[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Mar 21 08:11:58 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9e28796b by security tracker role at 2024-03-21T08:11:41+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,79 @@
+CVE-2024-2754 (A vulnerability classified as critical has been found in SourceCodeste ...)
+	TODO: check
+CVE-2024-2748 (A Cross Site Request Forgery vulnerability was identified in GitHub En ...)
+	TODO: check
+CVE-2024-2720 (A vulnerability classified as problematic was found in Campcodes Compl ...)
+	TODO: check
+CVE-2024-2719 (A vulnerability classified as problematic has been found in Campcodes  ...)
+	TODO: check
+CVE-2024-2718 (A vulnerability was found in Campcodes Complete Online DJ Booking Syst ...)
+	TODO: check
+CVE-2024-2717 (A vulnerability was found in Campcodes Complete Online DJ Booking Syst ...)
+	TODO: check
+CVE-2024-2469 (An attacker with an Administrator role in GitHub Enterprise Server cou ...)
+	TODO: check
+CVE-2024-2443 (A command injection vulnerability was identified in GitHub Enterprise  ...)
+	TODO: check
+CVE-2024-2162 (An OS Command Injection vulnerability in Kiloview NDI allows a low-pri ...)
+	TODO: check
+CVE-2024-2161 (Use of Hard-coded Credentials in Kiloview NDI allows un-authenticated  ...)
+	TODO: check
+CVE-2024-29864 (Distrobox before 1.7.0.1 allows attackers to execute arbitrary code vi ...)
+	TODO: check
+CVE-2024-29862 (The Kerlink firewall in ChirpStack chirpstack-mqtt-forwarder before 4. ...)
+	TODO: check
+CVE-2024-29859 (In MISP before 2.4.187, add_misp_export in app/Controller/EventsContro ...)
+	TODO: check
+CVE-2024-29858 (In MISP before 2.4.187, __uploadLogo in app/Controller/OrganisationsCo ...)
+	TODO: check
+CVE-2024-29474 (OneBlog v2.3.4 was discovered to contain a stored cross-site scripting ...)
+	TODO: check
+CVE-2024-29473 (OneBlog v2.3.4 was discovered to contain a stored cross-site scripting ...)
+	TODO: check
+CVE-2024-29472 (OneBlog v2.3.4 was discovered to contain a stored cross-site scripting ...)
+	TODO: check
+CVE-2024-29471 (OneBlog v2.3.4 was discovered to contain a stored cross-site scripting ...)
+	TODO: check
+CVE-2024-29470 (OneBlog v2.3.4 was discovered to contain a stored cross-site scripting ...)
+	TODO: check
+CVE-2024-29469 (A stored cross-site scripting (XSS) vulnerability in OneBlog v2.3.4 al ...)
+	TODO: check
+CVE-2024-29037 (datahub-helm provides the Kubernetes Helm charts for deploying Datahub ...)
+	TODO: check
+CVE-2024-29036 (Saleor Storefront is software for building e-commerce experiences. Pri ...)
+	TODO: check
+CVE-2024-29033 (OAuthenticator provides plugins for JupyterHub to use common OAuth pro ...)
+	TODO: check
+CVE-2024-29032 (Qiskit IBM Runtime is an environment that streamlines quantum computat ...)
+	TODO: check
+CVE-2024-29026 (Owncast is an open source, self-hosted, decentralized, single user liv ...)
+	TODO: check
+CVE-2024-29018 (Moby is an open source container framework that is a key component of  ...)
+	TODO: check
+CVE-2024-28916 (Xbox Gaming Services Elevation of Privilege Vulnerability)
+	TODO: check
+CVE-2024-28835 (A flaw has been discovered in GnuTLS where an application crash can be ...)
+	TODO: check
+CVE-2024-28635 (Cross Site Scripting (XSS) vulnerability in SurveyJS Survey Creator v. ...)
+	TODO: check
+CVE-2024-25294 (An SSRF issue in REBUILD v.3.5 allows a remote attacker to obtain sens ...)
+	TODO: check
+CVE-2024-24050 (Cross Site Scripting (XSS) vulnerability in Sourcecodester Workout Jou ...)
+	TODO: check
+CVE-2024-22724 (An issue was discovered in osCommerce v4, allows local attackers to by ...)
+	TODO: check
+CVE-2024-1538 (The File Manager plugin for WordPress is vulnerable to Cross-Site Requ ...)
+	TODO: check
+CVE-2024-1148 (Weak access control in OpenText PVCS Version Manager allows potential  ...)
+	TODO: check
+CVE-2024-1147 (Weak access control in OpenText PVCS Version Manager allows potential  ...)
+	TODO: check
+CVE-2023-48903 (Stored Cross-Site Scripting (XSS) vulnerability in tramyardg autoexpre ...)
+	TODO: check
+CVE-2023-48902 (An issue was discovered in tramyardg autoexpress version 1.3.0, allows ...)
+	TODO: check
+CVE-2023-48901 (A SQL injection vulnerability in tramyardg Autoexpress version 1.3.0,  ...)
+	TODO: check
 CVE-2024-2721 (Deserialization of Untrusted Data vulnerability in Social Media Share  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-2716 (A vulnerability was found in Campcodes Complete Online DJ Booking Syst ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e28796bbb75c1c113927a67bfd5d17b7c7e584a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e28796bbb75c1c113927a67bfd5d17b7c7e584a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240321/3bd43f07/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list