[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Mar 13 20:12:12 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a18b60e5 by security tracker role at 2024-03-13T20:11:58+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,383 @@
+CVE-2024-2433 (An improper authorization vulnerability in Palo Alto Networks Panorama ...)
+ TODO: check
+CVE-2024-2432 (A privilege escalation (PE) vulnerability in the Palo Alto Networks Gl ...)
+ TODO: check
+CVE-2024-2431 (An issue in the Palo Alto Networks GlobalProtect app enables a non-pri ...)
+ TODO: check
+CVE-2024-2418 (A vulnerability was found in SourceCodester Best POS Management System ...)
+ TODO: check
+CVE-2024-2416 (Cross-Site Request Forgery vulnerability in Movistar's 4G router affec ...)
+ TODO: check
+CVE-2024-2415 (Command injection vulnerability in Movistar 4G router affecting versio ...)
+ TODO: check
+CVE-2024-2414 (The primary channel is unprotected on Movistar 4G router affecting E v ...)
+ TODO: check
+CVE-2024-2403 (Improper cleanup in temporary file handling component in Devolutions R ...)
+ TODO: check
+CVE-2024-2293 (The Site Reviews plugin for WordPress is vulnerable to Stored Cross-Si ...)
+ TODO: check
+CVE-2024-2286 (The Sky Addons for Elementor (Free Templates Library, Live Copy, Anima ...)
+ TODO: check
+CVE-2024-2252 (The Droit Elementor Addons \u2013 Widgets, Blocks, Templates Library F ...)
+ TODO: check
+CVE-2024-2247 (JFrog Artifactory versions below 7.77.7, are vulnerable to DOM-based c ...)
+ TODO: check
+CVE-2024-2239 (The Premium Addons PRO plugin for WordPress is vulnerable to Stored Cr ...)
+ TODO: check
+CVE-2024-2238 (The Premium Addons PRO plugin for WordPress is vulnerable to Stored Cr ...)
+ TODO: check
+CVE-2024-2237 (The Premium Addons PRO plugin for WordPress is vulnerable to Stored Cr ...)
+ TODO: check
+CVE-2024-2194 (The WP Statistics plugin for WordPress is vulnerable to Stored Cross-S ...)
+ TODO: check
+CVE-2024-2172 (The Malware Scanner plugin and the Web Application Firewall plugin for ...)
+ TODO: check
+CVE-2024-2126 (The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Store ...)
+ TODO: check
+CVE-2024-2123 (The Ultimate Member \u2013 User Profile, Registration, Login, Member D ...)
+ TODO: check
+CVE-2024-2106 (The MasterStudy LMS WordPress Plugin \u2013 for Online Courses and Edu ...)
+ TODO: check
+CVE-2024-2030 (The Database for Contact Form 7, WPforms, Elementor forms plugin for W ...)
+ TODO: check
+CVE-2024-2028 (The Exclusive Addons for Elementor plugin for WordPress is vulnerable ...)
+ TODO: check
+CVE-2024-2020 (The Calculated Fields Form plugin for WordPress is vulnerable to Store ...)
+ TODO: check
+CVE-2024-2006 (The Post Grid, Slider & Carousel Ultimate \u2013 with Shortcode, Guten ...)
+ TODO: check
+CVE-2024-2000 (The Premium Addons PRO plugin for WordPress is vulnerable to Stored Cr ...)
+ TODO: check
+CVE-2024-28684 (DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (C ...)
+ TODO: check
+CVE-2024-28683 (DedeCMS v5.7 was discovered to contain a cross-site scripting (XSS) vu ...)
+ TODO: check
+CVE-2024-28682 (DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (C ...)
+ TODO: check
+CVE-2024-28681 (DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (C ...)
+ TODO: check
+CVE-2024-28680 (DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (C ...)
+ TODO: check
+CVE-2024-28679 (DedeCMS v5.7 was discovered to contain a cross-site scripting (XSS) vu ...)
