[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Aug 6 09:12:35 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
152722eb by security tracker role at 2024-08-06T08:12:17+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,34 +1,116 @@
-CVE-2024-7547
+CVE-2024-7506 (A vulnerability has been found in itsourcecode Tailoring Management Sy ...)
+ TODO: check
+CVE-2024-7505 (A vulnerability, which was classified as critical, was found in itsour ...)
+ TODO: check
+CVE-2024-7500 (A vulnerability was found in itsourcecode Airline Reservation System 1 ...)
+ TODO: check
+CVE-2024-7499 (A vulnerability was found in itsourcecode Airline Reservation System 1 ...)
+ TODO: check
+CVE-2024-7498 (A vulnerability was found in itsourcecode Airline Reservation System 1 ...)
+ TODO: check
+CVE-2024-7497 (A vulnerability was found in itsourcecode Airline Reservation System 1 ...)
+ TODO: check
+CVE-2024-7496 (A vulnerability has been found in itsourcecode Airline Reservation Sys ...)
+ TODO: check
+CVE-2024-7495 (A vulnerability, which was classified as critical, was found in itsour ...)
+ TODO: check
+CVE-2024-7494 (A vulnerability, which was classified as critical, has been found in S ...)
+ TODO: check
+CVE-2024-7485 (The Traffic Manager plugin for WordPress is vulnerable to Stored Cross ...)
+ TODO: check
+CVE-2024-7484 (The CRM Perks Forms plugin for WordPress is vulnerable to arbitrary fi ...)
+ TODO: check
+CVE-2024-7084 (The Ajax Search Lite WordPress plugin before 4.12.1 does not sanitise ...)
+ TODO: check
+CVE-2024-7082 (The Easy Table of Contents WordPress plugin before 2.0.68 does not san ...)
+ TODO: check
+CVE-2024-7055 (A vulnerability was found in FFmpeg up to 7.0.1. It has been classifie ...)
+ TODO: check
+CVE-2024-7009 (Unsanitized user-input in Calibre <= 7.15.0 allow users with permissio ...)
+ TODO: check
+CVE-2024-7008 (Unsanitized user-input in Calibre <= 7.15.0 allow attackers to perform ...)
+ TODO: check
+CVE-2024-6886 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-6782 (Improper access control in Calibre 6.9.0 ~ 7.14.0 allow unauthenticate ...)
+ TODO: check
+CVE-2024-6781 (Path traversal in Calibre <= 7.14.0 allow unauthenticated attackers to ...)
+ TODO: check
+CVE-2024-6766 (The shortcodes-ultimate-pro WordPress plugin before 7.2.1 does not val ...)
+ TODO: check
+CVE-2024-6651 (The WordPress File Upload WordPress plugin before 4.24.8 does not sani ...)
+ TODO: check
+CVE-2024-6315 (The Blox Page Builder plugin for WordPress is vulnerable to arbitrary ...)
+ TODO: check
+CVE-2024-6203 (HaloITSM versions up to 2.146.1 are affected by a Password Reset Poiso ...)
+ TODO: check
+CVE-2024-6202 (HaloITSM versions up to 2.146.1 are affected by a SAML XML Signature W ...)
+ TODO: check
+CVE-2024-6201 (HaloITSM versions up to 2.146.1 are affected by a Template Injection v ...)
+ TODO: check
+CVE-2024-6200 (HaloITSM versions up to 2.146.1 are affected by a Stored Cross-Site Sc ...)
+ TODO: check
+CVE-2024-5963 (Unquoted Executable Path vulnerability in Hitachi Device Manager on Wi ...)
+ TODO: check
+CVE-2024-5828 (Expression Language Injection vulnerability in Hitachi Tuning Manager ...)
+ TODO: check
+CVE-2024-5709 (The WPBakery Visual Composer plugin for WordPress is vulnerable to Loc ...)
+ TODO: check
+CVE-2024-5708 (The WPBakery Visual Composer plugin for WordPress is vulnerable to Sto ...)
+ TODO: check
+CVE-2024-42352 (Nuxt is a free and open-source framework to create full-stack web appl ...)
+ TODO: check
+CVE-2024-41995 (Initialization of a resource with an insecure default vulnerability ex ...)
+ TODO: check
+CVE-2024-41820 (Kubean is a cluster lifecycle management toolchain based on kubespray ...)
+ TODO: check
+CVE-2024-41816 (Cooked is a recipe plugin for WordPress. The Cooked plugin for WordPre ...)
+ TODO: check
+CVE-2024-41811 (ipl/web is a set of common web components for php projects. Some of th ...)
+ TODO: check
+CVE-2024-39817 (Insertion of sensitive information into sent data issue exists in Cybo ...)
+ TODO: check
+CVE-2024-34344 (Nuxt is a free and open-source framework to create full-stack web appl ...)
+ TODO: check
+CVE-2024-34343 (Nuxt is a free and open-source framework to create full-stack web appl ...)
+ TODO: check
+CVE-2024-28962 (Dell Command | Update, Dell Update, and Alienware Update UWP, versions ...)
+ TODO: check
+CVE-2024-23657 (Nuxt is a free and open-source framework to create full-stack web appl ...)
+ TODO: check
+CVE-2023-5000 (The Horizontal scrolling announcements plugin for WordPress is vulnera ...)
+ TODO: check
+CVE-2024-7547 (oFono SMS Decoder Stack-based Buffer Overflow Privilege Escalation Vul ...)
- ofono <unfixed>
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-24-1087/
-CVE-2024-7546
+CVE-2024-7546 (oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulne ...)
- ofono <unfixed>
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-24-1086/
-CVE-2024-7545
+CVE-2024-7545 (oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulne ...)
- ofono <unfixed>
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-24-1085/
-CVE-2024-7544
+CVE-2024-7544 (oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulne ...)
- ofono <unfixed>
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-24-1084/
-CVE-2024-7543
+CVE-2024-7543 (oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulne ...)
- ofono <unfixed>
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-24-1083/
-CVE-2024-7542
+CVE-2024-7542 (oFono AT CMGR Command Uninitialized Variable Information Disclosure Vu ...)
- ofono <unfixed>
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-24-1082/
-CVE-2024-7541
+CVE-2024-7541 (oFono AT CMT Command Uninitialized Variable Information Disclosure Vul ...)
- ofono <unfixed>
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-24-1081/
-CVE-2024-7540
+CVE-2024-7540 (oFono AT CMGL Command Uninitialized Variable Information Disclosure Vu ...)
- ofono <unfixed>
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-24-1080/
-CVE-2024-7539
+CVE-2024-7539 (oFono CUSD Stack-based Buffer Overflow Code Execution Vulnerability. T ...)
- ofono <unfixed>
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-24-1079/
-CVE-2024-7538
+CVE-2024-7538 (oFono CUSD AT Command Stack-based Buffer Overflow Code Execution Vulne ...)
- ofono <unfixed>
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-24-1078/
-CVE-2024-7537
+CVE-2024-7537 (oFono QMI SMS Handling Out-Of-Bounds Read Information Disclosure Vulne ...)
- ofono <unfixed>
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-24-1077/
CVE-2024-7006 [NULL pointer dereference in tif_dirinfo.c]
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/152722ebf3673a5b036d37b7fd1d1b04e74c4f78
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/152722ebf3673a5b036d37b7fd1d1b04e74c4f78
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240806/7b2d44e6/attachment.htm>
More information about the debian-security-tracker-commits
mailing list