[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jul 2 09:12:09 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1faa5f9c by security tracker role at 2024-07-02T08:11:50+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,111 @@
+CVE-2024-6172 (The Email Subscribers by Icegram Express \u2013 Email Marketing, Newsl ...)
+ TODO: check
+CVE-2024-5938 (The Boot Store theme for WordPress is vulnerable to Stored Cross-Site ...)
+ TODO: check
+CVE-2024-5767 (The sitetweet WordPress plugin through 0.2 does not have CSRF check in ...)
+ TODO: check
+CVE-2024-5606 (The Quiz and Survey Master (QSM) WordPress plugin before 9.0.2 is vul ...)
+ TODO: check
+CVE-2024-5545 (The Motors \u2013 Car Dealer, Classifieds & Listing plugin for WordPre ...)
+ TODO: check
+CVE-2024-5544 (The Media Library Assistant plugin for WordPress is vulnerable to Refl ...)
+ TODO: check
+CVE-2024-5504 (The Rife Elementor Extensions & Templates plugin for WordPress is vuln ...)
+ TODO: check
+CVE-2024-5419 (The Void Contact Form 7 Widget For Elementor Page Builder plugin for W ...)
+ TODO: check
+CVE-2024-5349 (The LA-Studio Element Kit for Elementor plugin for WordPress is vulner ...)
+ TODO: check
+CVE-2024-5322 (The N-central server is vulnerable to session rebinding of already aut ...)
+ TODO: check
+CVE-2024-5219 (The Easy Google Maps plugin for WordPress is vulnerable to Stored Cros ...)
+ TODO: check
+CVE-2024-4679 (Incorrect Default Permissions vulnerability in Hitachi JP1/Extensible ...)
+ TODO: check
+CVE-2024-4627 (The Rank Math SEO WordPress plugin before 1.0.219 does not sanitise a ...)
+ TODO: check
+CVE-2024-3999 (The EazyDocs WordPress plugin before 2.5.0 does not sanitise and esca ...)
+ TODO: check
+CVE-2024-3513 (The Ultimate Blocks \u2013 WordPress Blocks Plugin plugin for WordPres ...)
+ TODO: check
+CVE-2024-39314 (toy-blog is a headless content management system implementation. Start ...)
+ TODO: check
+CVE-2024-39313 (toy-blog is a headless content management system implementation. Start ...)
+ TODO: check
+CVE-2024-39310 (The Basil recipe theme for WordPress is vulnerable to Persistent Cross ...)
+ TODO: check
+CVE-2024-39309 (Parse Server is an open source backend that can be deployed to any inf ...)
+ TODO: check
+CVE-2024-39305 (Envoy is a cloud-native, open source edge and service proxy. Prior to ...)
+ TODO: check
+CVE-2024-38368 (trunk.cocoapods.org is the authentication server for the CoacoaPods de ...)
+ TODO: check
+CVE-2024-38367 (trunk.cocoapods.org is the authentication server for the CoacoaPods de ...)
+ TODO: check
+CVE-2024-38366 (trunk.cocoapods.org is the authentication server for the CoacoaPods de ...)
+ TODO: check
+CVE-2024-37765 (Machform up to version 19 is affected by an authenticated Blind SQL in ...)
+ TODO: check
+CVE-2024-37764 (MachForm up to version 19 is affected by an authenticated stored cross ...)
+ TODO: check
+CVE-2024-37763 (MachForm up to version 19 is affected by an unauthenticated stored cro ...)
+ TODO: check
+CVE-2024-37762 (MachForm up to version 21 is affected by an authenticated unrestricted ...)
+ TODO: check
+CVE-2024-37479 (Local File Inclusion vulnerability in LA-Studio LA-Studio Element Kit ...)
+ TODO: check
+CVE-2024-37134 (Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an impr ...)
+ TODO: check
+CVE-2024-37133 (Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an impr ...)
+ TODO: check
+CVE-2024-37132 (Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an inco ...)
+ TODO: check
+CVE-2024-37126 (Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an impr ...)
+ TODO: check
+CVE-2024-32854 (Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an impr ...)
+ TODO: check
+CVE-2024-32853 (Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.2 contain an exec ...)
+ TODO: check
+CVE-2024-32852 (Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.0 contain use of ...)
+ TODO: check
+CVE-2024-32230 (FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a negative-size- ...)
+ TODO: check
+CVE-2024-32229 (FFmpeg 7.0 contains a heap-buffer-overflow at libavfilter/vf_tiltandsh ...)
+ TODO: check
+CVE-2024-32228 (FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a SEGV at libavc ...)
+ TODO: check
+CVE-2024-2819 (Incorrect Default Permissions, Improper Preservation of Permissions vu ...)
+ TODO: check
+CVE-2024-28200 (The N-central server is vulnerable to an authentication bypass of the ...)
+ TODO: check
+CVE-2024-23737 (Cross Site Request Forgery (CSRF) vulnerability in savignano S/Notify ...)
+ TODO: check
+CVE-2024-23736 (Cross Site Request Forgery (CSRF) vulnerability in savignano S/Notify ...)
+ TODO: check
+CVE-2024-1427 (The The Post Grid \u2013 Shortcode, Gutenberg Blocks and Elementor Add ...)
+ TODO: check
+CVE-2024-0158 (Dell BIOS contains an improper input validation vulnerability. A local ...)
+ TODO: check
+CVE-2023-41928 (The device is observed to accept deprecated TLS protocols, increasing ...)
+ TODO: check
+CVE-2023-41927 (The server supports at least one cipher suite which is on the NCSC-NL ...)
+ TODO: check
+CVE-2023-41926 (The webserver utilizes basic authentication for its user login to the ...)
+ TODO: check
+CVE-2023-41923 (The user management section of the web application permits the creatio ...)
+ TODO: check
+CVE-2023-41922 (A 'Cross-site Scripting' (XSS) vulnerability, characterized by imprope ...)
+ TODO: check
+CVE-2023-41921 (A vulnerability allows attackers to download source code or an executa ...)
+ TODO: check
+CVE-2023-41920 (The vulnerability allows attackers access to the root account without ...)
+ TODO: check
+CVE-2023-41919 (Hardcoded credentials are discovered within the application's source c ...)
+ TODO: check
+CVE-2023-41918 (A vulnerability allows unauthorized access to functionality inadequate ...)
+ TODO: check
+CVE-2023-41917 (Inadequate input validation exposes the system to potential remote cod ...)
+ TODO: check
CVE-2024-6425 (Incorrect Provision of Specified Functionality vulnerability in MESboo ...)
NOT-FOR-US: MESbook
CVE-2024-6424 (External server-side request vulnerability in MESbook 20221021.03 vers ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1faa5f9c5ff674f8ea1aae177fe25628331bb743
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1faa5f9c5ff674f8ea1aae177fe25628331bb743
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240702/9e8a5b30/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list