[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Aug 16 21:13:19 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
65b85b64 by security tracker role at 2024-08-16T20:12:30+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,95 @@
+CVE-2024-7646 (A security issue was discovered in ingress-nginx where an actor with p ...)
+	TODO: check
+CVE-2024-7147 (The JetBlocks for Elementor plugin for WordPress is vulnerable to Stor ...)
+	TODO: check
+CVE-2024-7146 (The JetTabs for Elementor plugin for WordPress is vulnerable to Local  ...)
+	TODO: check
+CVE-2024-7145 (The JetElements plugin for WordPress is vulnerable to Local File Inclu ...)
+	TODO: check
+CVE-2024-7144 (The JetElements plugin for WordPress is vulnerable to Stored Cross-Sit ...)
+	TODO: check
+CVE-2024-7136 (The JetSearch plugin for WordPress is vulnerable to Stored Cross-Site  ...)
+	TODO: check
+CVE-2024-6098 (When performing an online tag generation to devices which communicate  ...)
+	TODO: check
+CVE-2024-6004 (A denial-of-service vulnerability was reported in some Lenovo printers ...)
+	TODO: check
+CVE-2024-5210 (A denial-of-service vulnerability was reported in some Lenovo printers ...)
+	TODO: check
+CVE-2024-5209 (A denial-of-service vulnerability was reported in some Lenovo printers ...)
+	TODO: check
+CVE-2024-4782 (A denial-of-service vulnerability was reported in some Lenovo printers ...)
+	TODO: check
+CVE-2024-4781 (A denial-of-service vulnerability was reported in some Lenovo printers ...)
+	TODO: check
+CVE-2024-4763 (An insecure driver vulnerability was reported inLenovo Display Control ...)
+	TODO: check
+CVE-2024-43810 (In JetBrains TeamCity before 2024.07.1 reflected XSS was possible in t ...)
+	TODO: check
+CVE-2024-43809 (In JetBrains TeamCity before 2024.07.1 reflected XSS was possible on t ...)
+	TODO: check
+CVE-2024-43808 (In JetBrains TeamCity before 2024.07.1 self XSS was possible in the Ha ...)
+	TODO: check
+CVE-2024-43807 (In JetBrains TeamCity before 2024.07.1 multiple stored XSS was possibl ...)
+	TODO: check
+CVE-2024-43472 (Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability)
+	TODO: check
+CVE-2024-43381 (reNgine is an automated reconnaissance framework for web applications. ...)
+	TODO: check
+CVE-2024-43042 (Pluck CMS 4.7.18 does not restrict failed login attempts, allowing att ...)
+	TODO: check
+CVE-2024-43011 (An arbitrary file deletion vulnerability exists in the admin/del.php f ...)
+	TODO: check
+CVE-2024-43009 (A reflected cross-site scripting (XSS) vulnerability exists in user/lo ...)
+	TODO: check
+CVE-2024-43006 (A stored cross-site scripting (XSS) vulnerability exists in ZZCMS2023  ...)
+	TODO: check
+CVE-2024-43005 (A reflected cross-site scripting (XSS) vulnerability in the component  ...)
+	TODO: check
+CVE-2024-42995 (VTiger CRM <= 8.1.0 does not correctly check user privileges. A low-pr ...)
+	TODO: check
+CVE-2024-42994 (VTiger CRM <= 8.1.0 does not properly sanitize user input before using ...)
+	TODO: check
+CVE-2024-42850 (An issue in the password change function of Silverpeas v6.4.2 and lowe ...)
+	TODO: check
+CVE-2024-42849 (An issue in Silverpeas v.6.4.2 and lower allows a remote attacker to c ...)
+	TODO: check
+CVE-2024-42758 (A Cross-site Scripting (XSS) vulnerability exists in version v2024-01- ...)
+	TODO: check
+CVE-2024-42639 (H3C GR1100-P v100R009 was discovered to use a hardcoded password in /e ...)
+	TODO: check
+CVE-2024-42638 (H3C Magic B1ST v100R012 was discovered to contain a hardcoded password ...)
+	TODO: check
+CVE-2024-42637 (H3C R3010 v100R002L02 was discovered to contain a hardcoded password v ...)
+	TODO: check
+CVE-2024-42634 (A Command Injection vulnerability exists in formWriteFacMac of the htt ...)
+	TODO: check
+CVE-2024-42486 (Cilium is a networking, observability, and security solution with an e ...)
+	TODO: check
+CVE-2024-42466 (Improper Restriction of Excessive Authentication Attempts vulnerabilit ...)
+	TODO: check
+CVE-2024-42465 (Improper Restriction of Excessive Authentication Attempts vulnerabilit ...)
+	TODO: check
+CVE-2024-42464 (Authorization Bypass Through User-Controlled Key vulnerability in upKe ...)
+	TODO: check
+CVE-2024-42463 (Authorization Bypass Through User-Controlled Key vulnerability in upKe ...)
+	TODO: check
+CVE-2024-42462 (Improper Authentication vulnerability in upKeeper Solutions product up ...)
+	TODO: check
+CVE-2024-2175 (An insecure permissions vulnerability was reported inLenovo Display Co ...)
+	TODO: check
+CVE-2024-25837 (A stored cross-site scripting (XSS) vulnerability in October CMS Blogh ...)
+	TODO: check
+CVE-2024-25008 (Ericsson RAN Compute and Site Controller 6610 contains a vulnerability ...)
+	TODO: check
+CVE-2023-5888
+	REJECTED
+CVE-2023-47728 (IBM QRadar Suite Software 1.10.12.0 through 1.10.22.0 and IBM Cloud Pa ...)
+	TODO: check
+CVE-2023-3207
+	REJECTED
+CVE-2023-2920
+	REJECTED
 CVE-2024-7868 (In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream ...)
 	TODO: check
 CVE-2024-7853 (A vulnerability was found in SourceCodester Yoga Class Registration Sy ...)
@@ -132513,7 +132605,7 @@ CVE-2022-4407 (Cross-site Scripting (XSS) - Reflected in GitHub repository thors
 CVE-2022-4406
 	RESERVED
 CVE-2022-4405
-	RESERVED
+	REJECTED
 CVE-2022-4404
 	RESERVED
 CVE-2022-4403 (A vulnerability classified as critical was found in SourceCodester Can ...)
@@ -173919,8 +174011,8 @@ CVE-2022-33164 (IBM Security Directory Server 7.2.0 could allow a remote attacke
 	NOT-FOR-US: IBM
 CVE-2022-33163 (IBM Security Directory Suite VA 8.0.1 specifies permissions for a secu ...)
 	NOT-FOR-US: IBM
-CVE-2022-33162
-	RESERVED
+CVE-2022-33162 (IBM Security Directory Integrator 7.2.0 and Security Verify Directory  ...)
+	TODO: check
 CVE-2022-33161 (IBM Security Directory Server 6.4.0 could allow a remote attacker to o ...)
 	NOT-FOR-US: IBM
 CVE-2022-33160 (IBM Security Directory Suite 8.0.1 uses weaker than expected cryptogra ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/65b85b64d5d0425f170dd7ebd2f2024b52d162e0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/65b85b64d5d0425f170dd7ebd2f2024b52d162e0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240816/470c6175/attachment.htm>

More information about the debian-security-tracker-commits mailing list