+ TODO: check
+CVE-2024-28678 (DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (C ...)
+ TODO: check
+CVE-2024-28677 (DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (C ...)
+ TODO: check
+CVE-2024-28676 (DedeCMS v5.7 was discovered to contain a cross-site scripting (XSS) vu ...)
+ TODO: check
+CVE-2024-28675 (DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (C ...)
+ TODO: check
+CVE-2024-28673 (DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (C ...)
+ TODO: check
+CVE-2024-28672 (DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (C ...)
+ TODO: check
+CVE-2024-28671 (DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (C ...)
+ TODO: check
+CVE-2024-28670 (DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (C ...)
+ TODO: check
+CVE-2024-28669 (DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (C ...)
+ TODO: check
+CVE-2024-28668 (DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (C ...)
+ TODO: check
+CVE-2024-28667 (DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (C ...)
+ TODO: check
+CVE-2024-28666 (DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (C ...)
+ TODO: check
+CVE-2024-28665 (DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (C ...)
+ TODO: check
+CVE-2024-28432 (DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (C ...)
+ TODO: check
+CVE-2024-28431 (DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (C ...)
+ TODO: check
+CVE-2024-28430 (DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (C ...)
+ TODO: check
+CVE-2024-28429 (DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (C ...)
+ TODO: check
+CVE-2024-28196 (your_spotify is an open source, self hosted Spotify tracking dashboard ...)
+ TODO: check
+CVE-2024-28195 (your_spotify is an open source, self hosted Spotify tracking dashboard ...)
+ TODO: check
+CVE-2024-28194 (your_spotify is an open source, self hosted Spotify tracking dashboard ...)
+ TODO: check
+CVE-2024-27953 (Missing Authorization vulnerability in Cool Plugins Cryptocurrency Wid ...)
+ TODO: check
+CVE-2024-27952 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2024-27441
+ REJECTED
+CVE-2024-26630 (In the Linux kernel, the following vulnerability has been resolved: m ...)
+ TODO: check
+CVE-2024-26629 (In the Linux kernel, the following vulnerability has been resolved: n ...)
+ TODO: check
+CVE-2024-25155 (In FileCatalyst Direct 3.8.8 and earlier through 3.8.6, the web server ...)
+ TODO: check
+CVE-2024-25154 (Improper URL validation leads to path traversal in FileCatalyst Direct ...)
+ TODO: check
+CVE-2024-25153 (A directory traversal within the \u2018ftpservlet\u2019 of the FileCat ...)
+ TODO: check
+CVE-2024-25101 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2024-25099 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2024-25097 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2024-24693 (Improper access control in the installer for Zoom Rooms Client for Win ...)
+ TODO: check
+CVE-2024-24692 (Race condition in the installer for Zoom Rooms Client for Windows befo ...)
+ TODO: check
+CVE-2024-24549 (Denial of Service due to improper input validation vulnerability for H ...)
+ TODO: check
+CVE-2024-23672 (Denial of Service via incomplete cleanup vulnerability in Apache Tomca ...)
+ TODO: check
+CVE-2024-20327 (A vulnerability in the PPP over Ethernet (PPPoE) termination feature o ...)
+ TODO: check
+CVE-2024-20322 (A vulnerability in the access control list (ACL) processing on Pseudow ...)
+ TODO: check
+CVE-2024-20320 (A vulnerability in the SSH client feature of Cisco IOS XR Software for ...)
+ TODO: check
+CVE-2024-20319 (A vulnerability in the UDP forwarding code of Cisco IOS XR Software co ...)
+ TODO: check
+CVE-2024-20318 (A vulnerability in the Layer 2 Ethernet services of Cisco IOS XR Softw ...)
+ TODO: check
+CVE-2024-20315 (A vulnerability in the access control list (ACL) processing on MPLS in ...)
+ TODO: check
+CVE-2024-20266 (A vulnerability in the DHCP version 4 (DHCPv4) server feature of Cisco ...)
