[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Apr 11 09:12:26 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6a813895 by security tracker role at 2024-04-11T08:12:13+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,111 @@
+CVE-2024-3652 (The Libreswan Project was notified of an issue causing libreswan to re ...)
+ TODO: check
+CVE-2024-3621 (A vulnerability was found in SourceCodester Kortex Lite Advocate Offic ...)
+ TODO: check
+CVE-2024-3620 (A vulnerability was found in SourceCodester Kortex Lite Advocate Offic ...)
+ TODO: check
+CVE-2024-3619 (A vulnerability has been found in SourceCodester Kortex Lite Advocate ...)
+ TODO: check
+CVE-2024-3618 (A vulnerability, which was classified as critical, was found in Source ...)
+ TODO: check
+CVE-2024-3617 (A vulnerability, which was classified as critical, has been found in S ...)
+ TODO: check
+CVE-2024-3616 (A vulnerability classified as problematic was found in SourceCodester ...)
+ TODO: check
+CVE-2024-3614 (A vulnerability classified as problematic has been found in SourceCode ...)
+ TODO: check
+CVE-2024-3613 (A vulnerability was found in SourceCodester Warehouse Management Syste ...)
+ TODO: check
+CVE-2024-3612 (A vulnerability was found in SourceCodester Warehouse Management Syste ...)
+ TODO: check
+CVE-2024-3285 (The Slider, Gallery, and Carousel by MetaSlider \u2013 Responsive Word ...)
+ TODO: check
+CVE-2024-32001 (SpiceDB is a graph database purpose-built for storing and evaluating a ...)
+ TODO: check
+CVE-2024-31999 (@festify/secure-session creates a secure stateless cookie session for ...)
+ TODO: check
+CVE-2024-31997 (XWiki Platform is a generic wiki platform. Prior to versions 4.10.19, ...)
+ TODO: check
+CVE-2024-31996 (XWiki Platform is a generic wiki platform. Starting in version 3.0.1 a ...)
+ TODO: check
+CVE-2024-31995 (`@digitalbazaar/zcap` provides JavaScript reference implementation for ...)
+ TODO: check
+CVE-2024-31988 (XWiki Platform is a generic wiki platform. Starting in version 13.9-rc ...)
+ TODO: check
+CVE-2024-31987 (XWiki Platform is a generic wiki platform. Starting in version 6.4-mil ...)
+ TODO: check
+CVE-2024-31986 (XWiki Platform is a generic wiki platform. Starting in version 3.1 and ...)
+ TODO: check
+CVE-2024-31985 (XWiki Platform is a generic wiki platform. Starting in version 3.1 and ...)
+ TODO: check
+CVE-2024-30917 (An issue was discovered in eProsima FastDDS v.2.14.0 and before, allow ...)
+ TODO: check
+CVE-2024-30916 (An issue was discovered in eProsima FastDDS v.2.14.0 and before, allow ...)
+ TODO: check
+CVE-2024-30915 (An issue was discovered in OpenDDS commit b1c534032bb62ad4ae32609778de ...)
+ TODO: check
+CVE-2024-30885 (Reflected Cross-Site Scripting (XSS) vulnerability in HadSky v7.6.3, a ...)
+ TODO: check
+CVE-2024-30884 (Reflected Cross-Site Scripting (XSS) vulnerability in Discuz! version ...)
+ TODO: check
+CVE-2024-30883 (Reflected Cross Site Scripting (XSS) vulnerability in RageFrame2 v2.6. ...)
+ TODO: check
+CVE-2024-30880 (Reflected Cross Site Scripting (XSS) vulnerability in RageFrame2 v2.6. ...)
+ TODO: check
+CVE-2024-30879 (Reflected Cross Site Scripting (XSS) vulnerability in RageFrame2 v2.6. ...)
+ TODO: check
+CVE-2024-30878 (A cross-site scripting (XSS) vulnerability in RageFrame2 v2.6.43, allo ...)
+ TODO: check
+CVE-2024-30728 (An issue was discovered in the default configurations of ROS (Robot Op ...)
+ TODO: check
+CVE-2024-2966 (The Element Pack Elementor Addons (Header Footer, Template Library, Dy ...)
+ TODO: check
+CVE-2024-29903 (Cosign provides code signing and transparency for containers and binar ...)
+ TODO: check
+CVE-2024-29902 (Cosign provides code signing and transparency for containers and binar ...)
