[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Sat, 31 Aug 2024 01:13:10 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
44c3c777 by security tracker role at 2024-08-31T08:12:03+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,4 +1,40 @@
-CVE-2024-44945 [netfilter: nfnetlink: Initialise extack before use in ACKs]
+CVE-2024-8348 (A vulnerability, which was classified as critical, has been 
found in S ...)
+       TODO: check
+CVE-2024-8347 (A vulnerability classified as critical was found in 
SourceCodester Com ...)
+       TODO: check
+CVE-2024-8346 (A vulnerability classified as critical has been found in 
SourceCodeste ...)
+       TODO: check
+CVE-2024-8276 (The WPZOOM Portfolio Lite \u2013 Filterable Portfolio Plugin 
plugin fo ...)
+       TODO: check
+CVE-2024-8006 (Remote packet capture support is disabled by default in 
libpcap.  When ...)
+       TODO: check
+CVE-2024-7435 (The Attire theme for WordPress is vulnerable to PHP Object 
Injection i ...)
+       TODO: check
+CVE-2024-6586 (Lightdash version 0.1024.6 allows users with the necessary 
permissions ...)
+       TODO: check
+CVE-2024-6585 (Multiple stored cross-site scripting (\u201cXSS\u201d) 
vulnerabilities ...)
+       TODO: check
+CVE-2024-5212 (The tagDiv Composer plugin for WordPress is vulnerable to 
Reflected Cr ...)
+       TODO: check
+CVE-2024-45304 (Cairo-Contracts are OpenZeppelin Contracts written in Cairo 
for Starkn ...)
+       TODO: check
+CVE-2024-44684 (TpMeCMS 1.3.3.2 is vulnerable to Cross Site Scripting (XSS) in 
/h.php/ ...)
+       TODO: check
+CVE-2024-44683 (Seacms v13 is vulnerable to Cross Site Scripting (XSS) via 
admin-video ...)
+       TODO: check
+CVE-2024-44682 (ShopXO 6.2 is vulnerable to Cross Site Scripting (XSS) in the 
backend  ...)
+       TODO: check
+CVE-2024-3886 (The tagDiv Composer plugin for WordPress is vulnerable to 
Reflected Cr ...)
+       TODO: check
+CVE-2024-39747 (IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 
6.3 uses d ...)
+       TODO: check
+CVE-2024-39579 (Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 
contains an inc ...)
+       TODO: check
+CVE-2024-39578 (Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.1 
contains a UNIX ...)
+       TODO: check
+CVE-2023-7256 (In affected libpcap versions during the setup of a remote 
packet captu ...)
+       TODO: check
+CVE-2024-44945 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
        - linux <unfixed>
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
@@ -148,7 +184,7 @@ CVE-2024-1543 (The side-channel protected T-Table 
implementation in wolfSSL up t
        - wolfssl 5.6.6-1.2
        NOTE: 
https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#wolfssl-release-566-dec-19-2023
        NOTE: https://github.com/wolfSSL/wolfssl/pull/6854
-CVE-2024-8285
+CVE-2024-8285 (A flaw was found in Kroxylicious. When establishing the 
connection wit ...)
        NOT-FOR-US: kroxylicious
 CVE-2024-42934
        - openipmi <unfixed>
@@ -1587,7 +1623,8 @@ CVE-2022-48937 (In the Linux kernel, the following 
vulnerability has been resolv
        - linux 5.16.12-1
        [bullseye] - linux 5.10.103-1
        NOTE: 
https://git.kernel.org/linus/f240762f88b4b1b58561939ffd44837759756477 (5.17-rc6)
-CVE-2022-48936 (In the Linux kernel, the following vulnerability has been 
resolved:  g ...)
+CVE-2022-48936
+       REJECTED
        TODO: check
 CVE-2022-48935 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
        - linux 5.16.12-1
@@ -134364,7 +134401,7 @@ CVE-2022-4540
 CVE-2022-4539
        RESERVED
 CVE-2022-4538
-       RESERVED
+       REJECTED
 CVE-2022-4537 (The Hide My WP Ghost \u2013 Security Plugin plugin for 
WordPress is vu ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-4536
@@ -134384,7 +134421,7 @@ CVE-2022-4530
 CVE-2022-4529
        RESERVED
 CVE-2022-4528
-       RESERVED
+       REJECTED
 CVE-2022-4527 (A vulnerability was found in collective.task up to 3.0.8. It 
has been  ...)
        NOT-FOR-US: collective.task
 CVE-2022-4526 (A vulnerability was found in django-photologue up to 3.15.1 and 
classi ...)
@@ -136201,7 +136238,7 @@ CVE-2022-4414 (Cross-site Scripting (XSS) - DOM in 
GitHub repository nuxt/framew
 CVE-2022-4413 (Cross-site Scripting (XSS) - Reflected in GitHub repository 
nuxt/frame ...)
        NOT-FOR-US: nuxt
 CVE-2022-4412
-       RESERVED
+       REJECTED
 CVE-2022-4411
        REJECTED
 CVE-2022-4410 (The Permalink Manager Lite plugin for WordPress is vulnerable 
to Store ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/44c3c777602a6de642a5a32b3cd1aa7d8b75682f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/44c3c777602a6de642a5a32b3cd1aa7d8b75682f
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to