[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Apr 12 21:12:28 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4567ee24 by security tracker role at 2024-04-12T20:12:15+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,194 @@
-CVE-2024-31391
+CVE-2024-3707 (Information exposure vulnerability in OpenGnsys affecting version 1.1. ...)
+ TODO: check
+CVE-2024-3706 (Information exposure vulnerability in OpenGnsys affecting version 1.1. ...)
+ TODO: check
+CVE-2024-3705 (Unrestricted file upload vulnerability in OpenGnsys affecting version ...)
+ TODO: check
+CVE-2024-3704 (SQL Injection Vulnerability has been found on OpenGnsys product affect ...)
+ TODO: check
+CVE-2024-3698 (A vulnerability was found in Campcodes House Rental Management System ...)
+ TODO: check
+CVE-2024-3697 (A vulnerability was found in Campcodes House Rental Management System ...)
+ TODO: check
+CVE-2024-3696 (A vulnerability was found in Campcodes House Rental Management System ...)
+ TODO: check
+CVE-2024-3695 (A vulnerability has been found in SourceCodester Computer Laboratory M ...)
+ TODO: check
+CVE-2024-3691 (A vulnerability, which was classified as critical, has been found in P ...)
+ TODO: check
+CVE-2024-3690 (A vulnerability classified as critical was found in PHPGurukul Small C ...)
+ TODO: check
+CVE-2024-3689 (A vulnerability classified as problematic has been found in Zhejiang L ...)
+ TODO: check
+CVE-2024-3688 (A vulnerability was found in Xiamen Four-Faith RMP Router Management P ...)
+ TODO: check
+CVE-2024-3687 (A vulnerability was found in bihell Dice 3.1.0 and classified as probl ...)
+ TODO: check
+CVE-2024-3686 (A vulnerability has been found in DedeCMS 5.7.112-UTF8 and classified ...)
+ TODO: check
+CVE-2024-3685 (A vulnerability, which was classified as critical, was found in DedeCM ...)
+ TODO: check
+CVE-2024-3211 (The Shopping Cart & eCommerce Store plugin for WordPress is vulnerable ...)
+ TODO: check
+CVE-2024-3054 (WPvivid Backup & Migration Plugin for WordPress is vulnerable to PHAR ...)
+ TODO: check
+CVE-2024-32000 (matrix-appservice-irc is a Node.js IRC bridge for the Matrix messaging ...)
+ TODO: check
+CVE-2024-31839 (Cross Site Scripting vulnerability in tiagorlampert CHAOS v.5.0.1 allo ...)
+ TODO: check
+CVE-2024-31818 (Directory Traversal vulnerability in DerbyNet v.9.0 allows a remote at ...)
+ TODO: check
+CVE-2024-31372 (Cross-Site Request Forgery (CSRF) vulnerability in Arnan de Gans No-Bo ...)
+ TODO: check
+CVE-2024-31371 (Cross-Site Request Forgery (CSRF) vulnerability in Xylus Themes WP Eve ...)
+ TODO: check
+CVE-2024-31364 (Cross-Site Request Forgery (CSRF) vulnerability in ELEXtensions ELEX W ...)
+ TODO: check
+CVE-2024-31363 (Cross-Site Request Forgery (CSRF) vulnerability in LifterLMS.This issu ...)
+ TODO: check
+CVE-2024-31362 (Cross-Site Request Forgery (CSRF) vulnerability in Metagauss ProfileGr ...)
+ TODO: check
+CVE-2024-31360 (Cross-Site Request Forgery (CSRF) vulnerability in Coded Commerce, LLC ...)
+ TODO: check
+CVE-2024-31354 (Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Slideshow ...)
+ TODO: check
+CVE-2024-31305 (Cross-Site Request Forgery (CSRF) vulnerability in rtCamp Transcoder.T ...)
+ TODO: check
+CVE-2024-31303 (Cross-Site Request Forgery (CSRF) vulnerability in Fetch Designs Sign- ...)
+ TODO: check
+CVE-2024-31301 (Cross-Site Request Forgery (CSRF) vulnerability in Themeisle Multiple ...)
+ TODO: check
+CVE-2024-31293 (Cross-Site Request Forgery (CSRF) vulnerability in Easy Digital Downlo ...)
+ TODO: check
+CVE-2024-31289 (Cross-Site Request Forgery (CSRF) vulnerability in Elementor Hello Ele ...)
+ TODO: check
+CVE-2024-31279 (Cross-Site Request Forgery (CSRF) vulnerability in Catch Plugins Gener ...)
+ TODO: check
+CVE-2024-31272 (Cross-Site Request Forgery (CSRF) vulnerability in Repute InfoSystems ...)
+ TODO: check
+CVE-2024-31271 (Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Ultimate ...)
+ TODO: check
+CVE-2024-31269 (Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Easy Goog ...)
