Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ad12f23c by security tracker role at 2024-04-05T08:11:40+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,63 @@
+CVE-2024-3321 (A vulnerability classified as problematic has been found in
SourceCode ...)
+ TODO: check
+CVE-2024-3320 (A vulnerability was found in SourceCodester eLearning System
1.0. It h ...)
+ TODO: check
+CVE-2024-3316 (A vulnerability was found in SourceCodester Computer Laboratory
Manage ...)
+ TODO: check
+CVE-2024-3315 (A vulnerability was found in SourceCodester Computer Laboratory
Manage ...)
+ TODO: check
+CVE-2024-3314 (A vulnerability was found in SourceCodester Computer Laboratory
Manage ...)
+ TODO: check
+CVE-2024-3311 (A vulnerability was found in Dreamer CMS up to 4.1.3.0. It has
been de ...)
+ TODO: check
+CVE-2024-3217 (The WP Directory Kit plugin for WordPress is vulnerable to SQL
Injecti ...)
+ TODO: check
+CVE-2024-31498 (ykman-gui (aka YubiKey Manager GUI) before 1.2.6 on Windows,
when Edge ...)
+ TODO: check
+CVE-2024-31212 (InstantCMS is a free and open source content management
system. A SQL ...)
+ TODO: check
+CVE-2024-31211 (WordPress is an open publishing platform for the Web.
Unserialization ...)
+ TODO: check
+CVE-2024-31210 (WordPress is an open publishing platform for the Web. It's
possible fo ...)
+ TODO: check
+CVE-2024-31206 (dectalk-tts is a Node package to interact with the aeiou
Dectalk web A ...)
+ TODO: check
+CVE-2024-31204 (mailcow: dockerized is an open source groupware/email suite
based on d ...)
+ TODO: check
+CVE-2024-30891 (A command injection vulnerability exists in /goform/exeCommand
in Tend ...)
+ TODO: check
+CVE-2024-30849 (Arbitrary file upload vulnerability in Sourcecodester Complete
E-Comme ...)
+ TODO: check
+CVE-2024-30270 (mailcow: dockerized is an open source groupware/email suite
based on d ...)
+ TODO: check
+CVE-2024-30264 (Typebot is an open-source chatbot builder. A reflected
cross-site scri ...)
+ TODO: check
+CVE-2024-2509 (The Gutenberg Blocks by Kadence Blocks WordPress plugin before
3.2.26 ...)
+ TODO: check
+CVE-2024-2115 (The LearnPress \u2013 WordPress LMS Plugin plugin for WordPress
is vul ...)
+ TODO: check
+CVE-2024-29981 (Microsoft Edge (Chromium-based) Spoofing Vulnerability)
+ TODO: check
+CVE-2024-29863 (A race condition in the installer executable in Qlik Qlikview
before v ...)
+ TODO: check
+CVE-2024-29672 (Directory Traversal vulnerability in zly2006 Reden before
v.0.2.514 al ...)
+ TODO: check
+CVE-2024-29049 (Microsoft Edge (Chromium-based) Webview2 Spoofing
Vulnerability)
+ TODO: check
+CVE-2024-27981 (A Command Injection vulnerability found in a Self-Hosted UniFi
Network ...)
+ TODO: check
+CVE-2024-27448 (MailDev 2 through 2.1.0 allows Remote Code Execution via a
crafted Con ...)
+ TODO: check
+CVE-2024-26329 (Chilkat before v9.5.0.98, allows attackers to obtain sensitive
informa ...)
+ TODO: check
+CVE-2024-22363 (SheetJS Community Edition before 0.20.2 is vulnerable.to
Regular Expre ...)
+ TODO: check
+CVE-2024-21894 (A heap overflow vulnerability in IPSec component of Ivanti
Connect Sec ...)
+ TODO: check
+CVE-2023-5973 (Brocade Web Interface in Brocade Fabric OS v9.x and before
v9.2.0 doe ...)
+ TODO: check
+CVE-2023-52235 (SpaceX Starlink Wi-Fi router GEN 2 before 2023.53.0 and
Starlink Dish ...)
+ TODO: check
CVE-2024-3299 (Out-Of-Bounds Write, Use of Uninitialized Resource and
Use-After-Free ...)
NOT-FOR-US: Solidworks
CVE-2024-3298 (Out-Of-Bounds Write and Type Confusion vulnerabilities exist in
the fi ...)
@@ -7,7 +67,7 @@ CVE-2024-3262 (Information exposure vulnerability in RT
software affecting versi
- request-tracker5 <unfixed>
NOTE:
https://github.com/bestpractical/rt/commit/ea07e767eaef5b202e8883051616d09806b8b48a
NOTE:
https://github.com/bestpractical/rt/commit/468f86bd3e82c3b5b5ef7087d416a7509d4b1abe
-CVE-2024-3250 (It was discovered that Pebble's read-file API and the
associated pebbl ...)
+CVE-2024-3250 (It was discovered that Canonical's Pebble service manager
read-file AP ...)
TODO: check
CVE-2024-3116 (pgAdmin <= 8.4 is affected by a Remote Code Execution (RCE)
vulnerabi ...)
- pgadmin4 <itp> (bug #834129)
@@ -374,7 +434,7 @@ CVE-2024-1418 (The CGC Maintenance Mode plugin for
WordPress is vulnerable to Se
NOT-FOR-US: WordPress plugin
CVE-2023-52043 (An issue in D-Link COVR 1100, 1102, 1103 AC1200 Dual-Band
Whole-Home M ...)
NOT-FOR-US: D-Link
-CVE-2023-45288
+CVE-2023-45288 (An attacker may cause an HTTP/2 endpoint to read arbitrary
amounts of ...)
- golang-1.22 1.22.2-1
- golang-1.21 1.21.9-1
- golang-1.19 <removed>
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ad12f23c1f7dfe4358ccb29295bf379251903757
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ad12f23c1f7dfe4358ccb29295bf379251903757
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
