[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Fri, 24 May 2024 01:12:22 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
cb4a9746 by security tracker role at 2024-05-24T08:11:53+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,77 @@
+CVE-2024-5299 (D-Link D-View execMonitorScript Exposed Dangerous Method Remote 
Code E ...)
+       TODO: check
+CVE-2024-5298 (D-Link D-View queryDeviceCustomMonitorResult Exposed Dangerous 
Method  ...)
+       TODO: check
+CVE-2024-5297 (D-Link D-View executeWmicCmd Command Injection Remote Code 
Execution V ...)
+       TODO: check
+CVE-2024-5296 (D-Link D-View Use of Hard-coded Cryptographic Key 
Authentication Bypas ...)
+       TODO: check
+CVE-2024-5295 (D-Link G416 flupl self Command Injection Remote Code Execution 
Vulnera ...)
+       TODO: check
+CVE-2024-5294 (D-Link DIR-3040 prog.cgi websSecurityHandler Memory Leak 
Denial-of-Ser ...)
+       TODO: check
+CVE-2024-5293 (D-Link DIR-2640 HTTP Referer Stack-Based Buffer Overflow Remote 
Code E ...)
+       TODO: check
+CVE-2024-5292 (D-Link Network Assistant Uncontrolled Search Path Element Local 
Privil ...)
+       TODO: check
+CVE-2024-5291 (D-Link DIR-2150 GetDeviceSettings Target Command Injection 
Remote Code ...)
+       TODO: check
+CVE-2024-5279 (A vulnerability was found in Qiwen Netdisk up to 1.4.0. It has 
been de ...)
+       TODO: check
+CVE-2024-5247 (NETGEAR ProSAFE Network Management System UpLoadServlet 
Unrestricted F ...)
+       TODO: check
+CVE-2024-5246 (NETGEAR ProSAFE Network Management System Tomcat Remote Code 
Execution ...)
+       TODO: check
+CVE-2024-5245 (NETGEAR ProSAFE Network Management System Default Credentials 
Local Pr ...)
+       TODO: check
+CVE-2024-5244 (TP-Link Omada ER605 Reliance on Security Through Obscurity 
Vulnerabili ...)
+       TODO: check
+CVE-2024-5243 (TP-Link Omada ER605 Buffer Overflow Remote Code Execution 
Vulnerabilit ...)
+       TODO: check
+CVE-2024-5242 (TP-Link Omada ER605 Stack-based Buffer Overflow Remote Code 
Execution  ...)
+       TODO: check
+CVE-2024-5228 (TP-Link Omada ER605  Comexe DDNS Response Handling Heap-based 
Buffer O ...)
+       TODO: check
+CVE-2024-5227 (TP-Link Omada ER605 PPTP VPN username Command Injection Remote 
Code Ex ...)
+       TODO: check
+CVE-2024-5205 (The Videojs HTML5 Player plugin for WordPress is vulnerable to 
Stored  ...)
+       TODO: check
+CVE-2024-5142 (Stored Cross-Site Scripting vulnerability in Social Module in 
M-Files  ...)
+       TODO: check
+CVE-2024-5060 (The LottieFiles \u2013 JSON Based Animation Lottie & Bodymovin 
for Ele ...)
+       TODO: check
+CVE-2024-4544 (The Pie Register - Social Sites Login (Add on) plugin for 
WordPress is ...)
+       TODO: check
+CVE-2024-4485 (The The Plus Addons for Elementor \u2013 Elementor Addons, Page 
Templa ...)
+       TODO: check
+CVE-2024-4484 (The The Plus Addons for Elementor \u2013 Elementor Addons, Page 
Templa ...)
+       TODO: check
+CVE-2024-4409 (The WP-ViperGB plugin for WordPress is vulnerable to Cross-Site 
Reques ...)
+       TODO: check
+CVE-2024-4366 (The Spectra \u2013 WordPress Gutenberg Blocks plugin for 
WordPress is  ...)
+       TODO: check
+CVE-2024-3718 (The The Plus Addons for Elementor plugin for WordPress is 
vulnerable t ...)
+       TODO: check
+CVE-2024-3557 (The WP Go Maps (formerly WP Google Maps) plugin for WordPress 
is vulne ...)
+       TODO: check
+CVE-2024-36361 (Pug through 3.0.2 allows JavaScript code execution if an 
application a ...)
+       TODO: check
+CVE-2024-2784 (The The Plus Addons for Elementor plugin for WordPress is 
vulnerable t ...)
+       TODO: check
+CVE-2024-2618 (The Elementor Header & Footer Builder plugin for WordPress is 
vulnerab ...)
+       TODO: check
+CVE-2024-1376 (The Event post plugin for WordPress is vulnerable to 
unauthorized bulk ...)
+       TODO: check
+CVE-2024-1332 (The Custom Fonts \u2013 Host Your Fonts Locally plugin for 
WordPress i ...)
+       TODO: check
+CVE-2024-1134 (The SEOPress \u2013 On-site SEO plugin for WordPress is 
vulnerable to  ...)
+       TODO: check
+CVE-2024-0893 (The Schema App Structured Data plugin for WordPress is 
vulnerable to u ...)
+       TODO: check
+CVE-2024-0867 (The Email Log plugin for WordPress is vulnerable to 
Unauthenticated Ho ...)
+       TODO: check
+CVE-2023-7259 (** DISPUTED ** A vulnerability was found in zzdevelop lenosp up 
to 202 ...)
+       TODO: check
 CVE-2024-5274
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
@@ -90230,8 +90304,8 @@ CVE-2023-1113 (A vulnerability was found in 
SourceCodester Simple Payroll System
        NOT-FOR-US: SourceCodester Simple Payroll System
 CVE-2023-1112 (A vulnerability was found in Drag and Drop Multiple File Upload 
Contac ...)
        NOT-FOR-US: Drag and Drop Multiple File Upload Contact Form
-CVE-2023-1111
-       RESERVED
+CVE-2023-1111 (A vulnerability was found in FastCMS up to 0.1.5 and classified 
as pro ...)
+       TODO: check
 CVE-2023-1110 (The Yellow Yard Searchbar WordPress plugin before 2.8.12 does 
not vali ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-4926 (Insufficient policy enforcement in Intents in Google Chrome on 
Android ...)
@@ -92448,8 +92522,8 @@ CVE-2023-1003 (A vulnerability, which was classified as 
critical, was found in T
        NOT-FOR-US: Typora
 CVE-2023-1002 (A vulnerability, which was classified as problematic, has been 
found i ...)
        NOT-FOR-US: MuYuCMS
-CVE-2023-1001
-       RESERVED
+CVE-2023-1001 (A vulnerability, which was classified as problematic, has been 
found i ...)
+       TODO: check
 CVE-2023-1000 (A vulnerability was found in cyanomiko dcnnt-py up to 0.9.0. It 
has be ...)
        NOT-FOR-US: dcnnt-py
 CVE-2023-0999 (A vulnerability classified as problematic was found in 
SourceCodester  ...)
@@ -122295,7 +122369,8 @@ CVE-2023-20241 (Multiple vulnerabilities in Cisco 
Secure Client Software, former
        NOT-FOR-US: Cisco
 CVE-2023-20240 (Multiple vulnerabilities in Cisco Secure Client Software, 
formerly Any ...)
        NOT-FOR-US: Cisco
-CVE-2023-20239 (A vulnerability in the web-based management interface of Cisco 
Firepow ...)
+CVE-2023-20239
+       REJECTED
        TODO: check
 CVE-2023-20238 (A vulnerability in the single sign-on (SSO) implementation of 
Cisco Br ...)
        NOT-FOR-US: Cisco



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cb4a974685b93692ec4917da4157e469f64ac596

-- 
This project does not include diff previews in email notifications.
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cb4a974685b93692ec4917da4157e469f64ac596
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to