+ TODO: check
+CVE-2024-20262 (A vulnerability in the Secure Copy Protocol (SCP) and SFTP feature of ...)
+ TODO: check
+CVE-2024-1997 (The Premium Addons PRO plugin for WordPress is vulnerable to Stored Cr ...)
+ TODO: check
+CVE-2024-1996 (The Premium Addons PRO plugin for WordPress is vulnerable to Stored Cr ...)
+ TODO: check
+CVE-2024-1985 (The Simple Membership plugin for WordPress is vulnerable to Stored Cro ...)
+ TODO: check
+CVE-2024-1951 (The Logo Showcase Ultimate \u2013 Logo Carousel, Logo Slider & Logo Gr ...)
+ TODO: check
+CVE-2024-1950 (The Product Carousel Slider & Grid Ultimate for WooCommerce plugin for ...)
+ TODO: check
+CVE-2024-1935 (The Giveaways and Contests by RafflePress \u2013 Get More Website Traf ...)
+ TODO: check
+CVE-2024-1894 (The Burst Statistics \u2013 Privacy-Friendly Analytics for WordPress p ...)
+ TODO: check
+CVE-2024-1862 (The WooCommerce Add to Cart Custom Redirect plugin for WordPress is vu ...)
+ TODO: check
+CVE-2024-1854 (The Essential Blocks \u2013 Page Builder Gutenberg Blocks, Patterns & ...)
+ TODO: check
+CVE-2024-1843 (The Auto Affiliate Links plugin for WordPress is vulnerable to unautho ...)
+ TODO: check
+CVE-2024-1806 (The Paid Membership Plugin, Ecommerce, User Registration Form, Login F ...)
+ TODO: check
+CVE-2024-1793 (The AWeber \u2013 Free Sign Up Form and Landing Page Builder Plugin fo ...)
+ TODO: check
+CVE-2024-1772 (The Play.ht \u2013 Make Your Blog Posts Accessible With Text to Speech ...)
+ TODO: check
+CVE-2024-1763 (The Wp Social Login and Register Social Counter plugin for WordPress i ...)
+ TODO: check
+CVE-2024-1751 (The Tutor LMS \u2013 eLearning and online course solution plugin for W ...)
+ TODO: check
+CVE-2024-1723 (The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to St ...)
+ TODO: check
+CVE-2024-1691 (The Otter Blocks \u2013 Gutenberg Blocks, Page Builder for Gutenberg E ...)
+ TODO: check
+CVE-2024-1690 (The TeraWallet \u2013 Best WooCommerce Wallet System With Cashback Rew ...)
+ TODO: check
+CVE-2024-1684 (The Otter Blocks \u2013 Gutenberg Blocks, Page Builder for Gutenberg E ...)
+ TODO: check
+CVE-2024-1680 (The Premium Addons for Elementor plugin for WordPress is vulnerable to ...)
+ TODO: check
+CVE-2024-1668 (The Avada | Website Builder For WordPress & WooCommerce theme for Word ...)
+ TODO: check
+CVE-2024-1642 (The MainWP Dashboard \u2013 WordPress Manager for Multiple Websites M ...)
+ TODO: check
+CVE-2024-1640 (The Contact Form Builder Plugin: Multi Step Contact Form, Payment Form ...)
+ TODO: check
+CVE-2024-1585 (The Metform Elementor Contact Form Builder plugin for WordPress is vul ...)
+ TODO: check
+CVE-2024-1541 (The Gutenberg Blocks by Kadence Blocks \u2013 Page Builder Features pl ...)
+ TODO: check
+CVE-2024-1537 (The Essential Addons for Elementor \u2013 Best Elementor Templates, Wi ...)
+ TODO: check
+CVE-2024-1536 (The Essential Addons for Elementor \u2013 Best Elementor Templates, Wi ...)
+ TODO: check
+CVE-2024-1535 (The Paid Membership Plugin, Ecommerce, User Registration Form, Login F ...)
+ TODO: check
+CVE-2024-1508 (The Prime Slider \u2013 Addons For Elementor plugin for WordPress is v ...)
+ TODO: check
+CVE-2024-1507 (The Prime Slider \u2013 Addons For Elementor plugin for WordPress is v ...)
+ TODO: check
+CVE-2024-1505 (The Academy LMS \u2013 eLearning and online course solution for WordPr ...)
+ TODO: check
+CVE-2024-1499 (The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Store ...)
+ TODO: check
+CVE-2024-1497 (The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Store ...)
+ TODO: check
+CVE-2024-1489 (The SMS Alert Order Notifications \u2013 WooCommerce plugin for WordPr ...)
+ TODO: check
+CVE-2024-1484 (The Booking for Appointments and Events Calendar \u2013 Amelia plugin ...)
+ TODO: check
+CVE-2024-1479 (The WP Show Posts plugin for WordPress is vulnerable to Sensitive Info ...)
+ TODO: check
+CVE-2024-1462 (The Maintenance Page plugin for WordPress is vulnerable to Basic Infor ...)
+ TODO: check
+CVE-2024-1452 (The GenerateBlocks plugin for WordPress is vulnerable to Sensitive Inf ...)
+ TODO: check
+CVE-2024-1422 (The Elementor Addon Elements plugin for WordPress is vulnerable to Sto ...)
+ TODO: check
+CVE-2024-1414 (The Exclusive Addons for Elementor plugin for WordPress is vulnerable ...)
+ TODO: check
+CVE-2024-1413 (The Exclusive Addons for Elementor plugin for WordPress is vulnerable ...)
+ TODO: check
+CVE-2024-1409 (The Paid Membership Plugin, Ecommerce, User Registration Form, Login F ...)
+ TODO: check
+CVE-2024-1393 (The Elementor Addon Elements plugin for WordPress is vulnerable to Sto ...)
+ TODO: check
+CVE-2024-1392 (The Elementor Addon Elements plugin for WordPress is vulnerable to Sto ...)
+ TODO: check
+CVE-2024-1391 (The Elementor Addon Elements plugin for WordPress is vulnerable to Sto ...)
+ TODO: check
+CVE-2024-1383 (The WPvivid Backup for MainWP plugin for WordPress is vulnerable to Re ...)
+ TODO: check
+CVE-2024-1380 (The Relevanssi \u2013 A Better Search plugin for WordPress is vulnerab ...)
+ TODO: check
+CVE-2024-1370 (The Maintenance Page plugin for WordPress is vulnerable to unauthorize ...)
+ TODO: check
+CVE-2024-1365 (The YML for Yandex Market plugin for WordPress is vulnerable to Reflec ...)
+ TODO: check
+CVE-2024-1363 (The Easy Accordion \u2013 Best Accordion FAQ Plugin for WordPress plug ...)
+ TODO: check
+CVE-2024-1358 (The Elementor Addon Elements plugin for WordPress is vulnerable to Dir ...)
+ TODO: check
+CVE-2024-1321 (The EventPrime \u2013 Events Calendar, Bookings and Tickets plugin for ...)
+ TODO: check
+CVE-2024-1311 (The Brizy \u2013 Page Builder plugin for WordPress is vulnerable to ar ...)
+ TODO: check
+CVE-2024-1296 (The Brizy \u2013 Page Builder plugin for WordPress is vulnerable to St ...)
+ TODO: check
+CVE-2024-1293 (The Brizy \u2013 Page Builder plugin for WordPress is vulnerable to St ...)
+ TODO: check
+CVE-2024-1291 (The Brizy \u2013 Page Builder plugin for WordPress is vulnerable to St ...)
+ TODO: check
+CVE-2024-1237 (The Elementor Header & Footer Builder plugin for WordPress is vulnerab ...)
+ TODO: check
+CVE-2024-1234 (The Exclusive Addons for Elementor plugin for WordPress is vulnerable ...)
+ TODO: check
+CVE-2024-1203 (The Conversios \u2013 Google Analytics 4 (GA4), Meta Pixel & more Via ...)
+ TODO: check
+CVE-2024-1176 (The HT Easy GA4 \u2013 Google Analytics WordPress Plugin plugin for Wo ...)
+ TODO: check
+CVE-2024-1158 (The Post Form \u2013 Registration Form \u2013 Profile Form for User Pr ...)
+ TODO: check
+CVE-2024-1127 (The EventPrime \u2013 Events Calendar, Bookings and Tickets plugin for ...)
+ TODO: check
+CVE-2024-1126 (The EventPrime \u2013 Events Calendar, Bookings and Tickets plugin for ...)
+ TODO: check
+CVE-2024-1083 (The Simple Restrict plugin for WordPress is vulnerable to Sensitive In ...)
+ TODO: check
+CVE-2024-1080 (The Beaver Builder \u2013 WordPress Page Builder plugin for WordPress ...)
+ TODO: check
+CVE-2024-1074 (The Beaver Builder \u2013 WordPress Page Builder plugin for WordPress ...)
+ TODO: check
+CVE-2024-1071 (The Ultimate Member \u2013 User Profile, Registration, Login, Member D ...)
+ TODO: check
+CVE-2024-1038 (The Beaver Builder \u2013 WordPress Page Builder plugin for WordPress ...)
+ TODO: check
+CVE-2024-0976 (The WP Event Manager \u2013 Events Calendar, Registrations, Sell Ticke ...)
+ TODO: check
+CVE-2024-0898 (The Chat Bubble \u2013 Floating Chat with Contact Chat Icons, Messages ...)
+ TODO: check
+CVE-2024-0897 (The Beaver Builder \u2013 WordPress Page Builder plugin for WordPress ...)
+ TODO: check
+CVE-2024-0896 (The Beaver Builder \u2013 WordPress Page Builder plugin for WordPress ...)
+ TODO: check
+CVE-2024-0871 (The Beaver Builder plugin for WordPress is vulnerable to Stored Cross- ...)
+ TODO: check
+CVE-2024-0839 (The FeedWordPress plugin for WordPress is vulnerable to Insecure Direc ...)
+ TODO: check
+CVE-2024-0830 (The Comments Extra Fields For Post,Pages and CPT plugin for WordPress ...)
+ TODO: check
+CVE-2024-0829 (The Comments Extra Fields For Post,Pages and CPT plugin for WordPress ...)
+ TODO: check
+CVE-2024-0828 (The Play.ht \u2013 Make Your Blog Posts Accessible With Text to Speech ...)
+ TODO: check
+CVE-2024-0827 (The Play.ht \u2013 Make Your Blog Posts Accessible With Text to Speech ...)
+ TODO: check
+CVE-2024-0801 (A denial of service vulnerability exists in Arcserve Unified Data Prot ...)
+ TODO: check
+CVE-2024-0800 (A path traversal vulnerability exists in Arcserve Unified Data Protect ...)
+ TODO: check
+CVE-2024-0799 (An authentication bypass vulnerability exists in Arcserve Unified Data ...)
+ TODO: check
+CVE-2024-0700 (The Simple Tweet plugin for WordPress is vulnerable to Stored Cross-Si ...)
+ TODO: check
+CVE-2024-0687 (The Restrict User Access \u2013 Ultimate Membership & Content Protecti ...)
+ TODO: check
+CVE-2024-0683 (The Bulgarisation for WooCommerce plugin for WordPress is vulnerable t ...)
+ TODO: check
+CVE-2024-0681 (The Page Restriction WordPress (WP) \u2013 Protect WP Pages/Post plugi ...)
+ TODO: check
+CVE-2024-0631 (The Duitku Payment Gateway plugin for WordPress is vulnerable to unaut ...)
+ TODO: check
+CVE-2024-0614 (The Events Manager plugin for WordPress is vulnerable to Stored Cross- ...)
+ TODO: check
+CVE-2024-0592 (The Related Posts for WordPress plugin for WordPress is vulnerable to ...)
+ TODO: check
+CVE-2024-0591 (The wpDataTables \u2013 WordPress Data Table, Dynamic Tables & Table C ...)
+ TODO: check
+CVE-2024-0449 (The ArtiBot Free Chat Bot for WordPress WebSites plugin for WordPress ...)
+ TODO: check
+CVE-2024-0447 (The ArtiBot Free Chat Bot for WordPress WebSites plugin for WordPress ...)
+ TODO: check
+CVE-2024-0385 (The Categorify plugin for WordPress is vulnerable to unauthorized modi ...)
+ TODO: check
+CVE-2024-0377 (The LifterLMS \u2013 WordPress LMS Plugin for eLearning plugin for Wor ...)
+ TODO: check
+CVE-2024-0369 (The Bulk Edit Post Titles plugin for WordPress is vulnerable to unauth ...)
+ TODO: check
+CVE-2024-0368 (The Hustle \u2013 Email Marketing, Lead Generation, Optins, Popups plu ...)
+ TODO: check
+CVE-2024-0326 (The Premium Addons for Elementor plugin for WordPress is vulnerable to ...)
+ TODO: check
+CVE-2024-0173 (Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an imp ...)
+ TODO: check
+CVE-2024-0163 (Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain a TOCT ...)
+ TODO: check
+CVE-2024-0162 (Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Imp ...)
+ TODO: check
+CVE-2024-0161 (Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Imp ...)
+ TODO: check
+CVE-2024-0154 (Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an imp ...)
+ TODO: check
+CVE-2023-7015 (The File Manager Pro plugin for WordPress is vulnerable to Reflected C ...)
+ TODO: check
+CVE-2023-6969 (The User Shortcodes Plus plugin for WordPress is vulnerable to Insecur ...)
+ TODO: check
+CVE-2023-6957 (The Fluent Forms plugin for WordPress by Fluent Forms plugin for WordP ...)
+ TODO: check
+CVE-2023-6954 (The Download Manager Pro plugin for WordPress is vulnerable to Stored ...)
+ TODO: check
+CVE-2023-6880 (The Visual Composer Website Builder, Landing Page Builder, Custom Them ...)
+ TODO: check
+CVE-2023-6825 (The File Manager and File Manager Pro plugins for WordPress are vulner ...)
+ TODO: check
+CVE-2023-6809 (The Custom fields shortcode plugin for WordPress is vulnerable to Stor ...)
+ TODO: check
+CVE-2023-6785 (The Download Manager plugin for WordPress is vulnerable to unauthorize ...)
+ TODO: check
+CVE-2023-5663 (The News Announcement Scroll plugin for WordPress is vulnerable to SQL ...)
+ TODO: check
+CVE-2023-52608 (In the Linux kernel, the following vulnerability has been resolved: f ...)
+ TODO: check
+CVE-2023-43043 (IBM Maximo Application Suite - Maximo Mobile for EAM 8.10 and 8.11 cou ...)
+ TODO: check
+CVE-2023-38723 (IBM Maximo Application Suite 7.6.1.3 is vulnerable to stored cross-sit ...)
+ TODO: check
+CVE-2023-32335 (IBM Maximo Application Suite 8.10, 8.11 and IBM Maximo Asset Managemen ...)
+ TODO: check
+CVE-2018-25090 (An unauthenticated remote attacker can use an XSS attack due to improp ...)
+ TODO: check
+CVE-2015-10123 (An unautheticated remote attacker could send specifically crafted pack ...)
+ TODO: check
CVE-2024-2413 (Intumit SmartRobot uses a fixed encryption key for authentication. Rem ...)
NOT-FOR-US: Intumit SmartRobot
CVE-2024-2412 (The disabling function of the user registration page for Heimavista Rp ...)
