Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b0d770c4 by security tracker role at 2024-07-27T08:12:11+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,59 @@
+CVE-2024-6661 (The ParityPress \u2013 Parity Pricing with Discount Rules
plugin for W ...)
+ TODO: check
+CVE-2024-6634 (The Master Currency WP plugin for WordPress is vulnerable to
Stored Cr ...)
+ TODO: check
+CVE-2024-6591 (The Ultimate WordPress Auction Plugin plugin for WordPress is
vulnerab ...)
+ TODO: check
+CVE-2024-6573 (The Intelligence plugin for WordPress is vulnerable to Full
Path Discl ...)
+ TODO: check
+CVE-2024-6566 (The Aramex Shipping WooCommerce plugin for WordPress is
vulnerable to ...)
+ TODO: check
+CVE-2024-6549 (The Admin Post Navigation plugin for WordPress is vulnerable to
Full P ...)
+ TODO: check
+CVE-2024-6548 (The Add Admin JavaScript plugin for WordPress is vulnerable to
Full Pa ...)
+ TODO: check
+CVE-2024-6547 (The Add Admin CSS plugin for WordPress is vulnerable to Full
Path Disc ...)
+ TODO: check
+CVE-2024-6546 (The One Click Close Comments plugin for WordPress is vulnerable
to Ful ...)
+ TODO: check
+CVE-2024-6545 (The Admin Trim Interface plugin for WordPress is vulnerable to
Full Pa ...)
+ TODO: check
+CVE-2024-6431 (The Media.net Ads Manager plugin for WordPress is vulnerable to
arbitr ...)
+ TODO: check
+CVE-2024-6152 (The Flipbox Builder plugin for WordPress is vulnerable to PHP
Object I ...)
+ TODO: check
+CVE-2024-5969 (The AIomatic - Automatic AI Content Writer for WordPress is
vulnerable ...)
+ TODO: check
+CVE-2024-4410 (The IgnitionDeck Crowdfunding Platform plugin for WordPress is
vulnera ...)
+ TODO: check
+CVE-2024-42029 (xdg-desktop-portal-hyprland (aka an XDG Desktop Portal backend
for Hyp ...)
+ TODO: check
+CVE-2024-41815 (Starship is a cross-shell prompt. Starting in version 1.0.0
and prior ...)
+ TODO: check
+CVE-2024-41628 (Directory Traversal vulnerability in Severalnines Cluster
Control 1.9. ...)
+ TODO: check
+CVE-2024-41120 (streamlit-geospatial is a streamlit multipage app for
geospatial appli ...)
+ TODO: check
+CVE-2024-41119 (streamlit-geospatial is a streamlit multipage app for
geospatial appli ...)
+ TODO: check
+CVE-2024-41118 (streamlit-geospatial is a streamlit multipage app for
geospatial appli ...)
+ TODO: check
+CVE-2024-41117 (streamlit-geospatial is a streamlit multipage app for
geospatial appli ...)
+ TODO: check
+CVE-2024-41116 (streamlit-geospatial is a streamlit multipage app for
geospatial appli ...)
+ TODO: check
+CVE-2024-41115 (streamlit-geospatial is a streamlit multipage app for
geospatial appli ...)
+ TODO: check
+CVE-2024-41114 (streamlit-geospatial is a streamlit multipage app for
geospatial appli ...)
+ TODO: check
+CVE-2024-40433 (Insecure Permissions vulnerability in Tencent wechat v.8.0.37
allows a ...)
+ TODO: check
+CVE-2024-37034 (An issue was discovered in Couchbase Server before 7.2.5 and
7.6.0 bef ...)
+ TODO: check
+CVE-2024-1804 (The Tutor LMS \u2013 Migration Tool plugin for WordPress is
vulnerable ...)
+ TODO: check
+CVE-2024-1798 (The Tutor LMS \u2013 Migration Tool plugin for WordPress is
vulnerable ...)
+ TODO: check
CVE-2024-7128 (A flaw was found in the Openshift console. Several endpoints in
the ap ...)
NOT-FOR-US: Openshift
CVE-2024-7062 (Nimble Commander suffers from a privilege escalation
vulnerability due ...)
@@ -375,7 +431,7 @@ CVE-2024-33519 (A vulnerability in the web-based management
interface of HPE Aru
NOT-FOR-US: HPE Aruba Networking EdgeConnect SD-WAN gateway
CVE-2024-31977 (Adtran 834-5 11.1.0.101-202106231430, and fixed as of SmartOS
Version ...)
NOT-FOR-US: Adtran 834-5
-CVE-2024-31971 (Multiple stored cross-site scripting (XSS) vulnerabilities on
AdTran N ...)
+CVE-2024-31971 (**UNSUPPORTED WHEN ASSIGNED** Multiple stored cross-site
scripting (XS ...)
NOT-FOR-US: AdTran NetVanta 3120 devices
CVE-2024-31970 (AdTran SRG 834-5 HDC17600021F1 devices (with SmartOS 11.1.1.1
and fixe ...)
NOT-FOR-US: Adtran 834-5 devices
@@ -38639,7 +38695,7 @@ CVE-2024-28131 (EasyRange Ver 1.41 contains an issue
with the executable file se
NOT-FOR-US: EasyRange
CVE-2024-28126 (Cross-site scripting vulnerability exists in 0ch BBS Script
ver.4.00. ...)
NOT-FOR-US: 0ch BBS Script
-CVE-2024-28093 (The TELNET service of AdTran NetVanta 3120 18.01.01.00.E
devices is en ...)
+CVE-2024-28093 (**UNSUPPORTED WHEN ASSIGNED** The TELNET service of AdTran
NetVanta 31 ...)
NOT-FOR-US: AdTran NetVanta devices
CVE-2024-28048 (OS command injection vulnerability exists in ffBull ver.4.11,
which ma ...)
NOT-FOR-US: ffBull
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b0d770c4e0d6e5b59b3aa91ee05f49862915ce40
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b0d770c4e0d6e5b59b3aa91ee05f49862915ce40
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
