Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4e84f76e by security tracker role at 2024-10-10T08:12:08+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,77 @@
+CVE-2024-9802 (The conformance validation endpoint is public so everybody can
verify ...)
+ TODO: check
+CVE-2024-9798 (The health endpoint is public so everybody can see a list of
all servi ...)
+ TODO: check
+CVE-2024-9796 (The WP-Advanced-Search WordPress plugin before 3.3.9.2 does not
saniti ...)
+ TODO: check
+CVE-2024-9781 (AppleTalk and RELOAD Framing dissector crash in Wireshark 4.4.0
and 4. ...)
+ TODO: check
+CVE-2024-9780 (ITS dissector crash in Wireshark 4.4.0 allows denial of service
via pa ...)
+ TODO: check
+CVE-2024-9685 (The Notification for Telegram plugin for WordPress is
vulnerable to un ...)
+ TODO: check
+CVE-2024-9581 (The Shortcodes AnyWhere plugin for WordPress is vulnerable to
arbitrar ...)
+ TODO: check
+CVE-2024-9522 (The WP Users Masquerade plugin for WordPress is vulnerable to
authenti ...)
+ TODO: check
+CVE-2024-9520 (The UserPlus plugin for WordPress is vulnerable to unauthorized
access ...)
+ TODO: check
+CVE-2024-9519 (The UserPlus plugin for WordPress is vulnerable to unauthorized
modifi ...)
+ TODO: check
+CVE-2024-9518 (The UserPlus plugin for WordPress is vulnerable to privilege
escalatio ...)
+ TODO: check
+CVE-2024-9457 (The WP Builder plugin for WordPress is vulnerable to Stored
Cross-Site ...)
+ TODO: check
+CVE-2024-9377 (The Products, Order & Customers Export for WooCommerce plugin
for Word ...)
+ TODO: check
+CVE-2024-9205 (The Maximum Products per User for WooCommerce plugin for
WordPress is ...)
+ TODO: check
+CVE-2024-9156 (The TI WooCommerce Wishlist WordPress plugin through 2.8.2 is
vulnerab ...)
+ TODO: check
+CVE-2024-9074 (The Advanced Blocks Pro plugin for WordPress is vulnerable to
Stored C ...)
+ TODO: check
+CVE-2024-9072 (The GDPR-Extensions-com \u2013 Consent Manager plugin for
WordPress is ...)
+ TODO: check
+CVE-2024-9067 (The Youzify \u2013 BuddyPress Community, User Profile, Social
Network ...)
+ TODO: check
+CVE-2024-9066 (The Marketing and SEO Booster plugin for WordPress is
vulnerable to St ...)
+ TODO: check
+CVE-2024-9065 (The WP Helper Premium plugin for WordPress is vulnerable to
unauthoriz ...)
+ TODO: check
+CVE-2024-9064 (The Elementor Inline SVG plugin for WordPress is vulnerable to
Stored ...)
+ TODO: check
+CVE-2024-9057 (The Curator.io: Show all your social media posts in a beautiful
feed. ...)
+ TODO: check
+CVE-2024-9022 (The TS Poll \u2013 Survey, Versus Poll, Image Poll, Video Poll
plugin ...)
+ TODO: check
+CVE-2024-8987 (The Youzify \u2013 BuddyPress Community, User Profile, Social
Network ...)
+ TODO: check
+CVE-2024-8729 (The Easy Social Share Buttons plugin for WordPress is
vulnerable to Re ...)
+ TODO: check
+CVE-2024-8513 (The QA Analytics \u2013 Web Analytics Tool with Heatmaps &
Session Rep ...)
+ TODO: check
+CVE-2024-8477 (The Newsletter, SMTP, Email marketing and Subscribe forms by
Brevo (fo ...)
+ TODO: check
+CVE-2024-8264 (Fortra's Robot Schedule Enterprise Agent prior to version 3.05
writes ...)
+ TODO: check
+CVE-2024-7049 (In version v0.3.8 of open-webui/open-webui, a vulnerability
exists whe ...)
+ TODO: check
+CVE-2024-7048 (In version v0.3.8 of open-webui, an improper privilege
management vuln ...)
+ TODO: check
+CVE-2024-6747 (Information leakage in mknotifyd in Checkmk before 2.3.0p18,
2.2.0p36, ...)
+ TODO: check
+CVE-2024-48958 (execute_filter_delta in archive_read_support_format_rar.c in
libarchiv ...)
+ TODO: check
+CVE-2024-48957 (execute_filter_audio in archive_read_support_format_rar.c in
libarchiv ...)
+ TODO: check
+CVE-2024-48949 (The verify function in lib/elliptic/eddsa/index.js in the
Elliptic pac ...)
+ TODO: check
+CVE-2024-48942 (The Syracom Secure Login (2FA) plugin for Jira, Confluence,
and Bitbuc ...)
+ TODO: check
+CVE-2024-48941 (The Syracom Secure Login (2FA) plugin for Jira, Confluence,
and Bitbuc ...)
+ TODO: check
+CVE-2024-48933 (A cross-site scripting (XSS) vulnerability in LemonLDAP::NG
before 2.1 ...)
+ TODO: check
CVE-2024-9680 (An attacker was able to achieve code execution in the content
process ...)
- firefox 131.0.2-1
- firefox-esr 128.3.1esr-1
@@ -550,7 +624,7 @@ CVE-2024-39436 (In linkturbonative service, there is a
possible command injectio
TODO: check
CVE-2024-38818 (VMware NSX contains a local privilege escalation
vulnerability. An au ...)
TODO: check
-CVE-2024-38817 (Mware NSX contains a command injection vulnerability. A
malicious act ...)
+CVE-2024-38817 (VMware NSX contains a command injection vulnerability. A
malicious ac ...)
TODO: check
CVE-2024-38815 (VMware NSX contains a content spoofing vulnerability. An
unauthentica ...)
TODO: check
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4e84f76ecdccf2c2257add104509e556a27a9c8d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4e84f76ecdccf2c2257add104509e556a27a9c8d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
