Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 62396743 by security tracker role at 2024-07-05T08:11:37+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,41 @@ +CVE-2024-39943 (rejetto HFS (aka HTTP File Server) 3 before 0.52.10 on Linux, UNIX, an ...) + TODO: check +CVE-2024-39937 (supOS 5.0 allows api/image/download?fileName=../ directory traversal f ...) + TODO: check +CVE-2024-39936 (An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2. ...) + TODO: check +CVE-2024-39935 (jc21 NGINX Proxy Manager before 2.11.3 allows backend/internal/certifi ...) + TODO: check +CVE-2024-39485 (In the Linux kernel, the following vulnerability has been resolved: m ...) + TODO: check +CVE-2024-39484 (In the Linux kernel, the following vulnerability has been resolved: m ...) + TODO: check +CVE-2024-39483 (In the Linux kernel, the following vulnerability has been resolved: K ...) + TODO: check +CVE-2024-39482 (In the Linux kernel, the following vulnerability has been resolved: b ...) + TODO: check +CVE-2024-39481 (In the Linux kernel, the following vulnerability has been resolved: m ...) + TODO: check +CVE-2024-39480 (In the Linux kernel, the following vulnerability has been resolved: k ...) + TODO: check +CVE-2024-39479 (In the Linux kernel, the following vulnerability has been resolved: d ...) + TODO: check +CVE-2024-39478 (In the Linux kernel, the following vulnerability has been resolved: c ...) + TODO: check +CVE-2024-39477 (In the Linux kernel, the following vulnerability has been resolved: m ...) + TODO: check +CVE-2024-39476 (In the Linux kernel, the following vulnerability has been resolved: m ...) + TODO: check +CVE-2024-39475 (In the Linux kernel, the following vulnerability has been resolved: f ...) + TODO: check +CVE-2024-39474 (In the Linux kernel, the following vulnerability has been resolved: m ...) + TODO: check +CVE-2024-39473 (In the Linux kernel, the following vulnerability has been resolved: A ...) + TODO: check +CVE-2024-39472 (In the Linux kernel, the following vulnerability has been resolved: x ...) + TODO: check +CVE-2024-34481 (drupal-wiki.com Drupal Wiki before 8.31.1 allows XSS via comments, cap ...) + TODO: check CVE-2024-6513 REJECTED CVE-2024-6511 (A vulnerability classified as problematic was found in y_project RuoYi ...) @@ -458,7 +496,7 @@ CVE-2023-51776 (Improper privilege management in Jungo WinDriver before 12.1.0 a NOT-FOR-US: Jungo WinDriver CVE-2023-39324 REJECTED -CVE-2024-32498 [OSSA-2024-001: Arbitrary file access through custom QCOW2 external data] +CVE-2024-32498 (An issue was discovered in OpenStack Cinder through 24.0.0, Glance bef ...) - cinder <unfixed> (bug #1074763) - glance 2:28.0.1-3+deb12u1 (bug #1074761) - nova <unfixed> (bug #1074762) @@ -2906,12 +2944,14 @@ CVE-2022-48738 (In the Linux kernel, the following vulnerability has been resolv [bullseye] - linux 5.10.103-1 [buster] - linux 4.19.232-1 NOTE: https://git.kernel.org/linus/817f7c9335ec01e0f5e8caffc4f1dcd5e458a4c0 (5.17-rc3) -CVE-2022-48737 (In the Linux kernel, the following vulnerability has been resolved: A ...) +CVE-2022-48737 + REJECTED - linux 5.16.10-1 [bullseye] - linux 5.10.103-1 [buster] - linux 4.19.232-1 NOTE: https://git.kernel.org/linus/4f1e50d6a9cf9c1b8c859d449b5031cacfa8404e (5.17-rc3) -CVE-2022-48736 (In the Linux kernel, the following vulnerability has been resolved: A ...) +CVE-2022-48736 + REJECTED - linux 5.16.10-1 [bullseye] - linux 5.10.103-1 [buster] - linux 4.19.232-1 @@ -8343,7 +8383,7 @@ CVE-2024-3200 (The wpForo Forum plugin for WordPress is vulnerable to SQL Inject NOT-FOR-US: WordPress plugin CVE-2024-35636 (Cross-Site Request Forgery (CSRF) vulnerability in Uploadcare Uploadca ...) NOT-FOR-US: WordPress plugin -CVE-2024-36041 [ksmserver: Unauthorized users can access session manager] +CVE-2024-36041 (KSmserver in KDE Plasma Workspace (aka plasma-workspace) before 5.27.1 ...) {DSA-5723-1 DLA-3827-1} - plasma-workspace 4:5.27.11.1-1 NOTE: https://kde.org/info/security/advisory-20240531-1.txt @@ -47631,7 +47671,7 @@ CVE-2024-0987 (A vulnerability classified as critical has been found in Sichuan NOT-FOR-US: Sichuan Yougou Technology KuERP CVE-2024-0986 (A vulnerability was found in Issabel PBX 4.0.0. It has been rated as c ...) NOT-FOR-US: Issabel PBX -CVE-2023-52340 [ipv6: remove max_size check inline with ipv4] +CVE-2023-52340 (The IPv6 implementation in the Linux kernel before 6.3 has a net/ipv6/ ...) {DLA-3841-1 DLA-3840-1} - linux 6.3.7-1 [bookworm] - linux 6.1.76-1 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6239674306b3665042a6221af2fa24e5017a779a -- This project does not include diff previews in email notifications. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6239674306b3665042a6221af2fa24e5017a779a You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits