[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Jul 3 09:12:31 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d704235b by security tracker role at 2024-07-03T08:12:12+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,47 @@
+CVE-2024-6453 (A vulnerability was found in itsourcecode Farm Management System 1.0.  ...)
+	TODO: check
+CVE-2024-6340 (The Premium Addons for Elementor plugin for WordPress is vulnerable to ...)
+	TODO: check
+CVE-2024-6263 (The WP Lightbox 2 plugin for WordPress is vulnerable to Stored Cross-S ...)
+	TODO: check
+CVE-2024-4708 (mySCADA myPRO   uses a hard-coded password which could allow an attack ...)
+	TODO: check
+CVE-2024-4543 (The Snippet Shortcodes plugin for WordPress is vulnerable to Cross-Sit ...)
+	TODO: check
+CVE-2024-4482 (The The Plus Addons for Elementor \u2013 Elementor Addons, Page Templa ...)
+	TODO: check
+CVE-2024-39920 (The TCP protocol in RFC 9293 has a timing side channel that makes it e ...)
+	TODO: check
+CVE-2024-39326 (SkillTree is a micro-learning gamification platform. Prior to version  ...)
+	TODO: check
+CVE-2024-39325 (aimeos/ai-controller-frontend is the  Aimeos frontend controller. Prio ...)
+	TODO: check
+CVE-2024-39324 (aimeos/ai-admin-graphql is the Aimeos GraphQL API admin interface. Sta ...)
+	TODO: check
+CVE-2024-39322 (aimeos/ai-admin-jsonadm is the Aimeos e-commerce JSON API for administ ...)
+	TODO: check
+CVE-2024-38453 (The Avalara for Salesforce CPQ app before 7.0 for Salesforce allows at ...)
+	TODO: check
+CVE-2024-37082 (Security check loophole in HAProxy release (in combination with routin ...)
+	TODO: check
+CVE-2024-32673 (Improper Validation of Array Index vulnerability in Samsung Open Sourc ...)
+	TODO: check
+CVE-2024-2376 (The WPQA Builder WordPress plugin before 6.1.1 does not have CSRF chec ...)
+	TODO: check
+CVE-2024-2375 (The WPQA Builder WordPress plugin before 6.1.1 does not sanitise and e ...)
+	TODO: check
+CVE-2024-2235 (The Himer WordPress theme before 2.1.1 does not have CSRF checks in so ...)
+	TODO: check
+CVE-2024-2234 (The Himer WordPress theme before 2.1.1 does not sanitise and escape so ...)
+	TODO: check
+CVE-2024-2233 (The Himer WordPress theme before 2.1.1 does not have CSRF checks in so ...)
+	TODO: check
+CVE-2024-2231 (The  allows any authenticated user to join a private group due to a mi ...)
+	TODO: check
+CVE-2024-2040 (The Himer WordPress theme before 2.1.1 does not have CSRF checks in so ...)
+	TODO: check
+CVE-2024-24791 (The net/http HTTP/1.1 client mishandled the case where a server respon ...)
+	TODO: check
 CVE-2024-6452 (A vulnerability classified as critical was found in linlinjava litemal ...)
 	TODO: check
 CVE-2024-6441 (A vulnerability was found in ORIPA up to 1.72. It has been declared as ...)
@@ -501,7 +545,7 @@ CVE-2024-36387 (Serving WebSocket protocol upgrades over a HTTP/2 connection cou
 	- apache2 2.4.60-1
 	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-36387
 	NOTE: https://github.com/apache/httpd/commit/c69a51bff8157e403121f8436d85dde21ad28bd2
-CVE-2024-6387 (A signal handler race condition was found in OpenSSH's server (sshd),  ...)
+CVE-2024-6387 (A security regression (CVE-2006-5051) was discovered in OpenSSH's serv ...)
 	{DSA-5724-1}
 	- openssh 1:9.7p1-7
 	[bullseye] - openssh <not-affected> (Vulnerable code introduced later)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d704235bcb3ecab9836d6cb2c119b61090ceee6a

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d704235bcb3ecab9836d6cb2c119b61090ceee6a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240703/3c3aeb04/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list