[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Apr 9 21:12:16 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
088a99dd by security tracker role at 2024-04-09T20:12:02+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,741 @@
+CVE-2024-3545 (Improper permission handling in the vault offline cache feature in Dev ...)
+ TODO: check
+CVE-2024-3514 (The Responsive Tabs plugin for WordPress is vulnerable to Stored Cross ...)
+ TODO: check
+CVE-2024-3512 (The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for WordPre ...)
+ TODO: check
+CVE-2024-3446 (A double free vulnerability was found in QEMU virtio devices (virtio-g ...)
+ TODO: check
+CVE-2024-3281 (A vulnerability was discovered in the firmware builds after 8.0.2.3267 ...)
+ TODO: check
+CVE-2024-3267 (The Bold Page Builder plugin for WordPress is vulnerable to Stored Cro ...)
+ TODO: check
+CVE-2024-3266 (The Bold Page Builder plugin for WordPress is vulnerable to Stored Cro ...)
+ TODO: check
+CVE-2024-3244 (The EmbedPress \u2013 Embed PDF, Google Docs, Vimeo, Wistia, Embed You ...)
+ TODO: check
+CVE-2024-3214 (The Relevanssi \u2013 A Better Search plugin for WordPress is vulnerab ...)
+ TODO: check
+CVE-2024-3213 (The Relevanssi \u2013 A Better Search plugin for WordPress is vulnerab ...)
+ TODO: check
+CVE-2024-3208 (The Sydney Toolbox plugin for WordPress is vulnerable to Stored Cross- ...)
+ TODO: check
+CVE-2024-3167 (The Ocean Extra plugin for WordPress is vulnerable to Stored Cross-Sit ...)
+ TODO: check
+CVE-2024-3136 (The MasterStudy LMS plugin for WordPress is vulnerable to Local File I ...)
+ TODO: check
+CVE-2024-3097 (The WordPress Gallery Plugin \u2013 NextGEN Gallery plugin for WordPre ...)
+ TODO: check
+CVE-2024-3093 (The Font Farsi plugin for WordPress is vulnerable to Stored Cross-Site ...)
+ TODO: check
+CVE-2024-3064 (The Elementor Addons, Widgets and Enhancements \u2013 Stax plugin for ...)
+ TODO: check
+CVE-2024-3053 (The Forminator \u2013 Contact Form, Payment Form & Custom Form Builder ...)
+ TODO: check
+CVE-2024-3046 (In Eclipse Kura LogServlet component included in versions 5.0.0 to 5.4 ...)
+ TODO: check
+CVE-2024-31978 (A vulnerability has been identified in SINEC NMS (All versions < V2.0 ...)
+ TODO: check
+CVE-2024-31868 (Improper Encoding or Escaping of Output vulnerability in Apache Zeppel ...)
+ TODO: check
+CVE-2024-31867 (Improper Input Validation vulnerability in Apache Zeppelin. The attac ...)
+ TODO: check
+CVE-2024-31866 (Improper Encoding or Escaping of Output vulnerability in Apache Zeppel ...)
+ TODO: check
+CVE-2024-31865 (Improper Input Validation vulnerability in Apache Zeppelin. The attac ...)
+ TODO: check
+CVE-2024-31864 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
+ TODO: check
+CVE-2024-31863 (Authentication Bypass by Spoofing vulnerability by replacing to exsiti ...)
+ TODO: check
+CVE-2024-31862 (Improper Input Validation vulnerability in Apache Zeppelin when creati ...)
+ TODO: check
+CVE-2024-31860 (Improper Input Validation vulnerability in Apache Zeppelin. By adding ...)
+ TODO: check
+CVE-2024-31544 (A stored cross-site scripting (XSS) vulnerability in Computer Laborato ...)
+ TODO: check
+CVE-2024-31507 (Sourcecodester Online Graduate Tracer System v1.0 is vulnerable to SQL ...)
+ TODO: check
+CVE-2024-31506 (Sourcecodester Online Graduate Tracer System v1.0 is vulnerable to SQL ...)
+ TODO: check
+CVE-2024-31487 (A improper limitation of a pathname to a restricted directory ('path t ...)
+ TODO: check
+CVE-2024-31457 (gin-vue-admin is a backstage management system based on vue and gin, w ...)
+ TODO: check
+CVE-2024-31455 (Minder by Stacklok is an open source software supply chain security pl ...)
+ TODO: check
+CVE-2024-31454 (PsiTransfer is an open source, self-hosted file sharing solution. Prio ...)
+ TODO: check
+CVE-2024-31453 (PsiTransfer is an open source, self-hosted file sharing solution. Prio ...)
+ TODO: check
+CVE-2024-31370 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2024-31369 (Cross-Site Request Forgery (CSRF) vulnerability in PenciDesign Soledad ...)
+ TODO: check
+CVE-2024-31368 (Missing Authorization vulnerability in PenciDesign Soledad.This issue ...)
+ TODO: check
+CVE-2024-31367 (Missing Authorization vulnerability in PenciDesign Soledad.This issue ...)
+ TODO: check
+CVE-2024-30706 (An issue was discovered in ROS2 Dashing Diademata versions ROS_VERSION ...)
+ TODO: check
+CVE-2024-30704 (An insecure deserialization vulnerability has been identified in ROS2 ...)
+ TODO: check
+CVE-2024-30703 (An arbitrary file upload vulnerability has been discovered in ROS2 (Ro ...)
+ TODO: check
+CVE-2024-30702 (An issue was discovered in ROS2 Galactic Geochelone in ROS_VERSION 2 a ...)
+ TODO: check
+CVE-2024-30262 (Contao is an open source content management system. Prior to version 4 ...)
+ TODO: check
+CVE-2024-30191 (A vulnerability has been identified in SCALANCE W1748-1 M12 (6GK5748-1 ...)
+ TODO: check
+CVE-2024-30190 (A vulnerability has been identified in SCALANCE W1748-1 M12 (6GK5748-1 ...)
+ TODO: check
+CVE-2024-30189 (A vulnerability has been identified in SCALANCE W721-1 RJ45 (6GK5721-1 ...)
+ TODO: check
+CVE-2024-2974 (The Essential Addons for Elementor \u2013 Best Elementor Templates, Wi ...)
+ TODO: check
+CVE-2024-2957 (The Simple Ajax Chat \u2013 Add a Fast, Secure Chat Box plugin for Wor ...)
+ TODO: check
+CVE-2024-2946 (The ShopLentor \u2013 WooCommerce Builder for Elementor & Gutenberg +1 ...)
+ TODO: check
+CVE-2024-2918 (Improper input validation in PAM JIT elevation feature in Devolutions ...)
+ TODO: check
+CVE-2024-2871 (The Media Library Assistant plugin for WordPress is vulnerable to SQL ...)
+ TODO: check
+CVE-2024-2866 (The Gutenberg Blocks by Kadence Blocks \u2013 Page Builder Features pl ...)
+ TODO: check
+CVE-2024-2847 (The WordPress File Upload plugin for WordPress is vulnerable to Stored ...)
+ TODO: check
+CVE-2024-2845 (The BetterDocs \u2013 Best Documentation, FAQ & Knowledge Base Plugin ...)