+ TODO: check
+CVE-2024-31268 (Cross-Site Request Forgery (CSRF) vulnerability in AppPresser Team App ...)
+ TODO: check
+CVE-2024-31265 (Cross-Site Request Forgery (CSRF) vulnerability in SumoMe Sumo.This is ...)
+ TODO: check
+CVE-2024-31264 (Unauthenticated Cross Site Request Forgery (CSRF) in Post Views Counte ...)
+ TODO: check
+CVE-2024-31263 (Cross-Site Request Forgery (CSRF) vulnerability in aerin Loan Repaymen ...)
+ TODO: check
+CVE-2024-31262 (Cross-Site Request Forgery (CSRF) vulnerability in Jcodex WooCommerce ...)
+ TODO: check
+CVE-2024-31251 (Cross-Site Request Forgery (CSRF) vulnerability in PeepSo Community by ...)
+ TODO: check
+CVE-2024-31250 (Cross-Site Request Forgery (CSRF) vulnerability in Saumya Majumder WP ...)
+ TODO: check
+CVE-2024-31239 (Cross-Site Request Forgery (CSRF) vulnerability in Nudgify Nudgify Soc ...)
+ TODO: check
+CVE-2024-31238 (Cross-Site Request Forgery (CSRF) vulnerability in Zaytech Smart Onlin ...)
+ TODO: check
+CVE-2024-31235 (Cross-Site Request Forgery (CSRF) vulnerability in WebToffee WordPress ...)
+ TODO: check
+CVE-2024-31069 (IO-1020 Micro ELD web server uses a default password for authenticatio ...)
+ TODO: check
+CVE-2024-30845 (Cross Site Scripting vulnerability in Rainbow external link network di ...)
+ TODO: check
+CVE-2024-30410 (An Incorrect Behavior Order in the routing engine (RE) of Juniper Netw ...)
+ TODO: check
+CVE-2024-30409 (An Improper Check for Unusual or Exceptional Conditions vulnerability ...)
+ TODO: check
+CVE-2024-30407 (The Use of a Hard-coded Cryptographic Key vulnerability in Juniper Net ...)
+ TODO: check
+CVE-2024-30406 (A Cleartext Storage in a File on Disk vulnerability in Juniper Network ...)
+ TODO: check
+CVE-2024-30405 (An Incorrect Calculation of Buffer Size vulnerability in Juniper Netwo ...)
+ TODO: check
+CVE-2024-30403 (A NULL Pointer Dereference vulnerability in the Packet Forwarding Engi ...)
+ TODO: check
+CVE-2024-30402 (An Improper Check for Unusual or Exceptional Conditions vulnerability ...)
+ TODO: check
+CVE-2024-30401 (An Out-of-bounds Read vulnerability in the advanced forwarding managem ...)
+ TODO: check
+CVE-2024-30398 (An Improper Restriction of Operations within the Bounds of a Memory Bu ...)
+ TODO: check
+CVE-2024-30397 (An Improper Check for Unusual or Exceptional Conditions vulnerability ...)
+ TODO: check
+CVE-2024-30395 (AnImproper Validation of Specified Type of Input vulnerability in Rout ...)
+ TODO: check
+CVE-2024-30394 (AStack-based Buffer Overflow vulnerability in the Routing Protocol Dae ...)
+ TODO: check
+CVE-2024-30392 (A Stack-based Buffer Overflow vulnerability in Flow Processing Daemon ...)
+ TODO: check
+CVE-2024-30391 (A Missing Authentication for Critical Function vulnerability in the Pa ...)
+ TODO: check
+CVE-2024-30390 (An Improper Restriction of Excessive Authentication Attempts vulnerabi ...)
+ TODO: check
+CVE-2024-30389 (An Incorrect Behavior Order vulnerability in the Packet Forwarding Eng ...)
+ TODO: check
+CVE-2024-30388 (An Improper Isolation or Compartmentalization vulnerability in the Pac ...)
+ TODO: check
+CVE-2024-30387 (AMissing Synchronization vulnerability in the Packet Forwarding Engine ...)
+ TODO: check
+CVE-2024-30386 (A Use-After-Free vulnerability in theLayer 2 Address Learning Daemon ( ...)
+ TODO: check
+CVE-2024-30384 (An Improper Check for Unusual or Exceptional Conditions vulnerability ...)
+ TODO: check
+CVE-2024-30382 (An Improper Handling of Exceptional Conditions vulnerability in the ro ...)
+ TODO: check
+CVE-2024-30381 (An Exposure of Sensitive Information to an Unauthorized Actor vulnerab ...)
+ TODO: check
+CVE-2024-30210 (IO-1020 Micro ELD uses a default WIFI password that could allow an adj ...)
+ TODO: check
+CVE-2024-2397 (Due to a bug in packet data buffers management, the PPP printer in tcp ...)
+ TODO: check
+CVE-2024-29461 (An issue in Floodlight SDN OpenFlow Controller v.1.2 allows a remote a ...)