+ TODO: check
+CVE-2024-29504 (Cross Site Scripting vulnerability in Summernote v.0.8.18 and before a ...)
+ TODO: check
+CVE-2024-29460 (An issue in PX4 Autopilot v.1.14.0 allows an attacker to manipulate th ...)
+ TODO: check
+CVE-2024-29455 (An arbitrary file upload vulnerability has been discovered in ROS2 Hum ...)
+ TODO: check
+CVE-2024-29452 (An insecure deserialization vulnerability has been identified in ROS2 ...)
+ TODO: check
+CVE-2024-29450 (An issue has been discovered in the permission and access control comp ...)
+ TODO: check
+CVE-2024-29449 (An issue was discovered in ROS2 Humble Hawksbill in ROS_VERSION 2 and ...)
+ TODO: check
+CVE-2024-29448 (A buffer overflow vulnerability has been discovered in the C++ compone ...)
+ TODO: check
+CVE-2024-29447 (An issue was discovered in the default configurations of ROS2 Humble H ...)
+ TODO: check
+CVE-2024-29445 (An issue was discovered in ROS2 (Robot Operating System 2) Humble Hawk ...)
+ TODO: check
+CVE-2024-29444 (An OS command injection vulnerability has been discovered in ROS2 (Rob ...)
+ TODO: check
+CVE-2024-29443 (A shell injection vulnerability was discovered in ROS2 (Robot Operatin ...)
+ TODO: check
+CVE-2024-29441 (An issue was discovered in ROS2 (Robot Operating System 2) Humble Hawk ...)
+ TODO: check
+CVE-2024-29439 (An unauthorized node injection vulnerability has been identified in RO ...)
+ TODO: check
+CVE-2024-29399 (An issue was discovered in GNU Savane v.3.13 and before, allows a remo ...)
+ TODO: check
+CVE-2024-29220 (Ninja Forms prior to 3.8.1 contains a cross-site scripting vulnerabili ...)
+ TODO: check
+CVE-2024-26362 (HTML injection vulnerability in Enpass Password Manager Desktop Client ...)
+ TODO: check
+CVE-2024-26019 (Ninja Forms prior to 3.8.1 contains a cross-site scripting vulnerabili ...)
+ TODO: check
+CVE-2024-25572 (Cross-site request forgery (CSRF) vulnerability exists in Ninja Forms ...)
+ TODO: check
+CVE-2024-21508 (Versions of the package mysql2 before 3.9.4 are vulnerable to Remote C ...)
+ TODO: check
+CVE-2023-6811 (The Language Translate Widget for WordPress \u2013 ConveyThis plugin f ...)
+ TODO: check
+CVE-2023-6257 (The Inline Related Posts WordPress plugin before 3.6.0 does not ensure ...)
+ TODO: check
CVE-2024-3570 (A stored Cross-Site Scripting (XSS) vulnerability exists in the chat f ...)
TODO: check
CVE-2024-3569 (A Denial of Service (DoS) vulnerability exists in the mintplex-labs/an ...)
@@ -46,7 +154,7 @@ CVE-2024-3098 (A vulnerability was identified in the `exec_utils` class of the `
TODO: check
CVE-2024-3025 (mintplex-labs/anything-llm is vulnerable to path traversal attacks due ...)
TODO: check
-CVE-2024-31984 (Starting in version 7.2-rc-1 and prior to versions 4.10.20, 15.5.4, an ...)
+CVE-2024-31984 (XWiki Platform is a generic wiki platform. Starting in version 7.2-rc- ...)
NOT-FOR-US: XWiki
CVE-2024-31983 (XWiki Platform is a generic wiki platform. In multilingual wikis, tran ...)
NOT-FOR-US: XWiki
@@ -14731,7 +14839,7 @@ CVE-2024-1669 (Out of bounds memory access in Blink in Google Chrome prior to 12
- chromium 122.0.6261.57-1
[bullseye] - chromium <end-of-life> (see #1061268)
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2024-1481 [specially crafted HTTP requests potentially lead to DoS or data exposure]
+CVE-2024-1481 (A flaw was found in FreeIPA. This issue may allow a remote attacker to ...)
{DLA-3773-1}
- freeipa <unfixed> (bug #1065106)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2262169
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a81389514b771b008d13a97e86ef2964cb54b60
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a81389514b771b008d13a97e86ef2964cb54b60
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240411/dcbbbeec/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list