[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Oct 25 09:12:06 BST 2024



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9cd5ad16 by security tracker role at 2024-10-25T08:11:59+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,13 +1,135 @@
-CVE-2024-48426
+CVE-2024-9686 (The Order Notification for Telegram plugin for WordPress is vulnerable ...)
+	TODO: check
+CVE-2024-9630 (The WPS Telegram Chat plugin for WordPress is vulnerable to authorizat ...)
+	TODO: check
+CVE-2024-9628 (The WPS Telegram Chat plugin for WordPress is vulnerable to unauthoriz ...)
+	TODO: check
+CVE-2024-9607 (The 10Web Social Post Feed plugin for WordPress is vulnerable to Refle ...)
+	TODO: check
+CVE-2024-9598 (The AMP for WP \u2013 Accelerated Mobile Pages plugin for WordPress is ...)
+	TODO: check
+CVE-2024-9488 (The Comments \u2013 wpDiscuz plugin for WordPress is vulnerable to aut ...)
+	TODO: check
+CVE-2024-9302 (The App Builder \u2013 Create Native Android & iOS Apps On The Flight  ...)
+	TODO: check
+CVE-2024-9235 (The Mapster WP Maps plugin for WordPress is vulnerable to unauthorized ...)
+	TODO: check
+CVE-2024-9109 (The WooCommerce UPS Shipping \u2013 Live Rates and Access Points plugi ...)
+	TODO: check
+CVE-2024-7763 (In WhatsUp Gold versions released before 2024.0.0,  an Authentication  ...)
+	TODO: check
+CVE-2024-50583 (Whale browser Installer before 3.1.0.0 allows an attacker to execute a ...)
+	TODO: check
+CVE-2024-49762 (Pterodactyl is a free, open-source game server management panel. When  ...)
+	TODO: check
+CVE-2024-49760 (OpenRefine is a free, open source tool for working with messy data. Th ...)
+	TODO: check
+CVE-2024-49750 (The Snowflake Connector for Python provides an interface for developin ...)
+	TODO: check
+CVE-2024-49359 (ZimaOS is a fork of CasaOS, an operating system for Zima devices and x ...)
+	TODO: check
+CVE-2024-49358 (ZimaOS is a fork of CasaOS, an operating system for Zima devices and x ...)
+	TODO: check
+CVE-2024-49357 (ZimaOS is a fork of CasaOS, an operating system for Zima devices and x ...)
+	TODO: check
+CVE-2024-48932 (ZimaOS is a fork of CasaOS, an operating system for Zima devices and x ...)
+	TODO: check
+CVE-2024-48931 (ZimaOS is a fork of CasaOS, an operating system for Zima devices and x ...)
+	TODO: check
+CVE-2024-48870 (Sharp and Toshiba Tec MFPs improperly validate input data in URI data  ...)
+	TODO: check
+CVE-2024-48208 (pure-ftpd before 1.0.52 is vulnerable to Buffer Overflow. There is an  ...)
+	TODO: check
+CVE-2024-47883 (The OpenRefine fork of the MIT Simile Butterfly server is a modular we ...)
+	TODO: check
+CVE-2024-47882 (OpenRefine is a free, open source tool for working with messy data. Pr ...)
+	TODO: check
+CVE-2024-47881 (OpenRefine is a free, open source tool for working with messy data. St ...)
+	TODO: check
+CVE-2024-47880 (OpenRefine is a free, open source tool for working with messy data. Pr ...)
+	TODO: check
+CVE-2024-47879 (OpenRefine is a free, open source tool for working with messy data. Pr ...)
+	TODO: check
+CVE-2024-47878 (OpenRefine is a free, open source tool for working with messy data. Pr ...)
+	TODO: check
+CVE-2024-47801 (Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP ...)
+	TODO: check
+CVE-2024-47549 (Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP ...)
+	TODO: check
+CVE-2024-47406 (Sharp and Toshiba Tec MFPs improperly process HTTP authentication requ ...)
+	TODO: check
+CVE-2024-47158 (N-LINE 2.0.6 and prior versions contain a code injection vulnerability ...)
+	TODO: check
+CVE-2024-47005 (Sharp and Toshiba Tec MFPs provide configuration related APIs. They ar ...)
+	TODO: check
+CVE-2024-45842 (Sharp and Toshiba Tec MFPs improperly process URI data in HTTP PUT req ...)
+	TODO: check
+CVE-2024-45829 (Sharp and Toshiba Tec MFPs provide the web page to download data, wher ...)
