[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Jan 13 08:11:55 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
796ce6a2 by security tracker role at 2024-01-13T08:11:42+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,103 @@
+CVE-2024-23301 (Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable init ...)
+	TODO: check
+CVE-2024-22209 (Open edX Platform is a service-oriented platform for authoring and del ...)
+	TODO: check
+CVE-2024-22206 (Clerk helps developers build user management. Unauthorized access or p ...)
+	TODO: check
+CVE-2024-22142 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+	TODO: check
+CVE-2024-22137 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+	TODO: check
+CVE-2024-21655 (Discourse is a platform for community discussion. For fields that are  ...)
+	TODO: check
+CVE-2024-21654 (Rubygems.org is the Ruby community's gem hosting service. Rubygems.org ...)
+	TODO: check
+CVE-2024-21640 (Chromium Embedded Framework (CEF) is a simple framework for embedding  ...)
+	TODO: check
+CVE-2024-21639 (CEF (Chromium Embedded Framework ) is a simple framework for embedding ...)
+	TODO: check
+CVE-2024-0480 (A vulnerability was found in Taokeyun up to 1.0.5. It has been declare ...)
+	TODO: check
+CVE-2024-0479 (A vulnerability was found in Taokeyun up to 1.0.5. It has been classif ...)
+	TODO: check
+CVE-2024-0478 (A vulnerability was found in code-projects Fighting Cock Information S ...)
+	TODO: check
+CVE-2024-0477 (A vulnerability has been found in code-projects Fighting Cock Informat ...)
+	TODO: check
+CVE-2024-0476 (A vulnerability, which was classified as problematic, was found in Blo ...)
+	TODO: check
+CVE-2024-0475 (A vulnerability, which was classified as critical, has been found in c ...)
+	TODO: check
+CVE-2024-0474 (A vulnerability classified as critical was found in code-projects Dorm ...)
+	TODO: check
+CVE-2024-0473 (A vulnerability classified as critical has been found in code-projects ...)
+	TODO: check
+CVE-2024-0472 (A vulnerability was found in code-projects Dormitory Management System ...)
+	TODO: check
+CVE-2024-0471 (A vulnerability was found in code-projects Human Resource Integrated S ...)
+	TODO: check
+CVE-2024-0470 (A vulnerability was found in code-projects Human Resource Integrated S ...)
+	TODO: check
+CVE-2024-0469 (A vulnerability was found in code-projects Human Resource Integrated S ...)
+	TODO: check
+CVE-2024-0468 (A vulnerability has been found in code-projects Fighting Cock Informat ...)
+	TODO: check
+CVE-2024-0251 (The Advanced Woo Search plugin for WordPress is vulnerable to Reflecte ...)
+	TODO: check
+CVE-2024-0230 (A session management issue was addressed with improved checks. This is ...)
+	TODO: check
+CVE-2023-52289 (An issue was discovered in the flaskcode package through 0.0.8 for Pyt ...)
+	TODO: check
+CVE-2023-52288 (An issue was discovered in the flaskcode package through 0.0.8 for Pyt ...)
+	TODO: check
+CVE-2023-51805 (SQL Injection vulnerability in TDuckCLoud tduck-platform v.4.0 allows  ...)
+	TODO: check
+CVE-2023-51804 (An issue in rymcu forest v.0.02 allows a remote attacker to obtain sen ...)
+	TODO: check
+CVE-2023-51698 (Atril is a simple multi-page document viewer. Atril is vulnerable to a ...)
+	TODO: check
+CVE-2023-51071 (An access control issue in QStar Archive Solutions Release RELEASE_3-0 ...)
+	TODO: check
+CVE-2023-51070 (An access control issue in QStar Archive Solutions Release RELEASE_3-0 ...)
+	TODO: check
+CVE-2023-51068 (An authenticated reflected cross-site scripting (XSS) vulnerability in ...)
+	TODO: check
+CVE-2023-51067 (An unauthenticated reflected cross-site scripting (XSS) vulnerability  ...)
+	TODO: check
+CVE-2023-51066 (An authenticated remote code execution vulnerability in QStar Archive  ...)
+	TODO: check
+CVE-2023-51065 (Incorrect access control in QStar Archive Solutions Release RELEASE_3- ...)
+	TODO: check
+CVE-2023-51064 (QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 was discov ...)
+	TODO: check
+CVE-2023-51063 (QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 was discov ...)
+	TODO: check
+CVE-2023-51062 (An unauthenticated log file read in the component log-smblog-save of Q ...)
+	TODO: check
+CVE-2023-50072 (A Stored Cross-Site Scripting (XSS) vulnerability exists in OpenKM ver ...)
+	TODO: check
+CVE-2023-49801 (Lif Auth Server is a server for validating logins, managing informatio ...)
+	TODO: check
+CVE-2023-49647 (Improper access control in Zoom Desktop Client for Windows, Zoom VDI C ...)
+	TODO: check
+CVE-2023-49099 (Discourse is a platform for community discussion. Under very specific  ...)
+	TODO: check
+CVE-2023-49098 (Discourse-reactions is a plugin that allows user to add their reaction ...)
+	TODO: check
+CVE-2023-48297 (Discourse is a platform for community discussion. The message serializ ...)
+	TODO: check
+CVE-2023-48166 (A directory traversal vulnerability in the SOAP Server integrated in A ...)
+	TODO: check
+CVE-2023-46943 (An issue was discovered in NPM's package @evershop/evershop before ver ...)
+	TODO: check
+CVE-2023-46942 (Lack of authentication in NPM's package @evershop/evershop before vers ...)
+	TODO: check
+CVE-2023-42463 (Wazuh is a free and open source platform used for threat prevention, d ...)
+	TODO: check
+CVE-2023-33472 (An issue was discovered in Scada-LTS v2.7.5.2 build 4551883606 and bef ...)
+	TODO: check
+CVE-2022-4962 (A vulnerability was found in Apollo 2.0.0/2.0.1 and classified as prob ...)
+	TODO: check
 CVE-2023-50290
 	- lucene-solr <not-affected> (Vulnerable code not yet present)
 CVE-2023-46749



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/796ce6a2780382d7113301260b118797c3ee618c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/796ce6a2780382d7113301260b118797c3ee618c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240113/cefad394/attachment.htm>

More information about the debian-security-tracker-commits mailing list