[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Nov 1 20:12:52 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c79539d9 by security tracker role at 2024-11-01T20:12:45+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,425 @@
+CVE-2024-7456 (A SQL injection vulnerability exists in the `/api/v1/external-users` r ...)
+ TODO: check
+CVE-2024-51492 (Zusam is a free and open-source way to self-host private forums. Prior ...)
+ TODO: check
+CVE-2024-51483 (changedetection.io is free, open source web page change detection soft ...)
+ TODO: check
+CVE-2024-51432 (Cross Site Scripting vulnerability in FiberHome HG6544C RP2743 allows ...)
+ TODO: check
+CVE-2024-51431 (LB-LINK BL-WR 1300H v.1.0.4 contains hardcoded credentials stored in / ...)
+ TODO: check
+CVE-2024-51407 (Floodlight SDN OpenFlow Controller v.1.2 has an issue that allows loca ...)
+ TODO: check
+CVE-2024-51406 (Floodlight SDN Open Flow Controller v.1.2 has an issue that allows loc ...)
+ TODO: check
+CVE-2024-51399 (Altai Technologies Ltd Altai IX500 Indoor 22 802.11ac Wave 2 AP After ...)
+ TODO: check
+CVE-2024-51398 (Altai Technologies Ltd Altai X500 Indoor 22 802.11ac Wave 2 AP web Man ...)
+ TODO: check
+CVE-2024-51377 (An issue in Ladybird Web Solution Faveo Helpdesk & Servicedesk (On-Pre ...)
+ TODO: check
+CVE-2024-51252 (In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands ...)
+ TODO: check
+CVE-2024-51248 (In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands ...)
+ TODO: check
+CVE-2024-51247 (In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands ...)
+ TODO: check
+CVE-2024-51245 (In DrayTek Vigor3900 1.5.1.3, attackers can inject malicious commands ...)
+ TODO: check
+CVE-2024-51244 (In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands ...)
+ TODO: check
+CVE-2024-49770 (`oak` is a middleware framework for Deno's native HTTP server, Deno De ...)
+ TODO: check
+CVE-2024-49256 (Incorrect Authorization vulnerability in WPChill Htaccess File Editor ...)
+ TODO: check
+CVE-2024-48410 (Cross Site Scripting vulnerability in Camtrace v.9.16.2.1 allows a rem ...)
+ TODO: check
+CVE-2024-48353 (Yealink Meeting Server before V26.0.0.67 allows attackers to obtain st ...)
+ TODO: check
+CVE-2024-48352 (Yealink Meeting Server before V26.0.0.67 is vulnerable to sensitive da ...)
+ TODO: check
+CVE-2024-48289 (An issue in the Bluetooth Low Energy implementation of Cypress Bluetoo ...)
+ TODO: check
+CVE-2024-48270 (An issue in the component /logins of oasys v1.1 allows attackers to ac ...)
+ TODO: check
+CVE-2024-48217 (An Insecure Direct Object Reference (IDOR) in the dashboard of SiSMART ...)
+ TODO: check
+CVE-2024-48045 (Missing Authorization vulnerability in Leevio Happy Addons for Element ...)
+ TODO: check
+CVE-2024-48044 (Missing Authorization vulnerability in ShortPixel \u2013 Convert WebP/ ...)
+ TODO: check
+CVE-2024-48039 (Missing Authorization vulnerability in CubeWP CubeWP \u2013 All-in-One ...)
+ TODO: check
+CVE-2024-47362 (Missing Authorization vulnerability in WPChill Strong Testimonials all ...)
+ TODO: check
+CVE-2024-47361 (Missing Authorization vulnerability in WPVibes Elementor Addon Element ...)
+ TODO: check
+CVE-2024-47359 (Missing Authorization vulnerability in Depicter Slider and Popup by Av ...)
+ TODO: check
+CVE-2024-47358 (Missing Authorization vulnerability in Popup Maker allows Accessing Fu ...)
+ TODO: check
+CVE-2024-47321 (Missing Authorization vulnerability in Fahad Mahmood WP Datepicker all ...)
+ TODO: check
+CVE-2024-47318 (Missing Authorization vulnerability in Magazine3 PWA for WP & AMP allo ...)