+ TODO: check
+CVE-2024-2804 (The Network Summary plugin for WordPress is vulnerable to SQL Injectio ...)
+ TODO: check
+CVE-2024-2792 (The Elementor Addon Elements plugin for WordPress is vulnerable to Sto ...)
+ TODO: check
+CVE-2024-2789 (The Happy Addons for Elementor plugin for WordPress is vulnerable to S ...)
+ TODO: check
+CVE-2024-2788 (The Happy Addons for Elementor plugin for WordPress is vulnerable to S ...)
+ TODO: check
+CVE-2024-2787 (The Happy Addons for Elementor plugin for WordPress is vulnerable to S ...)
+ TODO: check
+CVE-2024-2786 (The Happy Addons for Elementor plugin for WordPress is vulnerable to S ...)
+ TODO: check
+CVE-2024-2783 (The GamiPress \u2013 The #1 gamification plugin to reward points, achi ...)
+ TODO: check
+CVE-2024-2738 (The Permalink Manager Lite and Pro plugins for WordPress are vulnerabl ...)
+ TODO: check
+CVE-2024-2693 (The Link Whisper Free plugin for WordPress is vulnerable to PHP Object ...)
+ TODO: check
+CVE-2024-2654 (The File Manager plugin for WordPress is vulnerable to Directory Trave ...)
+ TODO: check
+CVE-2024-2650 (The Essential Addons for Elementor \u2013 Best Elementor Templates, Wi ...)
+ TODO: check
+CVE-2024-2623 (The Essential Addons for Elementor \u2013 Best Elementor Templates, Wi ...)
+ TODO: check
+CVE-2024-2543 (The Permalink Manager Lite plugin for WordPress is vulnerable to unaut ...)
+ TODO: check
+CVE-2024-2536 (The Rank Math SEO with AI SEO Tools plugin for WordPress is vulnerable ...)
+ TODO: check
+CVE-2024-2513 (The WP Chat App plugin for WordPress is vulnerable to Stored Cross-Sit ...)
+ TODO: check
+CVE-2024-2507 (The JetWidgets For Elementor plugin for WordPress is vulnerable to Sto ...)
+ TODO: check
+CVE-2024-2504 (The Page Builder: Pagelayer \u2013 Drag and Drop website builder plugi ...)
+ TODO: check
+CVE-2024-2501 (The Hubbub Lite \u2013 Fast, Reliable Social Sharing Buttons plugin fo ...)
+ TODO: check
+CVE-2024-2492 (The PowerPack Addons for Elementor plugin for WordPress is vulnerable ...)
+ TODO: check
+CVE-2024-2457 (The Modal Window \u2013 create popup modal window plugin for WordPress ...)
+ TODO: check
+CVE-2024-2456 (The Ecwid Ecommerce Shopping Cart plugin for WordPress is vulnerable t ...)
+ TODO: check
+CVE-2024-2436 (The Lightweight Accordion plugin for WordPress is vulnerable to Stored ...)
+ TODO: check
+CVE-2024-2423 (The UsersWP \u2013 Front-end login form, User Registration, User Profi ...)
+ TODO: check
+CVE-2024-2348 (The Gum Elementor Addon plugin for WordPress is vulnerable to Stored C ...)
+ TODO: check
+CVE-2024-2347 (The Astra theme for WordPress is vulnerable to Stored Cross-Site Scrip ...)
+ TODO: check
+CVE-2024-2344 (The Avada theme for WordPress is vulnerable to SQL Injection via the ' ...)
+ TODO: check
+CVE-2024-2343 (The Avada | Website Builder For WordPress & WooCommerce theme for Word ...)
+ TODO: check
+CVE-2024-2342 (The Appointment Booking Calendar \u2014 Simply Schedule Appointments B ...)
+ TODO: check
+CVE-2024-2341 (The Appointment Booking Calendar \u2014 Simply Schedule Appointments B ...)
+ TODO: check
+CVE-2024-2340 (The Avada theme for WordPress is vulnerable to Sensitive Information E ...)
+ TODO: check
+CVE-2024-2336 (The Popup Maker \u2013 Popup for opt-ins, lead gen, & more plugin for ...)
+ TODO: check
+CVE-2024-2335 (The Elements Plus! plugin for WordPress is vulnerable to Stored Cross- ...)
+ TODO: check
+CVE-2024-2334 (The Template Kit \u2013 Import plugin for WordPress is vulnerable to S ...)
+ TODO: check
+CVE-2024-2327 (The Global Elementor Buttons plugin for WordPress is vulnerable to Sto ...)
+ TODO: check
+CVE-2024-2325 (The Link Library plugin for WordPress is vulnerable to Reflected Cross ...)
+ TODO: check
+CVE-2024-2311 (The Avada theme for WordPress is vulnerable to Stored Cross-Site Scrip ...)
+ TODO: check
+CVE-2024-2306 (The Revslider plugin for WordPress is vulnerable to Stored Cross-Site ...)
+ TODO: check
+CVE-2024-2305 (The Cards for Beaver Builder plugin for WordPress is vulnerable to Sto ...)
+ TODO: check
+CVE-2024-2302 (The Easy Digital Downloads \u2013 Sell Digital Files & Subscriptions ( ...)
+ TODO: check
+CVE-2024-2289 (The PowerPack Lite for Beaver Builder plugin for WordPress is vulnerab ...)
+ TODO: check
+CVE-2024-2287 (The Knight Lab Timeline plugin for WordPress is vulnerable to Stored C ...)
+ TODO: check
+CVE-2024-2261 (The Event Tickets and Registration plugin for WordPress is vulnerable ...)
+ TODO: check
+CVE-2024-2226 (The Otter Blocks \u2013 Gutenberg Blocks, Page Builder for Gutenberg E ...)
+ TODO: check
+CVE-2024-2224 (Improper Limitation of a Pathname to a Restricted Directory (\u2018Pat ...)
+ TODO: check
+CVE-2024-2223 (An Incorrect Regular Expression vulnerability in Bitdefender GravityZo ...)
+ TODO: check
+CVE-2024-2222 (The Advanced Classifieds & Directory Pro plugin for WordPress is vulne ...)
+ TODO: check
+CVE-2024-2200 (The Contact Form by BestWebSoft plugin for WordPress is vulnerable to ...)
+ TODO: check
+CVE-2024-2198 (The Contact Form by BestWebSoft plugin for WordPress is vulnerable to ...)
+ TODO: check
+CVE-2024-2187 (The Beaver Builder Addons by WPZOOM plugin for WordPress is vulnerable ...)
+ TODO: check
+CVE-2024-2186 (The Beaver Builder Addons by WPZOOM plugin for WordPress is vulnerable ...)
+ TODO: check
+CVE-2024-2185 (The Beaver Builder Addons by WPZOOM plugin for WordPress is vulnerable ...)
+ TODO: check
+CVE-2024-2183 (The Beaver Builder Addons by WPZOOM plugin for WordPress is vulnerable ...)
+ TODO: check
+CVE-2024-2181 (The Beaver Builder Addons by WPZOOM plugin for WordPress is vulnerable ...)
+ TODO: check
+CVE-2024-2165 (The SEOPress \u2013 On-site SEO plugin for WordPress is vulnerable to ...)
