[Git][security-tracker-team/security-tracker][master] automatic update

Fri Sep 6 09:11:58 BST 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7cb106dc by security tracker role at 2024-09-06T08:11:52+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,33 @@
+CVE-2024-8480 (The Image Optimizer, Resizer and CDN \u2013 Sirv plugin for WordPress  ...)
+	TODO: check
+CVE-2024-8427 (The Frontend Post Submission Manager Lite \u2013 Frontend Posting Word ...)
+	TODO: check
+CVE-2024-8317 (The WP AdCenter \u2013 Ad Manager & Adsense Ads plugin for WordPress i ...)
+	TODO: check
+CVE-2024-8292 (The WP-Recall \u2013 Registration, Profile, Commerce & More plugin for ...)
+	TODO: check
+CVE-2024-8247 (The Newsletters plugin for WordPress is vulnerable to privilege escala ...)
+	TODO: check
+CVE-2024-7415 (The Remember Me Controls plugin for WordPress is vulnerable to Full Pa ...)
+	TODO: check
+CVE-2024-7349 (The LifterLMS \u2013 WP LMS for eLearning, Online Courses, & Quizzes p ...)
+	TODO: check
+CVE-2024-6792 (The WP ULike  WordPress plugin before 4.7.2.1 does not properly saniti ...)
+	TODO: check
+CVE-2024-45751 (tgt (aka Linux target framework) before 1.0.93 attempts to achieve ent ...)
+	TODO: check
+CVE-2024-45400 (ckeditor-plugin-openlink is a plugin for the CKEditor JavaScript text  ...)
+	TODO: check
+CVE-2024-42495 (Credentials to access device configuration were transmitted using an u ...)
+	TODO: check
+CVE-2024-40865 (The issue was addressed by suspending Persona when the virtual keyboar ...)
+	TODO: check
+CVE-2024-39585 (Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10  ...)
+	TODO: check
+CVE-2024-39278 (Credentials to access device configuration information stored unencryp ...)
+	TODO: check
+CVE-2024-38486 (Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10  ...)
+	TODO: check
 CVE-2024-8473 (Cross-Site Scripting (XSS) vulnerability, whereby user-controlled inpu ...)
 	NOT-FOR-US: Job Portal
 CVE-2024-8472 (Cross-Site Scripting (XSS) vulnerability, whereby user-controlled inpu ...)
@@ -620,7 +650,7 @@ CVE-2024-20440 (A vulnerability in Cisco Smart Licensing Utility could allow an
 	NOT-FOR-US: Cisco
 CVE-2024-20439 (A vulnerability in Cisco Smart Licensing Utility could allow an unauth ...)
 	NOT-FOR-US: Cisco
-CVE-2024-44082
+CVE-2024-44082 (In OpenStack Ironic before 26.0.1 and ironic-python-agent before 9.13. ...)
 	- ironic <unfixed>
 	- ironic-python-agent <unfixed>
 	NOTE: https://www.openwall.com/lists/oss-security/2024/09/04/4



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7cb106dc616713ab9479349d54812c380a394e0d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7cb106dc616713ab9479349d54812c380a394e0d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240906/8bf6e4a7/attachment.htm>
