Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4567ee24 by security tracker role at 2024-04-12T20:12:15+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,194 @@
-CVE-2024-31391
+CVE-2024-3707 (Information exposure vulnerability in OpenGnsys affecting
version 1.1. ...)
+ TODO: check
+CVE-2024-3706 (Information exposure vulnerability in OpenGnsys affecting
version 1.1. ...)
+ TODO: check
+CVE-2024-3705 (Unrestricted file upload vulnerability in OpenGnsys affecting
version ...)
+ TODO: check
+CVE-2024-3704 (SQL Injection Vulnerability has been found on OpenGnsys product
affect ...)
+ TODO: check
+CVE-2024-3698 (A vulnerability was found in Campcodes House Rental Management
System ...)
+ TODO: check
+CVE-2024-3697 (A vulnerability was found in Campcodes House Rental Management
System ...)
+ TODO: check
+CVE-2024-3696 (A vulnerability was found in Campcodes House Rental Management
System ...)
+ TODO: check
+CVE-2024-3695 (A vulnerability has been found in SourceCodester Computer
Laboratory M ...)
+ TODO: check
+CVE-2024-3691 (A vulnerability, which was classified as critical, has been
found in P ...)
+ TODO: check
+CVE-2024-3690 (A vulnerability classified as critical was found in PHPGurukul
Small C ...)
+ TODO: check
+CVE-2024-3689 (A vulnerability classified as problematic has been found in
Zhejiang L ...)
+ TODO: check
+CVE-2024-3688 (A vulnerability was found in Xiamen Four-Faith RMP Router
Management P ...)
+ TODO: check
+CVE-2024-3687 (A vulnerability was found in bihell Dice 3.1.0 and classified
as probl ...)
+ TODO: check
+CVE-2024-3686 (A vulnerability has been found in DedeCMS 5.7.112-UTF8 and
classified ...)
+ TODO: check
+CVE-2024-3685 (A vulnerability, which was classified as critical, was found in
DedeCM ...)
+ TODO: check
+CVE-2024-3211 (The Shopping Cart & eCommerce Store plugin for WordPress is
vulnerable ...)
+ TODO: check
+CVE-2024-3054 (WPvivid Backup & Migration Plugin for WordPress is vulnerable
to PHAR ...)
+ TODO: check
+CVE-2024-32000 (matrix-appservice-irc is a Node.js IRC bridge for the Matrix
messaging ...)
+ TODO: check
+CVE-2024-31839 (Cross Site Scripting vulnerability in tiagorlampert CHAOS
v.5.0.1 allo ...)
+ TODO: check
+CVE-2024-31818 (Directory Traversal vulnerability in DerbyNet v.9.0 allows a
remote at ...)
+ TODO: check
+CVE-2024-31372 (Cross-Site Request Forgery (CSRF) vulnerability in Arnan de
Gans No-Bo ...)
+ TODO: check
+CVE-2024-31371 (Cross-Site Request Forgery (CSRF) vulnerability in Xylus
Themes WP Eve ...)
+ TODO: check
+CVE-2024-31364 (Cross-Site Request Forgery (CSRF) vulnerability in
ELEXtensions ELEX W ...)
+ TODO: check
+CVE-2024-31363 (Cross-Site Request Forgery (CSRF) vulnerability in
LifterLMS.This issu ...)
+ TODO: check
+CVE-2024-31362 (Cross-Site Request Forgery (CSRF) vulnerability in Metagauss
ProfileGr ...)
+ TODO: check
+CVE-2024-31360 (Cross-Site Request Forgery (CSRF) vulnerability in Coded
Commerce, LLC ...)
+ TODO: check
+CVE-2024-31354 (Cross-Site Request Forgery (CSRF) vulnerability in Tribulant
Slideshow ...)
+ TODO: check
+CVE-2024-31305 (Cross-Site Request Forgery (CSRF) vulnerability in rtCamp
Transcoder.T ...)
+ TODO: check
+CVE-2024-31303 (Cross-Site Request Forgery (CSRF) vulnerability in Fetch
Designs Sign- ...)
+ TODO: check
+CVE-2024-31301 (Cross-Site Request Forgery (CSRF) vulnerability in Themeisle
Multiple ...)
+ TODO: check
+CVE-2024-31293 (Cross-Site Request Forgery (CSRF) vulnerability in Easy
Digital Downlo ...)
+ TODO: check
+CVE-2024-31289 (Cross-Site Request Forgery (CSRF) vulnerability in Elementor
Hello Ele ...)
+ TODO: check
+CVE-2024-31279 (Cross-Site Request Forgery (CSRF) vulnerability in Catch
Plugins Gener ...)
+ TODO: check
+CVE-2024-31272 (Cross-Site Request Forgery (CSRF) vulnerability in Repute
InfoSystems ...)
+ TODO: check
+CVE-2024-31271 (Cross-Site Request Forgery (CSRF) vulnerability in Supsystic
Ultimate ...)
+ TODO: check
+CVE-2024-31269 (Cross-Site Request Forgery (CSRF) vulnerability in Supsystic
Easy Goog ...)
+ TODO: check
+CVE-2024-31268 (Cross-Site Request Forgery (CSRF) vulnerability in AppPresser
Team App ...)
+ TODO: check
+CVE-2024-31265 (Cross-Site Request Forgery (CSRF) vulnerability in SumoMe
Sumo.This is ...)
+ TODO: check
+CVE-2024-31264 (Unauthenticated Cross Site Request Forgery (CSRF) in Post
Views Counte ...)
+ TODO: check
+CVE-2024-31263 (Cross-Site Request Forgery (CSRF) vulnerability in aerin Loan
Repaymen ...)
+ TODO: check
+CVE-2024-31262 (Cross-Site Request Forgery (CSRF) vulnerability in Jcodex
WooCommerce ...)
+ TODO: check
+CVE-2024-31251 (Cross-Site Request Forgery (CSRF) vulnerability in PeepSo
Community by ...)
+ TODO: check
+CVE-2024-31250 (Cross-Site Request Forgery (CSRF) vulnerability in Saumya
Majumder WP ...)
+ TODO: check
+CVE-2024-31239 (Cross-Site Request Forgery (CSRF) vulnerability in Nudgify
Nudgify Soc ...)
+ TODO: check
+CVE-2024-31238 (Cross-Site Request Forgery (CSRF) vulnerability in Zaytech
Smart Onlin ...)
+ TODO: check
+CVE-2024-31235 (Cross-Site Request Forgery (CSRF) vulnerability in WebToffee
WordPress ...)
+ TODO: check
+CVE-2024-31069 (IO-1020 Micro ELD web server uses a default password for
authenticatio ...)
+ TODO: check
+CVE-2024-30845 (Cross Site Scripting vulnerability in Rainbow external link
network di ...)
+ TODO: check
+CVE-2024-30410 (An Incorrect Behavior Order in the routing engine (RE) of
Juniper Netw ...)
+ TODO: check
+CVE-2024-30409 (An Improper Check for Unusual or Exceptional Conditions
vulnerability ...)
+ TODO: check
+CVE-2024-30407 (The Use of a Hard-coded Cryptographic Key vulnerability in
Juniper Net ...)
+ TODO: check
+CVE-2024-30406 (A Cleartext Storage in a File on Disk vulnerability in Juniper
Network ...)
+ TODO: check
+CVE-2024-30405 (An Incorrect Calculation of Buffer Size vulnerability in
Juniper Netwo ...)
+ TODO: check
+CVE-2024-30403 (A NULL Pointer Dereference vulnerability in the Packet
Forwarding Engi ...)
+ TODO: check
+CVE-2024-30402 (An Improper Check for Unusual or Exceptional Conditions
vulnerability ...)
+ TODO: check
+CVE-2024-30401 (An Out-of-bounds Read vulnerability in the advanced forwarding
managem ...)
+ TODO: check
+CVE-2024-30398 (An Improper Restriction of Operations within the Bounds of a
Memory Bu ...)
+ TODO: check
+CVE-2024-30397 (An Improper Check for Unusual or Exceptional Conditions
vulnerability ...)
+ TODO: check
+CVE-2024-30395 (AnImproper Validation of Specified Type of Input vulnerability
in Rout ...)
+ TODO: check
+CVE-2024-30394 (AStack-based Buffer Overflow vulnerability in the Routing
Protocol Dae ...)
+ TODO: check
+CVE-2024-30392 (A Stack-based Buffer Overflow vulnerability in Flow Processing
Daemon ...)
+ TODO: check
+CVE-2024-30391 (A Missing Authentication for Critical Function vulnerability
in the Pa ...)
+ TODO: check
+CVE-2024-30390 (An Improper Restriction of Excessive Authentication Attempts
vulnerabi ...)
+ TODO: check
+CVE-2024-30389 (An Incorrect Behavior Order vulnerability in the Packet
Forwarding Eng ...)
+ TODO: check
+CVE-2024-30388 (An Improper Isolation or Compartmentalization vulnerability in
the Pac ...)
+ TODO: check
+CVE-2024-30387 (AMissing Synchronization vulnerability in the Packet
Forwarding Engine ...)
+ TODO: check
+CVE-2024-30386 (A Use-After-Free vulnerability in theLayer 2 Address Learning
Daemon ( ...)
+ TODO: check
+CVE-2024-30384 (An Improper Check for Unusual or Exceptional Conditions
vulnerability ...)
+ TODO: check
+CVE-2024-30382 (An Improper Handling of Exceptional Conditions vulnerability
in the ro ...)
+ TODO: check
+CVE-2024-30381 (An Exposure of Sensitive Information to an Unauthorized Actor
vulnerab ...)
+ TODO: check
+CVE-2024-30210 (IO-1020 Micro ELD uses a default WIFI password that could
allow an adj ...)
+ TODO: check
+CVE-2024-2397 (Due to a bug in packet data buffers management, the PPP printer
in tcp ...)
+ TODO: check
+CVE-2024-29461 (An issue in Floodlight SDN OpenFlow Controller v.1.2 allows a
remote a ...)
