[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Oct 18 21:12:36 BST 2024



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f4caf039 by security tracker role at 2024-10-18T20:12:30+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,79 @@
+CVE-2024-9674 (The Debrandify \xb7 Remove or Replace WordPress Branding plugin for Wo ...)
+	TODO: check
+CVE-2024-9593 (The Time Clock plugin and Time Clock Pro plugin for WordPress are vuln ...)
+	TODO: check
+CVE-2024-9537 (ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerab ...)
+	TODO: check
+CVE-2024-9425 (The Advanced Category and Custom Taxonomy Image plugin for WordPress i ...)
+	TODO: check
+CVE-2024-4740 (MXsecurity software versions v1.1.0 and prior are vulnerable because o ...)
+	TODO: check
+CVE-2024-4739 (The lack of access restriction to a resource from unauthorized users m ...)
+	TODO: check
+CVE-2024-49361 (ACON is a widely-used library of tools for machine learning that focus ...)
+	TODO: check
+CVE-2024-49243 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+	TODO: check
+CVE-2024-49241 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-49240 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-49239 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-49238 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-49236 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-49234 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-49233 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-49232 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-49231 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-49230 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-49228 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-49225 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-49224 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-48016 (Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24 ...)
+	TODO: check
+CVE-2024-47487 (There is a SQL injection vulnerability in some HikCentral Professional ...)
+	TODO: check
+CVE-2024-47486 (There is an XSS vulnerability in some HikCentral Master Lite versions. ...)
+	TODO: check
+CVE-2024-47485 (There is a CSV injection vulnerability in some HikCentral Master Lite  ...)
+	TODO: check
+CVE-2024-47241 (Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24 ...)
+	TODO: check
+CVE-2024-47240 (Dell Secure Connect Gateway (SCG) 5.24 contains an Incorrect Default P ...)
+	TODO: check
+CVE-2024-45944 (In J2eeFAST <=2.7, the backend function has unsafe filtering, which al ...)
+	TODO: check
+CVE-2024-43300 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-42508 (This vulnerability could be exploited, leading to unauthorized disclos ...)
+	TODO: check
+CVE-2024-10123 (A vulnerability was found in Tenda AC8 16.03.34.06. It has been declar ...)
+	TODO: check
+CVE-2024-10122 (A vulnerability was found in Topdata Inner Rep Plus WebServer 2.01. It ...)
+	TODO: check
+CVE-2024-10121 (A vulnerability was found in wfh45678 Radar up to 1.0.8 and classified ...)
+	TODO: check
+CVE-2024-10120 (A vulnerability has been found in wfh45678 Radar up to 1.0.8 and class ...)
+	TODO: check
+CVE-2024-10115
+	REJECTED
+CVE-2024-10057 (The RSS Feed Widget plugin for WordPress is vulnerable to Stored Cross ...)
+	TODO: check
+CVE-2023-6080 (Lakeside Software\u2019s SysTrack LsiAgent Installer version 10.7.8 fo ...)
+	TODO: check
+CVE-2023-49570 (A vulnerability has been identified in Bitdefender Total Security HTTP ...)
+	TODO: check
 CVE-2024-9892 (The Add Widget After Content plugin for WordPress is vulnerable to Sto ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-9848 (The Product Customizer Light plugin for WordPress is vulnerable to Sto ...)
@@ -98402,7 +98478,7 @@ CVE-2023-41910 (An issue was discovered in lldpd before 1.0.17. By crafting a CD
 	- lldpd 1.0.17-1
 	NOTE: Fixed by: https://github.com/lldpd/lldpd/commit/a9aeabdf879c25c584852a0bb5523837632f099b (1.0.17)
 CVE-2023-41909 (An issue was discovered in FRRouting FRR through 9.0. bgp_nlri_parse_f ...)
-	{DLA-3573-1 DLA-3865-1}
+	{DLA-3865-1 DLA-3573-1}
 	- frr 8.4.4-1
 	[bullseye] - frr 7.5.1-1.1+deb11u3
 	NOTE: https://github.com/FRRouting/frr/commit/cfd04dcb3e689754a72507d086ba3b9709fc5ed8 (frr-9.0)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4caf039bac1e06f0e4dc04fc2a89fe4b9b204ea

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4caf039bac1e06f0e4dc04fc2a89fe4b9b204ea
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241018/632b129e/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list