Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cff0f6e8 by security tracker role at 2024-01-11T20:15:08+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,195 @@
+CVE-2024-23061 (TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to
contain a co ...)
+ TODO: check
+CVE-2024-23060 (TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to
contain a co ...)
+ TODO: check
+CVE-2024-23059 (TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to
contain a co ...)
+ TODO: check
+CVE-2024-23058 (TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to
contain a co ...)
+ TODO: check
+CVE-2024-23057 (TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to
contain a co ...)
+ TODO: check
+CVE-2024-22942 (TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to
contain a co ...)
+ TODO: check
+CVE-2024-22199 (This package provides universal methods to use multiple
template engin ...)
+ TODO: check
+CVE-2024-22198 (Nginx-UI is a web interface to manage Nginx configurations. It
is vuln ...)
+ TODO: check
+CVE-2024-22197 (Nginx-ui is online statistics for Server Indicators Monitor
CPU usage, ...)
+ TODO: check
+CVE-2024-22196 (Nginx-UI is an online statistics for Server Indicators Monitor
CPU usa ...)
+ TODO: check
+CVE-2024-0429 (A denial service vulnerability has been found on Hex Workshop
affectin ...)
+ TODO: check
+CVE-2024-0425 (A vulnerability classified as critical was found in ForU CMS up
to 202 ...)
+ TODO: check
+CVE-2024-0424 (A vulnerability classified as problematic has been found in
CodeAstro ...)
+ TODO: check
+CVE-2024-0423 (A vulnerability was found in CodeAstro Online Food Ordering
System 1.0 ...)
+ TODO: check
+CVE-2024-0422 (A vulnerability was found in CodeAstro POS and Inventory
Management Sy ...)
+ TODO: check
+CVE-2024-0419 (A vulnerability was found in Jasper httpdx up to 1.5.4 and
classified ...)
+ TODO: check
+CVE-2024-0418 (A vulnerability has been found in iSharer and upRedSun File
Sharing Wi ...)
+ TODO: check
+CVE-2024-0417 (A vulnerability, which was classified as critical, was found in
DeShan ...)
+ TODO: check
+CVE-2024-0416 (A vulnerability, which was classified as critical, has been
found in D ...)
+ TODO: check
+CVE-2024-0415 (A vulnerability classified as critical was found in DeShang
DSMall up ...)
+ TODO: check
+CVE-2024-0414 (A vulnerability classified as problematic has been found in
DeShang DS ...)
+ TODO: check
+CVE-2024-0413 (A vulnerability was found in DeShang DSKMS up to 3.1.2. It has
been ra ...)
+ TODO: check
+CVE-2024-0412 (A vulnerability was found in DeShang DSShop up to 3.1.0. It has
been d ...)
+ TODO: check
+CVE-2024-0411 (A vulnerability was found in DeShang DSMall up to 6.1.0. It has
been c ...)
+ TODO: check
+CVE-2024-0227 (Devise-Two-Factor does not throttle or otherwise restrict login
attemp ...)
+ TODO: check
+CVE-2023-7071 (The Essential Blocks \u2013 Page Builder Gutenberg Blocks,
Patterns & ...)
+ TODO: check
+CVE-2023-7070 (The Email Encoder \u2013 Protect Email Addresses and Phone
Numbers plu ...)
+ TODO: check
+CVE-2023-7048 (The My Sticky Bar plugin for WordPress is vulnerable to
Cross-Site Req ...)
+ TODO: check
+CVE-2023-7019 (The LightStart \u2013 Maintenance Mode, Coming Soon and Landing
Page B ...)
+ TODO: check
+CVE-2023-6994 (The List category posts plugin for WordPress is vulnerable to
Stored C ...)
+ TODO: check
+CVE-2023-6990 (The Weaver Xtreme theme for WordPress is vulnerable to Stored
Cross-Si ...)
+ TODO: check
+CVE-2023-6988 (The Colibri Page Builder plugin for WordPress is vulnerable to
Stored ...)
+ TODO: check
+CVE-2023-6979 (The Customer Reviews for WooCommerce plugin for WordPress is
vulnerabl ...)
+ TODO: check
+CVE-2023-6938 (The Oxygen Builder plugin for WordPress is vulnerable to Stored
Cross- ...)
+ TODO: check
+CVE-2023-6934 (The Limit Login Attempts Reloaded plugin for WordPress is
vulnerable t ...)
+ TODO: check
+CVE-2023-6924 (The Photo Gallery by 10Web plugin for WordPress is vulnerable
to Store ...)
+ TODO: check
+CVE-2023-6882 (The Simple Membership plugin for WordPress is vulnerable to
Reflected ...)
+ TODO: check
+CVE-2023-6878 (The Slick Social Share Buttons plugin for WordPress is
vulnerable to u ...)
+ TODO: check
+CVE-2023-6875 (The POST SMTP Mailer \u2013 Email log, Delivery Failure
Notifications ...)