+ TODO: check
+CVE-2024-47317 (Missing Authorization vulnerability in WP Quads Ads by WPQuads \u2013 ...)
+ TODO: check
+CVE-2024-47314 (Missing Authorization vulnerability in WP Sunshine Sunshine Photo Cart ...)
+ TODO: check
+CVE-2024-47311 (Missing Authorization vulnerability in Kraft Plugins Wheel of Life all ...)
+ TODO: check
+CVE-2024-47308 (Missing Authorization vulnerability in Templately allows Accessing Fun ...)
+ TODO: check
+CVE-2024-47302 (Missing Authorization vulnerability in WPManageNinja LLC Fluent Suppor ...)
+ TODO: check
+CVE-2024-44052 (Missing Authorization vulnerability in HelloAsso allows Exploiting Inc ...)
+ TODO: check
+CVE-2024-44038 (Missing Authorization vulnerability in WP Sunshine Sunshine Photo Cart ...)
+ TODO: check
+CVE-2024-44031 (Missing Authorization vulnerability in BearDev JoomSport allows Exploi ...)
+ TODO: check
+CVE-2024-44021 (Missing Authorization vulnerability in Truepush allows Exploiting Inco ...)
+ TODO: check
+CVE-2024-44020 (Missing Authorization vulnerability in Prasad Kirpekar WP Free SSL \u2 ...)
+ TODO: check
+CVE-2024-44019 (Missing Authorization vulnerability in Renzo Johnson Contact Form 7 Ca ...)
+ TODO: check
+CVE-2024-44006 (Missing Authorization vulnerability in OnTheGoSystems WooCommerce Mult ...)
+ TODO: check
+CVE-2024-43998 (Missing Authorization vulnerability in WebsiteinWP Blogpoet allows Acc ...)
+ TODO: check
+CVE-2024-43982 (Missing Authorization vulnerability in Geek Code Lab Login As Users al ...)
+ TODO: check
+CVE-2024-43981 (Missing Authorization vulnerability in AyeCode \u2013 WP Business Dire ...)
+ TODO: check
+CVE-2024-43980 (Missing Authorization vulnerability in CozyThemes Fota WP allows Explo ...)
+ TODO: check
+CVE-2024-43979 (Missing Authorization vulnerability in CozyThemes Blockbooster allows ...)
+ TODO: check
+CVE-2024-43974 (Missing Authorization vulnerability in CozyThemes ReviveNews allows Ac ...)
+ TODO: check
+CVE-2024-43973 (Missing Authorization vulnerability in AyeCode Ltd GetPaid allows Expl ...)
+ TODO: check
+CVE-2024-43968 (Broken Access Control vulnerability in Automattic Newspack allows Expl ...)
+ TODO: check
+CVE-2024-43962 (Missing Authorization vulnerability in LWS LWS Affiliation allows Expl ...)
+ TODO: check
+CVE-2024-43956 (Missing Authorization vulnerability in Caseproof, LLC Memberpress allo ...)
+ TODO: check
+CVE-2024-43937 (Missing Authorization vulnerability in Themeum WP Crowdfunding allows ...)
+ TODO: check
+CVE-2024-43932 (Missing Authorization vulnerability in POSIMYTH The Plus Addons for El ...)
+ TODO: check
+CVE-2024-43929 (Missing Authorization vulnerability in eyecix JobSearch allows Accessi ...)
+ TODO: check
+CVE-2024-43928 (Missing Authorization vulnerability in eyecix JobSearch allows Exploit ...)
+ TODO: check
+CVE-2024-43925 (Missing Authorization vulnerability in Envira Gallery Team Envira Phot ...)
+ TODO: check
+CVE-2024-43923 (Missing Authorization vulnerability in Arraytics Timetics allows Acces ...)
+ TODO: check
+CVE-2024-43919 (Access Control vulnerability in YARPP YARPP allows . This issue affec ...)
+ TODO: check
+CVE-2024-43355 (Missing Authorization vulnerability in BearDev JoomSport allows Exploi ...)
+ TODO: check
+CVE-2024-43343 (Missing Authorization vulnerability in Etoile Web Design Order Trackin ...)
+ TODO: check
+CVE-2024-43341 (Missing Authorization vulnerability in CozyThemes Hello Agency allows ...)
