Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2042b8e1 by security tracker role at 2024-08-22T20:12:47+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,103 @@
+CVE-2024-8088 (There is a HIGH severity vulnerability affecting the CPython
"zipfile" ...)
+ TODO: check
+CVE-2024-8077 (A vulnerability was found in TOTOLINK AC1200 T8
4.1.5cu.862_B20230228. ...)
+ TODO: check
+CVE-2024-8076 (A vulnerability was found in TOTOLINK AC1200 T8
4.1.5cu.862_B20230228 ...)
+ TODO: check
+CVE-2024-8075 (A vulnerability has been found in TOTOLINK AC1200 T8
4.1.5cu.862_B2023 ...)
+ TODO: check
+CVE-2024-8041 (A Denial of Service (DoS) issue has been discovered in GitLab
CE/EE af ...)
+ TODO: check
+CVE-2024-7848 (The User Private Files \u2013 WordPress File Sharing Plugin
plugin for ...)
+ TODO: check
+CVE-2024-7778 (The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable
to Store ...)
+ TODO: check
+CVE-2024-7634 (NGINX Agent's "config_dirs" restriction feature allows a highly
privil ...)
+ TODO: check
+CVE-2024-7110 (An issue was discovered in GitLab EE affecting all versions
starting 1 ...)
+ TODO: check
+CVE-2024-6870 (The Responsive Lightbox & Gallery plugin for WordPress is
vulnerable t ...)
+ TODO: check
+CVE-2024-6502 (An issue was discovered in GitLab CE/EE affecting all versions
startin ...)
+ TODO: check
+CVE-2024-45201 (An issue was discovered in llama_index before 0.10.38.
download/integr ...)
+ TODO: check
+CVE-2024-45193 (An issue was discovered in Matrix libolm (aka Olm) through
3.2.16. The ...)
+ TODO: check
+CVE-2024-45192 (An issue was discovered in Matrix libolm (aka Olm) through
3.2.16. Cac ...)
+ TODO: check
+CVE-2024-45191 (An issue was discovered in Matrix libolm (aka Olm) through
3.2.16. The ...)
+ TODO: check
+CVE-2024-43787 (Hono is a Web application framework that provides support for
any Java ...)
+ TODO: check
+CVE-2024-43785 (gitoxide An idiomatic, lean, fast & safe pure Rust
implementation of G ...)
+ TODO: check
+CVE-2024-43780 (Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.0,
9.8.x <= 9 ...)
+ TODO: check
+CVE-2024-43398 (REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6
has a DoS ...)
+ TODO: check
+CVE-2024-43331 (Missing Authorization vulnerability in VeronaLabs WP SMS.This
issue af ...)
+ TODO: check
+CVE-2024-42776 (Kashipara Hotel Management System v1.0 is vulnerable to
Incorrect Acce ...)
+ TODO: check
+CVE-2024-42775 (An Incorrect Access Control vulnerability was found in
/admin/add_room ...)
+ TODO: check
+CVE-2024-42774 (An Incorrect Access Control vulnerability was found in
/admin/delete_r ...)
+ TODO: check
+CVE-2024-42773 (An Incorrect Access Control vulnerability was found in
/admin/edit_roo ...)
+ TODO: check
+CVE-2024-42772 (An Incorrect Access Control vulnerability was found in
/admin/rooms.ph ...)
+ TODO: check
+CVE-2024-42771 (A Stored Cross Site Scripting (XSS) vulnerability was found in
" /admi ...)
+ TODO: check
+CVE-2024-42770 (A Stored Cross Site Scripting (XSS) vulnerability was found in
"/core/ ...)
+ TODO: check
+CVE-2024-42769 (A Reflected Cross Site Scripting (XSS) vulnerability was found
in "/co ...)
+ TODO: check
+CVE-2024-42768 (A Cross-Site Request Forgery (CSRF) vulnerability was found in
Kashipa ...)
+ TODO: check
+CVE-2024-42767 (Kashipara Hotel Management System v1.0 is vulnerable to
Unrestricted F ...)
+ TODO: check
+CVE-2024-42599 (SeaCMS 13.0 has a remote code execution vulnerability. The
reason for ...)
+ TODO: check
+CVE-2024-42497 (Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.x <=
9.10.0, ...)
+ TODO: check
+CVE-2024-42490 (authentik is an open-source Identity Provider. Several API
endpoints c ...)
+ TODO: check
+CVE-2024-42418 (Avtec Outpost uses a default cryptographic key that can be
used to dec ...)
+ TODO: check
+CVE-2024-40884 (Mattermost versions 9.5.x <= 9.5.7, 9.10.x <= 9.10.0 fail to
properly ...)
+ TODO: check
+CVE-2024-3127 (An issue has been discovered in GitLab EE affecting all
versions start ...)
+ TODO: check
+CVE-2024-39776 (Avtec Outpost stores sensitive information in an insecure
location wit ...)
+ TODO: check
+CVE-2024-39746 (IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and
6.3 could ...)
+ TODO: check
+CVE-2024-39745 (IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and
6.3 uses w ...)
+ TODO: check
+CVE-2024-39744 (IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and
6.3 is vul ...)
+ TODO: check
+CVE-2024-39717 (The Versa Director GUI provides an option to customize the
look and fe ...)
+ TODO: check
+CVE-2024-36445 (Swissphone DiCal-RED 4009 devices allow a remote attacker to
gain a ro ...)
+ TODO: check
+CVE-2024-36444 (cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices
allows an ...)
+ TODO: check
+CVE-2024-36443 (Swissphone DiCal-RED 4009 devices allow a remote attacker to
gain read ...)
+ TODO: check
+CVE-2024-36442 (cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices
allows an ...)
+ TODO: check
+CVE-2024-36441 (Swissphone DiCal-RED 4009 devices allow an unauthenticated
attacker us ...)
+ TODO: check
+CVE-2024-36440 (An issue was discovered on Swissphone DiCal-RED 4009 devices.
An attac ...)
+ TODO: check
+CVE-2024-36439 (Swissphone DiCal-RED 4009 devices allow a remote attacker to
gain acce ...)
+ TODO: check
+CVE-2024-35151 (IBM OpenPages with Watson 8.3 and 9.0 could allow
authenticated users ...)
+ TODO: check
+CVE-2023-6452 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
CVE-2024-8072 (Mage AI allows remote unauthenticated attackers to leak the
terminal s ...)
NOT-FOR-US: Mage AI
CVE-2024-8071 (Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.x <=
9.10.0 a ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2042b8e156cfd26c1e8faf7bdb46b4b535ca6ae1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2042b8e156cfd26c1e8faf7bdb46b4b535ca6ae1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