+ TODO: check
+CVE-2023-6855 (The Paid Memberships Pro \u2013 Content Restriction, User
Registration ...)
+ TODO: check
+CVE-2023-6828 (The Contact Form, Survey & Popup Form Plugin for WordPress
\u2013 ARF ...)
+ TODO: check
+CVE-2023-6782 (The AMP for WP \u2013 Accelerated Mobile Pages plugin for
WordPress is ...)
+ TODO: check
+CVE-2023-6781 (The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable
to Store ...)
+ TODO: check
+CVE-2023-6776 (The 3D FlipBook plugin for WordPress is vulnerable to Stored
Cross-Sit ...)
+ TODO: check
+CVE-2023-6751 (The Hostinger plugin for WordPress is vulnerable to
unauthorized plugi ...)
+ TODO: check
+CVE-2023-6742 (The Gallery Plugin for WordPress \u2013 Envira Photo Gallery
plugin fo ...)
+ TODO: check
+CVE-2023-6737 (The Enable Media Replace plugin for WordPress is vulnerable to
Reflect ...)
+ TODO: check
+CVE-2023-6684 (The Ibtana \u2013 WordPress Website Builder plugin for
WordPress is vu ...)
+ TODO: check
+CVE-2023-6645 (The Post Grid Combo \u2013 36+ Gutenberg Blocks plugin for
WordPress i ...)
+ TODO: check
+CVE-2023-6638 (The GTG Product Feed for Shopping plugin for WordPress is
vulnerable t ...)
+ TODO: check
+CVE-2023-6637 (The CAOS | Host Google Analytics Locally plugin for WordPress
is vulne ...)
+ TODO: check
+CVE-2023-6636 (The Greenshift \u2013 animation and page builder blocks plugin
for Wor ...)
+ TODO: check
+CVE-2023-6634 (The LearnPress plugin for WordPress is vulnerable to Command
Injection ...)
+ TODO: check
+CVE-2023-6632 (The Happy Addons for Elementor plugin for WordPress is
vulnerable to R ...)
+ TODO: check
+CVE-2023-6624 (The Import and export users and customers plugin for WordPress
is vuln ...)
+ TODO: check
+CVE-2023-6598 (The SpeedyCache plugin for WordPress is vulnerable to
unauthorized mod ...)
+ TODO: check
+CVE-2023-6583 (The Import and export users and customers plugin for WordPress
is vuln ...)
+ TODO: check
+CVE-2023-6582 (The ElementsKit Elementor addons plugin for WordPress is
vulnerable to ...)
+ TODO: check
+CVE-2023-6567 (The LearnPress plugin for WordPress is vulnerable to time-based
SQL In ...)
+ TODO: check
+CVE-2023-6561 (The Featured Image from URL (FIFU) plugin for WordPress is
vulnerable ...)
+ TODO: check
+CVE-2023-6558 (The Export and Import Users and Customers plugin for WordPress
is vuln ...)
+ TODO: check
+CVE-2023-6556 (The FOX \u2013 Currency Switcher Professional for WooCommerce
plugin f ...)
+ TODO: check
+CVE-2023-6554 (When access to the "admin" folder is not protected by some
external au ...)
+ TODO: check
+CVE-2023-6504 (The User Profile Builder \u2013 Beautiful User Registration
Forms, Use ...)
+ TODO: check
+CVE-2023-6496 (The Manage Notification E-mails plugin for WordPress is
vulnerable to ...)
+ TODO: check
+CVE-2023-6369 (The Export WP Page to Static HTML/CSS plugin for WordPress is
vulnerab ...)
+ TODO: check
+CVE-2023-6316 (The MW WP Form plugin for WordPress is vulnerable to arbitrary
file up ...)
+ TODO: check
+CVE-2023-6266 (The Backup Migration plugin for WordPress is vulnerable to
unauthorize ...)
+ TODO: check
+CVE-2023-6244 (The EventON - WordPress Virtual Event Calendar Plugin plugin
for WordP ...)
+ TODO: check
+CVE-2023-6242 (The EventON - WordPress Virtual Event Calendar Plugin plugin
for WordP ...)
+ TODO: check
+CVE-2023-6220 (The Piotnet Forms plugin for WordPress is vulnerable to
arbitrary file ...)
+ TODO: check
+CVE-2023-5691 (The Chatbot for WordPress plugin for WordPress is vulnerable to
Stored ...)
+ TODO: check
+CVE-2023-5504 (The BackWPup plugin for WordPress is vulnerable to Directory
Traversal ...)
+ TODO: check
+CVE-2023-5118 (The application is vulnerable to Stored Cross-Site Scripting
(XSS) in ...)
+ TODO: check
+CVE-2023-52032 (TOTOlink EX1200T V4.1.2cu.5232_B20210713 was discovered to
contain a r ...)