+ TODO: check
+CVE-2024-43332 (Missing Authorization vulnerability in Jordy Meow Photo Engine allows ...)
+ TODO: check
+CVE-2024-43323 (Missing Authorization vulnerability in ReviewX allows Accessing Functi ...)
+ TODO: check
+CVE-2024-43314 (Missing Authorization vulnerability in Gabe Livan Asset CleanUp: Page ...)
+ TODO: check
+CVE-2024-43312 (Missing Authorization vulnerability in WPClever WPC Frequently Bought ...)
+ TODO: check
+CVE-2024-43310 (Missing Authorization vulnerability in UkrSolution Print Barcode Label ...)
+ TODO: check
+CVE-2024-43302 (Missing Authorization vulnerability in Fonts Plugin Fonts allows Explo ...)
+ TODO: check
+CVE-2024-43298 (Missing Authorization vulnerability in Migrate Clone allows Exploiting ...)
+ TODO: check
+CVE-2024-43297 (Missing Authorization vulnerability in Migrate Clone allows Exploiting ...)
+ TODO: check
+CVE-2024-43296 (Missing Authorization vulnerability in bPlugins LLC Flash & HTML5 Vide ...)
+ TODO: check
+CVE-2024-43293 (Missing Authorization vulnerability in WPZOOM Recipe Card Blocks for G ...)
+ TODO: check
+CVE-2024-43290 (Missing Authorization vulnerability in Atarim allows Accessing Functio ...)
+ TODO: check
+CVE-2024-43285 (Missing Authorization vulnerability in Presto Made, Inc Presto Player ...)
+ TODO: check
+CVE-2024-43277 (Missing Authorization vulnerability in AyeCode Ltd UsersWP allows Expl ...)
+ TODO: check
+CVE-2024-43274 (Missing Authorization vulnerability in JS Help Desk JS Help Desk \u201 ...)
+ TODO: check
+CVE-2024-43273 (Missing Authorization vulnerability in icegram Icegram Collect plugin ...)
+ TODO: check
+CVE-2024-43270 (Missing Authorization vulnerability in WPBackItUp Backup and Restore W ...)
+ TODO: check
+CVE-2024-43268 (Access Control vulnerability in WPBackItUp Backup and Restore WordPres ...)
+ TODO: check
+CVE-2024-43260 (Missing Authorization vulnerability in Creative Motion Clearfy Cache a ...)
+ TODO: check
+CVE-2024-43254 (Missing Authorization vulnerability in Zaytech Smart Online Order for ...)
+ TODO: check
+CVE-2024-43253 (Missing Authorization vulnerability in Zaytech Smart Online Order for ...)
+ TODO: check
+CVE-2024-43235 (Missing Authorization vulnerability in MetaBox.Io Meta Box \u2013 Word ...)
+ TODO: check
+CVE-2024-43229 (Missing Authorization vulnerability in Cornel Raiu WP Search Analytics ...)
+ TODO: check
+CVE-2024-43223 (Missing Authorization vulnerability in EventPrime Events EventPrime al ...)
+ TODO: check
+CVE-2024-43219 (Missing Authorization vulnerability in \u0648\u0648\u06a9\u0627\u0645\ ...)
+ TODO: check
+CVE-2024-43215 (Missing Authorization vulnerability in creativemotion Social Slider Fe ...)
+ TODO: check
+CVE-2024-43212 (Missing Authorization vulnerability in MagePeople Team WpTravelly allo ...)
+ TODO: check
+CVE-2024-43211 (Cross Site Scripting (XSS) vulnerability in PluginOps MailChimp Subscr ...)
+ TODO: check
+CVE-2024-43209 (Missing Authorization vulnerability in Bitly allows Accessing Function ...)
+ TODO: check
+CVE-2024-43208 (Missing Authorization vulnerability in Miller Media ( Matt Miller ) Se ...)
+ TODO: check
+CVE-2024-43162 (Missing Authorization vulnerability in Easy Digital Downloads allows E ...)
+ TODO: check
+CVE-2024-43159 (Missing Authorization vulnerability in Masteriyo Masteriyo - LMS allow ...)
+ TODO: check
+CVE-2024-43158 (Missing Authorization vulnerability in Masteriyo Masteriyo - LMS allow ...)
