[Git][security-tracker-team/security-tracker][master] automatic update

Fri Nov 8 20:12:10 GMT 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4db2531d by security tracker role at 2024-11-08T20:12:04+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,67 @@
+CVE-2024-9841 (A Reflected Cross-Site Scripting (XSS) vulnerability has been identifi ...)
+	TODO: check
+CVE-2024-51997 (Trustee is a set of tools and components for attesting confidential gu ...)
+	TODO: check
+CVE-2024-51211 (SQL injection vulnerability exists in OS4ED openSIS-Classic Version 9. ...)
+	TODO: check
+CVE-2024-51152 (File Upload vulnerability in Laravel CMS v.1.4.7 and before allows a r ...)
+	TODO: check
+CVE-2024-51055 (An issue Hoosk v1.7.1 allows a remote attacker to execute arbitrary co ...)
+	TODO: check
+CVE-2024-51032 (A Cross-site Scripting (XSS) vulnerability in manage_recipient.php of  ...)
+	TODO: check
+CVE-2024-51031 (A Cross-site Scripting (XSS) vulnerability in manage_account.php in So ...)
+	TODO: check
+CVE-2024-51030 (A SQL injection vulnerability in manage_client.php and view_cab.php of ...)
+	TODO: check
+CVE-2024-50966 (dingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forg ...)
+	TODO: check
+CVE-2024-50811 (hopetree izone lts c011b48 contains a server-side request forgery (SSR ...)
+	TODO: check
+CVE-2024-50810 (hopetree izone lts c011b48 contains a Cross Site Scripting (XSS) vulne ...)
+	TODO: check
+CVE-2024-50634 (A vulnerability in a weak JWT token in Watcharr v1.43.0 and below allo ...)
+	TODO: check
+CVE-2024-50593 (An attacker with local access to the medical office computer can  acce ...)
+	TODO: check
+CVE-2024-50592 (An attacker with local access the to medical office computer can  esca ...)
+	TODO: check
+CVE-2024-50591 (An attacker with local access the to medical office computer can  esca ...)
+	TODO: check
+CVE-2024-50590 (Attackers with local access to the medical office computer can  escala ...)
+	TODO: check
+CVE-2024-50589 (An unauthenticated attacker with access to the local network of the  m ...)
+	TODO: check
+CVE-2024-50588 (An unauthenticated attacker with access to the local network of the  m ...)
+	TODO: check
+CVE-2024-50378 (Airflow versions before 2.10.3 have a vulnerability that allows authen ...)
+	TODO: check
+CVE-2024-47190 (Northern.tech Hosted Mender before 2024.07.11 allows SSRF.)
+	TODO: check
+CVE-2024-46948 (Northern.tech Mender before 3.6.5 and 3.7.x before 3.7.5 has Incorrect ...)
+	TODO: check
+CVE-2024-46947 (Northern.tech Mender before 3.6.6 and 3.7.x before 3.7.7 allows SSRF.)
+	TODO: check
+CVE-2024-45765 (Dell Enterprise SONiC OS, version(s) 4.1.x, 4.2.x, contain(s) an Impro ...)
+	TODO: check
+CVE-2024-45764 (Dell Enterprise SONiC OS, version(s) 4.1.x, 4.2.x, contain(s) a Missin ...)
+	TODO: check
+CVE-2024-45763 (Dell Enterprise SONiC OS, version(s) 4.1.x, 4.2.x, contain(s) an Impro ...)
+	TODO: check
+CVE-2024-44765 (An Improper Authorization (Access Control Misconfiguration) vulnerabil ...)
+	TODO: check
+CVE-2024-40240 (An incorrect access control issue in HomeServe Home Repair' android ap ...)
+	TODO: check
+CVE-2024-40239 (An incorrect access control issue in Life: Personal Diary, Journal and ...)
+	TODO: check
+CVE-2024-25431 (An issue in bytecodealliance wasm-micro-runtime before v.b3f728c and f ...)
+	TODO: check
+CVE-2024-10839 (Zohocorp ManageEngine SharePoint Manager Plus versions4503 and prior a ...)
+	TODO: check
+CVE-2024-10325 (The Elementor Header & Footer Builder plugin for WordPress is vulnerab ...)
+	TODO: check
+CVE-2024-10187 (The myCred \u2013 Loyalty Points and Rewards plugin for WordPress and  ...)
+	TODO: check
 CVE-2024-8810 (A GitHub App installed in organizations could upgrade some permissions ...)
 	NOT-FOR-US: GitHub Enterprise Server
 CVE-2024-8424 (Improper Privilege Management vulnerability in WatchGuard EPDR, Panda  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4db2531d25b4220ebc146c1434da44fffcdb0706

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4db2531d25b4220ebc146c1434da44fffcdb0706
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241108/7fb3bfd1/attachment.htm>
