[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Oct 18 21:12:36 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f4caf039 by security tracker role at 2024-10-18T20:12:30+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,79 @@
+CVE-2024-9674 (The Debrandify \xb7 Remove or Replace WordPress Branding plugin for Wo ...)
+ TODO: check
+CVE-2024-9593 (The Time Clock plugin and Time Clock Pro plugin for WordPress are vuln ...)
+ TODO: check
+CVE-2024-9537 (ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerab ...)
+ TODO: check
+CVE-2024-9425 (The Advanced Category and Custom Taxonomy Image plugin for WordPress i ...)
+ TODO: check
+CVE-2024-4740 (MXsecurity software versions v1.1.0 and prior are vulnerable because o ...)
+ TODO: check
+CVE-2024-4739 (The lack of access restriction to a resource from unauthorized users m ...)
+ TODO: check
+CVE-2024-49361 (ACON is a widely-used library of tools for machine learning that focus ...)
+ TODO: check
+CVE-2024-49243 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2024-49241 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49240 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49239 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49238 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49236 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49234 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49233 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49232 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49231 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49230 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49228 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49225 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-49224 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-48016 (Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24 ...)
+ TODO: check
+CVE-2024-47487 (There is a SQL injection vulnerability in some HikCentral Professional ...)
+ TODO: check
+CVE-2024-47486 (There is an XSS vulnerability in some HikCentral Master Lite versions. ...)
+ TODO: check
+CVE-2024-47485 (There is a CSV injection vulnerability in some HikCentral Master Lite ...)
+ TODO: check
+CVE-2024-47241 (Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24 ...)
+ TODO: check
+CVE-2024-47240 (Dell Secure Connect Gateway (SCG) 5.24 contains an Incorrect Default P ...)
+ TODO: check
+CVE-2024-45944 (In J2eeFAST <=2.7, the backend function has unsafe filtering, which al ...)
+ TODO: check
+CVE-2024-43300 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-42508 (This vulnerability could be exploited, leading to unauthorized disclos ...)
+ TODO: check
+CVE-2024-10123 (A vulnerability was found in Tenda AC8 16.03.34.06. It has been declar ...)
+ TODO: check
+CVE-2024-10122 (A vulnerability was found in Topdata Inner Rep Plus WebServer 2.01. It ...)
+ TODO: check
+CVE-2024-10121 (A vulnerability was found in wfh45678 Radar up to 1.0.8 and classified ...)
+ TODO: check
+CVE-2024-10120 (A vulnerability has been found in wfh45678 Radar up to 1.0.8 and class ...)
+ TODO: check
+CVE-2024-10115
+ REJECTED
+CVE-2024-10057 (The RSS Feed Widget plugin for WordPress is vulnerable to Stored Cross ...)
+ TODO: check
+CVE-2023-6080 (Lakeside Software\u2019s SysTrack LsiAgent Installer version 10.7.8 fo ...)
+ TODO: check
+CVE-2023-49570 (A vulnerability has been identified in Bitdefender Total Security HTTP ...)
+ TODO: check
CVE-2024-9892 (The Add Widget After Content plugin for WordPress is vulnerable to Sto ...)
NOT-FOR-US: WordPress plugin
CVE-2024-9848 (The Product Customizer Light plugin for WordPress is vulnerable to Sto ...)
@@ -98402,7 +98478,7 @@ CVE-2023-41910 (An issue was discovered in lldpd before 1.0.17. By crafting a CD
- lldpd 1.0.17-1
NOTE: Fixed by: https://github.com/lldpd/lldpd/commit/a9aeabdf879c25c584852a0bb5523837632f099b (1.0.17)
CVE-2023-41909 (An issue was discovered in FRRouting FRR through 9.0. bgp_nlri_parse_f ...)
- {DLA-3573-1 DLA-3865-1}
+ {DLA-3865-1 DLA-3573-1}
- frr 8.4.4-1
[bullseye] - frr 7.5.1-1.1+deb11u3
NOTE: https://github.com/FRRouting/frr/commit/cfd04dcb3e689754a72507d086ba3b9709fc5ed8 (frr-9.0)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4caf039bac1e06f0e4dc04fc2a89fe4b9b204ea
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4caf039bac1e06f0e4dc04fc2a89fe4b9b204ea
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241018/632b129e/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list