[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Aug 22 21:14:14 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2042b8e1 by security tracker role at 2024-08-22T20:12:47+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,103 @@
+CVE-2024-8088 (There is a HIGH severity vulnerability affecting the CPython "zipfile" ...)
+	TODO: check
+CVE-2024-8077 (A vulnerability was found in TOTOLINK AC1200 T8 4.1.5cu.862_B20230228. ...)
+	TODO: check
+CVE-2024-8076 (A vulnerability was found in TOTOLINK AC1200 T8 4.1.5cu.862_B20230228  ...)
+	TODO: check
+CVE-2024-8075 (A vulnerability has been found in TOTOLINK AC1200 T8 4.1.5cu.862_B2023 ...)
+	TODO: check
+CVE-2024-8041 (A Denial of Service (DoS) issue has been discovered in GitLab CE/EE af ...)
+	TODO: check
+CVE-2024-7848 (The User Private Files \u2013 WordPress File Sharing Plugin plugin for ...)
+	TODO: check
+CVE-2024-7778 (The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Store ...)
+	TODO: check
+CVE-2024-7634 (NGINX Agent's "config_dirs" restriction feature allows a highly privil ...)
+	TODO: check
+CVE-2024-7110 (An issue was discovered in GitLab EE affecting all versions starting 1 ...)
+	TODO: check
+CVE-2024-6870 (The Responsive Lightbox & Gallery plugin for WordPress is vulnerable t ...)
+	TODO: check
+CVE-2024-6502 (An issue was discovered in GitLab CE/EE affecting all versions startin ...)
+	TODO: check
+CVE-2024-45201 (An issue was discovered in llama_index before 0.10.38. download/integr ...)
+	TODO: check
+CVE-2024-45193 (An issue was discovered in Matrix libolm (aka Olm) through 3.2.16. The ...)
+	TODO: check
+CVE-2024-45192 (An issue was discovered in Matrix libolm (aka Olm) through 3.2.16. Cac ...)
+	TODO: check
+CVE-2024-45191 (An issue was discovered in Matrix libolm (aka Olm) through 3.2.16. The ...)
+	TODO: check
+CVE-2024-43787 (Hono is a Web application framework that provides support for any Java ...)
+	TODO: check
+CVE-2024-43785 (gitoxide An idiomatic, lean, fast & safe pure Rust implementation of G ...)
+	TODO: check
+CVE-2024-43780 (Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.0, 9.8.x <= 9 ...)
+	TODO: check
+CVE-2024-43398 (REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS ...)
+	TODO: check
+CVE-2024-43331 (Missing Authorization vulnerability in VeronaLabs WP SMS.This issue af ...)
+	TODO: check
+CVE-2024-42776 (Kashipara Hotel Management System v1.0 is vulnerable to Incorrect Acce ...)
+	TODO: check
+CVE-2024-42775 (An Incorrect Access Control vulnerability was found in /admin/add_room ...)
+	TODO: check
+CVE-2024-42774 (An Incorrect Access Control vulnerability was found in /admin/delete_r ...)
+	TODO: check
+CVE-2024-42773 (An Incorrect Access Control vulnerability was found in /admin/edit_roo ...)
+	TODO: check
+CVE-2024-42772 (An Incorrect Access Control vulnerability was found in /admin/rooms.ph ...)
+	TODO: check
+CVE-2024-42771 (A Stored Cross Site Scripting (XSS) vulnerability was found in " /admi ...)
+	TODO: check
+CVE-2024-42770 (A Stored Cross Site Scripting (XSS) vulnerability was found in "/core/ ...)
+	TODO: check
+CVE-2024-42769 (A Reflected Cross Site Scripting (XSS) vulnerability was found in "/co ...)
+	TODO: check
+CVE-2024-42768 (A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipa ...)
+	TODO: check
+CVE-2024-42767 (Kashipara Hotel Management System v1.0 is vulnerable to Unrestricted F ...)
+	TODO: check
+CVE-2024-42599 (SeaCMS 13.0 has a remote code execution vulnerability. The reason for  ...)
+	TODO: check
+CVE-2024-42497 (Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.x <= 9.10.0,  ...)
+	TODO: check
+CVE-2024-42490 (authentik is an open-source Identity Provider. Several API endpoints c ...)
+	TODO: check
+CVE-2024-42418 (Avtec Outpost uses a default cryptographic key that can be used to dec ...)
+	TODO: check
+CVE-2024-40884 (Mattermost versions 9.5.x <= 9.5.7, 9.10.x <= 9.10.0 fail to properly  ...)
+	TODO: check
+CVE-2024-3127 (An issue has been discovered in GitLab EE affecting all versions start ...)
+	TODO: check
+CVE-2024-39776 (Avtec Outpost stores sensitive information in an insecure location wit ...)
+	TODO: check
+CVE-2024-39746 (IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 could  ...)
+	TODO: check
+CVE-2024-39745 (IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 uses w ...)
+	TODO: check
+CVE-2024-39744 (IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 is vul ...)
+	TODO: check
+CVE-2024-39717 (The Versa Director GUI provides an option to customize the look and fe ...)
+	TODO: check
+CVE-2024-36445 (Swissphone DiCal-RED 4009 devices allow a remote attacker to gain a ro ...)
+	TODO: check
+CVE-2024-36444 (cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an ...)
+	TODO: check
+CVE-2024-36443 (Swissphone DiCal-RED 4009 devices allow a remote attacker to gain read ...)
+	TODO: check
+CVE-2024-36442 (cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an ...)
+	TODO: check
+CVE-2024-36441 (Swissphone DiCal-RED 4009 devices allow an unauthenticated attacker us ...)
+	TODO: check
+CVE-2024-36440 (An issue was discovered on Swissphone DiCal-RED 4009 devices. An attac ...)
+	TODO: check
+CVE-2024-36439 (Swissphone DiCal-RED 4009 devices allow a remote attacker to gain acce ...)
+	TODO: check
+CVE-2024-35151 (IBM OpenPages with Watson 8.3 and 9.0 could allow authenticated users  ...)
+	TODO: check
+CVE-2023-6452 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+	TODO: check
 CVE-2024-8072 (Mage AI allows remote unauthenticated attackers to leak the terminal s ...)
 	NOT-FOR-US: Mage AI
 CVE-2024-8071 (Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.x <= 9.10.0 a ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2042b8e156cfd26c1e8faf7bdb46b4b535ca6ae1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2042b8e156cfd26c1e8faf7bdb46b4b535ca6ae1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240822/22ca4a9c/attachment.htm>

More information about the debian-security-tracker-commits mailing list