+ TODO: check
+CVE-2024-28878 (IO-1020 Micro ELD downloads source code or an executable from an adja ...)
+ TODO: check
+CVE-2024-28718 (An issue in OpenStack magnum yoga-eom version allows a remote attacker ...)
+ TODO: check
+CVE-2024-27261 (IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.2 could al ...)
+ TODO: check
+CVE-2024-25545 (An issue in Weave Weave Desktop v.7.78.10 allows a local attacker to e ...)
+ TODO: check
+CVE-2024-22359 (IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, ...)
+ TODO: check
+CVE-2024-22358 (IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, ...)
+ TODO: check
+CVE-2024-22339 (IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, ...)
+ TODO: check
+CVE-2024-22334 (IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, ...)
+ TODO: check
+CVE-2024-21618 (An Access of Memory Location After End of Buffer vulnerability in the ...)
+ TODO: check
+CVE-2024-21615 (An Incorrect Default Permissions vulnerability in Juniper Networks Jun ...)
+ TODO: check
+CVE-2024-21610 (An Improper Handling of Exceptional Conditions vulnerability in the Cl ...)
+ TODO: check
+CVE-2024-21609 (A Missing Release of Memory after Effective Lifetime vulnerability in ...)
+ TODO: check
+CVE-2024-21605 (An Exposure of Resource to Wrong Sphere vulnerability in the Packet Fo ...)
+ TODO: check
+CVE-2024-21598 (An Improper Validation of Syntactic Correctness of Input vulnerability ...)
+ TODO: check
+CVE-2024-21593 (An Improper Check or Handling of Exceptional Conditions vulnerability ...)
+ TODO: check
+CVE-2024-21590 (An Improper Input Validation vulnerability in Juniper Tunnel Driver (j ...)
+ TODO: check
+CVE-2024-0157 (Dell Storage Resource Manager, 4.9.0.0 and below, contain(s) a Session ...)
+ TODO: check
+CVE-2023-52211 (Missing Authorization vulnerability in Automattic WP Job Manager.This ...)
+ TODO: check
+CVE-2023-51515 (Missing Authorization vulnerability in Undsgn Uncode Core allows Privi ...)
+ TODO: check
+CVE-2023-51499 (Missing Authorization vulnerability in WooCommerce WooCommerce Shippin ...)
+ TODO: check
+CVE-2023-51409 (Unrestricted Upload of File with Dangerous Type vulnerability in Jordy ...)
+ TODO: check
+CVE-2023-47714 (IBM Sterling File Gateway 6.0.0.0 through 6.0.3.9, 6.1.0.0 through 6.1 ...)
+ TODO: check
+CVE-2024-31391 (Insertion of Sensitive Information into Log File vulnerability in the ...)
NOT-FOR-US: Apache Solr Operator
CVE-2024-3625
NOT-FOR-US: mirror-registry for Quay
@@ -114810,8 +115000,8 @@ CVE-2022-40215 (Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnera
NOT-FOR-US: WordPress plugin
CVE-2022-40213 (Multiple Authenticated (contributor+) Stored Cross-Site Scripting (XSS ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-40211
- RESERVED
+CVE-2022-40211 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
CVE-2022-40206 (Insecure direct object references (IDOR) vulnerability in the wpForo F ...)
NOT-FOR-US: WordPress plugin
CVE-2022-40205 (Insecure direct object references (IDOR) vulnerability in the wpForo F ...)
@@ -303662,8 +303852,8 @@ CVE-2020-8008
RESERVED
CVE-2020-8007
RESERVED
-CVE-2020-8006
- RESERVED
+CVE-2020-8006 (The server in Circontrol Raption through 5.11.2 has a pre-authenticati ...)
+ TODO: check
CVE-2020-8005
RESERVED
CVE-2020-8004 (STMicroelectronics STM32F1 devices have Incorrect Access Control.)
@@ -575990,7 +576180,7 @@ CVE-2013-4408 (Heap-based buffer overflow in the dcerpc_read_ncacn_packet_done f
- samba 2:4.0.13+dfsg-1
- samba4 <removed>
[wheezy] - samba4 4.0.0~beta2+dfsg1-3.2+deb7u1
-CVE-2013-4407 (HTTP::Body::Multipart in the HTTP-Body 1.08, 1.17, and earlier module ...)
+CVE-2013-4407 (HTTP::Body::Multipart in the HTTP-Body module for Perl (1.07 through 1 ...)
{DSA-2801-1}
- libhttp-body-perl 1.17-2 (bug #721634)
[squeeze] - libhttp-body-perl <not-affected> (Vulnerable code introduced in 1.08)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4567ee24144e7e0caa190d3aecf797cf210db202
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4567ee24144e7e0caa190d3aecf797cf210db202
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240412/1c93e742/attachment.htm>
More information about the debian-security-tracker-commits
mailing list