+ TODO: check
+CVE-2024-43157 (Missing Authorization vulnerability in nCrafts FormCraft allows Exploi ...)
+ TODO: check
+CVE-2024-43154 (Missing Authorization vulnerability in BracketSpace Advanced Cron Mana ...)
+ TODO: check
+CVE-2024-43146 (Missing Authorization vulnerability in Ahmed Kaludi, Mohammed Kaludi A ...)
+ TODO: check
+CVE-2024-43143 (Missing Authorization vulnerability in Roundup WP Registrations for th ...)
+ TODO: check
+CVE-2024-43142 (Missing Authorization vulnerability in Themeum Tutor LMS allows Exploi ...)
+ TODO: check
+CVE-2024-43136 (Missing Authorization vulnerability in WP Sunshine Sunshine Photo Cart ...)
+ TODO: check
+CVE-2024-43134 (Missing Authorization vulnerability in xootix Waitlist Woocommerce ( B ...)
+ TODO: check
+CVE-2024-43122 (Missing Authorization vulnerability in Creative Motion Robin image opt ...)
+ TODO: check
+CVE-2024-43120 (Missing Authorization vulnerability in XSERVER Inc. TypeSquare Webfont ...)
+ TODO: check
+CVE-2024-43119 (Missing Authorization vulnerability in Aruba.It Aruba HiSpeed Cache al ...)
+ TODO: check
+CVE-2024-43118 (Missing Authorization vulnerability in WPMU DEV Hummingbird allows Exp ...)
+ TODO: check
+CVE-2024-41745 (IBM CICS TX Standard is vulnerable to cross-site scripting. This vulne ...)
+ TODO: check
+CVE-2024-41744 (IBM CICS TX Standard 11.1 is vulnerable to cross-site request forgery ...)
+ TODO: check
+CVE-2024-41741 (IBM TXSeries for Multiplatforms 10.1 could allow an attacker to determ ...)
+ TODO: check
+CVE-2024-41738 (IBM TXSeries for Multiplatforms 10.1 could allow an attacker to obtain ...)
+ TODO: check
+CVE-2024-40490 (An issue in Sourcebans++ before v.1.8.0 allows a remote attacker to ob ...)
+ TODO: check
+CVE-2024-39664 (Missing Authorization vulnerability in YMC Filter & Grids allows Acces ...)
+ TODO: check
+CVE-2024-39654 (Missing Authorization vulnerability in Fetch Designs Sign-up Sheets al ...)
+ TODO: check
+CVE-2024-39650 (Missing Authorization vulnerability in WPWeb Elite WooCommerce PDF Vou ...)
+ TODO: check
+CVE-2024-39640 (Missing Authorization vulnerability in QuadLayers WP Social Feed Galle ...)
+ TODO: check
+CVE-2024-39639 (Broken Access Control vulnerability in Nickolas Bossinas WordPress Fil ...)
+ TODO: check
+CVE-2024-39635 (Missing Authorization vulnerability in KaineLabs Youzify allows Exploi ...)
+ TODO: check
+CVE-2024-39625 (Missing Authorization vulnerability in icegram Icegram allows Accessin ...)
+ TODO: check
+CVE-2024-38794 (Missing Authorization vulnerability in MediaRon LLC Custom Query Block ...)
+ TODO: check
+CVE-2024-38792 (Missing Authorization vulnerability in ConveyThis Translate Team Langu ...)
+ TODO: check
+CVE-2024-38783 (Missing Authorization vulnerability in Tyche Softwares Arconix FAQ all ...)
+ TODO: check
+CVE-2024-38777 (Missing Authorization vulnerability in CreativeMotion Titan Anti-spam ...)
+ TODO: check
+CVE-2024-38774 (Missing Authorization vulnerability in SiteGround SiteGround Security ...)
+ TODO: check
+CVE-2024-38771 (Missing Authorization vulnerability in Atarim allows Accessing Functio ...)
+ TODO: check
+CVE-2024-38769 (Missing Authorization vulnerability in Tyche Softwares Arconix Shortco ...)
+ TODO: check
+CVE-2024-38748 (Access Control vulnerability in TheInnovs EleForms allows . This issu ...)
+ TODO: check
+CVE-2024-38745 (Missing Authorization vulnerability in Rymera Web Co Wholesale Suite a ...)
