A buffer overflow vulnerability was
reported in the HTTPS servic
NOT-FOR-US: Lenovo
CVE-2024-23592 (An authentication bypass vulnerability was reported in Lenovo
devices ...)
NOT-FOR-US: Lenovo
-CVE-2024-21506 (Versions of the package pymongo before 4.6.3 are vulnerable to
Out-of- ...)
+CVE-2024-21506
+ REJECTED
- pymongo <unfixed> (bug #1069581)
[bookworm] - pymongo <no-dsa> (Minor issue)
[bullseye] - pymongo <no-dsa> (Minor issue)
@@ -50823,7 +50934,7 @@ CVE-2023-49312 (Precision Bridge PrecisionBridge.exe
(aka the thick client) befo
NOT-FOR-US: Precision Bridge
CVE-2023-47039 (A vulnerability was found in Perl. This security issue occurs
while Pe ...)
- perl <not-affected> (Windows specific issue)
-CVE-2023-47038 (A vulnerability was found in perl. This issue occurs when a
crafted re ...)
+CVE-2023-47038 (A vulnerability was found in perl 5.30.0 through 5.38.0. This
issue oc ...)
- perl 5.36.0-10 (bug #1056746)
[bookworm] - perl 5.36.0-7+deb12u1
[bullseye] - perl 5.32.1-4+deb11u3
@@ -124727,8 +124838,8 @@ CVE-2022-43843 (IBM Spectrum Scale 5.1.5.0 through
5.1.5.1 uses weaker than expe
NOT-FOR-US: IBM
CVE-2022-43842 (IBM Aspera Console 3.4.0 through 3.4.2 is vulnerable to SQL
injection. ...)
NOT-FOR-US: IBM
-CVE-2022-43841
- RESERVED
+CVE-2022-43841 (IBM Aspera Console 3.4.0 through 3.4.2 PL9 allows web pages to
be stor ...)
+ TODO: check
CVE-2022-43840
RESERVED
CVE-2022-43839
@@ -125528,8 +125639,8 @@ CVE-2022-43577
RESERVED
CVE-2022-43576
RESERVED
-CVE-2022-43575
- RESERVED
+CVE-2022-43575 (IBM Aspera Console 3.4.0 through 3.4.2 PL5 is vulnerable to
cross-site ...)
+ TODO: check
CVE-2022-43574 ("IBM Robotic Process Automation 21.0.1, 21.0.2, 21.0.3,
21.0.4, and 21 ...)
NOT-FOR-US: IBM
CVE-2022-43573 (IBM Robotic Process Automation 20.12 through 21.0.6 is
vulnerable to e ...)
@@ -126187,8 +126298,8 @@ CVE-2022-43386
RESERVED
CVE-2022-43385
RESERVED
-CVE-2022-43384
- RESERVED
+CVE-2022-43384 (IBM Aspera Console 3.4.0 through 3.4.2 PL5 is vulnerable to
cross-site ...)
+ TODO: check
CVE-2022-43383
RESERVED
CVE-2022-43382 (IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a local user
with eleva ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/db1276504566e39edbd11f0b47a563e83cb93dfa
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/db1276504566e39edbd11f0b47a563e83cb93dfa
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
