[Git][security-tracker-team/security-tracker][master] automatic update

Sat Aug 17 09:12:50 BST 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9a7bd72b by security tracker role at 2024-08-17T08:12:23+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,25 @@
+CVE-2024-7886 (A vulnerability has been found in Scooter Software Beyond Compare up t ...)
+	TODO: check
+CVE-2024-6500 (The InPost for WooCommerce plugin and InPost PL plugin for WordPress a ...)
+	TODO: check
+CVE-2024-6459 (The News Element Elementor Blog Magazine WordPress plugin before 1.0.6 ...)
+	TODO: check
+CVE-2024-43395 (CraftOS-PC 2 is a rewrite of the desktop port of CraftOS from the popu ...)
+	TODO: check
+CVE-2023-4730 (The LadiApp plugn for WordPress is vulnerable to unauthorized modifica ...)
+	TODO: check
+CVE-2023-4717
+	REJECTED
+CVE-2023-4604 (The Slideshow, Image Slider by 2J plugin for WordPress is vulnerable t ...)
+	TODO: check
+CVE-2023-4507 (The Admission AppManager plugin for WordPress is vulnerable to Reflect ...)
+	TODO: check
+CVE-2023-4027 (The Radio Player plugin for WordPress is vulnerable to unauthorized mo ...)
+	TODO: check
+CVE-2023-4025 (The Radio Player plugin for WordPress is vulnerable to unauthorized mo ...)
+	TODO: check
+CVE-2023-4024 (The Radio Player plugin for WordPress is vulnerable to unauthorized mo ...)
+	TODO: check
 CVE-2024-7885
 	- undertow <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2305290
@@ -106956,8 +106978,8 @@ CVE-2023-1605 (Denial of Service in GitHub repository radareorg/radare2 prior to
 	- radare2 5.9.0+dfsg-1 (bug #1034180)
 	NOTE: https://huntr.dev/bounties/9dddcf5b-7dd4-46cc-abf9-172dce20bab2
 	NOTE: https://github.com/radareorg/radare2/commit/508a6307045441defd1bef0999a1f7052097613f
-CVE-2023-1604
-	RESERVED
+CVE-2023-1604 (The Short URL plugin for WordPress is vulnerable to Cross-Site Request ...)
+	TODO: check
 CVE-2023-1603 (Permission bypass when importing or synchronizing entriesin User vault ...)
 	NOT-FOR-US: Devolutions
 CVE-2023-1602 (The Short URL plugin for WordPress is vulnerable to stored Cross-Site  ...)
@@ -130772,8 +130794,8 @@ CVE-2022-4534
 	RESERVED
 CVE-2022-4533
 	RESERVED
-CVE-2022-4532
-	RESERVED
+CVE-2022-4532 (The LOGIN AND REGISTRATION ATTEMPTS LIMIT plugin for WordPress is vuln ...)
+	TODO: check
 CVE-2022-4531
 	REJECTED
 CVE-2022-4530
@@ -180421,8 +180443,8 @@ CVE-2022-1753 (A vulnerability, which was classified as critical, was found in W
 	NOT-FOR-US: WoWonder
 CVE-2022-1752 (Unrestricted Upload of File with Dangerous Type in GitHub repository p ...)
 	NOT-FOR-US: Trudesk
-CVE-2022-1751
-	RESERVED
+CVE-2022-1751 (The Skitter Slideshow plugin for WordPress is vulnerable to Server-Sid ...)
+	TODO: check
 CVE-2022-1750 (The Sticky Popup plugin for WordPress is vulnerable to Stored Cross-Si ...)
 	NOT-FOR-US: Sticky Popup plugin for WordPress
 CVE-2022-1749 (The WPMK Ajax Finder WordPress plugin is vulnerable to Cross-Site Requ ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9a7bd72baf77cff6bf4cf005cebe9bb85b23f49c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9a7bd72baf77cff6bf4cf005cebe9bb85b23f49c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240817/213406fb/attachment.htm>