+ TODO: check
+CVE-2024-38744 (Missing Authorization vulnerability in Upqode Plum: Spin Wheel & Email ...)
+ TODO: check
+CVE-2024-38743 (Access Control vulnerability in Upqode Plum: Spin Wheel & Email Pop-up ...)
+ TODO: check
+CVE-2024-38740 (Missing Authorization vulnerability in Packlink Shipping S.L. Packlink ...)
+ TODO: check
+CVE-2024-38737 (Missing Authorization vulnerability in Reservation Diary ReDi Restaura ...)
+ TODO: check
+CVE-2024-38733 (Missing Authorization vulnerability in Meks Meks Video Importer allows ...)
+ TODO: check
+CVE-2024-38727 (Missing Authorization vulnerability in Seraphinite Solutions Seraphini ...)
+ TODO: check
+CVE-2024-38726 (Missing Authorization vulnerability in PickPlugins Product Designer al ...)
+ TODO: check
+CVE-2024-38721 (Missing Authorization vulnerability in spider-themes EazyDocs allows E ...)
+ TODO: check
+CVE-2024-38719 (Missing Authorization vulnerability in Creative Motion Auto Featured I ...)
+ TODO: check
+CVE-2024-38714 (Missing Authorization vulnerability in Epsiloncool WP Fast Total Searc ...)
+ TODO: check
+CVE-2024-38707 (Missing Authorization vulnerability in WPDeveloper EmbedPress allows E ...)
+ TODO: check
+CVE-2024-38702 (Missing Authorization vulnerability in Tyche Softwares Product Deliver ...)
+ TODO: check
+CVE-2024-38695 (Missing Authorization vulnerability in Martin Gibson WP GoToWebinar al ...)
+ TODO: check
+CVE-2024-38690 (Missing Authorization vulnerability in Avirtum iPanorama 360 WordPress ...)
+ TODO: check
+CVE-2024-37929 (Missing Authorization vulnerability in solwin User Activity Log Pro al ...)
+ TODO: check
+CVE-2024-37926 (Missing Authorization vulnerability in Alex Volkov WP Accessibility He ...)
+ TODO: check
+CVE-2024-37921 (Missing Authorization vulnerability in Kiboko Labs Chained Quiz allows ...)
+ TODO: check
+CVE-2024-37517 (Missing Authorization vulnerability in Brainstorm Force Spectra allows ...)
+ TODO: check
+CVE-2024-37516 (Missing Authorization vulnerability in fifu.App Featured Image from UR ...)
+ TODO: check
+CVE-2024-37510 (Missing Authorization vulnerability in Charitable Donations & Fundrais ...)
+ TODO: check
+CVE-2024-37506 (Missing Authorization vulnerability in Charitable Donations & Fundrais ...)
+ TODO: check
+CVE-2024-37505 (Missing Authorization vulnerability in Rara Themes Business One Page a ...)
+ TODO: check
+CVE-2024-37483 (Missing Authorization vulnerability in Post Grid Team by RadiusTheme T ...)
+ TODO: check
+CVE-2024-37482 (Missing Authorization vulnerability in Post Grid Team by RadiusTheme T ...)
+ TODO: check
+CVE-2024-37481 (Missing Authorization vulnerability in Post Grid Team by RadiusTheme T ...)
+ TODO: check
+CVE-2024-37477 (Missing Authorization vulnerability in Automattic Newspack Content Con ...)
+ TODO: check
+CVE-2024-37475 (Missing Authorization vulnerability in Automattic Newspack Newsletters ...)
+ TODO: check
+CVE-2024-37470 (Missing Authorization vulnerability in WofficeIO Woffice Core allows A ...)
+ TODO: check
+CVE-2024-37468 (Missing Authorization vulnerability in blazethemes Newsmatic allows Ex ...)
+ TODO: check
+CVE-2024-37463 (Missing Authorization vulnerability in CRM Perks CRM Perks Forms allow ...)
+ TODO: check
+CVE-2024-37456 (Missing Authorization vulnerability in Noptin Newsletter Noptin allows ...)
+ TODO: check
+CVE-2024-37453 (Missing Authorization vulnerability in ProfileGrid User Profiles Profi ...)
+ TODO: check
+CVE-2024-37444 (Missing Authorization vulnerability in WPMU DEV Defender Security allo ...)
