[Git][security-tracker-team/security-tracker][master] automatic update

Sat Apr 6 09:12:05 BST 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
79cafbdf by security tracker role at 2024-04-06T08:11:48+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,63 @@
+CVE-2024-3362 (A vulnerability was found in SourceCodester Online Library System 1.0  ...)
+	TODO: check
+CVE-2024-3361 (A vulnerability has been found in SourceCodester Online Library System ...)
+	TODO: check
+CVE-2024-3360 (A vulnerability, which was classified as critical, was found in Source ...)
+	TODO: check
+CVE-2024-3359 (A vulnerability, which was classified as critical, has been found in S ...)
+	TODO: check
+CVE-2024-3358 (A vulnerability classified as problematic was found in SourceCodester  ...)
+	TODO: check
+CVE-2024-3357 (A vulnerability classified as problematic has been found in SourceCode ...)
+	TODO: check
+CVE-2024-3356 (A vulnerability was found in SourceCodester Aplaya Beach Resort Online ...)
+	TODO: check
+CVE-2024-3355 (A vulnerability was found in SourceCodester Aplaya Beach Resort Online ...)
+	TODO: check
+CVE-2024-3245 (The EmbedPress \u2013 Embed PDF, Google Docs, Vimeo, Wistia, Embed You ...)
+	TODO: check
+CVE-2024-3216 (The WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shippi ...)
+	TODO: check
+CVE-2024-30977 (An issue in Secnet Security Network Intelligent AC Management System v ...)
+	TODO: check
+CVE-2024-2950 (The BoldGrid Easy SEO \u2013 Simple and Effective SEO plugin for WordP ...)
+	TODO: check
+CVE-2024-2949 (The Carousel, Slider, Gallery by WP Carousel \u2013 Image Carousel & P ...)
+	TODO: check
+CVE-2024-2656 (The Email Subscribers by Icegram Express \u2013 Email Marketing, Newsl ...)
+	TODO: check
+CVE-2024-2471 (The FooGallery plugin for WordPress is vulnerable to Stored Cross-Site ...)
+	TODO: check
+CVE-2024-2458 (The Powerkit \u2013 Supercharge your WordPress Site plugin for WordPre ...)
+	TODO: check
+CVE-2024-2444 (The Inline Related Posts WordPress plugin before 3.5.0 does not saniti ...)
+	TODO: check
+CVE-2024-27912 (A denial of service vulnerability was reported in some Lenovo Printers ...)
+	TODO: check
+CVE-2024-27911 (A vulnerability was reported in some Lenovo Printers that could allow  ...)
+	TODO: check
+CVE-2024-27910 (A vulnerability was reported in some Lenovo Printers that could allow  ...)
+	TODO: check
+CVE-2024-27909 (A denial of service vulnerability was reported in the HTTPS service of ...)
+	TODO: check
+CVE-2024-27908 (A buffer overflow vulnerability was reported in the HTTPS service of s ...)
+	TODO: check
+CVE-2024-23592 (An authentication bypass vulnerability was reported in Lenovo devices  ...)
+	TODO: check
+CVE-2024-21506 (Versions of the package pymongo before 4.6.3 are vulnerable to Out-of- ...)
+	TODO: check
+CVE-2024-1994 (The Image Watermark plugin for WordPress is vulnerable to unauthorized ...)
+	TODO: check
+CVE-2024-1428 (The Element Pack Elementor Addons (Header Footer, Free Template Librar ...)
+	TODO: check
+CVE-2024-1385 (The WP-Stateless \u2013 Google Cloud Storage plugin for WordPress is v ...)
+	TODO: check
+CVE-2024-0837 (The Element Pack Elementor Addons (Header Footer, Free Template Librar ...)
+	TODO: check
+CVE-2023-5912 (A potential memory leakage vulnerability was reported in some Lenovo N ...)
+	TODO: check
+CVE-2023-4605 (A valid authenticated Lenovo XClarity Administrator (LXCA) user can po ...)
+	TODO: check
 CVE-2024-3354 (A vulnerability was found in SourceCodester Aplaya Beach Resort Online ...)
 	NOT-FOR-US: SourceCodester Aplaya Beach Resort Online Reservation System
 CVE-2024-3353 (A vulnerability was found in SourceCodester Aplaya Beach Resort Online ...)
@@ -6827,6 +6887,7 @@ CVE-2024-24693 (Improper access control in the installer for Zoom Rooms Client f
 CVE-2024-24692 (Race condition in the installer for Zoom Rooms Client for Windows befo ...)
 	NOT-FOR-US: Zoom
 CVE-2024-24549 (Denial of Service due to improper input validation vulnerability for H ...)
+	{DLA-3779-1}
 	- tomcat10 <unfixed> (bug #1066878)
 	- tomcat9 9.0.70-2
 	NOTE: https://lists.apache.org/thread/4c50rmomhbbsdgfjsgwlb51xdwfjdcvg
@@ -6834,6 +6895,7 @@ CVE-2024-24549 (Denial of Service due to improper input validation vulnerability
 	NOTE: https://github.com/apache/tomcat/commit/8e03be9f2698f2da9027d40b9e9c0c9429b74dc0 (9.0.86)
 	NOTE: Starting with 9.0.70-2 Tomcat9 no longer ships the server stack, using that as the fixed version
 CVE-2024-23672 (Denial of Service via incomplete cleanup vulnerability in Apache Tomca ...)
+	{DLA-3779-1}
 	- tomcat10 <unfixed> (bug #1066877)
 	- tomcat9 9.0.70-2
 	NOTE: https://lists.apache.org/thread/cmpswfx6tj4s7x0nxxosvfqs11lvdx2f
@@ -76526,10 +76588,10 @@ CVE-2023-25496 (A privilege escalation vulnerability was reported in Lenovo Driv
 	NOT-FOR-US: Lenovo
 CVE-2023-25495 (A valid, authenticated administrative user can query a web interface A ...)
 	NOT-FOR-US: Lenovo
-CVE-2023-25494
-	RESERVED
-CVE-2023-25493
-	RESERVED
+CVE-2023-25494 (A potential vulnerability were reported in the BIOS of some Desktop, S ...)
+	TODO: check
+CVE-2023-25493 (A potential vulnerability was reported in the BIOS update tool driver  ...)
+	TODO: check
 CVE-2023-25492 (A valid, authenticated user may be able to trigger a denial of service ...)
 	NOT-FOR-US: Lenovo
 CVE-2023-25491 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerabilityin Samue ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/79cafbdff9db78c0e7974e3c80325f06d663bca0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/79cafbdff9db78c0e7974e3c80325f06d663bca0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240406/bd8a395d/attachment.htm>
