Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
152722eb by security tracker role at 2024-08-06T08:12:17+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,34 +1,116 @@
-CVE-2024-7547
+CVE-2024-7506 (A vulnerability has been found in itsourcecode Tailoring
Management Sy ...)
+ TODO: check
+CVE-2024-7505 (A vulnerability, which was classified as critical, was found in
itsour ...)
+ TODO: check
+CVE-2024-7500 (A vulnerability was found in itsourcecode Airline Reservation
System 1 ...)
+ TODO: check
+CVE-2024-7499 (A vulnerability was found in itsourcecode Airline Reservation
System 1 ...)
+ TODO: check
+CVE-2024-7498 (A vulnerability was found in itsourcecode Airline Reservation
System 1 ...)
+ TODO: check
+CVE-2024-7497 (A vulnerability was found in itsourcecode Airline Reservation
System 1 ...)
+ TODO: check
+CVE-2024-7496 (A vulnerability has been found in itsourcecode Airline
Reservation Sys ...)
+ TODO: check
+CVE-2024-7495 (A vulnerability, which was classified as critical, was found in
itsour ...)
+ TODO: check
+CVE-2024-7494 (A vulnerability, which was classified as critical, has been
found in S ...)
+ TODO: check
+CVE-2024-7485 (The Traffic Manager plugin for WordPress is vulnerable to
Stored Cross ...)
+ TODO: check
+CVE-2024-7484 (The CRM Perks Forms plugin for WordPress is vulnerable to
arbitrary fi ...)
+ TODO: check
+CVE-2024-7084 (The Ajax Search Lite WordPress plugin before 4.12.1 does not
sanitise ...)
+ TODO: check
+CVE-2024-7082 (The Easy Table of Contents WordPress plugin before 2.0.68 does
not san ...)
+ TODO: check
+CVE-2024-7055 (A vulnerability was found in FFmpeg up to 7.0.1. It has been
classifie ...)
+ TODO: check
+CVE-2024-7009 (Unsanitized user-input in Calibre <= 7.15.0 allow users with
permissio ...)
+ TODO: check
+CVE-2024-7008 (Unsanitized user-input in Calibre <= 7.15.0 allow attackers to
perform ...)
+ TODO: check
+CVE-2024-6886 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
+CVE-2024-6782 (Improper access control in Calibre 6.9.0 ~ 7.14.0 allow
unauthenticate ...)
+ TODO: check
+CVE-2024-6781 (Path traversal in Calibre <= 7.14.0 allow unauthenticated
attackers to ...)
+ TODO: check
+CVE-2024-6766 (The shortcodes-ultimate-pro WordPress plugin before 7.2.1 does
not val ...)
+ TODO: check
+CVE-2024-6651 (The WordPress File Upload WordPress plugin before 4.24.8 does
not sani ...)
+ TODO: check
+CVE-2024-6315 (The Blox Page Builder plugin for WordPress is vulnerable to
arbitrary ...)
+ TODO: check
+CVE-2024-6203 (HaloITSM versions up to 2.146.1 are affected by a Password
Reset Poiso ...)
+ TODO: check
+CVE-2024-6202 (HaloITSM versions up to 2.146.1 are affected by a SAML XML
Signature W ...)
+ TODO: check
+CVE-2024-6201 (HaloITSM versions up to 2.146.1 are affected by a Template
Injection v ...)
+ TODO: check
+CVE-2024-6200 (HaloITSM versions up to 2.146.1 are affected by a Stored
Cross-Site Sc ...)
+ TODO: check
+CVE-2024-5963 (Unquoted Executable Path vulnerability in Hitachi Device
Manager on Wi ...)
+ TODO: check
+CVE-2024-5828 (Expression Language Injection vulnerability in Hitachi Tuning
Manager ...)
+ TODO: check
+CVE-2024-5709 (The WPBakery Visual Composer plugin for WordPress is vulnerable
to Loc ...)