+ TODO: check
+CVE-2024-37443 (Missing Authorization vulnerability in Automattic WP Job Manager - Res ...)
+ TODO: check
+CVE-2024-37440 (Missing Authorization vulnerability in Andy Moyle Church Admin allows ...)
+ TODO: check
+CVE-2024-37439 (Missing Authorization vulnerability in Uncanny Owl Uncanny Toolkit Pro ...)
+ TODO: check
+CVE-2024-37427 (Missing Authorization vulnerability in Arraytics Timetics allows Explo ...)
+ TODO: check
+CVE-2024-37425 (Missing Authorization vulnerability in Automattic Newspack Blocks news ...)
+ TODO: check
+CVE-2024-37423 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
+ TODO: check
+CVE-2024-37415 (Missing Authorization vulnerability in E2Pdf.Com allows Exploiting Inc ...)
+ TODO: check
+CVE-2024-37411 (Missing Authorization vulnerability in Team Emilia Projects Progress P ...)
+ TODO: check
+CVE-2024-37277 (Authorization Bypass Through User-Controlled Key vulnerability in Paid ...)
+ TODO: check
+CVE-2024-37276 (Missing Authorization vulnerability in fifu.App Featured Image from UR ...)
+ TODO: check
+CVE-2024-37269 (Missing Authorization vulnerability in StylemixThemes Masterstudy Elem ...)
+ TODO: check
+CVE-2024-37255 (Missing Authorization vulnerability in Wpmet Elements kit Elementor ad ...)
+ TODO: check
+CVE-2024-37254 (Missing Authorization vulnerability in mndpsingh287 File Manager allow ...)
+ TODO: check
+CVE-2024-37250 (Missing Authorization vulnerability in WPEngine Inc. Advanced Custom F ...)
+ TODO: check
+CVE-2024-37249 (Missing Authorization vulnerability in WPEngine Inc. Advanced Custom F ...)
+ TODO: check
+CVE-2024-37232 (Missing Authorization vulnerability in Hercules Design Hercules Core a ...)
+ TODO: check
+CVE-2024-37226 (Missing Authorization vulnerability in Kanban for WordPress Kanban Boa ...)
+ TODO: check
+CVE-2024-37220 (Missing Authorization vulnerability in OptinlyHQ Optinly allows Exploi ...)
+ TODO: check
+CVE-2024-37218 (Missing Authorization vulnerability in WordPress Page Builder Sandwich ...)
+ TODO: check
+CVE-2024-37214 (Missing Authorization vulnerability in Dropshipping Guru Ali2Woo Lite ...)
+ TODO: check
+CVE-2024-37209 (Access Control vulnerability in Prism IT Systems User Rights Access Ma ...)
+ TODO: check
+CVE-2024-37207 (Missing Authorization vulnerability in Theme4Press Demo Awesome allows ...)
+ TODO: check
+CVE-2024-37204 (Missing Authorization vulnerability in PropertyHive allows Exploiting ...)
+ TODO: check
+CVE-2024-37203 (Missing Authorization vulnerability in Laybuy Laybuy Payment Extension ...)
+ TODO: check
+CVE-2024-37201 (Missing Authorization vulnerability in javmah Woocommerce Customers Or ...)
+ TODO: check
+CVE-2024-37123 (Missing Authorization vulnerability in VowelWeb Ibtana allows Exploiti ...)
+ TODO: check
+CVE-2024-37119 (Missing Authorization vulnerability in Uncanny Owl Uncanny Automator P ...)
+ TODO: check
+CVE-2024-37108 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
+ TODO: check
+CVE-2024-37106 (Missing Authorization vulnerability in WishList Products WishList Memb ...)
+ TODO: check
+CVE-2024-37096 (Missing Authorization vulnerability in Popup Box Team Popup allows Exp ...)
+ TODO: check
+CVE-2024-37095 (Missing Authorization vulnerability in Envira Gallery Team Envira Phot ...)
+ TODO: check
+CVE-2024-37094 (Access Control vulnerability in StylemixThemes MasterStudy LMS allows ...)
+ TODO: check
+CVE-2024-28265 (IBOS v4.5.5 has an arbitrary file deletion vulnerability via \system\m ...)
