Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a37013ee by security tracker role at 2024-04-04T08:12:17+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,65 @@
+CVE-2024-3274 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found
in D-Li ...)
+ TODO: check
+CVE-2024-3273 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was
classified ...)
+ TODO: check
+CVE-2024-3272 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was
classified ...)
+ TODO: check
+CVE-2024-3270 (A vulnerability classified as problematic was found in
ThingsBoard up ...)
+ TODO: check
+CVE-2024-3030 (The Announce from the Dashboard plugin for WordPress is
vulnerable to ...)
+ TODO: check
+CVE-2024-3022 (The BookingPress plugin for WordPress is vulnerable to
arbitrary file ...)
+ TODO: check
+CVE-2024-31025 (SQL Injection vulnerability in ECshop 4.x allows an attacker
to obtain ...)
+ TODO: check
+CVE-2024-30265 (Collabora Online is a collaborative online office suite based
on Libre ...)
+ TODO: check
+CVE-2024-2919 (The Gutenberg Blocks by Kadence Blocks \u2013 Page Builder
Features pl ...)
+ TODO: check
+CVE-2024-2868 (The ShopLentor \u2013 WooCommerce Builder for Elementor &
Gutenberg +1 ...)
+ TODO: check
+CVE-2024-2830 (The WordPress Tag and Category Manager \u2013 AI Autotagger
plugin for ...)
+ TODO: check
+CVE-2024-2803 (The ElementsKit Elementor addons plugin for WordPress is
vulnerable to ...)
+ TODO: check
+CVE-2024-2692 (SiYuan version 3.0.3 allows executing arbitrary commands on the
server ...)
+ TODO: check
+CVE-2024-2689 (Denial of Service in Temporal Server prior to version 1.20.5,
1.21.6, ...)
+ TODO: check
+CVE-2024-2008 (The Modal Popup Box \u2013 Popup Builder, Show Offers And News
in Popu ...)
+ TODO: check
+CVE-2024-29413 (Cross Site Scripting vulnerability in Webasyst v.2.9.9 allows
a remote ...)
+ TODO: check
+CVE-2024-29375 (CSV Injection vulnerability in Addactis IBNRS v.3.10.3.107
allows a re ...)
+ TODO: check
+CVE-2024-29225 (WRC-X3200GST3-B v1.25 and earlier, and WRC-G01-W v1.24 and
earlier all ...)
+ TODO: check
+CVE-2024-29167 (SVR-116 firmware version 1.6.0.30028871 allows a remote
authenticated ...)
+ TODO: check
+CVE-2024-29008 (A problem has been identified in the CloudStack additional VM
configur ...)
+ TODO: check
+CVE-2024-29007 (The CloudStack management server and secondary storage VM
could be tri ...)
+ TODO: check
+CVE-2024-29006 (By default the CloudStack management server honours the
x-forwarded-fo ...)
+ TODO: check
+CVE-2024-28870 (Suricata is a network Intrusion Detection System, Intrusion
Prevention ...)
+ TODO: check
+CVE-2024-28520 (File Upload vulnerability in Byzoro Networks Smart
multi-service secur ...)
+ TODO: check
+CVE-2024-27706 (Cross Site Scripting vulnerability in Huly Platform v.0.6.202
allows a ...)
+ TODO: check
+CVE-2024-27705 (Cross Site Scripting vulnerability in Leantime v3.0.6 allows
attackers ...)
+ TODO: check
+CVE-2024-26258 (OS command injection vulnerability in WRC-X3200GST3-B v1.25
and earlie ...)
+ TODO: check
+CVE-2024-25568 (OS command injection vulnerability in WRC-X3200GST3-B v1.25
and earlie ...)
+ TODO: check
+CVE-2024-25503 (Cross Site Scripting (XSS) vulnerability in Advanced REST
Client v.17. ...)
+ TODO: check
+CVE-2024-1418 (The CGC Maintenance Mode plugin for WordPress is vulnerable to
Sensiti ...)
+ TODO: check
+CVE-2023-52043 (An issue in D-Link COVR 1100, 1102, 1103 AC1200 Dual-Band
Whole-Home M ...)
+ TODO: check
CVE-2023-45288
- golang-1.22 1.22.2-1
- golang-1.21 1.21.9-1
@@ -1119,7 +1181,7 @@ CVE-2024-20850 (Use of Implicit Intent for Sensitive
Communication in Samsung Pa
NOT-FOR-US: Samsung
CVE-2024-20849 (Out-of-bound Write vulnerability in chunk parsing
implementation of li ...)
NOT-FOR-US: Samsung
-CVE-2024-20848 (Out-of-bound Write vulnerability in text parsing
implementation of lib ...)
+CVE-2024-20848 (Improper Input Validation vulnerability in text parsing
implementation ...)
NOT-FOR-US: Samsung
CVE-2024-20847 (Improper Access Control vulnerability in StorageManagerService
prior t ...)
NOT-FOR-US: Samsung
@@ -76513,10 +76575,10 @@ CVE-2023-25202
RESERVED
CVE-2023-25201 (Cross Site Request Forgery (CSRF) vulnerability in MultiTech
Conduit A ...)
NOT-FOR-US: MultiTech Conduit AP MTCAP2-L4E1
-CVE-2023-25200
- RESERVED
-CVE-2023-25199
- RESERVED
+CVE-2023-25200 (An HTML injection vulnerability exists in the MT Safeline
X-Ray X3310 ...)
+ TODO: check
+CVE-2023-25199 (A reflected cross-site scripting (XSS) vulnerability exists in
the MT ...)
+ TODO: check
CVE-2023-0687 (A vulnerability was found in GNU C Library 2.38. It has been
declared ...)
NOTE: Not considered a security issue
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=29444
@@ -256358,8 +256420,8 @@ CVE-2020-25732
RESERVED
CVE-2020-25731
RESERVED
-CVE-2020-25730
- RESERVED
+CVE-2020-25730 (Cross Site Scripting (XSS) vulnerability in ZoneMinder before
version ...)
+ TODO: check
CVE-2020-25729 (ZoneMinder before 1.34.21 has XSS via the connkey parameter to
downloa ...)
- zoneminder 1.34.21-1 (unimportant)
NOTE:
https://github.com/ZoneMinder/zoneminder/commit/9268db14a79c4ccd444c2bf8d24e62b13207b413
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a37013ee81e232c2aef6741e7438e9e49a8814da
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a37013ee81e232c2aef6741e7438e9e49a8814da
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
