[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Nov 1 08:12:06 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
64233557 by security tracker role at 2024-11-01T08:11:59+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,67 @@
+CVE-2024-9655 (The Gutenberg Blocks with AI by Kadence WP \u2013 Page Builder Feature ...)
+	TODO: check
+CVE-2024-7424 (The Multiple Page Generator Plugin \u2013 MPG plugin for WordPress is  ...)
+	TODO: check
+CVE-2024-6480 (The SIP Reviews Shortcode for WooCommerce plugin for WordPress is vuln ...)
+	TODO: check
+CVE-2024-6479 (The SIP Reviews Shortcode for WooCommerce plugin for WordPress is vuln ...)
+	TODO: check
+CVE-2024-49501 (Sysmac Studio provided by OMRON Corporation contains an incorrect auth ...)
+	TODO: check
+CVE-2024-47939 (Stack-based buffer overflow vulnerability exists in multiple Ricoh las ...)
+	TODO: check
+CVE-2024-21510 (Versions of the package sinatra from 0.0.0 are vulnerable to Reliance  ...)
+	TODO: check
+CVE-2024-10620 (A vulnerability was found in knightliao Disconf 2.6.36. It has been cl ...)
+	TODO: check
+CVE-2024-10619 (A vulnerability, which was classified as critical, was found in Tongda ...)
+	TODO: check
+CVE-2024-10618 (A vulnerability, which was classified as critical, has been found in T ...)
+	TODO: check
+CVE-2024-10617 (A vulnerability classified as critical was found in Tongda OA up to 11 ...)
+	TODO: check
+CVE-2024-10616 (A vulnerability classified as critical has been found in Tongda OA up  ...)
+	TODO: check
+CVE-2024-10615 (A vulnerability was found in Tongda OA 2017 up to 11.10. It has been r ...)
+	TODO: check
+CVE-2024-10613 (A vulnerability was found in ESAFENET CDG 5. It has been declared as c ...)
+	TODO: check
+CVE-2024-10612 (A vulnerability was found in ESAFENET CDG 5. It has been classified as ...)
+	TODO: check
+CVE-2024-10611 (A vulnerability was found in ESAFENET CDG 5 and classified as critical ...)
+	TODO: check
+CVE-2024-10610 (A vulnerability has been found in ESAFENET CDG 5 and classified as cri ...)
+	TODO: check
+CVE-2024-10609 (A vulnerability, which was classified as critical, was found in itsour ...)
+	TODO: check
+CVE-2024-10608 (A vulnerability was found in code-projects Courier Management System 1 ...)
+	TODO: check
+CVE-2024-10607 (A vulnerability was found in code-projects Courier Management System 1 ...)
+	TODO: check
+CVE-2024-10605 (A vulnerability was found in code-projects Blood Bank Management Syste ...)
+	TODO: check
+CVE-2024-10602 (A vulnerability was found in Tongda OA 2017 up to 11.9 and classified  ...)
+	TODO: check
+CVE-2024-10601 (A vulnerability has been found in Tongda OA 2017 up to 11.10 and class ...)
+	TODO: check
+CVE-2024-10600 (A vulnerability, which was classified as critical, was found in Tongda ...)
+	TODO: check
+CVE-2024-10599 (A vulnerability, which was classified as problematic, has been found i ...)
+	TODO: check
+CVE-2024-10598 (A vulnerability classified as critical was found in Tongda OA 11.2/11. ...)
+	TODO: check
+CVE-2024-10597 (A vulnerability classified as critical has been found in ESAFENET CDG  ...)
+	TODO: check
+CVE-2024-10596 (A vulnerability was found in ESAFENET CDG 5. It has been rated as crit ...)
+	TODO: check
+CVE-2024-10595 (A vulnerability was found in ESAFENET CDG 5. It has been declared as c ...)
+	TODO: check
+CVE-2024-10594 (A vulnerability was found in ESAFENET CDG 5. It has been classified as ...)
+	TODO: check
+CVE-2024-0106 (NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit ( ...)
+	TODO: check
+CVE-2024-0105 (NVIDIA ConnectX Firmware contains a vulnerability where an attacker ma ...)
+	TODO: check
 CVE-2024-8934 (A local user with administrative access rights can enter specialy craf ...)
 	NOT-FOR-US: TwinCAT Package Manager
 CVE-2024-8553 (A vulnerability was found in Foreman's loader macros introduced with r ...)
@@ -379,8 +443,8 @@ CVE-2024-48138 (A remote code execution (RCE) vulnerability in the component /Pl
 CVE-2024-48063 (In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE.)
 	- pytorch <unfixed> (unimportant)
 	NOTE: https://rumbling-slice-eb0.notion.site/Distributed-RPC-Framework-RemoteModule-has-Deserialization-RCE-in-pytorch-pytorch-111e3cda9e8c8021a7d3cbc61ee1a20c
-        NOTE: Non issue as only documented to be used for internal communication:
-        NOTE: https://github.com/pytorch/pytorch/security/policy#using-distributed-features
+	NOTE: Non issue as only documented to be used for internal communication:
+	NOTE: https://github.com/pytorch/pytorch/security/policy#using-distributed-features
 	TODO: should probably be rejected, similar as CVE-2024-5480 got rejected, MITRE contacted
 CVE-2024-44081 (In Jitsi Meet before 2.0.9779, the functionality to share a video file ...)
 	- jitsi-meet <itp> (bug #760485)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/642335573bed1c92c840e71a1ea3c6f6b260fcaa

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/642335573bed1c92c840e71a1ea3c6f6b260fcaa
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241101/689b9377/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list