[Git][security-tracker-team/security-tracker][master] automatic update

Sat Oct 26 21:12:24 BST 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f130da71 by security tracker role at 2024-10-26T20:12:18+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,29 @@
+CVE-2024-9967 (The WP show more plugin for WordPress is vulnerable to Stored Cross-Si ...)
+	TODO: check
+CVE-2024-9853 (The ID-SK Toolkit plugin for WordPress is vulnerable to Stored Cross-S ...)
+	TODO: check
+CVE-2024-9772 (The The Uix Shortcodes \u2013 Compatible with Gutenberg plugin for Wor ...)
+	TODO: check
+CVE-2024-9642 (The Editor Custom Color Palette plugin for WordPress is vulnerable to  ...)
+	TODO: check
+CVE-2024-9637 (The School Management System \u2013 WPSchoolPress plugin for WordPress ...)
+	TODO: check
+CVE-2024-9501 (The Wp Social Login and Register Social Counter plugin for WordPress i ...)
+	TODO: check
+CVE-2024-9116 (The Monkee-Boy Essentials plugin for WordPress is vulnerable to Stored ...)
+	TODO: check
+CVE-2024-8392 (The WordPress Post Grid Layouts with Pagination \u2013 Sogrid plugin f ...)
+	TODO: check
+CVE-2024-10402 (The Forminator Forms \u2013 Contact Form, Payment Form & Custom Form B ...)
+	TODO: check
+CVE-2024-10357 (The Clever Addons for Elementor plugin for WordPress is vulnerable to  ...)
+	TODO: check
+CVE-2024-10117 (The WP Crowdfunding plugin for WordPress is vulnerable to Stored Cross ...)
+	TODO: check
+CVE-2024-0128 (NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manag ...)
+	TODO: check
+CVE-2024-0127 (NVIDIA vGPU software contains a vulnerability in the GPU kernel driver ...)
+	TODO: check
 CVE-2024-9933 (The WatchTowerHQ plugin for WordPress is vulnerable to authentication  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-9932 (The Wux Blog Editor plugin for WordPress is vulnerable to arbitrary fi ...)
@@ -92327,7 +92353,7 @@ CVE-2023-46852 (In Memcached before 1.6.22, a buffer overflow exists when proces
 	[buster] - memcached <not-affected> (The vulnerable code was introduced later)
 	NOTE: https://github.com/memcached/memcached/commit/76a6c363c18cfe7b6a1524ae64202ac9db330767 (1.6.22)
 CVE-2023-46604 (The Java OpenWire protocol marshaller is vulnerable to Remote Code  Ex ...)
-	{DLA-3936-1 DLA-3657-1}
+	{DSA-5798-1 DLA-3936-1 DLA-3657-1}
 	- activemq 5.17.6+dfsg-1 (bug #1054909)
 	NOTE: https://activemq.apache.org/security-advisories.data/CVE-2023-46604-announcement.txt
 	NOTE: http://www.openwall.com/lists/oss-security/2023/10/27/5
@@ -168031,7 +168057,7 @@ CVE-2022-41680 (Forma LMS on its 3.1.0 version and earlier is vulnerable to a SQ
 CVE-2022-41679 (Forma LMS version 3.1.0 and earlier are affected by an Cross-Site scri ...)
 	NOT-FOR-US: Forma LMS
 CVE-2022-41678 (Once an user is authenticated on Jolokia, he can potentially trigger a ...)
-	{DLA-3936-1}
+	{DSA-5798-1 DLA-3936-1}
 	- activemq 5.17.6+dfsg-1 (unimportant)
 	NOTE: https://lists.apache.org/thread/7g17kwbtjl011mm4tr8bn1vnoq9wh4sl
 	NOTE: https://activemq.apache.org/security-advisories.data/CVE-2022-41678-announcement.txt



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f130da71e5fc5e3bd72d327f8c14cb0ebba95d34

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f130da71e5fc5e3bd72d327f8c14cb0ebba95d34
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241026/13cd37b6/attachment-0001.htm>