+ TODO: check
+CVE-2024-2138 (The JetWidgets For Elementor plugin for WordPress is vulnerable to Sto ...)
+ TODO: check
+CVE-2024-2125 (The Env\xedaloSimple: Email Marketing y Newsletters plugin for WordPre ...)
+ TODO: check
+CVE-2024-2117 (The Elementor Website Builder \u2013 More than Just a Page Builder plu ...)
+ TODO: check
+CVE-2024-2112 (The Form Maker by 10Web \u2013 Mobile-Friendly Drag & Drop Contact For ...)
+ TODO: check
+CVE-2024-2093 (The VK All in One Expansion Unit plugin for WordPress is vulnerable to ...)
+ TODO: check
+CVE-2024-2081 (The Best WordPress Gallery Plugin \u2013 FooGallery plugin for WordPre ...)
+ TODO: check
+CVE-2024-2039 (The Stackable \u2013 Page Builder Gutenberg Blocks plugin for WordPres ...)
+ TODO: check
+CVE-2024-2033 (The Video Conferencing with Zoom plugin for WordPress is vulnerable to ...)
+ TODO: check
+CVE-2024-2027 (The Real Media Library: Media Library Folder & File Manager plugin for ...)
+ TODO: check
+CVE-2024-2026 (The Passster plugin for WordPress is vulnerable to Stored Cross-Site S ...)
+ TODO: check
+CVE-2024-2018 (The WP Activity Log Premium plugin for WordPress is vulnerable to SQL ...)
+ TODO: check
+CVE-2024-29993 (Azure CycleCloud Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-29992 (Azure Identity Library for .NET Information Disclosure Vulnerability)
+ TODO: check
+CVE-2024-29990 (Microsoft Azure Kubernetes Service Confidential Container Elevation of ...)
+ TODO: check
+CVE-2024-29989 (Azure Monitor Agent Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-29988 (SmartScreen Prompt Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2024-29985 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
+ TODO: check
+CVE-2024-29984 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
+ TODO: check
+CVE-2024-29983 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
+ TODO: check
+CVE-2024-29982 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
+ TODO: check
+CVE-2024-29905 (DIRAC is an interware, meaning a software framework for distributed co ...)
+ TODO: check
+CVE-2024-29066 (Windows Distributed File System (DFS) Remote Code Execution Vulnerabil ...)
+ TODO: check
+CVE-2024-29064 (Windows Hyper-V Denial of Service Vulnerability)
+ TODO: check
+CVE-2024-29063 (Azure AI Search Information Disclosure Vulnerability)
+ TODO: check
+CVE-2024-29062 (Secure Boot Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2024-29061 (Secure Boot Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2024-29056 (Windows Authentication Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-29055 (Microsoft Defender for IoT Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-29054 (Microsoft Defender for IoT Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-29053 (Microsoft Defender for IoT Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-29052 (Windows Storage Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-29050 (Windows Cryptographic Services Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-29048 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
+ TODO: check
+CVE-2024-29047 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
+ TODO: check
+CVE-2024-29046 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
+ TODO: check
+CVE-2024-29045 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
+ TODO: check
+CVE-2024-29044 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
+ TODO: check
+CVE-2024-29043 (Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerabili ...)
+ TODO: check
+CVE-2024-28945 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
+ TODO: check
+CVE-2024-28944 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
+ TODO: check
+CVE-2024-28943 (Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerabili ...)
+ TODO: check
+CVE-2024-28942 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
+ TODO: check
+CVE-2024-28941 (Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerabili ...)
+ TODO: check
+CVE-2024-28940 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
+ TODO: check
+CVE-2024-28939 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
+ TODO: check
+CVE-2024-28938 (Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerabili ...)
+ TODO: check
+CVE-2024-28937 (Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerabili ...)
+ TODO: check
+CVE-2024-28936 (Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerabili ...)
+ TODO: check
+CVE-2024-28935 (Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerabili ...)
+ TODO: check
+CVE-2024-28934 (Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerabili ...)
+ TODO: check
+CVE-2024-28933 (Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerabili ...)
+ TODO: check
+CVE-2024-28932 (Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerabili ...)
+ TODO: check
+CVE-2024-28931 (Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerabili ...)
+ TODO: check
+CVE-2024-28930 (Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerabili ...)
+ TODO: check
+CVE-2024-28929 (Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerabili ...)
+ TODO: check
+CVE-2024-28927 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
+ TODO: check
+CVE-2024-28926 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
+ TODO: check
+CVE-2024-28925 (Secure Boot Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2024-28924 (Secure Boot Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2024-28923 (Secure Boot Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2024-28922 (Secure Boot Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2024-28921 (Secure Boot Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2024-28920 (Secure Boot Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2024-28919 (Secure Boot Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2024-28917 (Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Priv ...)
+ TODO: check
+CVE-2024-28915 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
+ TODO: check
+CVE-2024-28914 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
+ TODO: check
+CVE-2024-28913 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
+ TODO: check
+CVE-2024-28912 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
+ TODO: check
+CVE-2024-28911 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
+ TODO: check
+CVE-2024-28910 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
+ TODO: check
+CVE-2024-28909 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
+ TODO: check
+CVE-2024-28908 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
+ TODO: check
+CVE-2024-28907 (Microsoft Brokering File System Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-28906 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
+ TODO: check
+CVE-2024-28905 (Microsoft Brokering File System Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-28904 (Microsoft Brokering File System Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-28903 (Secure Boot Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2024-28902 (Windows Remote Access Connection Manager Information Disclosure Vulner ...)
+ TODO: check
+CVE-2024-28901 (Windows Remote Access Connection Manager Information Disclosure Vulner ...)
+ TODO: check
+CVE-2024-28900 (Windows Remote Access Connection Manager Information Disclosure Vulner ...)
+ TODO: check
+CVE-2024-28898 (Secure Boot Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2024-28897 (Secure Boot Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2024-28896 (Secure Boot Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2024-28235 (Contao is an open source content management system. Starting in versio ...)
+ TODO: check
+CVE-2024-28234 (Contao is an open source content management system. Starting in versio ...)
+ TODO: check
+CVE-2024-28191 (Contao is an open source content management system. Starting in versio ...)
+ TODO: check
+CVE-2024-28190 (Contao is an open source content management system. Starting in versio ...)
+ TODO: check
+CVE-2024-27665 (Unifiedtransform v2.X is vulnerable to Stored Cross-Site Scripting (XS ...)
+ TODO: check
+CVE-2024-27247 (Improper privilege management in the installer for Zoom Desktop Client ...)
+ TODO: check
+CVE-2024-27242 (Cross site scripting in Zoom Desktop Client for Linux before version 5 ...)
+ TODO: check
+CVE-2024-26277 (A vulnerability has been identified in Parasolid V35.1 (All versions < ...)
+ TODO: check
+CVE-2024-26276 (A vulnerability has been identified in Parasolid V35.1 (All versions < ...)
+ TODO: check
+CVE-2024-26275 (A vulnerability has been identified in Parasolid V35.1 (All versions < ...)
+ TODO: check
+CVE-2024-26257 (Microsoft Excel Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-26256 (libarchive Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-26255 (Windows Remote Access Connection Manager Information Disclosure Vulner ...)
