[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Tue, 26 Mar 2024 01:22:42 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
11a4c047 by security tracker role at 2024-03-26T08:11:50+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,63 @@
+CVE-2024-2889 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
+       TODO: check
+CVE-2024-2888 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
+       TODO: check
+CVE-2024-2873 (A vulnerability was found in wolfSSH's server-side state 
machine befor ...)
+       TODO: check
+CVE-2024-2732 (The Themify Shortcodes plugin for WordPress is vulnerable to 
Stored Cr ...)
+       TODO: check
+CVE-2024-2427 (A denial-of-service vulnerability exists in the Rockwell 
Automation Po ...)
+       TODO: check
+CVE-2024-2426 (A denial-of-service vulnerability exists in the Rockwell 
Automation Po ...)
+       TODO: check
+CVE-2024-2425 (A denial-of-service vulnerability exists in the Rockwell 
Automation Po ...)
+       TODO: check
+CVE-2024-2303 (The Easy Textillate plugin for WordPress is vulnerable to 
Stored Cross ...)
+       TODO: check
+CVE-2024-2170 (The VK All in One Expansion Unit plugin for WordPress is 
vulnerable to ...)
+       TODO: check
+CVE-2024-29442 (An unauthorized access vulnerability has been discovered in 
ROS2 Humbl ...)
+       TODO: check
+CVE-2024-29440 (An unauthorized access vulnerability has been discovered in 
ROS2 Humbl ...)
+       TODO: check
+CVE-2024-29303 (The delete admin users function of SourceCodester PHP Task 
Management  ...)
+       TODO: check
+CVE-2024-29302 (SourceCodester PHP Task Management System 1.0 is vulnerable to 
SQL Inj ...)
+       TODO: check
+CVE-2024-29301 (SourceCodester PHP Task Management System 1.0 is vulnerable to 
SQL Inj ...)
+       TODO: check
+CVE-2024-29199 (Nautobot is a Network Source of Truth and Network Automation 
Platform. ...)
+       TODO: check
+CVE-2024-29196 (phpMyFAQ is an open source FAQ web application for PHP 8.1+ 
and MySQL, ...)
+       TODO: check
+CVE-2024-29195 (The azure-c-shared-utility is a C library for AMQP/MQTT 
communication  ...)
+       TODO: check
+CVE-2024-29189 (PyAnsys Geometry is a Python client library for the Ansys 
Geometry ser ...)
+       TODO: check
+CVE-2024-29179 (phpMyFAQ is an open source FAQ web application for PHP 8.1+ 
and MySQL, ...)
+       TODO: check
+CVE-2024-29041 (Express.js minimalist web framework for node. Versions of 
Express.js p ...)
+       TODO: check
+CVE-2024-28421 (SQL Injection vulnerability in Razor 0.8.0 allows a remote 
attacker to ...)
+       TODO: check
+CVE-2024-21914 (A vulnerability exists in the affected product that allows a 
malicious ...)
+       TODO: check
+CVE-2024-1973 (By leveraging the vulnerability, lower-privileged users of 
Content Man ...)
+       TODO: check
+CVE-2024-1745 (The Testimonial Slider WordPress plugin before 2.3.7 does not 
properly ...)
+       TODO: check
+CVE-2024-0901 (Remotely executed SEGV and out of bounds read allows malicious 
packet  ...)
+       TODO: check
+CVE-2024-0866 (The Check & Log Email plugin for WordPress is vulnerable to 
Unauthenti ...)
+       TODO: check
+CVE-2023-7232 (The Backup and Restore WordPress  WordPress plugin through 1.45 
does n ...)
+       TODO: check
+CVE-2023-51416 (Cross-Site Request Forgery (CSRF) vulnerability in 
EnvialoSimple Env\x ...)
+       TODO: check
+CVE-2023-49839 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
+       TODO: check
+CVE-2023-47430 (Stack-buffer-overflow vulnerability in ReadyMedia (MiniDLNA) 
v1.3.3 al ...)
+       TODO: check
 CVE-2024-30205 (In Emacs before 29.3, Org mode considers contents of remote 
files to b ...)
        - emacs 1:29.3+1-1 (bug #1067630)
        - org-mode <unfixed> (bug #1067663)
@@ -26839,7 +26899,7 @@ CVE-2023-6176 (A null pointer dereference flaw was 
found in the Linux kernel API
        [bullseye] - linux 5.10.197-1
        [buster] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/cfaa80c91f6f99b9342b6557f0f0e1143e434066 (6.6-rc2)
-CVE-2023-6175 [NetScreen file parser crash]
+CVE-2023-6175 (NetScreen file parser crash in Wireshark 4.0.0 to 4.0.10 and 
3.6.0 to  ...)
        {DSA-5559-1 DLA-3746-1}
        - wireshark 4.0.11-1
        [bullseye] - wireshark <no-dsa> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/11a4c04707fe79ef9416e378eda7b315f67344b3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/11a4c04707fe79ef9416e378eda7b315f67344b3
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to