[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Mar 26 08:12:03 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
11a4c047 by security tracker role at 2024-03-26T08:11:50+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,63 @@
+CVE-2024-2889 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+	TODO: check
+CVE-2024-2888 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+	TODO: check
+CVE-2024-2873 (A vulnerability was found in wolfSSH's server-side state machine befor ...)
+	TODO: check
+CVE-2024-2732 (The Themify Shortcodes plugin for WordPress is vulnerable to Stored Cr ...)
+	TODO: check
+CVE-2024-2427 (A denial-of-service vulnerability exists in the Rockwell Automation Po ...)
+	TODO: check
+CVE-2024-2426 (A denial-of-service vulnerability exists in the Rockwell Automation Po ...)
+	TODO: check
+CVE-2024-2425 (A denial-of-service vulnerability exists in the Rockwell Automation Po ...)
+	TODO: check
+CVE-2024-2303 (The Easy Textillate plugin for WordPress is vulnerable to Stored Cross ...)
+	TODO: check
+CVE-2024-2170 (The VK All in One Expansion Unit plugin for WordPress is vulnerable to ...)
+	TODO: check
+CVE-2024-29442 (An unauthorized access vulnerability has been discovered in ROS2 Humbl ...)
+	TODO: check
+CVE-2024-29440 (An unauthorized access vulnerability has been discovered in ROS2 Humbl ...)
+	TODO: check
+CVE-2024-29303 (The delete admin users function of SourceCodester PHP Task Management  ...)
+	TODO: check
+CVE-2024-29302 (SourceCodester PHP Task Management System 1.0 is vulnerable to SQL Inj ...)
+	TODO: check
+CVE-2024-29301 (SourceCodester PHP Task Management System 1.0 is vulnerable to SQL Inj ...)
+	TODO: check
+CVE-2024-29199 (Nautobot is a Network Source of Truth and Network Automation Platform. ...)
+	TODO: check
+CVE-2024-29196 (phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, ...)
+	TODO: check
+CVE-2024-29195 (The azure-c-shared-utility is a C library for AMQP/MQTT communication  ...)
+	TODO: check
+CVE-2024-29189 (PyAnsys Geometry is a Python client library for the Ansys Geometry ser ...)
+	TODO: check
+CVE-2024-29179 (phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, ...)
+	TODO: check
+CVE-2024-29041 (Express.js minimalist web framework for node. Versions of Express.js p ...)
+	TODO: check
+CVE-2024-28421 (SQL Injection vulnerability in Razor 0.8.0 allows a remote attacker to ...)
+	TODO: check
+CVE-2024-21914 (A vulnerability exists in the affected product that allows a malicious ...)
+	TODO: check
+CVE-2024-1973 (By leveraging the vulnerability, lower-privileged users of Content Man ...)
+	TODO: check
+CVE-2024-1745 (The Testimonial Slider WordPress plugin before 2.3.7 does not properly ...)
+	TODO: check
+CVE-2024-0901 (Remotely executed SEGV and out of bounds read allows malicious packet  ...)
+	TODO: check
+CVE-2024-0866 (The Check & Log Email plugin for WordPress is vulnerable to Unauthenti ...)
+	TODO: check
+CVE-2023-7232 (The Backup and Restore WordPress  WordPress plugin through 1.45 does n ...)
+	TODO: check
+CVE-2023-51416 (Cross-Site Request Forgery (CSRF) vulnerability in EnvialoSimple Env\x ...)
+	TODO: check
+CVE-2023-49839 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+	TODO: check
+CVE-2023-47430 (Stack-buffer-overflow vulnerability in ReadyMedia (MiniDLNA) v1.3.3 al ...)
+	TODO: check
 CVE-2024-30205 (In Emacs before 29.3, Org mode considers contents of remote files to b ...)
 	- emacs 1:29.3+1-1 (bug #1067630)
 	- org-mode <unfixed> (bug #1067663)
@@ -26839,7 +26899,7 @@ CVE-2023-6176 (A null pointer dereference flaw was found in the Linux kernel API
 	[bullseye] - linux 5.10.197-1
 	[buster] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/cfaa80c91f6f99b9342b6557f0f0e1143e434066 (6.6-rc2)
-CVE-2023-6175 [NetScreen file parser crash]
+CVE-2023-6175 (NetScreen file parser crash in Wireshark 4.0.0 to 4.0.10 and 3.6.0 to  ...)
 	{DSA-5559-1 DLA-3746-1}
 	- wireshark 4.0.11-1
 	[bullseye] - wireshark <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/11a4c04707fe79ef9416e378eda7b315f67344b3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/11a4c04707fe79ef9416e378eda7b315f67344b3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240326/36d39be2/attachment.htm>

More information about the debian-security-tracker-commits mailing list