+ TODO: check
+CVE-2024-26254 (Microsoft Virtual Machine Bus (VMBus) Denial of Service Vulnerability)
+ TODO: check
+CVE-2024-26253 (Windows rndismp6.sys Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-26252 (Windows rndismp6.sys Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-26251 (Microsoft SharePoint Server Spoofing Vulnerability)
+ TODO: check
+CVE-2024-26250 (Secure Boot Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2024-26248 (Windows Kerberos Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-26245 (Windows SMB Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-26244 (Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vu ...)
+ TODO: check
+CVE-2024-26243 (Windows USB Print Driver Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-26242 (Windows Telephony Server Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-26241 (Win32k Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-26240 (Secure Boot Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2024-26239 (Windows Telephony Server Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-26237 (Windows Defender Credential Guard Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-26236 (Windows Update Stack Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-26235 (Windows Update Stack Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-26234 (Proxy Driver Spoofing Vulnerability)
+ TODO: check
+CVE-2024-26233 (Windows DNS Server Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-26232 (Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-26231 (Windows DNS Server Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-26230 (Windows Telephony Server Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-26229 (Windows CSC Service Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-26228 (Windows Cryptographic Services Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2024-26227 (Windows DNS Server Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-26226 (Windows Distributed File System (DFS) Information Disclosure Vulnerabi ...)
+ TODO: check
+CVE-2024-26224 (Windows DNS Server Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-26223 (Windows DNS Server Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-26222 (Windows DNS Server Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-26221 (Windows DNS Server Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-26220 (Windows Mobile Hotspot Information Disclosure Vulnerability)
+ TODO: check
+CVE-2024-26219 (HTTP.sys Denial of Service Vulnerability)
+ TODO: check
+CVE-2024-26218 (Windows Kernel Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-26217 (Windows Remote Access Connection Manager Information Disclosure Vulner ...)
+ TODO: check
+CVE-2024-26216 (Windows File Server Resource Management Service Elevation of Privilege ...)
+ TODO: check
+CVE-2024-26215 (DHCP Server Service Denial of Service Vulnerability)
+ TODO: check
+CVE-2024-26214 (Microsoft WDAC SQL Server ODBC Driver Remote Code Execution Vulnerabil ...)
+ TODO: check
+CVE-2024-26213 (Microsoft Brokering File System Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-26212 (DHCP Server Service Denial of Service Vulnerability)
+ TODO: check
+CVE-2024-26211 (Windows Remote Access Connection Manager Elevation of Privilege Vulner ...)
+ TODO: check
+CVE-2024-26210 (Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vu ...)
+ TODO: check
+CVE-2024-26209 (Microsoft Local Security Authority Subsystem Service Information Discl ...)
+ TODO: check
+CVE-2024-26208 (Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-26207 (Windows Remote Access Connection Manager Information Disclosure Vulner ...)
+ TODO: check
+CVE-2024-26205 (Windows Routing and Remote Access Service (RRAS) Remote Code Execution ...)
+ TODO: check
+CVE-2024-26202 (DHCP Server Service Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-26200 (Windows Routing and Remote Access Service (RRAS) Remote Code Execution ...)
+ TODO: check
+CVE-2024-26195 (DHCP Server Service Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-26194 (Secure Boot Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2024-26193 (Azure Migrate Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-26189 (Secure Boot Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2024-26183 (Windows Kerberos Denial of Service Vulnerability)
+ TODO: check
+CVE-2024-26180 (Secure Boot Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2024-26179 (Windows Routing and Remote Access Service (RRAS) Remote Code Execution ...)
+ TODO: check
+CVE-2024-26175 (Secure Boot Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2024-26172 (Windows DWM Core Library Information Disclosure Vulnerability)
+ TODO: check
+CVE-2024-26171 (Secure Boot Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2024-26168 (Secure Boot Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2024-26158 (Microsoft Install Service Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-25116 (RedisBloom adds a set of probabilistic data structures to Redis. Start ...)
+ TODO: check
+CVE-2024-25115 (RedisBloom adds a set of probabilistic data structures to Redis. Start ...)
+ TODO: check
+CVE-2024-24694 (Improper privilege management in the installer for Zoom Desktop Client ...)
+ TODO: check
+CVE-2024-24576 (Rust is a programming language. The Rust Security Response WG was noti ...)
+ TODO: check
+CVE-2024-24245 (An issue in Canimaan Software LTD ClamXAV v3.1.2 through v3.6.1 and fi ...)
+ TODO: check
+CVE-2024-23671 (A improper limitation of a pathname to a restricted directory ('path t ...)
+ TODO: check
+CVE-2024-23662 (An exposure of sensitive information to an unauthorized actor in Forti ...)
+ TODO: check
+CVE-2024-22423 (yt-dlp is a youtube-dl fork with additional features and fixes. The pa ...)
+ TODO: check
+CVE-2024-21756 (A improper neutralization of special elements used in an os command (' ...)
+ TODO: check
+CVE-2024-21755 (A improper neutralization of special elements used in an os command (' ...)
+ TODO: check
+CVE-2024-21447 (Windows Authentication Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-21424 (Azure Compute Gallery Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-21409 (.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerab ...)
+ TODO: check
+CVE-2024-21324 (Microsoft Defender for IoT Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-21323 (Microsoft Defender for IoT Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-21322 (Microsoft Defender for IoT Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-20693 (Windows Kernel Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-20689 (Secure Boot Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2024-20688 (Secure Boot Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2024-20685 (Azure Private 5G Core Denial of Service Vulnerability)
+ TODO: check
+CVE-2024-20678 (Remote Procedure Call Runtime Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-20670 (Outlook for Windows Spoofing Vulnerability)
+ TODO: check
+CVE-2024-20669 (Secure Boot Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2024-20665 (BitLocker Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2024-1999 (The Gutenberg Blocks by Kadence Blocks \u2013 Page Builder Features pl ...)
+ TODO: check
+CVE-2024-1991 (The RegistrationMagic \u2013 Custom Registration Forms, User Registrat ...)
+ TODO: check
+CVE-2024-1990 (The RegistrationMagic \u2013 Custom Registration Forms, User Registrat ...)
+ TODO: check
+CVE-2024-1984 (The Graphene theme for WordPress is vulnerable to unauthorized access ...)
+ TODO: check
+CVE-2024-1974 (The HT Mega \u2013 Absolute Addons For Elementor plugin for WordPress ...)
+ TODO: check
+CVE-2024-1960 (The ShopLentor \u2013 WooCommerce Builder for Elementor & Gutenberg +1 ...)
+ TODO: check
+CVE-2024-1948 (The Getwid \u2013 Gutenberg Blocks plugin for WordPress is vulnerable ...)
+ TODO: check
+CVE-2024-1934 (The WP Compress \u2013 Image Optimizer plugin for WordPress is vulnera ...)
+ TODO: check
+CVE-2024-1904 (The MasterStudy LMS plugin for WordPress is vulnerable to unauthorized ...)
+ TODO: check
+CVE-2024-1893 (The Easy Property Listings plugin for WordPress is vulnerable to time- ...)
+ TODO: check
+CVE-2024-1852 (The WP-Members Membership Plugin plugin for WordPress is vulnerable to ...)
+ TODO: check
+CVE-2024-1850 (The AI Post Generator | AutoWriter plugin for WordPress is vulnerable ...)
+ TODO: check
+CVE-2024-1813 (The Simple Job Board plugin for WordPress is vulnerable to PHP Object ...)
