[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c7903887 by security tracker role at 2024-11-23T20:12:12+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,25 @@
+CVE-2024-35160 (IBM Watson Query on Cloud Pak for Data 1.8, 2.0, 2.1, 2.2and IBM Db2 B ...)
+	TODO: check
+CVE-2024-11632 (A vulnerability was found in code-projects Simple Car Rental System 1. ...)
+	TODO: check
+CVE-2024-11631 (A vulnerability was found in itsourcecode Tailoring Management System  ...)
+	TODO: check
+CVE-2024-11231 (The \uc6b0\ucee4\uba38\uc2a4 \ub124\uc774\ubc84\ud398\uc774 plugin for ...)
+	TODO: check
+CVE-2024-11229 (The \ucf54\ub4dc\uc5e0\uc0f5 \uc18c\uc15c\ud1a1 plugin for WordPress i ...)
+	TODO: check
+CVE-2024-11228 (The \uc6cc\ub4dc\ud504\ub808\uc2a4 \uacb0\uc81c \uc2ec\ud50c\ud398\uc7 ...)
+	TODO: check
+CVE-2024-11227 (The Memberlite Shortcodes plugin for WordPress is vulnerable to Stored ...)
+	TODO: check
+CVE-2024-11199 (The Rescue Shortcodes plugin for WordPress is vulnerable to Stored Cro ...)
+	TODO: check
+CVE-2024-11034 (The The Request a Quote for WooCommerce and Elementor \u2013 Get a Quo ...)
+	TODO: check
+CVE-2024-10519 (The Wishlist for WooCommerce: Multi Wishlists Per Customer PRO plugin  ...)
+	TODO: check
+CVE-2023-7299 (A vulnerability was found in DataGear up to 4.60. It has been declared ...)
+	TODO: check
 CVE-2024-9666
 	NOT-FOR-US: Keycloak
 CVE-2024-6538
@@ -2041,6 +2063,7 @@ CVE-2024-31141 (Files or Directories Accessible to External Parties, Improper Pr
 CVE-2024-21697 (This High severity RCE (Remote Code Execution) vulnerability was intro ...)
 	NOT-FOR-US: Atlassian Sourcetree
 CVE-2024-11395 (Type Confusion in V8 in Google Chrome prior to 131.0.6778.85 allowed a ...)
+	{DSA-5817-1}
 	- chromium 131.0.6778.85-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-11224 (The Parallax Image plugin for WordPress is vulnerable to Stored Cross- ...)
@@ -3929,27 +3952,35 @@ CVE-2024-11150 (The WordPress User Extra Fields plugin for WordPress is vulnerab
 CVE-2024-11143 (The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-11117 (Inappropriate implementation in FileSystem in Google Chrome prior to 1 ...)
+	{DSA-5817-1}
 	- chromium 131.0.6778.85-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-11116 (Inappropriate implementation in Blink in Google Chrome prior to 131.0. ...)
+	{DSA-5817-1}
 	- chromium 131.0.6778.85-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-11115 (Insufficient policy enforcement in Navigation in Google Chrome on iOS  ...)
+	{DSA-5817-1}
 	- chromium 131.0.6778.85-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-11114 (Inappropriate implementation in Views in Google Chrome on Windows prio ...)
+	{DSA-5817-1}
 	- chromium 131.0.6778.85-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-11113 (Use after free in Accessibility in Google Chrome prior to 131.0.6778.6 ...)
+	{DSA-5817-1}
 	- chromium 131.0.6778.85-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-11112 (Use after free in Media in Google Chrome on Windows prior to 131.0.677 ...)
+	{DSA-5817-1}
 	- chromium 131.0.6778.85-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-11111 (Inappropriate implementation in Autofill in Google Chrome prior to 131 ...)
+	{DSA-5817-1}
 	- chromium 131.0.6778.85-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-11110 (Inappropriate implementation in Extensions in Google Chrome prior to 1 ...)
+	{DSA-5817-1}
 	- chromium 131.0.6778.85-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-10887 (The NiceJob plugin for WordPress is vulnerable to Stored Cross-Site Sc ...)
@@ -4587,6 +4618,7 @@ CVE-2024-8882 (A buffer overflow vulnerability in the CGI program in the Zyxel G
 CVE-2024-8881 (A post-authentication command injection vulnerability in the CGI progr ...)
 	NOT-FOR-US: Zyxel
 CVE-2024-52533 (gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one erro ...)
+	{DLA-3962-1}
 	- glib2.0 2.82.1-1 (bug #1087419)
 	[bookworm] - glib2.0 <no-dsa> (Minor issue)
 	NOTE: https://gitlab.gnome.org/GNOME/glib/-/issues/3461



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c79038878f40dc35abfafaeca3b70dbfd4d226c5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c79038878f40dc35abfafaeca3b70dbfd4d226c5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241123/397c0003/attachment-0001.htm>