[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Tue, 02 Jul 2024 01:12:21 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
1faa5f9c by security tracker role at 2024-07-02T08:11:50+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,111 @@
+CVE-2024-6172 (The Email Subscribers by Icegram Express \u2013 Email 
Marketing, Newsl ...)
+       TODO: check
+CVE-2024-5938 (The Boot Store theme for WordPress is vulnerable to Stored 
Cross-Site  ...)
+       TODO: check
+CVE-2024-5767 (The sitetweet WordPress plugin through 0.2 does not have CSRF 
check in ...)
+       TODO: check
+CVE-2024-5606 (The Quiz and Survey Master (QSM)  WordPress plugin before 9.0.2 
is vul ...)
+       TODO: check
+CVE-2024-5545 (The Motors \u2013 Car Dealer, Classifieds & Listing plugin for 
WordPre ...)
+       TODO: check
+CVE-2024-5544 (The Media Library Assistant plugin for WordPress is vulnerable 
to Refl ...)
+       TODO: check
+CVE-2024-5504 (The Rife Elementor Extensions & Templates plugin for WordPress 
is vuln ...)
+       TODO: check
+CVE-2024-5419 (The Void Contact Form 7 Widget For Elementor Page Builder 
plugin for W ...)
+       TODO: check
+CVE-2024-5349 (The LA-Studio Element Kit for Elementor plugin for WordPress is 
vulner ...)
+       TODO: check
+CVE-2024-5322 (The N-central server is vulnerable to session rebinding of 
already aut ...)
+       TODO: check
+CVE-2024-5219 (The Easy Google Maps plugin for WordPress is vulnerable to 
Stored Cros ...)
+       TODO: check
+CVE-2024-4679 (Incorrect Default Permissions vulnerability in Hitachi 
JP1/Extensible  ...)
+       TODO: check
+CVE-2024-4627 (The Rank Math SEO  WordPress plugin before 1.0.219 does not 
sanitise a ...)
+       TODO: check
+CVE-2024-3999 (The EazyDocs  WordPress plugin before 2.5.0 does not sanitise 
and esca ...)
+       TODO: check
+CVE-2024-3513 (The Ultimate Blocks \u2013 WordPress Blocks Plugin plugin for 
WordPres ...)
+       TODO: check
+CVE-2024-39314 (toy-blog is a headless content management system 
implementation. Start ...)
+       TODO: check
+CVE-2024-39313 (toy-blog is a headless content management system 
implementation. Start ...)
+       TODO: check
+CVE-2024-39310 (The Basil recipe theme for WordPress is vulnerable to 
Persistent Cross ...)
+       TODO: check
+CVE-2024-39309 (Parse Server is an open source backend that can be deployed to 
any inf ...)
+       TODO: check
+CVE-2024-39305 (Envoy is a cloud-native, open source edge and service proxy. 
Prior to  ...)
+       TODO: check
+CVE-2024-38368 (trunk.cocoapods.org is the authentication server for the 
CoacoaPods de ...)
+       TODO: check
+CVE-2024-38367 (trunk.cocoapods.org is the authentication server for the 
CoacoaPods de ...)
+       TODO: check
+CVE-2024-38366 (trunk.cocoapods.org is the authentication server for the 
CoacoaPods de ...)
+       TODO: check
+CVE-2024-37765 (Machform up to version 19 is affected by an authenticated 
Blind SQL in ...)
+       TODO: check
+CVE-2024-37764 (MachForm up to version 19 is affected by an authenticated 
stored cross ...)
+       TODO: check
+CVE-2024-37763 (MachForm up to version 19 is affected by an unauthenticated 
stored cro ...)
+       TODO: check
+CVE-2024-37762 (MachForm up to version 21 is affected by an authenticated 
unrestricted ...)
+       TODO: check
+CVE-2024-37479 (Local File Inclusion vulnerability in LA-Studio LA-Studio 
Element Kit  ...)
+       TODO: check
+CVE-2024-37134 (Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain 
an impr ...)
+       TODO: check
+CVE-2024-37133 (Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain 
an impr ...)
+       TODO: check
+CVE-2024-37132 (Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain 
an inco ...)
+       TODO: check
+CVE-2024-37126 (Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain 
an impr ...)
+       TODO: check
+CVE-2024-32854 (Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain 
an impr ...)
+       TODO: check
+CVE-2024-32853 (Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.2 contain 
an exec ...)
+       TODO: check
+CVE-2024-32852 (Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.0 contain 
use of  ...)
+       TODO: check
+CVE-2024-32230 (FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a 
negative-size- ...)
+       TODO: check
+CVE-2024-32229 (FFmpeg 7.0 contains a heap-buffer-overflow at 
libavfilter/vf_tiltandsh ...)
+       TODO: check
+CVE-2024-32228 (FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a SEGV 
at libavc ...)
+       TODO: check
+CVE-2024-2819 (Incorrect Default Permissions, Improper Preservation of 
Permissions vu ...)
+       TODO: check
+CVE-2024-28200 (The N-central server is vulnerable to an authentication bypass 
of the  ...)
+       TODO: check
+CVE-2024-23737 (Cross Site Request Forgery (CSRF) vulnerability in savignano 
S/Notify  ...)
+       TODO: check
+CVE-2024-23736 (Cross Site Request Forgery (CSRF) vulnerability in savignano 
S/Notify  ...)
+       TODO: check
+CVE-2024-1427 (The The Post Grid \u2013 Shortcode, Gutenberg Blocks and 
Elementor Add ...)
+       TODO: check
+CVE-2024-0158 (Dell BIOS contains an improper input validation vulnerability. 
A local ...)
+       TODO: check
+CVE-2023-41928 (The device is observed to accept deprecated TLS protocols, 
increasing  ...)
+       TODO: check
+CVE-2023-41927 (The server supports at least one cipher suite which is on the 
NCSC-NL  ...)
+       TODO: check
+CVE-2023-41926 (The webserver utilizes basic authentication for its user login 
to the  ...)
+       TODO: check
+CVE-2023-41923 (The user management section of the web application permits the 
creatio ...)
+       TODO: check
+CVE-2023-41922 (A 'Cross-site Scripting' (XSS) vulnerability, characterized by 
imprope ...)
+       TODO: check
+CVE-2023-41921 (A vulnerability allows attackers to download source code or an 
executa ...)
+       TODO: check
+CVE-2023-41920 (The vulnerability allows attackers access to the root account 
without  ...)
+       TODO: check
+CVE-2023-41919 (Hardcoded credentials are discovered within the application's 
source c ...)
+       TODO: check
+CVE-2023-41918 (A vulnerability allows unauthorized access to functionality 
inadequate ...)
+       TODO: check
+CVE-2023-41917 (Inadequate input validation exposes the system to potential 
remote cod ...)
+       TODO: check
 CVE-2024-6425 (Incorrect Provision of Specified Functionality vulnerability in 
MESboo ...)
        NOT-FOR-US: MESbook
 CVE-2024-6424 (External server-side request vulnerability in MESbook 
20221021.03 vers ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1faa5f9c5ff674f8ea1aae177fe25628331bb743

-- 
This project does not include diff previews in email notifications.
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1faa5f9c5ff674f8ea1aae177fe25628331bb743
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to