[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Tue, 27 Aug 2024 01:12:34 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
e3778099 by security tracker role at 2024-08-27T08:11:47+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,89 @@
+CVE-2024-8046 (The Logo Showcase Ultimate \u2013 Logo Carousel, Logo Slider & 
Logo Gr ...)
+       TODO: check
+CVE-2024-7989
+       REJECTED
+CVE-2024-7608 (An authenticated user can download sensitive files from Trellix 
produc ...)
+       TODO: check
+CVE-2024-7304 (The Ninja Tables \u2013 Easiest Data Table Builder plugin for 
WordPres ...)
+       TODO: check
+CVE-2024-7125 (Authentication Bypass vulnerability in Hitachi Ops Center 
Common Servi ...)
+       TODO: check
+CVE-2024-6804 (The Jeg Elementor Kit plugin for WordPress is vulnerable to 
Stored Cro ...)
+       TODO: check
+CVE-2024-6688 (The Oxygen Builder plugin for WordPress is vulnerable to 
unauthorized  ...)
+       TODO: check
+CVE-2024-45321 (The App::cpanminus package through 1.7047 for Perl downloads 
code via  ...)
+       TODO: check
+CVE-2024-45036 (Tophat is a mobile applications testing harness. An Improper 
Access Co ...)
+       TODO: check
+CVE-2024-43916 (Authorization Bypass Through User-Controlled Key vulnerability 
in Dyla ...)
+       TODO: check
+CVE-2024-43915 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
+       TODO: check
+CVE-2024-43798 (Chisel is a fast TCP/UDP tunnel, transported over HTTP, 
secured via SS ...)
+       TODO: check
+CVE-2024-43356 (Cross-Site Request Forgery (CSRF) vulnerability in 
bobbingwide.This is ...)
+       TODO: check
+CVE-2024-43340 (Cross-Site Request Forgery (CSRF) vulnerability in Nasirahmed 
Advanced ...)
+       TODO: check
+CVE-2024-43339 (Cross-Site Request Forgery (CSRF) vulnerability in 
WebinarPress allows ...)
+       TODO: check
+CVE-2024-43337 (Cross-Site Request Forgery (CSRF) vulnerability in Brave Brave 
Popup B ...)
+       TODO: check
+CVE-2024-43336 (Cross-Site Request Forgery (CSRF) vulnerability in WP User 
Manager.Thi ...)
+       TODO: check
+CVE-2024-43325 (Cross-Site Request Forgery (CSRF) vulnerability in Naiche Dark 
Mode fo ...)
+       TODO: check
+CVE-2024-43316 (Cross-Site Request Forgery (CSRF) vulnerability in Checkout 
Plugins St ...)
+       TODO: check
+CVE-2024-43301 (Cross-Site Request Forgery (CSRF) vulnerability in Fonts 
Plugin Fonts  ...)
+       TODO: check
+CVE-2024-43299 (Cross-Site Request Forgery (CSRF) vulnerability in Softaculous 
Team Sp ...)
+       TODO: check
+CVE-2024-43295 (Cross-Site Request Forgery (CSRF) vulnerability in Passionate 
Programm ...)
+       TODO: check
+CVE-2024-43287 (Cross-Site Request Forgery (CSRF) vulnerability in Brevo 
Newsletter, S ...)
+       TODO: check
+CVE-2024-43269 (Cross-Site Request Forgery (CSRF) vulnerability in WPBackItUp 
Backup a ...)
+       TODO: check
+CVE-2024-43265 (Cross-Site Request Forgery (CSRF) vulnerability in 
Analytify.This issu ...)
+       TODO: check
+CVE-2024-43264 (Exposure of Sensitive Information to an Unauthorized Actor 
vulnerabili ...)
+       TODO: check
+CVE-2024-43259 (Exposure of Sensitive Information to an Unauthorized Actor 
vulnerabili ...)
+       TODO: check
+CVE-2024-43258 (Exposure of Sensitive Information to an Unauthorized Actor 
vulnerabili ...)
+       TODO: check
+CVE-2024-43257 (Exposure of Sensitive Information to an Unauthorized Actor 
vulnerabili ...)