+	TODO: check
+CVE-2024-45785 (MUSASI version 3 contains an issue with use of client-side authenticat ...)
+	TODO: check
+CVE-2024-45263 (An issue was discovered on certain GL-iNet devices, including MT6000,  ...)
+	TODO: check
+CVE-2024-45262 (An issue was discovered on certain GL-iNet devices, including MT6000,  ...)
+	TODO: check
+CVE-2024-45261 (An issue was discovered on certain GL-iNet devices, including MT6000,  ...)
+	TODO: check
+CVE-2024-45260 (An issue was discovered on certain GL-iNet devices, including MT6000,  ...)
+	TODO: check
+CVE-2024-43424 (Sharp and Toshiba Tec MFPs improperly process HTTP request headers, re ...)
+	TODO: check
+CVE-2024-42420 (Sharp and Toshiba Tec MFPs contain multiple Out-of-bounds Read vulnera ...)
+	TODO: check
+CVE-2024-41618 (Money Manager EX WebApp (web-money-manager-ex) 1.2.2 is vulnerable to  ...)
+	TODO: check
+CVE-2024-41617 (Money Manager EX WebApp (web-money-manager-ex) 1.2.2 is vulnerable to  ...)
+	TODO: check
+CVE-2024-10372 (A vulnerability classified as problematic was found in chidiwilliams b ...)
+	TODO: check
+CVE-2024-10371 (A vulnerability classified as critical has been found in SourceCodeste ...)
+	TODO: check
+CVE-2024-10370 (A vulnerability was found in Codezips Sales Management System 1.0. It  ...)
+	TODO: check
+CVE-2024-10369 (A vulnerability was found in Codezips Sales Management System 1.0. It  ...)
+	TODO: check
+CVE-2024-10368 (A vulnerability was found in Codezips Sales Management System 1.0. It  ...)
+	TODO: check
+CVE-2024-10355 (A vulnerability, which was classified as critical, has been found in S ...)
+	TODO: check
+CVE-2024-10354 (A vulnerability classified as critical was found in SourceCodester Pet ...)
+	TODO: check
+CVE-2024-10353 (A vulnerability classified as critical has been found in SourceCodeste ...)
+	TODO: check
+CVE-2024-10351 (A vulnerability was found in Tenda RX9 Pro 22.03.02.20. It has been ra ...)
+	TODO: check
+CVE-2024-10350 (A vulnerability was found in code-projects Hospital Management System  ...)
+	TODO: check
+CVE-2024-10349 (A vulnerability was found in SourceCodester Best House Rental Manageme ...)
+	TODO: check
+CVE-2024-10348 (A vulnerability was found in SourceCodester Best House Rental Manageme ...)
+	TODO: check
+CVE-2024-10342 (The League of Legends Shortcodes plugin for WordPress is vulnerable to ...)
+	TODO: check
+CVE-2024-10341 (The League of Legends Shortcodes plugin for WordPress is vulnerable to ...)
+	TODO: check
+CVE-2024-10327 (A vulnerability in Okta Verify for iOS versions 9.25.1 (beta) and 9.27 ...)
+	TODO: check
+CVE-2024-10150 (The Bamazoo \u2013 Button Generator plugin for WordPress is vulnerable ...)
+	TODO: check
+CVE-2024-10148 (The Awesome buttons plugin for WordPress is vulnerable to Stored Cross ...)
+	TODO: check
+CVE-2024-10011 (The BuddyPress plugin for WordPress is vulnerable to Directory Travers ...)
+	TODO: check
+CVE-2024-48426 (A segmentation fault (SEGV) was detected in the SortByPTypeProcess::Ex ...)
 	- assimp <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2321614
-CVE-2024-48425
+CVE-2024-48425 (A segmentation fault (SEGV) was detected in the Assimp::SplitLargeMesh ...)
 	- assimp <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2321631
-CVE-2024-48424
+CVE-2024-48424 (A heap-buffer-overflow vulnerability has been identified in the OpenDD ...)
 	- assimp <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2321628
-CVE-2024-48423
+CVE-2024-48423 (An issue in assimp v.5.4.3 allows a local attacker to execute arbitrar ...)
 	- assimp <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2321643
 CVE-2024-9692 (VIMESA VHF/FM Transmitter Blue Plus is suffering from a Denial-of-Serv ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9cd5ad1631187fcae290d1d6d6bdbf172cf6ce6d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9cd5ad1631187fcae290d1d6d6bdbf172cf6ce6d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241025/06995f87/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list