Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b49bcf93 by security tracker role at 2024-08-30T08:11:59+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,69 @@
+CVE-2024-8333
+ REJECTED
+CVE-2024-8330 (6SHR system from Gether Technology does not properly validate
uploaded ...)
+ TODO: check
+CVE-2024-8329 (6SHR system from Gether Technology does not properly validate
the spec ...)
+ TODO: check
+CVE-2024-8328 (Easy test Online Learning and Testing Platform from HWA JIUH
DIGITAL T ...)
+ TODO: check
+CVE-2024-8327 (Easy test Online Learning and Testing Platform fromHWA JIUH
DIGITAL T ...)
+ TODO: check
+CVE-2024-8319 (The Tourfic plugin for WordPress is vulnerable to Cross-Site
Request F ...)
+ TODO: check
+CVE-2024-8234 (** UNSUPPORTED WHEN ASSIGNED ** A command injection
vulnerability in t ...)
+ TODO: check
+CVE-2024-8016 (The Events Calendar Pro plugin for WordPress is vulnerable to
PHP Obje ...)
+ TODO: check
+CVE-2024-6672 (In WhatsUp Gold versions released before 2024.0.0, a SQL
Injection vul ...)
+ TODO: check
+CVE-2024-6671 (In WhatsUp Gold versions released before 2024.0.0, if the
application ...)
+ TODO: check
+CVE-2024-6670 (In WhatsUp Gold versions released before 2024.0.0,a SQL
Injection vuln ...)
+ TODO: check
+CVE-2024-5879 (The HubSpot \u2013 CRM, Email Marketing, Live Chat, Forms &
Analytics ...)
+ TODO: check
+CVE-2024-5784 (The Tutor LMS Pro plugin for WordPress is vulnerable to
unauthorized ...)
+ TODO: check
+CVE-2024-5061 (The Enfold - Responsive Multi-Purpose Theme theme for WordPress
is vul ...)
+ TODO: check
+CVE-2024-5024 (The Memberpress plugin for WordPress is vulnerable to Reflected
Cross- ...)
+ TODO: check
+CVE-2024-4401 (The Elementor Addon Elements plugin for WordPress is vulnerable
to Sto ...)
+ TODO: check
+CVE-2024-45492 (An issue was discovered in libexpat before 2.6.3.
nextScaffoldPart in ...)
+ TODO: check
+CVE-2024-45491 (An issue was discovered in libexpat before 2.6.3. dtdCopy in
xmlparse. ...)
+ TODO: check
+CVE-2024-45490 (An issue was discovered in libexpat before 2.6.3. xmlparse.c
does not ...)
+ TODO: check
+CVE-2024-45488 (One Identity Safeguard for Privileged Passwords before 7.5.2
allows un ...)
+ TODO: check
+CVE-2024-45302 (RestSharp is a Simple REST and HTTP API Client for .NET. The
second ar ...)
+ TODO: check
+CVE-2024-44944 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
+ TODO: check
+CVE-2024-42412 (Cross-site scripting vulnerability exists in WAB-I1750-PS and
WAB-S116 ...)
+ TODO: check
+CVE-2024-41349 (unmark 1.9.2 is vulnerable to Cross Site Scripting (XSS) via
applicati ...)
+ TODO: check
+CVE-2024-3998 (The Betheme theme for WordPress is vulnerable to Stored
Cross-Site Scr ...)
+ TODO: check
+CVE-2024-3673 (The Web Directory Free WordPress plugin before 1.7.3 does not
validate ...)
+ TODO: check
+CVE-2024-39300 (Missing authentication vulnerability exists in Telnet function
of WAB- ...)
+ TODO: check
+CVE-2024-34577 (Cross-site scripting vulnerability exists in WRC-X3000GS2-B,
WRC-X3000 ...)
+ TODO: check
+CVE-2024-2881 (Fault Injection vulnerability inwc_ed25519_sign_msg function in
wolfss ...)
+ TODO: check
+CVE-2024-2694 (The Betheme theme for WordPress is vulnerable to PHP Object
Injection ...)
+ TODO: check
+CVE-2024-2502 (An application can be configured to block boot attempts after
consecut ...)