+ TODO: check
+CVE-2024-1812 (The Everest Forms plugin for WordPress is vulnerable to Server-Side Re ...)
+ TODO: check
+CVE-2024-1794 (The Forminator plugin for WordPress is vulnerable to Stored Cross-Site ...)
+ TODO: check
+CVE-2024-1792 (The CMB2 plugin for WordPress is vulnerable to PHP Object Injection in ...)
+ TODO: check
+CVE-2024-1790 (The WordPress Infinite Scroll \u2013 Ajax Load More plugin for WordPre ...)
+ TODO: check
+CVE-2024-1774 (The Customily Product Personalizer plugin for WordPress is vulnerable ...)
+ TODO: check
+CVE-2024-1641 (The Accordion plugin for WordPress is vulnerable to unauthorized acces ...)
+ TODO: check
+CVE-2024-1637 (The 360 Javascript Viewer plugin for WordPress is vulnerable to unauth ...)
+ TODO: check
+CVE-2024-1587 (The Newsmatic theme for WordPress is vulnerable to Sensitive Informati ...)
+ TODO: check
+CVE-2024-1571 (The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross ...)
+ TODO: check
+CVE-2024-1498 (The Happy Addons for Elementor plugin for WordPress is vulnerable to S ...)
+ TODO: check
+CVE-2024-1466 (The Elementor Addons by Livemesh plugin for WordPress is vulnerable to ...)
+ TODO: check
+CVE-2024-1465 (The Elementor Addons by Livemesh plugin for WordPress is vulnerable to ...)
+ TODO: check
+CVE-2024-1464 (The Elementor Addons by Livemesh plugin for WordPress is vulnerable to ...)
+ TODO: check
+CVE-2024-1463 (The LearnPress \u2013 WordPress LMS Plugin plugin for WordPress is vul ...)
+ TODO: check
+CVE-2024-1461 (The Elementor Addons by Livemesh plugin for WordPress is vulnerable to ...)
+ TODO: check
+CVE-2024-1458 (The Elementor Addons by Livemesh plugin for WordPress is vulnerable to ...)
+ TODO: check
+CVE-2024-1424 (The GiveWP \u2013 Donation Plugin and Fundraising Platform plugin for ...)
+ TODO: check
+CVE-2024-1412 (The Memberpress plugin for WordPress is vulnerable to Reflected Cross- ...)
+ TODO: check
+CVE-2024-1387 (The Happy Addons for Elementor plugin for WordPress is vulnerable to u ...)
+ TODO: check
+CVE-2024-1352 (The Classified Listing \u2013 Classified ads & Business Directory Plug ...)
+ TODO: check
+CVE-2024-1315 (The Classified Listing \u2013 Classified ads & Business Directory Plug ...)
+ TODO: check
+CVE-2024-1308 (The WooCommerce Cloak Affiliate Links plugin for WordPress is vulnerab ...)
+ TODO: check
+CVE-2024-1289 (The LearnPress \u2013 WordPress LMS Plugin plugin for WordPress is vul ...)
+ TODO: check
+CVE-2024-0952 (The WP ERP | Complete HR solution with recruitment & job listings | Wo ...)
+ TODO: check
+CVE-2024-0899 (The s2Member \u2013 Best Membership Plugin for All Kinds of Membership ...)
+ TODO: check
+CVE-2024-0873 (The Watu Quiz plugin for WordPress is vulnerable to Stored Cross-Site ...)
+ TODO: check
+CVE-2024-0872 (The Watu Quiz plugin for WordPress is vulnerable to Sensitive Informat ...)
+ TODO: check
+CVE-2024-0826 (The Qi Addons For Elementor plugin for WordPress is vulnerable to Stor ...)
+ TODO: check
+CVE-2024-0662 (The FancyBox for WordPress plugin for WordPress is vulnerable to Store ...)
+ TODO: check
+CVE-2024-0626 (The WooCommerce Clover Payment Gateway plugin for WordPress is vulnera ...)
+ TODO: check
+CVE-2024-0598 (The Gutenberg Blocks by Kadence Blocks \u2013 Page Builder Features pl ...)
+ TODO: check
+CVE-2024-0588 (The Paid Memberships Pro \u2013 Content Restriction, User Registration ...)
+ TODO: check
+CVE-2024-0376 (The Premium Addons for Elementor plugin for WordPress is vulnerable to ...)
+ TODO: check
+CVE-2023-7046 (The WP Encryption \u2013 One Click Free SSL Certificate & SSL / HTTPS ...)
+ TODO: check
+CVE-2023-6999 (The Pods \u2013 Custom Content Types and Fields plugin for WordPress i ...)
+ TODO: check
+CVE-2023-6993 (The Custom post types, Custom Fields & more plugin for WordPress is vu ...)
+ TODO: check
+CVE-2023-6967 (The Pods \u2013 Custom Content Types and Fields plugin for WordPress i ...)
+ TODO: check
+CVE-2023-6965 (The Pods \u2013 Custom Content Types and Fields plugin for WordPress i ...)
+ TODO: check
+CVE-2023-6964 (The Gutenberg Blocks by Kadence Blocks \u2013 Page Builder Features pl ...)
+ TODO: check
+CVE-2023-6799 (The WP Reset \u2013 Most Advanced WordPress Reset Tool plugin for Word ...)
+ TODO: check
+CVE-2023-6777 (The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulne ...)
+ TODO: check
+CVE-2023-6695 (The Beaver Themer plugin for WordPress is vulnerable to Sensitive Info ...)
+ TODO: check
+CVE-2023-6694 (The Beaver Themer plugin for WordPress is vulnerable to Stored Cross-S ...)
+ TODO: check
+CVE-2023-6486 (The Spectra \u2013 WordPress Gutenberg Blocks plugin for WordPress is ...)
+ TODO: check
+CVE-2023-6320 (A command injection vulnerability exists in the com.webos.service.conn ...)
+ TODO: check
+CVE-2023-6319 (A command injection vulnerability exists in the getAudioMetadatamethod ...)
+ TODO: check
+CVE-2023-6318 (A command injection vulnerability exists in the processAnalyticsReport ...)
+ TODO: check
+CVE-2023-6317 (A prompt bypass exists in the secondscreen.gateway service running on ...)
+ TODO: check
+CVE-2023-50821 (A vulnerability has been identified in SIMATIC PCS 7 V9.1 (All version ...)
+ TODO: check
+CVE-2023-49913 (A stack-based buffer overflow vulnerability exists in the web interfac ...)
+ TODO: check
+CVE-2023-49912 (A stack-based buffer overflow vulnerability exists in the web interfac ...)
+ TODO: check
+CVE-2023-49911 (A stack-based buffer overflow vulnerability exists in the web interfac ...)
+ TODO: check
+CVE-2023-49910 (A stack-based buffer overflow vulnerability exists in the web interfac ...)
+ TODO: check
+CVE-2023-49909 (A stack-based buffer overflow vulnerability exists in the web interfac ...)
+ TODO: check
+CVE-2023-49908 (A stack-based buffer overflow vulnerability exists in the web interfac ...)
+ TODO: check
+CVE-2023-49907 (A stack-based buffer overflow vulnerability exists in the web interfac ...)