+       TODO: check
+CVE-2024-43255 (Cross-Site Request Forgery (CSRF) vulnerability in Stormhill 
Media MyB ...)
+       TODO: check
+CVE-2024-43251 (Exposure of Sensitive Information to an Unauthorized Actor 
vulnerabili ...)
+       TODO: check
+CVE-2024-43230 (Exposure of Sensitive Information to an Unauthorized Actor 
vulnerabili ...)
+       TODO: check
+CVE-2024-43214 (Missing Authorization vulnerability in myCred.This issue 
affects myCre ...)
+       TODO: check
+CVE-2024-43117 (Cross-Site Request Forgery (CSRF) vulnerability in WPMU DEV 
Hummingbir ...)
+       TODO: check
+CVE-2024-43116 (Cross-Site Request Forgery (CSRF) vulnerability in 10up Simple 
Local A ...)
+       TODO: check
+CVE-2024-41176 (The MPD package included in TwinCAT/BSDallows an 
authenticated, low-pr ...)
+       TODO: check
+CVE-2024-41175 (The IPC-Diagnostics package included in TwinCAT/BSD is 
vulnerable to a ...)
+       TODO: check
+CVE-2024-41174 (The IPC-Diagnostics package in TwinCAT/BSD is susceptible to 
improper  ...)
+       TODO: check
+CVE-2024-41173 (The IPC-Diagnostics package included in TwinCAT/BSD is 
vulnerable to a ...)
+       TODO: check
+CVE-2024-39657 (Cross-Site Request Forgery (CSRF) vulnerability in Sender 
Sender \u201 ...)
+       TODO: check
+CVE-2024-39645 (Cross-Site Request Forgery (CSRF) vulnerability in Themeum 
Tutor LMS.T ...)
+       TODO: check
+CVE-2024-39641 (Cross-Site Request Forgery (CSRF) vulnerability in ThimPress 
LearnPres ...)
+       TODO: check
+CVE-2024-39628 (Cross-Site Request Forgery (CSRF) vulnerability in Saturday 
Drive Ninj ...)
+       TODO: check
 CVE-2024-8188
        REJECTED
 CVE-2024-8174 (A vulnerability has been found in code-projects Blood Bank 
System 1.0  ...)
@@ -1561,7 +1647,7 @@ CVE-2024-6379 (An URL redirection to untrusted site (open 
redirect) vulnerabilit
        NOT-FOR-US: 3DSwymer
 CVE-2024-6378 (A reflected Cross-site Scripting (XSS) vulnerability affecting 
ENOVIA  ...)
        NOT-FOR-US: ENOVIA
-CVE-2024-6377 (A reflected Cross-site Scripting (XSS) vulnerability affecting 
3DSwyme ...)
+CVE-2024-6377 (An URL redirection to untrusted site (open redirect) 
vulnerability aff ...)
        NOT-FOR-US: 3DEXPERIENCE
 CVE-2024-6337 (An Incorrect Authorization vulnerability was identified in 
GitHub Ente ...)
        NOT-FOR-US: GitHub Enterprise Server
@@ -3029,7 +3115,7 @@ CVE-2024-6533 (Directus v10.13.0 allows an authenticated 
external attacker to ex
        NOT-FOR-US: Directus
 CVE-2024-43368 (The Trix editor, versions prior to 2.1.4, is vulnerable to XSS 
when pa ...)
        NOT-FOR-US: Trix editor
-CVE-2024-43275 (Cross-Site Request Forgery (CSRF) vulnerability in Xyzscripts 
Insert P ...)
+CVE-2024-43275 (Cross-Site Request Forgery (CSRF) vulnerability in 
xyzscripts.Com Inse ...)
        NOT-FOR-US: Xyzscripts Insert PHP Code Snippet
 CVE-2024-42353 (WebOb provides objects for HTTP requests and responses. When 
WebOb nor ...)
        - python-webob <unfixed> (bug #1078879)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e377809920752e912c2a60b8e2ce4d4dce364de8

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e377809920752e912c2a60b8e2ce4d4dce364de8
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to