Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f16e0e9e by security tracker role at 2024-07-05T20:12:17+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,91 @@
+CVE-2024-6526 (A vulnerability classified as problematic has been found in
CodeIgnite ...)
+ TODO: check
+CVE-2024-6525 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in
D-Link DA ...)
+ TODO: check
+CVE-2024-6524 (A vulnerability was found in ShopXO up to 6.1.0. It has been
declared ...)
+ TODO: check
+CVE-2024-6523 (A vulnerability was found in ZKTeco BioTime up to 9.5.2. It has
been c ...)
+ TODO: check
+CVE-2024-6505 (A flaw was found in the virtio-net device in QEMU. When
enabling the R ...)
+ TODO: check
+CVE-2024-6298 (Improper Input Validation vulnerability in ABB
ASPECT-Enterprise on Li ...)
+ TODO: check
+CVE-2024-6209 (Unauthorized file access in WEB Server in ABB ASPECT -
Enterprise v <= ...)
+ TODO: check
+CVE-2024-5753 (vanna-ai/vanna version v0.3.4 is vulnerable to SQL injection in
some f ...)
+ TODO: check
+CVE-2024-39864 (The CloudStack integration API service allows running its
unauthentica ...)
+ TODO: check
+CVE-2024-39696 (Evmos is a decentralized Ethereum Virtual Machine chain on the
Cosmos ...)
+ TODO: check
+CVE-2024-39691 (matrix-appservice-irc is a Node.js IRC bridge for the Matrix
messaging ...)
+ TODO: check
+CVE-2024-39689 (Certifi is a curated collection of Root Certificates for
validating th ...)
+ TODO: check
+CVE-2024-39687 (Fedify is a TypeScript library for building federated server
apps powe ...)
+ TODO: check
+CVE-2024-39321 (Traefik is an HTTP reverse proxy and load balancer. Versions
prior to ...)
+ TODO: check
+CVE-2024-39210 (Best House Rental Management System v1.0 was discovered to
contain an ...)
+ TODO: check
+CVE-2024-39178 (MyPower vc8100 V100R001C00B030 was discovered to contain an
arbitrary ...)
+ TODO: check
+CVE-2024-39174 (A cross-site scripting (XSS) vulnerability in the Publish
Article func ...)
+ TODO: check
+CVE-2024-39150 (vditor v.3.9.8 and before is vulnerable to Arbitrary file read
via a c ...)
+ TODO: check
+CVE-2024-39028 (An issue was discovered in SeaCMS <=12.9 which allows remote
attackers ...)
+ TODO: check
+CVE-2024-39027 (SeaCMS v12.9 has an unauthorized SQL injection vulnerability.
The vuln ...)
+ TODO: check
+CVE-2024-39023 (idccms v1.35 was discovered to contain a Cross-Site Request
Forgery (C ...)
+ TODO: check
+CVE-2024-39022 (idccms v1.35 was discovered to contain a Cross-Site Request
Forgery (C ...)
+ TODO: check
+CVE-2024-39021 (idccms v1.35 was discovered to contain a Cross-Site Request
Forgery (C ...)
+ TODO: check
+CVE-2024-39020 (idccms v1.35 was discovered to contain a Cross-Site Request
Forgery (C ...)
+ TODO: check
+CVE-2024-39019 (idccms v1.35 was discovered to contain a Cross-Site Request
Forgery (C ...)
+ TODO: check
+CVE-2024-38346 (The CloudStack cluster service runs on unauthenticated port
(default 9 ...)
+ TODO: check
+CVE-2024-37903 (Mastodon is a self-hosted, federated microblogging platform.
Starting ...)
+ TODO: check
+CVE-2024-37769 (Insecure permissions in 14Finger v1.1 allow attackers to
escalate priv ...)
+ TODO: check
+CVE-2024-37768 (14Finger v1.1 was discovered to contain an arbitrary user
deletion vul ...)
+ TODO: check
+CVE-2024-37767 (Insecure permissions in the component /api/admin/user of
14Finger v1.1 ...)
+ TODO: check
+CVE-2024-34361 (Pi-hole is a DNS sinkhole that protects devices from unwanted
content ...)
+ TODO: check
+CVE-2024-29319 (Volmarg Personal Management System 1.4.64 is vulnerable to
SSRF (Serve ...)
+ TODO: check
+CVE-2024-29318 (Volmarg Personal Management System 1.4.64 is vulnerable to
stored cros ...)
+ TODO: check
+CVE-2024-27717 (Cross Site Request Forgery vulnerability in Eskooly Free
Online School ...)
+ TODO: check
+CVE-2024-27716 (Cross Site Scripting vulnerability in Eskooly Web Product
v.3.0 and be ...)
+ TODO: check
+CVE-2024-27715 (An issue in Eskooly Free Online School management Software
v.3.0 and b ...)
+ TODO: check
+CVE-2024-27713 (An issue in Eskooly Free Online School management Software
v.3.0 and b ...)
+ TODO: check
+CVE-2024-27712 (An issue in Eskooly Free Online School management Software
v.3.0 and b ...)
+ TODO: check
+CVE-2024-27711 (An issue in Eskooly Free Online School management Software
v.3.0 and b ...)
+ TODO: check
+CVE-2024-27710 (An issue in Eskooly Free Online School management Software
v.3.0 and b ...)
+ TODO: check
+CVE-2024-27709 (SQL Injection vulnerability in Eskooly Web Product v.3.0
allows a remo ...)
+ TODO: check
+CVE-2024-23998 (goanother Another Redis Desktop Manager =<1.6.1 is vulnerable
to Cross ...)
+ TODO: check
+CVE-2024-23997 (Lukas Bach yana =<1.0.16 is vulnerable to Cross Site Scripting
(XSS) v ...)
+ TODO: check
+CVE-2024-23588 (HCL Nomad server on Domino fails to properly handle users
configured w ...)
+ TODO: check
CVE-2024-39943 (rejetto HFS (aka HTTP File Server) 3 before 0.52.10 on Linux,
UNIX, an ...)
TODO: check
CVE-2024-39937 (supOS 5.0 allows api/image/download?fileName=../ directory
traversal f ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f16e0e9e6fe8a767ff32036bcf5f66e2e749ee13
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f16e0e9e6fe8a767ff32036bcf5f66e2e749ee13
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
