[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Aug 27 09:12:11 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e3778099 by security tracker role at 2024-08-27T08:11:47+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,89 @@
+CVE-2024-8046 (The Logo Showcase Ultimate \u2013 Logo Carousel, Logo Slider & Logo Gr ...)
+	TODO: check
+CVE-2024-7989
+	REJECTED
+CVE-2024-7608 (An authenticated user can download sensitive files from Trellix produc ...)
+	TODO: check
+CVE-2024-7304 (The Ninja Tables \u2013 Easiest Data Table Builder plugin for WordPres ...)
+	TODO: check
+CVE-2024-7125 (Authentication Bypass vulnerability in Hitachi Ops Center Common Servi ...)
+	TODO: check
+CVE-2024-6804 (The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cro ...)
+	TODO: check
+CVE-2024-6688 (The Oxygen Builder plugin for WordPress is vulnerable to unauthorized  ...)
+	TODO: check
+CVE-2024-45321 (The App::cpanminus package through 1.7047 for Perl downloads code via  ...)
+	TODO: check
+CVE-2024-45036 (Tophat is a mobile applications testing harness. An Improper Access Co ...)
+	TODO: check
+CVE-2024-43916 (Authorization Bypass Through User-Controlled Key vulnerability in Dyla ...)
+	TODO: check
+CVE-2024-43915 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-43798 (Chisel is a fast TCP/UDP tunnel, transported over HTTP, secured via SS ...)
+	TODO: check
+CVE-2024-43356 (Cross-Site Request Forgery (CSRF) vulnerability in bobbingwide.This is ...)
+	TODO: check
+CVE-2024-43340 (Cross-Site Request Forgery (CSRF) vulnerability in Nasirahmed Advanced ...)
+	TODO: check
+CVE-2024-43339 (Cross-Site Request Forgery (CSRF) vulnerability in WebinarPress allows ...)
+	TODO: check
+CVE-2024-43337 (Cross-Site Request Forgery (CSRF) vulnerability in Brave Brave Popup B ...)
+	TODO: check
+CVE-2024-43336 (Cross-Site Request Forgery (CSRF) vulnerability in WP User Manager.Thi ...)
+	TODO: check
+CVE-2024-43325 (Cross-Site Request Forgery (CSRF) vulnerability in Naiche Dark Mode fo ...)
+	TODO: check
+CVE-2024-43316 (Cross-Site Request Forgery (CSRF) vulnerability in Checkout Plugins St ...)
+	TODO: check
+CVE-2024-43301 (Cross-Site Request Forgery (CSRF) vulnerability in Fonts Plugin Fonts  ...)
+	TODO: check
+CVE-2024-43299 (Cross-Site Request Forgery (CSRF) vulnerability in Softaculous Team Sp ...)
+	TODO: check
+CVE-2024-43295 (Cross-Site Request Forgery (CSRF) vulnerability in Passionate Programm ...)
+	TODO: check
+CVE-2024-43287 (Cross-Site Request Forgery (CSRF) vulnerability in Brevo Newsletter, S ...)
+	TODO: check
+CVE-2024-43269 (Cross-Site Request Forgery (CSRF) vulnerability in WPBackItUp Backup a ...)
+	TODO: check
+CVE-2024-43265 (Cross-Site Request Forgery (CSRF) vulnerability in Analytify.This issu ...)
+	TODO: check
+CVE-2024-43264 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
+	TODO: check
+CVE-2024-43259 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
+	TODO: check
+CVE-2024-43258 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
+	TODO: check
+CVE-2024-43257 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
+	TODO: check
+CVE-2024-43255 (Cross-Site Request Forgery (CSRF) vulnerability in Stormhill Media MyB ...)
+	TODO: check
+CVE-2024-43251 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
+	TODO: check
+CVE-2024-43230 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
+	TODO: check
+CVE-2024-43214 (Missing Authorization vulnerability in myCred.This issue affects myCre ...)
+	TODO: check
+CVE-2024-43117 (Cross-Site Request Forgery (CSRF) vulnerability in WPMU DEV Hummingbir ...)
+	TODO: check
+CVE-2024-43116 (Cross-Site Request Forgery (CSRF) vulnerability in 10up Simple Local A ...)
+	TODO: check
+CVE-2024-41176 (The MPD package included in TwinCAT/BSDallows an authenticated, low-pr ...)
+	TODO: check
+CVE-2024-41175 (The IPC-Diagnostics package included in TwinCAT/BSD is vulnerable to a ...)
+	TODO: check
+CVE-2024-41174 (The IPC-Diagnostics package in TwinCAT/BSD is susceptible to improper  ...)
+	TODO: check
+CVE-2024-41173 (The IPC-Diagnostics package included in TwinCAT/BSD is vulnerable to a ...)
+	TODO: check
+CVE-2024-39657 (Cross-Site Request Forgery (CSRF) vulnerability in Sender Sender \u201 ...)
+	TODO: check
+CVE-2024-39645 (Cross-Site Request Forgery (CSRF) vulnerability in Themeum Tutor LMS.T ...)
+	TODO: check
+CVE-2024-39641 (Cross-Site Request Forgery (CSRF) vulnerability in ThimPress LearnPres ...)
+	TODO: check
+CVE-2024-39628 (Cross-Site Request Forgery (CSRF) vulnerability in Saturday Drive Ninj ...)
+	TODO: check
 CVE-2024-8188
 	REJECTED
 CVE-2024-8174 (A vulnerability has been found in code-projects Blood Bank System 1.0  ...)
@@ -1561,7 +1647,7 @@ CVE-2024-6379 (An URL redirection to untrusted site (open redirect) vulnerabilit
 	NOT-FOR-US: 3DSwymer
 CVE-2024-6378 (A reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA  ...)
 	NOT-FOR-US: ENOVIA
-CVE-2024-6377 (A reflected Cross-site Scripting (XSS) vulnerability affecting 3DSwyme ...)
+CVE-2024-6377 (An URL redirection to untrusted site (open redirect) vulnerability aff ...)
 	NOT-FOR-US: 3DEXPERIENCE
 CVE-2024-6337 (An Incorrect Authorization vulnerability was identified in GitHub Ente ...)
 	NOT-FOR-US: GitHub Enterprise Server
@@ -3029,7 +3115,7 @@ CVE-2024-6533 (Directus v10.13.0 allows an authenticated external attacker to ex
 	NOT-FOR-US: Directus
 CVE-2024-43368 (The Trix editor, versions prior to 2.1.4, is vulnerable to XSS when pa ...)
 	NOT-FOR-US: Trix editor
-CVE-2024-43275 (Cross-Site Request Forgery (CSRF) vulnerability in Xyzscripts Insert P ...)
+CVE-2024-43275 (Cross-Site Request Forgery (CSRF) vulnerability in xyzscripts.Com Inse ...)
 	NOT-FOR-US: Xyzscripts Insert PHP Code Snippet
 CVE-2024-42353 (WebOb provides objects for HTTP requests and responses. When WebOb nor ...)
 	- python-webob <unfixed> (bug #1078879)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e377809920752e912c2a60b8e2ce4d4dce364de8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e377809920752e912c2a60b8e2ce4d4dce364de8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240827/48762a22/attachment.htm>

More information about the debian-security-tracker-commits mailing list