[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Jul 22 09:12:21 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
48097ea6 by security tracker role at 2024-07-22T08:11:37+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,105 @@
+CVE-2024-6970 (A vulnerability classified as critical has been found in itsourcecode  ...)
+	TODO: check
+CVE-2024-6969 (A vulnerability was found in SourceCodester Clinics Patient Management ...)
+	TODO: check
+CVE-2024-6968 (A vulnerability was found in SourceCodester Clinics Patient Management ...)
+	TODO: check
+CVE-2024-6967 (A vulnerability was found in SourceCodester Employee and Visitor Gate  ...)
+	TODO: check
+CVE-2024-6966 (A vulnerability was found in itsourcecode Online Blood Bank Management ...)
+	TODO: check
+CVE-2024-6965 (A vulnerability has been found in Tenda O3 1.0.0.10 and classified as  ...)
+	TODO: check
+CVE-2024-6964 (A vulnerability, which was classified as critical, was found in Tenda  ...)
+	TODO: check
+CVE-2024-6963 (A vulnerability, which was classified as critical, has been found in T ...)
+	TODO: check
+CVE-2024-6962 (A vulnerability classified as critical was found in Tenda O3 1.0.0.10. ...)
+	TODO: check
+CVE-2024-6961 (RAIL documents are an XML-based format invented by Guardrails AI to en ...)
+	TODO: check
+CVE-2024-6960 (The H2O machine learning platform uses "Iced" classes as the primary m ...)
+	TODO: check
+CVE-2024-6958 (A vulnerability classified as critical was found in itsourcecode Unive ...)
+	TODO: check
+CVE-2024-6957 (A vulnerability classified as critical has been found in itsourcecode  ...)
+	TODO: check
+CVE-2024-6956 (A vulnerability was found in itsourcecode University Management System ...)
+	TODO: check
+CVE-2024-6955 (A vulnerability was found in SourceCodester Record Management System 1 ...)
+	TODO: check
+CVE-2024-6954 (A vulnerability was found in SourceCodester Record Management System 1 ...)
+	TODO: check
+CVE-2024-6953 (A vulnerability was found in itsourcecode Tailoring Management System  ...)
+	TODO: check
+CVE-2024-6952 (A vulnerability has been found in itsourcecode University Management S ...)
+	TODO: check
+CVE-2024-6951 (A vulnerability, which was classified as critical, was found in Source ...)
+	TODO: check
+CVE-2024-6950 (A vulnerability, which was classified as critical, has been found in P ...)
+	TODO: check
+CVE-2024-6949 (A vulnerability classified as problematic was found in Gargaj wuhu up  ...)
+	TODO: check
+CVE-2024-6948 (A vulnerability classified as critical has been found in Gargaj wuhu u ...)
+	TODO: check
+CVE-2024-6947 (A vulnerability was found in Flute CMS 0.2.2.4-alpha. It has been rate ...)
+	TODO: check
+CVE-2024-6946 (A vulnerability was found in Flute CMS 0.2.2.4-alpha. It has been decl ...)
+	TODO: check
+CVE-2024-6271 (The Community Events WordPress plugin before 1.5 does not have CSRF ch ...)
+	TODO: check
+CVE-2024-6244 (The PZ Frontend Manager WordPress plugin before 1.0.6 does not have CS ...)
+	TODO: check
+CVE-2024-6243 (The HTML Forms  WordPress plugin before 1.3.33 does not sanitize and e ...)
+	TODO: check
+CVE-2024-5973 (The MasterStudy LMS WordPress Plugin  WordPress plugin before 3.3.24 d ...)
+	TODO: check
+CVE-2024-5529 (The WP QuickLaTeX WordPress plugin before 3.8.8 does not sanitise and  ...)
+	TODO: check
+CVE-2024-5004 (The CM Popup Plugin for WordPress  WordPress plugin before 1.6.6 does  ...)
+	TODO: check
+CVE-2024-41709 (Backdrop CMS before 1.27.3 and 1.28.x before 1.28.2 does not sufficien ...)
+	TODO: check
+CVE-2024-41704 (LibreChat through 0.7.4-rc1 does not validate the normalized pathnames ...)
+	TODO: check
+CVE-2024-41703 (LibreChat through 0.7.4-rc1 has incorrect access control for message u ...)
+	TODO: check
+CVE-2024-40430 (In SFTPGO 2.6.2, the JWT implementation lacks cerrtain security measur ...)
+	TODO: check
+CVE-2024-38786 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-38785 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-38784 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-38782 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-38781 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-37485 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-37480 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-37466 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-37465 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-37461 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-37460 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-37459 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-37457 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-37449 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-37447 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-37446 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-37391 (ProtonVPN before 3.2.10 on Windows mishandles the drive installer path ...)
+	TODO: check
 CVE-2024-6945 (A vulnerability was found in Flute CMS 0.2.2.4-alpha. It has been clas ...)
 	NOT-FOR-US: Flute CMS
 CVE-2024-6944 (A vulnerability was found in ZhongBangKeJi CRMEB up to 5.4.0 and class ...)
@@ -856,6 +958,7 @@ CVE-2023-7010 (Use after free in WebRTC in Google Chrome prior to 117.0.5938.62
 	{DSA-5499-1}
 	- chromium 117.0.5938.62-1
 CVE-2023-4860 (Inappropriate implementation in Skia in Google Chrome prior to 115.0.5 ...)
+	{DSA-5456-1}
 	- chromium 115.0.5790.98-1
 CVE-2020-36765 (Insufficient policy enforcement in Navigation in Google Chrome prior t ...)
 	{DSA-4824-1}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/48097ea6152f9ddc6aa91cb576d28172fe8d6458

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/48097ea6152f9ddc6aa91cb576d28172fe8d6458
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240722/32535c0f/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list