+ TODO: check
+CVE-2023-49906 (A stack-based buffer overflow vulnerability exists in the web interfac ...)
+ TODO: check
+CVE-2023-49134 (A command execution vulnerability exists in the tddpd enable_test_mode ...)
+ TODO: check
+CVE-2023-49133 (A command execution vulnerability exists in the tddpd enable_test_mode ...)
+ TODO: check
+CVE-2023-49074 (A denial of service vulnerability exists in the TDDP functionality of ...)
+ TODO: check
+CVE-2023-48784 (Ause of externally-controlled format string vulnerability [CWE-134] in ...)
+ TODO: check
+CVE-2023-48724 (A memory corruption vulnerability exists in the web interface function ...)
+ TODO: check
+CVE-2023-47542 (A improper neutralization of special elements used in a template engin ...)
+ TODO: check
+CVE-2023-47541 (An improper limitation of a pathname to a restricted directory ('path ...)
+ TODO: check
+CVE-2023-47540 (An improper neutralization of special elements used in an os command ( ...)
+ TODO: check
+CVE-2023-45590 (An improper control of generation of code ('code injection') in Fortin ...)
+ TODO: check
+CVE-2023-41677 (A insufficiently protected credentials in Fortinet FortiProxy 7.4.0, 7 ...)
+ TODO: check
+CVE-2022-4965 (The Invitation Code Content Restriction Plugin from CreativeMinds plug ...)
+ TODO: check
CVE-2024-2201 [Native Branch History Injection]
- linux <unfixed>
- xen <unfixed>
@@ -601,7 +1339,7 @@ CVE-2024-3348 (A vulnerability classified as critical has been found in SourceCo
NOT-FOR-US: SourceCodester Aplaya Beach Resort Online Reservation System
CVE-2024-3347 (A vulnerability was found in SourceCodester Airline Ticket Reservation ...)
NOT-FOR-US: SourceCodester Airline Ticket Reservation System
-CVE-2024-3346 (A vulnerability was found in Byzro Smart S80 up to 20240328. It has be ...)
+CVE-2024-3346 (A vulnerability was found in Byzoro Smart S80 up to 20240328. It has b ...)
NOT-FOR-US: Byzro Smart S80
CVE-2024-31852 (LLVM before 18.1.3 generates code in which the LR register can be over ...)
- llvm-toolchain-14 <unfixed>
@@ -11878,7 +12616,7 @@ CVE-2024-1920 (A vulnerability, which was classified as critical, has been found
NOT-FOR-US: osuuu LightPicture
CVE-2024-1919 (A vulnerability classified as problematic was found in SourceCodester ...)
NOT-FOR-US: SourceCodester Online Job Portal
-CVE-2024-1918 (A vulnerability has been found in Beijing Baichuo Smart S42 Management ...)
+CVE-2024-1918 (A vulnerability has been found in Byzoro Smart S42 Management Platform ...)
NOT-FOR-US: Beijing Baichuo Smart S42 Management Platform
CVE-2024-1912 (The Categorify plugin for WordPress is vulnerable to Cross-Site Reques ...)
NOT-FOR-US: WordPress plugin
@@ -16369,7 +17107,7 @@ CVE-2024-1256 (A vulnerability was found in Jspxcms 10.2.0 and classified as pro
NOT-FOR-US: Jspxcms
CVE-2024-1255 (A vulnerability has been found in sepidz SepidzDigitalMenu up to 7.1.0 ...)
NOT-FOR-US: SepidzDigitalMenu
-CVE-2024-1254 (A vulnerability, which was classified as critical, was found in Beijin ...)
+CVE-2024-1254 (A vulnerability, which was classified as critical, was found in Byzoro ...)
NOT-FOR-US: Beijing Baichuo Smart S20 Management Platform
CVE-2024-1253 (A vulnerability, which was classified as critical, has been found in B ...)
NOT-FOR-US: Beijing Baichuo Smart S40 Management Platform
@@ -18445,7 +19183,7 @@ CVE-2024-0942 (A vulnerability was found in Totolink N200RE V5 9.3.5u.6255_B2021
NOT-FOR-US: Totolink
CVE-2024-0941 (A vulnerability was found in Novel-Plus 4.3.0-RC1 and classified as cr ...)
NOT-FOR-US: Novel-Plus
-CVE-2024-0939 (A vulnerability has been found in Beijing Baichuo Smart S210 Managemen ...)
+CVE-2024-0939 (A vulnerability has been found in Byzoro Smart S210 Management Platfor ...)
NOT-FOR-US: Beijing Baichuo Smart S210 Management Platform
CVE-2024-0938 (A vulnerability, which was classified as critical, was found in Tongda ...)
NOT-FOR-US: Tongda OA
@@ -19735,13 +20473,13 @@ CVE-2024-0718 (A vulnerability, which was classified as problematic, has been fo
NOT-FOR-US: liuwy-dlsdys zhglxt
CVE-2024-0717 (A vulnerability classified as critical was found in D-Link DAP-1360, D ...)
NOT-FOR-US: D-Link
-CVE-2024-0716 (A vulnerability classified as problematic has been found in Beijing Ba ...)
+CVE-2024-0716 (A vulnerability classified as problematic has been found in Byzoro Sma ...)
NOT-FOR-US: Beijing Baichuo Smart S150 Management Platform
CVE-2024-0714 (A vulnerability was found in MiczFlor RPi-Jukebox-RFID up to 2.5.0. It ...)
NOT-FOR-US: MiczFlor RPi-Jukebox-RFID
CVE-2024-0713 (A vulnerability was found in Monitorr 1.7.6m. It has been declared as ...)
NOT-FOR-US: Monitorr
-CVE-2024-0712 (A vulnerability was found in Beijing Baichuo Smart S150 Management Pla ...)
+CVE-2024-0712 (A vulnerability was found in Byzoro Smart S150 Management Platform V31 ...)
NOT-FOR-US: Beijing Baichuo Smart S150 Management Platform
CVE-2024-0705 (The Stripe Payment Plugin for WooCommerce plugin for WordPress is vuln ...)
NOT-FOR-US: WordPress plugin
@@ -22811,7 +23549,7 @@ CVE-2024-0302 (A vulnerability, which was classified as critical, has been found
NOT-FOR-US: fhs-opensource
CVE-2024-0301 (A vulnerability classified as critical was found in fhs-opensource ipa ...)
NOT-FOR-US: fhs-opensource
-CVE-2024-0300 (A vulnerability was found in Beijing Baichuo Smart S150 Management Pla ...)
+CVE-2024-0300 (A vulnerability was found in Byzoro Smart S150 Management Platform up ...)
NOT-FOR-US: Beijing Baichuo Smart S150 Management Platform
CVE-2024-0299 (A vulnerability was found in Totolink N200RE 9.3.5u.6139_B20201216. It ...)
NOT-FOR-US: Totolink
@@ -25024,7 +25762,7 @@ CVE-2023-7041 (A vulnerability, which was classified as critical, has been found
NOT-FOR-US: codelyfe Stupid Simple CMS
CVE-2023-7040 (A vulnerability classified as problematic was found in codelyfe Stupid ...)
