[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Oct 20 09:12:28 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d99fa3f7 by security tracker role at 2024-10-20T08:12:21+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,65 @@
+CVE-2024-49631 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-49630 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-49626 (Deserialization of Untrusted Data vulnerability in Piyushmca Shipyaari ...)
+	TODO: check
+CVE-2024-49611 (Unrestricted Upload of File with Dangerous Type vulnerability in Paxma ...)
+	TODO: check
+CVE-2024-49606 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-49604 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
+	TODO: check
+CVE-2024-49334 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-49328 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
+	TODO: check
+CVE-2024-49323 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-49286 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
+	TODO: check
+CVE-2024-48049 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+	TODO: check
+CVE-2024-10194 (A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up ...)
+	TODO: check
+CVE-2024-10193 (A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up ...)
+	TODO: check
+CVE-2024-10192 (A vulnerability has been found in PHPGurukul IFSC Code Finder Project  ...)
+	TODO: check
+CVE-2024-10191 (A vulnerability, which was classified as problematic, was found in PHP ...)
+	TODO: check
+CVE-2024-10173 (A vulnerability has been found in didi DDMQ 1.0 and classified as crit ...)
+	TODO: check
+CVE-2024-10171 (A vulnerability, which was classified as critical, was found in code-p ...)
+	TODO: check
+CVE-2024-10170 (A vulnerability, which was classified as critical, has been found in c ...)
+	TODO: check
+CVE-2024-10169 (A vulnerability classified as critical was found in code-projects Hosp ...)
+	TODO: check
+CVE-2024-10167 (A vulnerability classified as critical has been found in Codezips Sale ...)
+	TODO: check
+CVE-2024-10166 (A vulnerability was found in Codezips Sales Management System 1.0. It  ...)
+	TODO: check
+CVE-2024-10165 (A vulnerability was found in Codezips Sales Management System 1.0. It  ...)
+	TODO: check
+CVE-2024-10163 (A vulnerability was found in SourceCodester Sentiment Based Movie Rati ...)
+	TODO: check
+CVE-2024-10162 (A vulnerability has been found in PHPGurukul Boat Booking System 1.0 a ...)
+	TODO: check
+CVE-2024-10161 (A vulnerability, which was classified as critical, was found in PHPGur ...)
+	TODO: check
+CVE-2024-10160 (A vulnerability, which was classified as critical, has been found in P ...)
+	TODO: check
+CVE-2024-10159 (A vulnerability classified as critical was found in PHPGurukul Boat Bo ...)
+	TODO: check
+CVE-2024-10158 (A vulnerability classified as problematic has been found in PHPGurukul ...)
+	TODO: check
+CVE-2024-10157 (A vulnerability was found in PHPGurukul Boat Booking System 1.0. It ha ...)
+	TODO: check
+CVE-2024-10156 (A vulnerability was found in PHPGurukul Boat Booking System 1.0. It ha ...)
+	TODO: check
+CVE-2024-10155 (A vulnerability was found in PHPGurukul Boat Booking System 1.0. It ha ...)
+	TODO: check
 CVE-2024-9897 (The StreamWeasels Twitch Integration plugin for WordPress is vulnerabl ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-10154 (A vulnerability was found in PHPGurukul Boat Booking System 1.0 and cl ...)
@@ -745,42 +807,55 @@ CVE-2023-32188 (A user can reverse engineer the JWT token (JSON Web Token) used
 CVE-2020-36841 (The WooCommerce Smart Coupons plugin for WordPress is vulnerable to au ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-9966 (Inappropriate implementation in Navigations in Google Chrome prior to  ...)
+	{DSA-5793-1}
 	- chromium 130.0.6723.58-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-9965 (Insufficient data validation in DevTools in Google Chrome on Windows p ...)
+	{DSA-5793-1}
 	- chromium 130.0.6723.58-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-9964 (Inappropriate implementation in Payments in Google Chrome prior to 130 ...)
+	{DSA-5793-1}
 	- chromium 130.0.6723.58-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-9963 (Insufficient data validation in Downloads in Google Chrome prior to 13 ...)
+	{DSA-5793-1}
 	- chromium 130.0.6723.58-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-9962 (Inappropriate implementation in Permissions in Google Chrome prior to  ...)
+	{DSA-5793-1}
 	- chromium 130.0.6723.58-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-9961 (Use after free in ParcelTracking in Google Chrome on iOS prior to 130. ...)
+	{DSA-5793-1}
 	- chromium 130.0.6723.58-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-9960 (Use after free in Dawn in Google Chrome prior to 130.0.6723.58 allowed ...)
+	{DSA-5793-1}
 	- chromium 130.0.6723.58-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-9959 (Use after free in DevTools in Google Chrome prior to 130.0.6723.58 all ...)
+	{DSA-5793-1}
 	- chromium 130.0.6723.58-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-9958 (Inappropriate implementation in PictureInPicture in Google Chrome prio ...)
+	{DSA-5793-1}
 	- chromium 130.0.6723.58-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-9957 (Use after free in UI in Google Chrome on iOS prior to 130.0.6723.58 al ...)
+	{DSA-5793-1}
 	- chromium 130.0.6723.58-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-9956 (Inappropriate implementation in WebAuthentication in Google Chrome on  ...)
+	{DSA-5793-1}
 	- chromium 130.0.6723.58-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-9955 (Use after free in WebAuthentication in Google Chrome prior to 130.0.67 ...)
+	{DSA-5793-1}
 	- chromium 130.0.6723.58-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-9954 (Use after free in AI in Google Chrome prior to 130.0.6723.58 allowed a ...)
+	{DSA-5793-1}
 	- chromium 130.0.6723.58-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-9937 (The Woo Manage Fraud Orders plugin for WordPress is vulnerable to Refl ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d99fa3f79eb963dc520d7da7ea2cbec72917adb2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d99fa3f79eb963dc520d7da7ea2cbec72917adb2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241020/4b26c0e1/attachment.htm>

More information about the debian-security-tracker-commits mailing list