[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Thu, 08 Aug 2024 01:12:32 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
f79ca05e by security tracker role at 2024-08-08T08:12:07+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,53 @@
+CVE-2024-7561 (The The Next theme for WordPress is vulnerable to PHP Object 
Injection ...)
+       TODO: check
+CVE-2024-7560 (The News Flash theme for WordPress is vulnerable to PHP Object 
Injecti ...)
+       TODO: check
+CVE-2024-7548 (The LearnPress \u2013 WordPress LMS Plugin plugin for WordPress 
is vul ...)
+       TODO: check
+CVE-2024-7492 (The MainWP Child Reports plugin for WordPress is vulnerable to 
Cross-S ...)
+       TODO: check
+CVE-2024-7486 (The MultiPurpose theme for WordPress is vulnerable to PHP 
Object Injec ...)
+       TODO: check
+CVE-2024-7350 (The Appointment Booking Calendar Plugin and Online Scheduling 
Plugin \ ...)
+       TODO: check
+CVE-2024-7150 (The Slider by 10Web \u2013 Responsive Image Slider plugin for 
WordPres ...)
+       TODO: check
+CVE-2024-6987 (The Orchid Store theme for WordPress is vulnerable to 
unauthorized mod ...)
+       TODO: check
+CVE-2024-6893 (The "soap_cgi.pyc" API handler allows the XML body of SOAP 
requests to ...)
+       TODO: check
+CVE-2024-6892 (Attackers can craft a malicious link that once clicked will 
execute ar ...)
+       TODO: check
+CVE-2024-6891 (Attackers with a valid username and password can exploit a 
python code ...)
+       TODO: check
+CVE-2024-6890 (Password reset tokens are generated using an insecure source of 
random ...)
+       TODO: check
+CVE-2024-6884 (The Gutenberg Blocks with AI by Kadence WP  WordPress plugin 
before 3. ...)
+       TODO: check
+CVE-2024-6869 (The Falang multilanguage for WordPress plugin for WordPress is 
vulnera ...)
+       TODO: check
+CVE-2024-6824 (The Premium Addons for Elementor plugin for WordPress is 
vulnerable to ...)
+       TODO: check
+CVE-2024-6707 (Attacker controlled files can be uploaded to arbitrary 
locations on th ...)
+       TODO: check
+CVE-2024-6706 (Attackers can craft a malicious prompt that coerces the 
language model ...)
+       TODO: check
+CVE-2024-6552 (The Booking for Appointments and Events Calendar \u2013 Amelia 
plugin  ...)
+       TODO: check
+CVE-2024-6481 (The Search & Filter Pro WordPress plugin before 2.5.18 does not 
saniti ...)
+       TODO: check
+CVE-2024-6254 (The Brizy \u2013 Page Builder plugin for WordPress is 
vulnerable to Cr ...)
+       TODO: check
+CVE-2024-5668 (The Lightbox & Modal Popup WordPress Plugin \u2013 FooBox 
plugin for W ...)
+       TODO: check
+CVE-2024-5226 (The Fuse Social Floating Sidebar plugin for WordPress is 
vulnerable to ...)
+       TODO: check
+CVE-2024-38202 (Summary Microsoft was notified that an elevation of privilege 
vulnerab ...)
+       TODO: check
+CVE-2024-22069 (There is a permission and access control vulnerability of 
ZTE's ZXV10  ...)
+       TODO: check
+CVE-2024-21302 (Summary: Microsoft was notified that an elevation of privilege 
vulnera ...)
+       TODO: check
 CVE-2024-43168
        - unbound 1.20.0-1
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2303462
@@ -450,21 +500,27 @@ CVE-2024-5290 (An issue was discovered in Ubuntu 
wpa_supplicant that resulted in
        - wpa 2:2.10-22
        NOTE: https://bugs.launchpad.net/ubuntu/+source/wpa/+bug/2067613
 CVE-2024-7550 (Type Confusion in V8 in Google Chrome prior to 127.0.6533.99 
allowed a ...)
+       {DSA-5741-1}
        - chromium 127.0.6533.99-1
        [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-7536 (Use after free in WebAudio in Google Chrome prior to 
127.0.6533.99 all ...)
+       {DSA-5741-1}
        - chromium 127.0.6533.99-1
        [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-7535 (Inappropriate implementation in V8 in Google Chrome prior to 
127.0.653 ...)
+       {DSA-5741-1}
        - chromium 127.0.6533.99-1
        [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-7534 (Heap buffer overflow in Layout in Google Chrome prior to 
127.0.6533.99 ...)
+       {DSA-5741-1}
        - chromium 127.0.6533.99-1
        [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-7533 (Use after free in Sharing in Google Chrome on iOS prior to 
127.0.6533. ...)
+       {DSA-5741-1}
        - chromium 127.0.6533.99-1
        [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-7532 (Out of bounds memory access in ANGLE in Google Chrome prior to 
127.0.6 ...)
+       {DSA-5741-1}
        - chromium 127.0.6533.99-1
        [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-7531 (Calling `PK11_Encrypt()` in NSS using CKM_CHACHA20 and the same 
buffer ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f79ca05e7228cac7e343068160ce663892bc6273

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f79ca05e7228cac7e343068160ce663892bc6273
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to