+ TODO: check
+CVE-2024-5708 (The WPBakery Visual Composer plugin for WordPress is vulnerable
to Sto ...)
+ TODO: check
+CVE-2024-42352 (Nuxt is a free and open-source framework to create full-stack
web appl ...)
+ TODO: check
+CVE-2024-41995 (Initialization of a resource with an insecure default
vulnerability ex ...)
+ TODO: check
+CVE-2024-41820 (Kubean is a cluster lifecycle management toolchain based on
kubespray ...)
+ TODO: check
+CVE-2024-41816 (Cooked is a recipe plugin for WordPress. The Cooked plugin for
WordPre ...)
+ TODO: check
+CVE-2024-41811 (ipl/web is a set of common web components for php projects.
Some of th ...)
+ TODO: check
+CVE-2024-39817 (Insertion of sensitive information into sent data issue exists
in Cybo ...)
+ TODO: check
+CVE-2024-34344 (Nuxt is a free and open-source framework to create full-stack
web appl ...)
+ TODO: check
+CVE-2024-34343 (Nuxt is a free and open-source framework to create full-stack
web appl ...)
+ TODO: check
+CVE-2024-28962 (Dell Command | Update, Dell Update, and Alienware Update UWP,
versions ...)
+ TODO: check
+CVE-2024-23657 (Nuxt is a free and open-source framework to create full-stack
web appl ...)
+ TODO: check
+CVE-2023-5000 (The Horizontal scrolling announcements plugin for WordPress is
vulnera ...)
+ TODO: check
+CVE-2024-7547 (oFono SMS Decoder Stack-based Buffer Overflow Privilege
Escalation Vul ...)
- ofono <unfixed>
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-24-1087/
-CVE-2024-7546
+CVE-2024-7546 (oFono SimToolKit Heap-based Buffer Overflow Privilege
Escalation Vulne ...)
- ofono <unfixed>
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-24-1086/
-CVE-2024-7545
+CVE-2024-7545 (oFono SimToolKit Heap-based Buffer Overflow Privilege
Escalation Vulne ...)
- ofono <unfixed>
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-24-1085/
-CVE-2024-7544
+CVE-2024-7544 (oFono SimToolKit Heap-based Buffer Overflow Privilege
Escalation Vulne ...)
- ofono <unfixed>
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-24-1084/
-CVE-2024-7543
+CVE-2024-7543 (oFono SimToolKit Heap-based Buffer Overflow Privilege
Escalation Vulne ...)
- ofono <unfixed>
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-24-1083/
-CVE-2024-7542
+CVE-2024-7542 (oFono AT CMGR Command Uninitialized Variable Information
Disclosure Vu ...)
- ofono <unfixed>
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-24-1082/
-CVE-2024-7541
+CVE-2024-7541 (oFono AT CMT Command Uninitialized Variable Information
Disclosure Vul ...)
- ofono <unfixed>
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-24-1081/
-CVE-2024-7540
+CVE-2024-7540 (oFono AT CMGL Command Uninitialized Variable Information
Disclosure Vu ...)
- ofono <unfixed>
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-24-1080/
-CVE-2024-7539
+CVE-2024-7539 (oFono CUSD Stack-based Buffer Overflow Code Execution
Vulnerability. T ...)
- ofono <unfixed>
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-24-1079/
-CVE-2024-7538
+CVE-2024-7538 (oFono CUSD AT Command Stack-based Buffer Overflow Code
Execution Vulne ...)
- ofono <unfixed>
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-24-1078/
-CVE-2024-7537
+CVE-2024-7537 (oFono QMI SMS Handling Out-Of-Bounds Read Information
Disclosure Vulne ...)
- ofono <unfixed>
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-24-1077/
CVE-2024-7006 [NULL pointer dereference in tif_dirinfo.c]
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/152722ebf3673a5b036d37b7fd1d1b04e74c4f78
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/152722ebf3673a5b036d37b7fd1d1b04e74c4f78
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
