[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Oct 26 21:12:24 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f130da71 by security tracker role at 2024-10-26T20:12:18+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,29 @@
+CVE-2024-9967 (The WP show more plugin for WordPress is vulnerable to Stored Cross-Si ...)
+ TODO: check
+CVE-2024-9853 (The ID-SK Toolkit plugin for WordPress is vulnerable to Stored Cross-S ...)
+ TODO: check
+CVE-2024-9772 (The The Uix Shortcodes \u2013 Compatible with Gutenberg plugin for Wor ...)
+ TODO: check
+CVE-2024-9642 (The Editor Custom Color Palette plugin for WordPress is vulnerable to ...)
+ TODO: check
+CVE-2024-9637 (The School Management System \u2013 WPSchoolPress plugin for WordPress ...)
+ TODO: check
+CVE-2024-9501 (The Wp Social Login and Register Social Counter plugin for WordPress i ...)
+ TODO: check
+CVE-2024-9116 (The Monkee-Boy Essentials plugin for WordPress is vulnerable to Stored ...)
+ TODO: check
+CVE-2024-8392 (The WordPress Post Grid Layouts with Pagination \u2013 Sogrid plugin f ...)
+ TODO: check
+CVE-2024-10402 (The Forminator Forms \u2013 Contact Form, Payment Form & Custom Form B ...)
+ TODO: check
+CVE-2024-10357 (The Clever Addons for Elementor plugin for WordPress is vulnerable to ...)
+ TODO: check
+CVE-2024-10117 (The WP Crowdfunding plugin for WordPress is vulnerable to Stored Cross ...)
+ TODO: check
+CVE-2024-0128 (NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manag ...)
+ TODO: check
+CVE-2024-0127 (NVIDIA vGPU software contains a vulnerability in the GPU kernel driver ...)
+ TODO: check
CVE-2024-9933 (The WatchTowerHQ plugin for WordPress is vulnerable to authentication ...)
NOT-FOR-US: WordPress plugin
CVE-2024-9932 (The Wux Blog Editor plugin for WordPress is vulnerable to arbitrary fi ...)
@@ -92327,7 +92353,7 @@ CVE-2023-46852 (In Memcached before 1.6.22, a buffer overflow exists when proces
[buster] - memcached <not-affected> (The vulnerable code was introduced later)
NOTE: https://github.com/memcached/memcached/commit/76a6c363c18cfe7b6a1524ae64202ac9db330767 (1.6.22)
CVE-2023-46604 (The Java OpenWire protocol marshaller is vulnerable to Remote Code Ex ...)
- {DLA-3936-1 DLA-3657-1}
+ {DSA-5798-1 DLA-3936-1 DLA-3657-1}
- activemq 5.17.6+dfsg-1 (bug #1054909)
NOTE: https://activemq.apache.org/security-advisories.data/CVE-2023-46604-announcement.txt
NOTE: http://www.openwall.com/lists/oss-security/2023/10/27/5
@@ -168031,7 +168057,7 @@ CVE-2022-41680 (Forma LMS on its 3.1.0 version and earlier is vulnerable to a SQ
CVE-2022-41679 (Forma LMS version 3.1.0 and earlier are affected by an Cross-Site scri ...)
NOT-FOR-US: Forma LMS
CVE-2022-41678 (Once an user is authenticated on Jolokia, he can potentially trigger a ...)
- {DLA-3936-1}
+ {DSA-5798-1 DLA-3936-1}
- activemq 5.17.6+dfsg-1 (unimportant)
NOTE: https://lists.apache.org/thread/7g17kwbtjl011mm4tr8bn1vnoq9wh4sl
NOTE: https://activemq.apache.org/security-advisories.data/CVE-2022-41678-announcement.txt
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f130da71e5fc5e3bd72d327f8c14cb0ebba95d34
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f130da71e5fc5e3bd72d327f8c14cb0ebba95d34
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241026/13cd37b6/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list