+ TODO: check
+CVE-2023-52031 (TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to
contain a rem ...)
+ TODO: check
+CVE-2023-52030 (TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to
contain a rem ...)
+ TODO: check
+CVE-2023-52029 (TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to
contain a rem ...)
+ TODO: check
+CVE-2023-52028 (TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to
contain a rem ...)
+ TODO: check
+CVE-2023-52027 (TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to
contain a rem ...)
+ TODO: check
+CVE-2023-51989 (D-Link DIR-822+ V1.0.2 contains a login bypass in the HNAP1
interface, ...)
+ TODO: check
+CVE-2023-51987 (D-Link DIR-822+ V1.0.2 contains a login bypass in the HNAP1
interface, ...)
+ TODO: check
+CVE-2023-51984 (D-Link DIR-822+ V1.0.2 was found to contain a command
injection in Set ...)
+ TODO: check
+CVE-2023-51751 (ScaleFusion 10.5.2 does not properly limit users to the Edge
applicati ...)
+ TODO: check
+CVE-2023-51750 (ScaleFusion 10.5.2 does not properly limit users to the Edge
applicati ...)
+ TODO: check
+CVE-2023-51749 (ScaleFusion 10.5.2 does not properly limit users to the Edge
applicati ...)
+ TODO: check
+CVE-2023-51748 (ScaleFusion 10.5.2 does not properly limit users to the Edge
applicati ...)
+ TODO: check
+CVE-2023-50671 (In exiftags 1.01, nikon_prop1 in nikon.c has a heap-based
buffer overf ...)
+ TODO: check
+CVE-2023-50159 (In ScaleFusion (Windows Desktop App) agent v10.5.2, Kiosk mode
applica ...)
+ TODO: check
+CVE-2023-4962 (The Video PopUp plugin for WordPress is vulnerable to Stored
Cross-Sit ...)
+ TODO: check
+CVE-2023-4960 (The WCFM Marketplace plugin for WordPress is vulnerable to
Stored Cros ...)
+ TODO: check
+CVE-2023-4372 (The LiteSpeed Cache plugin for WordPress is vulnerable to
Stored Cross ...)
+ TODO: check
+CVE-2023-4248 (The GiveWP plugin for WordPress is vulnerable to Cross-Site
Request Fo ...)
+ TODO: check
+CVE-2023-4247 (The GiveWP plugin for WordPress is vulnerable to Cross-Site
Request Fo ...)
+ TODO: check
+CVE-2023-4246 (The GiveWP plugin for WordPress is vulnerable to Cross-Site
Request Fo ...)
+ TODO: check
+CVE-2022-4958 (A vulnerability classified as problematic has been found in
qkmc-rk re ...)
+ TODO: check
CVE-2024-22195 (Jinja is an extensible templating engine. Special placeholders
in the ...)
- jinja2 <unfixed>
NOTE:
https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95
@@ -6174,7 +6366,7 @@ CVE-2023-48417 (Missing Permission checks resulting in
unauthorized access and M
NOT-FOR-US: Android
CVE-2023-6655 (A vulnerability, which was classified as critical, has been
found in H ...)
NOT-FOR-US: Hongjing e-HR 2020
-CVE-2023-6654 (A vulnerability classified as critical was found in PHPEMS
6.x/7.0. Af ...)
+CVE-2023-6654 (A vulnerability classified as critical was found in PHPEMS
6.x/7.x/8.x ...)
NOT-FOR-US: PHPEMS
CVE-2023-6653 (A vulnerability was found in PHPGurukul Teacher Subject
Allocation Man ...)
NOT-FOR-US: PHPGurukul Teacher Subject Allocation Management System
@@ -80852,8 +81044,8 @@ CVE-2023-20575 (A potential power side-channel
vulnerability in some AMD process
NOT-FOR-US: AMD
CVE-2023-20574
RESERVED
-CVE-2023-20573
- RESERVED
+CVE-2023-20573 (A privileged attacker can prevent delivery of debug exceptions
to SEV- ...)
+ TODO: check
CVE-2023-20572
RESERVED
CVE-2023-20571 (A race condition in System Management Mode (SMM) code may
allow an att ...)
@@ -125819,7 +126011,7 @@ CVE-2022-28343
RESERVED
CVE-2022-28342
RESERVED
-CVE-2022-1209 (The Ultimate Member plugin for WordPress is vulnerable to open
redirec ...)
+CVE-2022-1209 (The Ultimate Member plugin for WordPress is vulnerable to
arbitrary re ...)
NOT-FOR-US: Ultimate Member plugin for WordPress
CVE-2022-1208 (The Ultimate Member plugin for WordPress is vulnerable to
Stored Cross ...)
NOT-FOR-US: Ultimate Member plugin for WordPress
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cff0f6e851f17c5422a1930afcf3be659dd879f4
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cff0f6e851f17c5422a1930afcf3be659dd879f4
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