+ TODO: check
+CVE-2024-1545 (Fault Injection vulnerability in RsaPrivateDecryption function
in wolf ...)
+ TODO: check
+CVE-2024-1543 (The side-channel protected T-Table implementation in wolfSSL up
to ver ...)
+ TODO: check
CVE-2024-8285
NOT-FOR-US: kroxylicious
CVE-2024-42934
@@ -221,12 +287,15 @@ CVE-2024-8250 (NTLMSSP dissector crash in Wireshark 4.2.0
to 4.0.6 and 4.0.0 to
NOTE: https://www.wireshark.org/security/wnpa-sec-2024-11.html
NOTE: https://gitlab.com/wireshark/wireshark/-/issues/19943
CVE-2024-8198 (Heap buffer overflow in Skia in Google Chrome prior to
128.0.6613.113 ...)
+ {DSA-5761-1}
- chromium 128.0.6613.113-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2024-8194 (Type Confusion in V8 in Google Chrome prior to 128.0.6613.113
allowed ...)
+ {DSA-5761-1}
- chromium 128.0.6613.113-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2024-8193 (Heap buffer overflow in Skia in Google Chrome prior to
128.0.6613.113 ...)
+ {DSA-5761-1}
- chromium 128.0.6613.113-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2024-7857 (The Media Library Folders plugin for WordPress is vulnerable to
second ...)
@@ -1633,6 +1702,7 @@ CVE-2024-7971 (Type confusion in V8 in Google Chrome
prior to 128.0.6613.84 allo
- chromium 128.0.6613.84-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2024-7969 (Type Confusion in V8 in Google Chrome prior to 128.0.6613.113
allowed ...)
+ {DSA-5761-1}
- chromium 128.0.6613.113-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2024-7968 (Use after free in Autofill in Google Chrome prior to
128.0.6613.84 all ...)
@@ -9046,7 +9116,8 @@ CVE-2024-41664 (Canarytokens help track activity and
actions on a network. Prior
NOT-FOR-US: Canarytokens
CVE-2024-41663 (Canarytokens help track activity and actions on a network. A
Cross-Si ...)
NOT-FOR-US: Canarytokens
-CVE-2024-41661 (reNgine is an automated reconnaissance framework for web
applications. ...)
+CVE-2024-41661
+ REJECTED
NOT-FOR-US: reNgine
CVE-2024-41655 (TF2 Item Format helps users format TF2 items to the community
standard ...)
NOT-FOR-US: TF2 Item Format
@@ -41593,7 +41664,7 @@ CVE-2024-21508 (Versions of the package mysql2 before
3.9.4 are vulnerable to Re
NOT-FOR-US: Node mysql2
CVE-2023-6811 (The Language Translate Widget for WordPress \u2013 ConveyThis
plugin f ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-6257 (The Inline Related Posts WordPress plugin before 3.6.0 does not
ensure ...)
+CVE-2023-6257 (The Inline Related Posts WordPress plugin before 3.6.0 is
missing auth ...)
NOT-FOR-US: WordPress plugin
CVE-2024-3570 (A stored Cross-Site Scripting (XSS) vulnerability exists in the
chat f ...)
NOT-FOR-US: anything-llm
@@ -49737,7 +49808,7 @@ CVE-2023-7236 (The Backup Bolt WordPress plugin through
1.3.0 is vulnerable to I
NOT-FOR-US: WordPress plugin
CVE-2023-7085 (The Scalable Vector Graphics (SVG) WordPress plugin through 3.4
does n ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-6821 (The Error Log Viewer by BestWebSoft WordPress plugin before
1.1.3 cont ...)
+CVE-2023-6821 (The Error Log Viewer by BestWebSoft WordPress plugin before
1.1.3 is a ...)
NOT-FOR-US: WordPress plugin
CVE-2023-41334 (Astropy is a project for astronomy in Python that fosters
interoperabi ...)
{DLA-3803-1}
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b49bcf9313d97524ae8970c4af699d0f47cf00f3
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b49bcf9313d97524ae8970c4af699d0f47cf00f3
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
