[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Fri, 16 Aug 2024 13:13:29 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
65b85b64 by security tracker role at 2024-08-16T20:12:30+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,95 @@
+CVE-2024-7646 (A security issue was discovered in ingress-nginx where an actor 
with p ...)
+       TODO: check
+CVE-2024-7147 (The JetBlocks for Elementor plugin for WordPress is vulnerable 
to Stor ...)
+       TODO: check
+CVE-2024-7146 (The JetTabs for Elementor plugin for WordPress is vulnerable to 
Local  ...)
+       TODO: check
+CVE-2024-7145 (The JetElements plugin for WordPress is vulnerable to Local 
File Inclu ...)
+       TODO: check
+CVE-2024-7144 (The JetElements plugin for WordPress is vulnerable to Stored 
Cross-Sit ...)
+       TODO: check
+CVE-2024-7136 (The JetSearch plugin for WordPress is vulnerable to Stored 
Cross-Site  ...)
+       TODO: check
+CVE-2024-6098 (When performing an online tag generation to devices which 
communicate  ...)
+       TODO: check
+CVE-2024-6004 (A denial-of-service vulnerability was reported in some Lenovo 
printers ...)
+       TODO: check
+CVE-2024-5210 (A denial-of-service vulnerability was reported in some Lenovo 
printers ...)
+       TODO: check
+CVE-2024-5209 (A denial-of-service vulnerability was reported in some Lenovo 
printers ...)
+       TODO: check
+CVE-2024-4782 (A denial-of-service vulnerability was reported in some Lenovo 
printers ...)
+       TODO: check
+CVE-2024-4781 (A denial-of-service vulnerability was reported in some Lenovo 
printers ...)
+       TODO: check
+CVE-2024-4763 (An insecure driver vulnerability was reported inLenovo Display 
Control ...)
+       TODO: check
+CVE-2024-43810 (In JetBrains TeamCity before 2024.07.1 reflected XSS was 
possible in t ...)
+       TODO: check
+CVE-2024-43809 (In JetBrains TeamCity before 2024.07.1 reflected XSS was 
possible on t ...)
+       TODO: check
+CVE-2024-43808 (In JetBrains TeamCity before 2024.07.1 self XSS was possible 
in the Ha ...)
+       TODO: check
+CVE-2024-43807 (In JetBrains TeamCity before 2024.07.1 multiple stored XSS was 
possibl ...)
+       TODO: check
+CVE-2024-43472 (Microsoft Edge (Chromium-based) Elevation of Privilege 
Vulnerability)
+       TODO: check
+CVE-2024-43381 (reNgine is an automated reconnaissance framework for web 
applications. ...)
+       TODO: check
+CVE-2024-43042 (Pluck CMS 4.7.18 does not restrict failed login attempts, 
allowing att ...)
+       TODO: check
+CVE-2024-43011 (An arbitrary file deletion vulnerability exists in the 
admin/del.php f ...)
+       TODO: check
+CVE-2024-43009 (A reflected cross-site scripting (XSS) vulnerability exists in 
user/lo ...)
+       TODO: check
+CVE-2024-43006 (A stored cross-site scripting (XSS) vulnerability exists in 
ZZCMS2023  ...)
+       TODO: check
+CVE-2024-43005 (A reflected cross-site scripting (XSS) vulnerability in the 
component  ...)
+       TODO: check
+CVE-2024-42995 (VTiger CRM <= 8.1.0 does not correctly check user privileges. 
A low-pr ...)
+       TODO: check
+CVE-2024-42994 (VTiger CRM <= 8.1.0 does not properly sanitize user input 
before using ...)
+       TODO: check
+CVE-2024-42850 (An issue in the password change function of Silverpeas v6.4.2 
and lowe ...)
+       TODO: check
+CVE-2024-42849 (An issue in Silverpeas v.6.4.2 and lower allows a remote 
attacker to c ...)
+       TODO: check
+CVE-2024-42758 (A Cross-site Scripting (XSS) vulnerability exists in version 
v2024-01- ...)
+       TODO: check
+CVE-2024-42639 (H3C GR1100-P v100R009 was discovered to use a hardcoded 
password in /e ...)
+       TODO: check
+CVE-2024-42638 (H3C Magic B1ST v100R012 was discovered to contain a hardcoded 
password ...)
+       TODO: check
+CVE-2024-42637 (H3C R3010 v100R002L02 was discovered to contain a hardcoded 
password v ...)
+       TODO: check
+CVE-2024-42634 (A Command Injection vulnerability exists in formWriteFacMac of 
the htt ...)
+       TODO: check
+CVE-2024-42486 (Cilium is a networking, observability, and security solution 
with an e ...)
+       TODO: check
+CVE-2024-42466 (Improper Restriction of Excessive Authentication Attempts 
vulnerabilit ...)
+       TODO: check
+CVE-2024-42465 (Improper Restriction of Excessive Authentication Attempts 
vulnerabilit ...)
+       TODO: check
+CVE-2024-42464 (Authorization Bypass Through User-Controlled Key vulnerability 
in upKe ...)
+       TODO: check
+CVE-2024-42463 (Authorization Bypass Through User-Controlled Key vulnerability 
in upKe ...)
+       TODO: check
+CVE-2024-42462 (Improper Authentication vulnerability in upKeeper Solutions 
product up ...)
+       TODO: check
+CVE-2024-2175 (An insecure permissions vulnerability was reported inLenovo 
Display Co ...)
+       TODO: check
+CVE-2024-25837 (A stored cross-site scripting (XSS) vulnerability in October 
CMS Blogh ...)
+       TODO: check
+CVE-2024-25008 (Ericsson RAN Compute and Site Controller 6610 contains a 
vulnerability ...)
+       TODO: check
+CVE-2023-5888
+       REJECTED
+CVE-2023-47728 (IBM QRadar Suite Software 1.10.12.0 through 1.10.22.0 and IBM 
Cloud Pa ...)
+       TODO: check
+CVE-2023-3207
+       REJECTED
+CVE-2023-2920
+       REJECTED
 CVE-2024-7868 (In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) 
stream ...)
        TODO: check
 CVE-2024-7853 (A vulnerability was found in SourceCodester Yoga Class 
Registration Sy ...)
@@ -132513,7 +132605,7 @@ CVE-2022-4407 (Cross-site Scripting (XSS) - Reflected 
in GitHub repository thors
 CVE-2022-4406
        RESERVED
 CVE-2022-4405
-       RESERVED
+       REJECTED
 CVE-2022-4404
        RESERVED
 CVE-2022-4403 (A vulnerability classified as critical was found in 
SourceCodester Can ...)
@@ -173919,8 +174011,8 @@ CVE-2022-33164 (IBM Security Directory Server 7.2.0 
could allow a remote attacke
        NOT-FOR-US: IBM
 CVE-2022-33163 (IBM Security Directory Suite VA 8.0.1 specifies permissions 
for a secu ...)
        NOT-FOR-US: IBM
-CVE-2022-33162
-       RESERVED
+CVE-2022-33162 (IBM Security Directory Integrator 7.2.0 and Security Verify 
Directory  ...)
+       TODO: check
 CVE-2022-33161 (IBM Security Directory Server 6.4.0 could allow a remote 
attacker to o ...)
        NOT-FOR-US: IBM
 CVE-2022-33160 (IBM Security Directory Suite 8.0.1 uses weaker than expected 
cryptogra ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/65b85b64d5d0425f170dd7ebd2f2024b52d162e0

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/65b85b64d5d0425f170dd7ebd2f2024b52d162e0
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to