[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Fri, 09 Aug 2024 13:13:48 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
1187cce7 by security tracker role at 2024-08-09T20:13:23+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,10 +1,102 @@
-CVE-2024-41890
+CVE-2024-7645 (A vulnerability was found in SourceCodester Clinics Patient 
Management ...)
+       TODO: check
+CVE-2024-7644 (A vulnerability was found in SourceCodester Leads Manager Tool 
1.0. It ...)
+       TODO: check
+CVE-2024-7643 (A vulnerability was found in SourceCodester Leads Manager Tool 
1.0 and ...)
+       TODO: check
+CVE-2024-7642 (A vulnerability has been found in SourceCodester Kortex Lite 
Advocate  ...)
+       TODO: check
+CVE-2024-7641 (A vulnerability, which was classified as critical, was found in 
Source ...)
+       TODO: check
+CVE-2024-7640 (A vulnerability, which was classified as critical, has been 
found in S ...)
+       TODO: check
+CVE-2024-7639 (A vulnerability classified as critical was found in 
SourceCodester Kor ...)
+       TODO: check
+CVE-2024-7638 (A vulnerability classified as critical has been found in 
SourceCodeste ...)
+       TODO: check
+CVE-2024-7637 (A vulnerability was found in code-projects Online Polling 1.0. 
It has  ...)
+       TODO: check
+CVE-2024-7636 (A vulnerability was found in code-projects Simple Ticket 
Booking 1.0.  ...)
+       TODO: check
+CVE-2024-7635 (A vulnerability was found in code-projects Simple Ticket 
Booking 1.0.  ...)
+       TODO: check
+CVE-2024-7416 (The Reveal Template plugin for WordPress is vulnerable to Full 
Path Di ...)
+       TODO: check
+CVE-2024-7414 (The PDF Builder for WPForms plugin for WordPress is vulnerable 
to Full ...)
+       TODO: check
+CVE-2024-7413 (The Obfuscate Email plugin for WordPress is vulnerable to Full 
Path Di ...)
+       TODO: check
+CVE-2024-7412 (The No Update Nag plugin for WordPress is vulnerable to Full 
Path Disc ...)
+       TODO: check
+CVE-2024-7410 (The My Custom CSS PHP & ADS plugin for WordPress is vulnerable 
to Full ...)
+       TODO: check
+CVE-2024-7408 (This vulnerability exists in Airveda Air Quality Monitor PM2.5 
PM10 du ...)
+       TODO: check
+CVE-2024-7382 (The Linkify Text plugin for WordPress is vulnerable to Full 
Path Discl ...)
+       TODO: check
+CVE-2024-6562 (The affiliate-toolkit \u2013 WordPress Affiliate Plugin plugin 
for Wor ...)
+       TODO: check
+CVE-2024-42470 (openHAB, a provider of open-source home automation software, 
has add-o ...)
+       TODO: check
+CVE-2024-42469 (openHAB, a provider of open-source home automation software, 
has add-o ...)
+       TODO: check
+CVE-2024-42468 (openHAB, a provider of open-source home automation software, 
has add-o ...)
+       TODO: check
+CVE-2024-42467 (openHAB, a provider of open-source home automation software, 
has add-o ...)
+       TODO: check
+CVE-2024-42370 (Litestar is an Asynchronous Server Gateway Interface (ASGI) 
framework. ...)
+       TODO: check
+CVE-2024-42367 (aiohttp is an asynchronous HTTP client/server framework for 
asyncio an ...)
+       TODO: check
+CVE-2024-41570 (An Unauthenticated Server-Side Request Forgery (SSRF) in demon 
callbac ...)
+       TODO: check
+CVE-2024-41476 (AMTT Hotel Broadband Operation System (HiBOS) V3.0.3.151204 
and before ...)
+       TODO: check
+CVE-2024-41332 (Incorrect access control in the delete_category function of 
Sourcecode ...)
+       TODO: check
+CVE-2024-40480 (A Broken Access Control vulnerability was found in 
/admin/update.php a ...)
+       TODO: check
+CVE-2024-40479 (A SQL injection vulnerability in "/admin/quizquestion.php" in 
Kashipar ...)
+       TODO: check
+CVE-2024-40478 (A Stored Cross Site Scripting (XSS) vulnerability was found in 
"/admin ...)
+       TODO: check
+CVE-2024-40472 (Sourcecodester Daily Calories Monitoring Tool v1.0 is 
vulnerable to SQ ...)
+       TODO: check
+CVE-2024-39338 (axios 1.7.2 allows SSRF via unexpected behavior where requests 
for pat ...)
+       TODO: check
+CVE-2024-38989 (izatop bunt v0.29.19 was discovered to contain a prototype 
pollution v ...)
+       TODO: check
+CVE-2024-37826 (A NULL pointer dereference in vercot Serva v4.6.0 allows 
attackers to  ...)
+       TODO: check
+CVE-2024-36462 (Uncontrolled resource consumption refers to a software 
vulnerability w ...)
+       TODO: check
+CVE-2024-36461 (Within Zabbix, users have the ability to directly modify 
memory pointe ...)
+       TODO: check
+CVE-2024-36460 (The front-end audit log allows viewing of unprotected 
plaintext passwo ...)
+       TODO: check
+CVE-2024-32765 (A vulnerability has been reported to affect Network & Virtual 
Switch.  ...)
+       TODO: check
+CVE-2024-22123 (Setting SMS media allows to set GSM modem file. Later this 
file is use ...)
+       TODO: check
+CVE-2024-22122 (Zabbix allows to configure SMS notifications. AT command 
injection occ ...)
+       TODO: check
+CVE-2024-22121 (A non-admin user can change or remove important features 
within the Za ...)
+       TODO: check
+CVE-2024-22116 (An administrator with restricted permissions can exploit the 
script ex ...)
+       TODO: check
+CVE-2024-22114 (User with no permission to any of the Hosts can access and 
view host c ...)
+       TODO: check
+CVE-2023-38018 (IBM Aspera Shares 1.10.0 PL2 does not invalidate session after 
a passw ...)
+       TODO: check
+CVE-2023-31315 (Improper validation in a model specific register (MSR) could 
allow a m ...)
+       TODO: check
+CVE-2024-41890 (Missing Release of Resource after Effective Lifetime 
vulnerability in  ...)
        NOT-FOR-US: Apache Answer
-CVE-2024-41888
+CVE-2024-41888 (Missing Release of Resource after Effective Lifetime 
vulnerability in  ...)
        NOT-FOR-US: Apache Answer
-CVE-2024-29831
+CVE-2024-29831 (Improper Input Validation vulnerability in Apache 
DolphinScheduler. An ...)
        NOT-FOR-US: Apache DolphinScheduler
-CVE-2024-30188
+CVE-2024-30188 (File read and write vulnerability in Apache DolphinScheduler , 
authent ...)
        NOT-FOR-US: Apache DolphinScheduler
 CVE-2024-7633
        REJECTED
@@ -216,6 +308,7 @@ CVE-2023-40261 (Diebold Nixdorf Vynamic Security Suite 
(VSS) before 3.3.0 SR17,
 CVE-2023-33206 (Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 
SR16, 4.0.0  ...)
        NOT-FOR-US: Diebold Nixdorf Vynamic Security Suite (VSS)
 CVE-2024-7348 (Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in 
Postgr ...)
+       {DSA-5746-1 DSA-5745-1}
        - postgresql-16 16.4-1
        - postgresql-15 <removed>
        - postgresql-13 <removed>



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1187cce7e3a837e4656b74b50f18086c00a83b91

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1187cce7e3a837e4656b74b50f18086c00a83b91
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to