[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Dec 24 08:12:39 GMT 2024



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
50043887 by security tracker role at 2024-12-24T08:12:33+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,51 @@
+CVE-2024-9427 (A vulnerability in Koji was found. An unsanitized input allows for an  ...)
+	TODO: check
+CVE-2024-53961 (ColdFusion versions 2023.11, 2021.17 and earlier are affected by an Im ...)
+	TODO: check
+CVE-2024-47515 (A vulnerability was found in Pagure. Support of symbolic links during  ...)
+	TODO: check
+CVE-2024-41887 (Team ENVY, a Security Research TEAM has found a flaw that allows for a ...)
+	TODO: check
+CVE-2024-41886 (Team ENVY, a Security Research TEAM has found a flaw that allows for a ...)
+	TODO: check
+CVE-2024-41885 (Team ENVY, a Security Research TEAM has found a flaw that allows for a ...)
+	TODO: check
+CVE-2024-41884 (Team ENVY, a Security Research TEAM has found a flaw that allows for a ...)
+	TODO: check
+CVE-2024-41883 (Team ENVY, a Security Research TEAM has found a flaw that allows for a ...)
+	TODO: check
+CVE-2024-41882 (Team ENVY, a Security Research TEAM has found a flaw that allows for a ...)
+	TODO: check
+CVE-2024-12814 (The Loan Comparison plugin for WordPress is vulnerable to Stored Cross ...)
+	TODO: check
+CVE-2024-12710 (The WP-Appbox plugin for WordPress is vulnerable to Reflected Cross-Si ...)
+	TODO: check
+CVE-2024-12622 (The WordPress Simple Shopping Cart plugin for WordPress is vulnerable  ...)
+	TODO: check
+CVE-2024-12617 (The WC Price History for Omnibus plugin for WordPress is vulnerable to ...)
+	TODO: check
+CVE-2024-12594 (The Custom Login Page Styler \u2013 Login Protected Private Site , Cha ...)
+	TODO: check
+CVE-2024-12518 (The ShMapper by Teplitsa plugin for WordPress is vulnerable to Stored  ...)
+	TODO: check
+CVE-2024-12507 (The Optio Dentistry plugin for WordPress is vulnerable to Stored Cross ...)
+	TODO: check
+CVE-2024-12405 (The Export Customers Data plugin for WordPress is vulnerable to Reflec ...)
+	TODO: check
+CVE-2024-12266 (The ELEX WooCommerce Dynamic Pricing and Discounts plugin for WordPres ...)
+	TODO: check
+CVE-2024-12210 (The Print Invoice & Delivery Notes for WooCommerce plugin for WordPres ...)
+	TODO: check
+CVE-2024-12100 (The Bitcoin Lightning Publisher for WordPress plugin for WordPress is  ...)
+	TODO: check
+CVE-2024-12096 (The Exhibit to WP Gallery WordPress plugin through 0.0.2 does not sani ...)
+	TODO: check
+CVE-2024-12034 (The Advanced Google reCAPTCHA plugin for WordPress is vulnerable to IP ...)
+	TODO: check
+CVE-2024-11885 (The NinjaTeam Chat for Telegram plugin for WordPress is vulnerable to  ...)
+	TODO: check
+CVE-2018-25106 (A vulnerability, which was classified as critical, has been found in w ...)
+	TODO: check
 CVE-2024-56364 (SimpleXLSX is software for parsing and retrieving data from Excel XLSx ...)
 	NOT-FOR-US: SimpleXLSX
 CVE-2024-56363 (APTRS (Automated Penetration Testing Reporting System) is a Python and ...)
@@ -141,7 +189,7 @@ CVE-2024-10797 (The Full Screen Menu for Elementor plugin for WordPress is vulne
 	NOT-FOR-US: WordPress plugin
 CVE-2024-10453 (The Elementor Website Builder \u2013 More than Just a Page Builder plu ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2024-12582
+CVE-2024-12582 (A flaw was found in the skupper console,  a read-only interface that r ...)
 	NOT-FOR-US: Skupper
 CVE-2024-56359 (grist-core is a spreadsheet hosting server. A user visiting a maliciou ...)
 	NOT-FOR-US: grist-core
@@ -2251,6 +2299,7 @@ CVE-2024-55657 (SiYuan is a personal knowledge management system. Prior to versi
 CVE-2024-55652 (PenDoc is a penetration testing reporting application. Prior to commit ...)
 	NOT-FOR-US: PenDoc
 CVE-2024-54534 (The issue was addressed with improved memory handling. This issue is f ...)
+	{DSA-5792-1}
 	- webkit2gtk 2.46.0-1
 	- wpewebkit 2.46.0-1
 	[bookworm] - wpewebkit <ignored> (wpewebkit not covered by security support in Bookworm)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/500438874558efd096918e4732d5a42710d196bb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/500438874558efd096918e4732d5a42710d196bb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241224/1fac3df9/attachment.htm>


More information about the debian-security-tracker-commits mailing list