+ TODO: check
+CVE-2024-27525 (Cross Site Scripting vulnerability in Chamilo LMS v.1.11.26 allows a r ...)
+ TODO: check
+CVE-2024-27524 (Cross Site Scripting vulnerability in Chamilo LMS v.1.11.26 allows a r ...)
+ TODO: check
+CVE-2024-22733 (TP Link MR200 V4 Firmware version 210201 was discovered to contain a n ...)
+ TODO: check
+CVE-2024-10662 (A vulnerability was found in Tenda AC15 15.03.05.19 and classified as ...)
+ TODO: check
+CVE-2024-10661 (A vulnerability has been found in Tenda AC15 15.03.05.19 and classifie ...)
+ TODO: check
+CVE-2024-10660 (A vulnerability, which was classified as critical, was found in ESAFEN ...)
+ TODO: check
+CVE-2024-10659 (A vulnerability, which was classified as critical, has been found in E ...)
+ TODO: check
+CVE-2024-10658 (A vulnerability classified as critical was found in Tongda OA up to 11 ...)
+ TODO: check
+CVE-2024-10657 (A vulnerability classified as critical has been found in Tongda OA up ...)
+ TODO: check
+CVE-2024-10656 (A vulnerability was found in Tongda OA 2017 up to 11.9. It has been ra ...)
+ TODO: check
+CVE-2024-10655 (A vulnerability was found in Tongda OA 2017 up to 11.9. It has been de ...)
+ TODO: check
+CVE-2024-10654 (A vulnerability has been found in TOTOLINK LR350 up to 9.3.5u.6369 and ...)
+ TODO: check
+CVE-2024-10653 (IDExpert from CHANGING Information Technology does not properly valida ...)
+ TODO: check
+CVE-2024-10652 (IDExpert from CHANGING Information Technology does not properly valida ...)
+ TODO: check
+CVE-2024-10651 (IDExpert from CHANGING Information Technology does not properly valida ...)
+ TODO: check
+CVE-2024-10367 (The Otter Blocks \u2013 Gutenberg Blocks, Page Builder for Gutenberg E ...)
+ TODO: check
+CVE-2024-10232 (The Group Chat & Video Chat by AtomChat plugin for WordPress is vulner ...)
+ TODO: check
CVE-2024-9655 (The Gutenberg Blocks with AI by Kadence WP \u2013 Page Builder Feature ...)
NOT-FOR-US: WordPress plugin
CVE-2024-7424 (The Multiple Page Generator Plugin \u2013 MPG plugin for WordPress is ...)
@@ -191,7 +613,7 @@ CVE-2024-48807 (Cross Site Scripting vulnerability in PHPGurukul Doctor Appointm
NOT-FOR-US: PHPGurukul Doctor Appointment Management System
CVE-2024-48735 (Directory Traversal in /SASStudio/sasexec/sessions/{sessionID}/workspa ...)
NOT-FOR-US: SAS Studio
-CVE-2024-48734 (*Unrestricted file upload in /SASStudio/SASStudio/sasexec/{sessionID}/ ...)
+CVE-2024-48734 (Unrestricted file upload in /SASStudio/SASStudio/sasexec/{sessionID}/{ ...)
NOT-FOR-US: SAS Studio
CVE-2024-48733 (SQL injection vulnerability in /SASStudio/sasexec/sessions/{sessionID} ...)
NOT-FOR-US: SAS Studio
@@ -451,7 +873,7 @@ CVE-2024-48206 (A Deserialization of Untrusted Data vulnerability in chainer v7.
NOT-FOR-US: chainer
CVE-2024-48138 (A remote code execution (RCE) vulnerability in the component /PluXml/c ...)
- pluxml <removed>
-CVE-2024-48063 (In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE.)
+CVE-2024-48063 (In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE. NOTE: th ...)
- pytorch <unfixed> (unimportant)
NOTE: https://rumbling-slice-eb0.notion.site/Distributed-RPC-Framework-RemoteModule-has-Deserialization-RCE-in-pytorch-pytorch-111e3cda9e8c8021a7d3cbc61ee1a20c
NOTE: Non issue as only documented to be used for internal communication:
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c79539d94d48c79136e81028f8843484d93ccb68
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c79539d94d48c79136e81028f8843484d93ccb68
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241101/f3c7a72d/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list