NOT-FOR-US: codelyfe Stupid Simple CMS
-CVE-2023-7039 (A vulnerability classified as critical has been found in Beijing Baich ...)
+CVE-2023-7039 (A vulnerability classified as critical has been found in Byzoro S210 u ...)
NOT-FOR-US: Beijing Baichuo S210
CVE-2023-7038 (A vulnerability was found in automad up to 1.10.9. It has been rated a ...)
NOT-FOR-US: automad
@@ -28186,9 +28924,9 @@ CVE-2023-6579 (A vulnerability, which was classified as critical, has been found
NOT-FOR-US: osCommerce
CVE-2023-6578 (A vulnerability classified as critical has been found in Software AG W ...)
NOT-FOR-US: Software AG WebMethods
-CVE-2023-6577 (A vulnerability was found in Beijing Baichuo PatrolFlow 2530Pro up to ...)
+CVE-2023-6577 (A vulnerability was found in Byzoro PatrolFlow 2530Pro up to 20231126. ...)
NOT-FOR-US: Beijing Baichuo PatrolFlow 2530Pro
-CVE-2023-6576 (A vulnerability was found in Beijing Baichuo S210 up to 20231123. It h ...)
+CVE-2023-6576 (A vulnerability was found in Byzoro S210 up to 20231123. It has been d ...)
NOT-FOR-US: Beijing Baichuo S210
CVE-2023-6061 (Multiple components of Iconics SCADA Suite are prone to a Phantom DLL ...)
NOT-FOR-US: Iconics SCADA Suite
@@ -28231,9 +28969,9 @@ CVE-2023-45866 (Bluetooth HID Hosts in BlueZ may permit an unauthenticated Perip
NOTE: configuration options but defaulted to false.
CVE-2023-6588 (Offline mode is always enabled, even if permission disallows it, in D ...)
NOT-FOR-US: Devolutions Server
-CVE-2023-6575 (A vulnerability was found in Beijing Baichuo S210 up to 20231121. It h ...)
+CVE-2023-6575 (A vulnerability was found in Byzoro S210 up to 20231121. It has been c ...)
NOT-FOR-US: Beijing Baichuo S210
-CVE-2023-6574 (A vulnerability was found in Beijing Baichuo Smart S20 up to 20231120 ...)
+CVE-2023-6574 (A vulnerability was found in Byzoro Smart S20 up to 20231120 and class ...)
NOT-FOR-US: Beijing Baichuo Smart S20
CVE-2023-6333 (The affected ControlByWeb Relay products are vulnerable to a stored cr ...)
NOT-FOR-US: ControlByWeb Relay
@@ -30507,7 +31245,7 @@ CVE-2023-6276 (A vulnerability classified as critical has been found in Tongda O
NOT-FOR-US: Tongda OA
CVE-2023-6275 (A vulnerability was found in TOTVS Fluig Platform 1.6.x/1.7.x/1.8.0/1. ...)
NOT-FOR-US: TOTVS Fluig Platform
-CVE-2023-6274 (A vulnerability was found in Beijing Baichuo Smart S80 up to 20231108. ...)
+CVE-2023-6274 (A vulnerability was found in Byzoro Smart S80 up to 20231108. It has b ...)
NOT-FOR-US: Beijing Baichuo Smart S80
CVE-2023-6251 (Cross-site Request Forgery (CSRF) in Checkmk < 2.2.0p15, < 2.1.0p37, < ...)
- check-mk <removed>
@@ -32720,7 +33458,7 @@ CVE-2023-6084 (A vulnerability was found in Tongda OA 2017 up to 11.9 and classi
NOT-FOR-US: Tongda OA
CVE-2023-47037 (We failed to applyCVE-2023-40611 in 2.7.1 and this vulnerability was m ...)
- airflow <itp> (bug #819700)
-CVE-2023-5959 (A vulnerability, which was classified as problematic, was found in Bei ...)
+CVE-2023-5959 (A vulnerability, which was classified as problematic, was found in Byz ...)
NOT-FOR-US: Beijing Baichuo Smart S85F Management Platform V31R02B10-01
CVE-2023-47390 (Headscale through 0.22.3 writes bearer tokens to info-level logs.)
NOT-FOR-US: Headscale
@@ -36189,9 +36927,9 @@ CVE-2023-5349 (A memory leak flaw was found in ruby-magick, an interface between
[bullseye] - ruby-rmagick <no-dsa> (Minor issue)
NOTE: https://github.com/rmagick/rmagick/pull/1406
NOTE: https://github.com/rmagick/rmagick/commit/fec7a7e639ae565386f7615155dbcf49b957b64a (RMagick_5-3-0)
-CVE-2023-5684 (A vulnerability was found in Beijing Baichuo Smart S85F Management Pla ...)
+CVE-2023-5684 (A vulnerability was found in Byzoro Smart S85F Management Platform up ...)
NOT-FOR-US: Beijing Baichuo Smart S85F Management Platform
-CVE-2023-5683 (A vulnerability was found in Beijing Baichuo Smart S85F Management Pla ...)
+CVE-2023-5683 (A vulnerability was found in Byzoro Smart S85F Management Platform up ...)
NOT-FOR-US: Beijing Baichuo Smart S85F Management Platform
CVE-2023-5682 (A vulnerability has been found in Tongda OA 2017 and classified as cri ...)
NOT-FOR-US: Tongda OA
@@ -38161,19 +38899,19 @@ CVE-2023-5496 (A vulnerability was found in Translator PoqDev Add-On 1.0.11 on F
NOT-FOR-US: Translator PoqDev
CVE-2023-5495 (A vulnerability was found in QDocs Smart School 6.4.1. It has been cla ...)
NOT-FOR-US: QDocs Smart School
-CVE-2023-5494 (A vulnerability was found in Beijing Baichuo Smart S45F Multi-Service ...)
+CVE-2023-5494 (A vulnerability was found in Byzoro Smart S45F Multi-Service Secure Ga ...)
NOT-FOR-US: Beijing Baichuo Smart
-CVE-2023-5493 (A vulnerability has been found in Beijing Baichuo Smart S45F Multi-Ser ...)
+CVE-2023-5493 (A vulnerability has been found in Byzoro Smart S45F Multi-Service Secu ...)
NOT-FOR-US: Beijing Baichuo Smart
-CVE-2023-5492 (A vulnerability, which was classified as critical, was found in Beijin ...)
+CVE-2023-5492 (A vulnerability, which was classified as critical, was found in Byzoro ...)
NOT-FOR-US: Beijing Baichuo Smart
CVE-2023-5491 (A vulnerability, which was classified as critical, has been found in B ...)
NOT-FOR-US: Beijing Baichuo Smart
-CVE-2023-5490 (A vulnerability classified as critical was found in Beijing Baichuo Sm ...)
+CVE-2023-5490 (A vulnerability classified as critical was found in Byzoro Smart S45F ...)
NOT-FOR-US: Beijing Baichuo Smart
-CVE-2023-5489 (A vulnerability classified as critical has been found in Beijing Baich ...)
+CVE-2023-5489 (A vulnerability classified as critical has been found in Byzoro Smart ...)
NOT-FOR-US: Beijing Baichuo Smart
-CVE-2023-5488 (A vulnerability was found in Beijing Baichuo Smart S45F Multi-Service ...)
