Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
80f3dc92 by security tracker role at 2024-03-22T08:12:12+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,125 @@
+CVE-2024-2817 (A vulnerability, which was classified as problematic, has been
found i ...)
+ TODO: check
+CVE-2024-2816 (A vulnerability classified as problematic was found in Tenda
AC15 15.0 ...)
+ TODO: check
+CVE-2024-2815 (A vulnerability classified as critical has been found in Tenda
AC15 15 ...)
+ TODO: check
+CVE-2024-2814 (A vulnerability was found in Tenda AC15 15.03.20_multi. It has
been ra ...)
+ TODO: check
+CVE-2024-2813 (A vulnerability was found in Tenda AC15 15.03.20_multi. It has
been de ...)
+ TODO: check
+CVE-2024-2812 (A vulnerability was found in Tenda AC15
15.03.05.18/15.03.20_multi. It ...)
+ TODO: check
+CVE-2024-2811 (A vulnerability was found in Tenda AC15 15.03.20_multi and
classified ...)
+ TODO: check
+CVE-2024-2810 (A vulnerability has been found in Tenda AC15
15.03.05.18/15.03.20_mult ...)
+ TODO: check
+CVE-2024-2809 (A vulnerability, which was classified as critical, was found in
Tenda ...)
+ TODO: check
+CVE-2024-2808 (A vulnerability, which was classified as critical, has been
found in T ...)
+ TODO: check
+CVE-2024-2807 (A vulnerability classified as critical was found in Tenda AC15
15.03.0 ...)
+ TODO: check
+CVE-2024-2806 (A vulnerability classified as critical has been found in Tenda
AC15 15 ...)
+ TODO: check
+CVE-2024-2805 (A vulnerability was found in Tenda AC15
15.03.05.18/15.03.20_multi. It ...)
+ TODO: check
+CVE-2024-2780 (A vulnerability was found in Campcodes Online Marriage
Registration Sy ...)
+ TODO: check
+CVE-2024-2779 (A vulnerability was found in Campcodes Online Marriage
Registration Sy ...)
+ TODO: check
+CVE-2024-2778 (A vulnerability was found in Campcodes Online Marriage
Registration Sy ...)
+ TODO: check
+CVE-2024-2777 (A vulnerability has been found in Campcodes Online Marriage
Registrati ...)
+ TODO: check
+CVE-2024-2776 (A vulnerability, which was classified as critical, was found in
Campco ...)
+ TODO: check
+CVE-2024-2775 (A vulnerability, which was classified as problematic, has been
found i ...)
+ TODO: check
+CVE-2024-2774 (A vulnerability classified as critical was found in Campcodes
Online M ...)
+ TODO: check
+CVE-2024-2773 (A vulnerability classified as problematic has been found in
Campcodes ...)
+ TODO: check
+CVE-2024-2770 (A vulnerability was found in Campcodes Complete Online Beauty
Parlor M ...)
+ TODO: check
+CVE-2024-2769 (A vulnerability was found in Campcodes Complete Online Beauty
Parlor M ...)
+ TODO: check
+CVE-2024-2768 (A vulnerability was found in Campcodes Complete Online Beauty
Parlor M ...)
+ TODO: check
+CVE-2024-2767 (A vulnerability was found in Campcodes Complete Online Beauty
Parlor M ...)
+ TODO: check
+CVE-2024-2766 (A vulnerability has been found in Campcodes Complete Online
Beauty Par ...)
+ TODO: check
+CVE-2024-2764 (A vulnerability, which was classified as critical, was found in
Tenda ...)
+ TODO: check
+CVE-2024-2763 (A vulnerability, which was classified as critical, has been
found in T ...)
+ TODO: check
+CVE-2024-2500 (The ColorMag theme for WordPress is vulnerable to Stored
Cross-Site Sc ...)
+ TODO: check
+CVE-2024-2453 (There is an SQL injection vulnerability in Advantech
WebAccess/SCADA s ...)
+ TODO: check
+CVE-2024-2392 (The Blocksy Companion plugin for WordPress is vulnerable to
Stored Cro ...)
+ TODO: check
+CVE-2024-2080 (The LiquidPoll \u2013 Polls, Surveys, NPS and Feedback Reviews
plugin ...)
+ TODO: check
+CVE-2024-29275 (SQL injection vulnerability in SeaCMS version 12.9, allows
remote unau ...)
+ TODO: check
+CVE-2024-29273 (There is Stored Cross-Site Scripting (XSS) in dzzoffice 2.02.1
SC UTF8 ...)
+ TODO: check
+CVE-2024-29272 (Arbitrary File Upload vulnerability in VvvebJs before version
1.7.5, a ...)
+ TODO: check
+CVE-2024-29271 (Reflected Cross-Site Scripting (XSS) vulnerability in VvvebJs
before v ...)
+ TODO: check
+CVE-2024-29031 (Meshery is an open source, cloud native manager that enables
the desig ...)