@@ -5,6 +385,7 @@ CVE-2024-2412 (The disabling function of the user registration page for Heimavis
CVE-2024-2406 (A vulnerability, which was classified as critical, was found in Gacjie ...)
NOT-FOR-US: Gacjie Server
CVE-2024-2400 (Use after free in Performance Manager in Google Chrome prior to 122.0. ...)
+ {DSA-5639-1}
- chromium 122.0.6261.128-1
[bullseye] - chromium <end-of-life> (see #1061268)
[buster] - chromium <end-of-life> (see DSA 5046)
@@ -804,7 +1185,7 @@ CVE-2024-2265 (A vulnerability, which was classified as problematic, was found i
NOT-FOR-US: keerti1924 PHP-MYSQL-User-Login-System
CVE-2024-2264 (A vulnerability, which was classified as critical, has been found in k ...)
NOT-FOR-US: keerti1924 PHP-MYSQL-User-Login-System
-CVE-2024-2044 (pgAdmin 4 uses a file-based session management approach. The session f ...)
+CVE-2024-2044 (pgAdmin <= 8.3 is affected by a path-traversal vulnerability while des ...)
- pgadmin4 <itp> (bug #834129)
CVE-2024-28115 (FreeRTOS is a real-time operating system for microcontrollers. FreeRTO ...)
NOT-FOR-US: FreeRTOS kernel
@@ -1523,7 +1904,7 @@ CVE-2024-24783 (Verifying a certificate chain which contains a certificate with
NOTE: https://github.com/golang/go/issues/65390
NOTE: https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1)
NOTE: https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8)
-CVE-2024-1979
+CVE-2024-1979 (A vulnerability was found in Quarkus. In certain conditions related to ...)
NOT-FOR-US: Quarkus
CVE-2023-5685 [StackOverflowException when the chain of notifier states becomes problematically big]
- jboss-xnio <unfixed> (bug #1065847)
@@ -2622,7 +3003,7 @@ CVE-2024-2059 (A vulnerability was found in SourceCodester Petrol Pump Managemen
NOT-FOR-US: SourceCodester Petrol Pump Management Software
CVE-2024-2058 (A vulnerability was found in SourceCodester Petrol Pump Management Sof ...)
NOT-FOR-US: SourceCodester Petrol Pump Management Software
-CVE-2024-2057 (A vulnerability was found in Harrison Chase LangChain 0.1.9. It has be ...)
+CVE-2024-2057 (A vulnerability was found in LangChain langchain_community 0.0.26. It ...)
NOT-FOR-US: Harrison Chase LangChain
CVE-2024-27734 (A Cross Site Scripting vulnerability in CSZ CMS v.1.3.0 allows an atta ...)
NOT-FOR-US: CSZ CMS
@@ -5235,7 +5616,7 @@ CVE-2024-23126 (A maliciously crafted CATPART file when parsed CC5Dll.dll throug
NOT-FOR-US: Autodesk
CVE-2024-23125 (A maliciously crafted SLDPRT file when parsed ODXSW_DLL.dll through Au ...)
NOT-FOR-US: Autodesk
-CVE-2024-23124 (A maliciously crafted STP file when parsed in ASMIMPORT228A.dll throug ...)
+CVE-2024-23124 (A maliciously crafted STP file in ASMIMPORT228A.dll when parsed throug ...)
NOT-FOR-US: Autodesk
CVE-2024-23123 (A maliciously crafted CATPART file in CC5Dll.dll or ASMBASE228A.dll wh ...)
NOT-FOR-US: Autodesk
@@ -59631,8 +60012,8 @@ CVE-2023-28519
RESERVED
CVE-2023-28518
RESERVED
-CVE-2023-28517
- RESERVED
+CVE-2023-28517 (IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.2 is vul ...)
+ TODO: check
CVE-2023-28516
RESERVED
CVE-2023-28515
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a18b60e53ebabed41e9b4c1a1cc4676b908d6cb5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a18b60e53ebabed41e9b4c1a1cc4676b908d6cb5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240313/239d8108/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list