+CVE-2023-5488 (A vulnerability was found in Byzoro Smart S45F Multi-Service Secure Ga ...)
NOT-FOR-US: Beijing Baichuo Smart
CVE-2023-5450 (An insufficient verification of data vulnerability exists in BIG-IP Ed ...)
NOT-FOR-US: F5
@@ -43118,7 +43856,7 @@ CVE-2023-4877 (Exposure of Sensitive Information to an Unauthorized Actor in Git
NOT-FOR-US: hamza417/inure
CVE-2023-4876 (Exposure of Sensitive Information to an Unauthorized Actor in GitHub r ...)
NOT-FOR-US: hamza417/inure
-CVE-2023-4873 (A vulnerability, which was classified as critical, was found in Beijin ...)
+CVE-2023-4873 (A vulnerability, which was classified as critical, was found in Byzoro ...)
NOT-FOR-US: eijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform
CVE-2023-4872 (A vulnerability, which was classified as critical, has been found in S ...)
NOT-FOR-US: SourceCodester Contact Manager App
@@ -44008,7 +44746,7 @@ CVE-2023-4747 (A vulnerability classified as critical was found in DedeCMS 5.7.1
NOT-FOR-US: DedeCMS
CVE-2023-4746 (A vulnerability classified as critical has been found in TOTOLINK N200 ...)
NOT-FOR-US: TOTOLINK
-CVE-2023-4745 (A vulnerability was found in Beijing Baichuo Smart S45F Multi-Service ...)
+CVE-2023-4745 (A vulnerability was found in Byzoro Smart S45F Multi-Service Secure Ga ...)
NOT-FOR-US: Beijing Baichuo Smart S45F Multi-Service ecure Gateway Intelligent Management Platform
CVE-2023-4744 (A vulnerability was found in Tenda AC8 16.03.34.06_cn_TDC01. It has be ...)
NOT-FOR-US: Tenda
@@ -45313,11 +46051,11 @@ CVE-2023-4548 (A vulnerability classified as critical has been found in SPA-Cart
NOT-FOR-US: SPA-Cart eCommerce CMS
CVE-2023-4547 (A vulnerability was found in SPA-Cart eCommerce CMS 1.9.0.3. It has be ...)
NOT-FOR-US: SPA-Cart eCommerce CMS
-CVE-2023-4546 (A vulnerability was found in Beijing Baichuo Smart S85F Management Pla ...)
+CVE-2023-4546 (A vulnerability was found in Byzoro Smart S85F Management Platform up ...)
NOT-FOR-US: Beijing Baichuo Smart S85F Management Plattform
CVE-2023-4545 (A vulnerability was found in IBOS OA 4.5.5. It has been classified as ...)
NOT-FOR-US: IBOS OA
-CVE-2023-4544 (A vulnerability was found in Beijing Baichuo Smart S85F Management Pla ...)
+CVE-2023-4544 (A vulnerability was found in Byzoro Smart S85F Management Platform up ...)
NOT-FOR-US: Beijing Baichuo Smart S85F Management Platform
CVE-2023-4543 (A vulnerability was found in IBOS OA 4.5.5. It has been declared as cr ...)
NOT-FOR-US: IBOS OA
@@ -46209,7 +46947,7 @@ CVE-2023-4422 (Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-
NOT-FOR-US: Cockpit Content Platform (different from src:cockpit)
CVE-2023-4415 (A vulnerability was found in Ruijie RG-EW1200G 07161417 r483. It has b ...)
NOT-FOR-US: Ruijie
-CVE-2023-4414 (A vulnerability was found in Beijing Baichuo Smart S85F Management Pla ...)
+CVE-2023-4414 (A vulnerability was found in Byzoro Smart S85F Management Platform up ...)
NOT-FOR-US: Beijing Baichuo Smart S85F Management Platform
CVE-2023-4413
REJECTED
@@ -48453,9 +49191,9 @@ CVE-2023-4125 (Weak Password Requirements in GitHub repository answerdev/answer
NOT-FOR-US: answerdev/answer
CVE-2023-4124 (Missing Authorization in GitHub repository answerdev/answer prior to v ...)
NOT-FOR-US: answerdev/answer
-CVE-2023-4121 (A vulnerability was found in Beijing Baichuo Smart S85F Management Pla ...)
+CVE-2023-4121 (A vulnerability was found in Byzoro Smart S85F Management Platform up ...)
NOT-FOR-US: Beijing Baichuo Smart S85F Management Platform
-CVE-2023-4120 (A vulnerability was found in Beijing Baichuo Smart S85F Management Pla ...)
+CVE-2023-4120 (A vulnerability was found in Byzoro Smart S85F Management Platform up ...)
NOT-FOR-US: Beijing Baichuo Smart S85F Management Platform
CVE-2023-4119 (A vulnerability has been found in Academy LMS 6.0 and classified as pr ...)
NOT-FOR-US: Academy LMS
@@ -71735,10 +72473,10 @@ CVE-2023-1085
RESERVED
CVE-2023-1084 (An issue has been discovered in GitLab CE/EE affecting all versions be ...)
- gitlab 15.10.8+ds1-2
-CVE-2023-1083
- RESERVED
-CVE-2023-1082
- RESERVED
+CVE-2023-1083 (An unauthenticated remote attacker who is aware of aMQTT topic name c ...)
+ TODO: check
+CVE-2023-1082 (An remote attacker with low privileges can perform a command injection ...)
+ TODO: check
CVE-2023-27296 (Deserialization of Untrusted Data vulnerability in Apache Software Fou ...)
NOT-FOR-US: Apache InLong
CVE-2023-27295 (Cross-site request forgery is facilitated by OpenCATS failure to requi ...)
@@ -88192,8 +88930,8 @@ CVE-2022-47896 (In JetBrains IntelliJ IDEA before 2022.3.1 code Templates were v
- intellij-idea <itp> (bug #747616)
CVE-2022-47895 (In JetBrains IntelliJ IDEA before 2022.3.1 the "Validate JSP File" act ...)
- intellij-idea <itp> (bug #747616)
-CVE-2022-47894
- RESERVED
+CVE-2022-47894 (Improper Input Validation vulnerability in Apache Zeppelin SAP.This is ...)
+ TODO: check
CVE-2022-47893 (There is a remote code execution vulnerability that affects all versio ...)
NOT-FOR-US: NetMan 204
CVE-2022-47892 (All versions of NetMan 204 could allow an unauthenticated remote attac ...)
@@ -218625,8 +219363,8 @@ CVE-2021-28657 (A carefully crafted or corrupt file may trigger an infinite loop
[bullseye] - tika <no-dsa> (Minor issue)
[buster] - tika <no-dsa> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2021/03/30/3
-CVE-2021-28656
- RESERVED
+CVE-2021-28656 (Cross-Site Request Forgery (CSRF) vulnerability in Credential page of ...)
+ TODO: check
CVE-2021-28655 (The improper Input Validation vulnerability in "\u201dMove folder to T ...)
NOT-FOR-US: Apache Zeppelin
CVE-2021-28654
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/088a99ddbb26b4e070300e19841cb94a21f2d1ed
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/088a99ddbb26b4e070300e19841cb94a21f2d1ed
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240409/80e171ea/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list