+ TODO: check
+CVE-2024-28891 (SQL injection vulnerability exists in the script
Handler_CFG.ashx.)
+ TODO: check
+CVE-2024-28863 (node-tar is a Tar for Node.js. node-tar prior to version 6.2.1
has no ...)
+ TODO: check
+CVE-2024-28756 (The SolarEdge mySolarEdge application before 2.20.1 for
Android has a ...)
+ TODO: check
+CVE-2024-28521 (SQL Injection vulnerability in Netcome NS-ASG Application
Security Gat ...)
+ TODO: check
+CVE-2024-28441 (File Upload vulnerability in magicflue v.7.0 and before allows
a remot ...)
+ TODO: check
+CVE-2024-28171 (It is possible to perform a path traversal attack and write
outside of ...)
+ TODO: check
+CVE-2024-28119 (Grav is an open-source, flat-file content management system.
Prior to ...)
+ TODO: check
+CVE-2024-28118 (Grav is an open-source, flat-file content management system.
Prior to ...)
+ TODO: check
+CVE-2024-28117 (Grav is an open-source, flat-file content management system.
Prior to ...)
+ TODO: check
+CVE-2024-28116 (Grav is an open-source, flat-file content management system.
Grav CMS ...)
+ TODO: check
+CVE-2024-28045 (Improper neutralization of input within the affected product
could lea ...)
+ TODO: check
+CVE-2024-28040 (SQL injection vulnerability exists in
GetDIAE_astListParameters.)
+ TODO: check
+CVE-2024-28029 (Privileges are not fully verified server-side, which can be
abused by ...)
+ TODO: check
+CVE-2024-27921 (Grav is an open-source, flat-file content management system. A
file up ...)
+ TODO: check
+CVE-2024-26557 (Codiad v2.8.4 allows reflected XSS via the
components/market/dialog.ph ...)
+ TODO: check
+CVE-2024-25937 (SQL injection vulnerability exists in the script
DIAE_tagHandler.ashx.)
+ TODO: check
+CVE-2024-25808 (Cross-site Request Forgery (CSRF) vulnerability in Lychee
version 3.1. ...)
+ TODO: check
+CVE-2024-25807 (Cross Site Scripting (XSS) vulnerability in Lychee 3.1.6,
allows remot ...)
+ TODO: check
+CVE-2024-25567 (Path traversal attack is possible and write outside of the
intended di ...)
+ TODO: check
+CVE-2024-24272 (An issue in iTop DualSafe Password Manager & Digital Vault
before 1.4. ...)
+ TODO: check
+CVE-2024-23975 (SQL injection vulnerability exists in
GetDIAE_slogListParameters.)
+ TODO: check
+CVE-2024-23494 (SQL injection vulnerability exists in
GetDIAE_unListParameters.)
+ TODO: check
+CVE-2024-0957 (The WooCommerce PDF Invoices, Packing Slips, Delivery Notes and
Shippi ...)
+ TODO: check
+CVE-2023-42954 (A privilege escalation issue existed in FileMaker Server,
potentially ...)
+ TODO: check
CVE-2024-2742 (Operating system command injection vulnerability in Planet
IGS-4215-16 ...)
NOT-FOR-US: Planet IGS-4215-16T2S
CVE-2024-2741 (Cross-Site Request Forgery (CSRF) vulnerability in Planet
IGS-4215-16T ...)
@@ -1560,7 +1682,7 @@ CVE-2023-51474 (Cross-Site Request Forgery (CSRF)
vulnerability in Pixelemu Terr
NOT-FOR-US: WordPress plugin
CVE-2023-51407 (Cross-Site Request Forgery (CSRF) vulnerability in Rocket
Elements Spl ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-36483 (An authorization bypass was discovered in the Carrier
MASmobile Classi ...)
+CVE-2023-36483 (Authorization bypass can be achieved by session ID prediction
in MASmo ...)
NOT-FOR-US: Carrier applications
CVE-2021-47135 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux <not-affected> (Vulnerable code not present)
@@ -5800,7 +5922,7 @@ CVE-2024-27948 (Cross-Site Request Forgery (CSRF)
vulnerability in bytesforall A
NOT-FOR-US: bytesforall Atahualpa
CVE-2024-27517 (Webasyst 2.9.9 has a Cross-Site Scripting (XSS) vulnerability,
Attacke ...)
NOT-FOR-US: Webasyst
-CVE-2024-27516 (livehelperchat 4.28v is vulnerable to Server-Side Template
Injection ( ...)
+CVE-2024-27516 (Server-Side Template Injection (SSTI) vulnerability in
livehelperchat ...)
NOT-FOR-US: livehelperchat
CVE-2024-27515 (Osclass 5.1.2 is vulnerable to SQL Injection.)
NOT-FOR-US: Osclass
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/80f3dc92b3c66098e69d053cef5bb0852c3d8a99
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/80f3dc92b3c66098e69d053cef5bb0852c3d8a99
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