+ TODO: check
+CVE-2024-28878 (IO-1020 Micro ELD downloads source code or an executable from
an adja ...)
+ TODO: check
+CVE-2024-28718 (An issue in OpenStack magnum yoga-eom version allows a remote
attacker ...)
+ TODO: check
+CVE-2024-27261 (IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.2
could al ...)
+ TODO: check
+CVE-2024-25545 (An issue in Weave Weave Desktop v.7.78.10 allows a local
attacker to e ...)
+ TODO: check
+CVE-2024-22359 (IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through
7.1.2.16, ...)
+ TODO: check
+CVE-2024-22358 (IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through
7.1.2.16, ...)
+ TODO: check
+CVE-2024-22339 (IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through
7.1.2.16, ...)
+ TODO: check
+CVE-2024-22334 (IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through
7.1.2.16, ...)
+ TODO: check
+CVE-2024-21618 (An Access of Memory Location After End of Buffer vulnerability
in the ...)
+ TODO: check
+CVE-2024-21615 (An Incorrect Default Permissions vulnerability in Juniper
Networks Jun ...)
+ TODO: check
+CVE-2024-21610 (An Improper Handling of Exceptional Conditions vulnerability
in the Cl ...)
+ TODO: check
+CVE-2024-21609 (A Missing Release of Memory after Effective Lifetime
vulnerability in ...)
+ TODO: check
+CVE-2024-21605 (An Exposure of Resource to Wrong Sphere vulnerability in the
Packet Fo ...)
+ TODO: check
+CVE-2024-21598 (An Improper Validation of Syntactic Correctness of Input
vulnerability ...)
+ TODO: check
+CVE-2024-21593 (An Improper Check or Handling of Exceptional Conditions
vulnerability ...)
+ TODO: check
+CVE-2024-21590 (An Improper Input Validation vulnerability in Juniper Tunnel
Driver (j ...)
+ TODO: check
+CVE-2024-0157 (Dell Storage Resource Manager, 4.9.0.0 and below, contain(s) a
Session ...)
+ TODO: check
+CVE-2023-52211 (Missing Authorization vulnerability in Automattic WP Job
Manager.This ...)
+ TODO: check
+CVE-2023-51515 (Missing Authorization vulnerability in Undsgn Uncode Core
allows Privi ...)
+ TODO: check
+CVE-2023-51499 (Missing Authorization vulnerability in WooCommerce WooCommerce
Shippin ...)
+ TODO: check
+CVE-2023-51409 (Unrestricted Upload of File with Dangerous Type vulnerability
in Jordy ...)
+ TODO: check
+CVE-2023-47714 (IBM Sterling File Gateway 6.0.0.0 through 6.0.3.9, 6.1.0.0
through 6.1 ...)
+ TODO: check
+CVE-2024-31391 (Insertion of Sensitive Information into Log File vulnerability
in the ...)
NOT-FOR-US: Apache Solr Operator
CVE-2024-3625
NOT-FOR-US: mirror-registry for Quay
@@ -114810,8 +115000,8 @@ CVE-2022-40215 (Multiple Authenticated Stored
Cross-Site Scripting (XSS) vulnera
NOT-FOR-US: WordPress plugin
CVE-2022-40213 (Multiple Authenticated (contributor+) Stored Cross-Site
Scripting (XSS ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-40211
- RESERVED
+CVE-2022-40211 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
CVE-2022-40206 (Insecure direct object references (IDOR) vulnerability in the
wpForo F ...)
NOT-FOR-US: WordPress plugin
CVE-2022-40205 (Insecure direct object references (IDOR) vulnerability in the
wpForo F ...)
@@ -303662,8 +303852,8 @@ CVE-2020-8008
RESERVED
CVE-2020-8007
RESERVED
-CVE-2020-8006
- RESERVED
+CVE-2020-8006 (The server in Circontrol Raption through 5.11.2 has a
pre-authenticati ...)
+ TODO: check
CVE-2020-8005
RESERVED
CVE-2020-8004 (STMicroelectronics STM32F1 devices have Incorrect Access
Control.)
@@ -575990,7 +576180,7 @@ CVE-2013-4408 (Heap-based buffer overflow in the
dcerpc_read_ncacn_packet_done f
- samba 2:4.0.13+dfsg-1
- samba4 <removed>
[wheezy] - samba4 4.0.0~beta2+dfsg1-3.2+deb7u1
-CVE-2013-4407 (HTTP::Body::Multipart in the HTTP-Body 1.08, 1.17, and earlier
module ...)
+CVE-2013-4407 (HTTP::Body::Multipart in the HTTP-Body module for Perl (1.07
through 1 ...)
{DSA-2801-1}
- libhttp-body-perl 1.17-2 (bug #721634)
[squeeze] - libhttp-body-perl <not-affected> (Vulnerable code
introduced in 1.08)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4567ee24144e7e0caa190d3aecf797cf210db202
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4567ee24144e7e0caa190d3aecf797cf210db202
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
