[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Sat, 12 Oct 2024 13:12:31 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
b9a6c33e by security tracker role at 2024-10-12T20:12:17+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,19 @@
+CVE-2024-9894 (A vulnerability, which was classified as critical, was found in 
code-p ...)
+       TODO: check
+CVE-2024-9696 (The Rescue Shortcodes plugin for WordPress is vulnerable to 
Stored Cro ...)
+       TODO: check
+CVE-2024-9595 (The TablePress \u2013 Tables in WordPress made easy plugin for 
WordPre ...)
+       TODO: check
+CVE-2024-8915 (The Category Icon plugin for WordPress is vulnerable to Stored 
Cross-S ...)
+       TODO: check
+CVE-2024-8902 (The Elementor Addon Elements plugin for WordPress is vulnerable 
to Sen ...)
+       TODO: check
+CVE-2024-8760 (The Stackable \u2013 Page Builder Gutenberg Blocks plugin for 
WordPres ...)
+       TODO: check
+CVE-2024-8757 (The WP Post Author \u2013 Boost Your Blog&#039;s Engagement 
with Autho ...)
+       TODO: check
+CVE-2024-49193 (Zendesk before 2024-07-02 allows remote attackers to read 
ticket histo ...)
+       TODO: check
 CVE-2024-6519 [qemu: SCSI: lsi53c895a: use-after-free local privilege 
escalation vulnerability]
        - qemu <unfixed>
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2292089
@@ -654,7 +670,7 @@ CVE-2024-48933 (A cross-site scripting (XSS) vulnerability 
in LemonLDAP::NG befo
        - lemonldap-ng <unfixed> (bug #1084979)
        NOTE: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/3232
 CVE-2024-9680 (An attacker was able to achieve code execution in the content 
process  ...)
-       {DSA-5788-1 DLA-3914-1}
+       {DSA-5789-1 DSA-5788-1 DLA-3916-1 DLA-3914-1}
        - firefox 131.0.2-1
        - firefox-esr 128.3.1esr-1
        - thunderbird <unfixed>
@@ -2568,7 +2584,7 @@ CVE-2024-9402 (Memory safety bugs present in Firefox 130, 
Firefox ESR 128.2, and
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2024-46/#CVE-2024-9402
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2024-49/#CVE-2024-9402
 CVE-2024-9401 (Memory safety bugs present in Firefox 130, Firefox ESR 115.15, 
Firefox ...)
-       {DSA-5783-1 DLA-3913-1}
+       {DSA-5789-1 DSA-5783-1 DLA-3916-1 DLA-3913-1}
        - firefox 131.0-1
        - firefox-esr 128.3.0esr-1
        - thunderbird 1:128.3.0esr-1
@@ -2614,7 +2630,7 @@ CVE-2024-9395 (A specially crafted filename containing a 
large number of spaces
        - firefox <not-affected> (Only affects Firefox on Android)
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2024-46/#CVE-2024-9395
 CVE-2024-9394 (An attacker could, via a specially crafted multipart response, 
execute ...)
-       {DSA-5783-1 DLA-3913-1}
+       {DSA-5789-1 DSA-5783-1 DLA-3916-1 DLA-3913-1}
        - firefox 131.0-1
        - firefox-esr 128.3.0esr-1
        - thunderbird 1:128.3.0esr-1
@@ -2622,7 +2638,7 @@ CVE-2024-9394 (An attacker could, via a specially crafted 
multipart response, ex
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2024-48/#CVE-2024-9394
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2024-49/#CVE-2024-9394
 CVE-2024-9393 (An attacker could, via a specially crafted multipart response, 
execute ...)
-       {DSA-5783-1 DLA-3913-1}
+       {DSA-5789-1 DSA-5783-1 DLA-3916-1 DLA-3913-1}
        - firefox 131.0-1
        - firefox-esr 128.3.0esr-1
        - thunderbird 1:128.3.0esr-1
@@ -2630,7 +2646,7 @@ CVE-2024-9393 (An attacker could, via a specially crafted 
multipart response, ex
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2024-48/#CVE-2024-9393
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2024-49/#CVE-2024-9393
 CVE-2024-9392 (A compromised content process could have allowed for the 
arbitrary loa ...)
-       {DSA-5783-1 DLA-3913-1}
+       {DSA-5789-1 DSA-5783-1 DLA-3916-1 DLA-3913-1}
        - firefox 131.0-1
        - firefox-esr 128.3.0esr-1
        - thunderbird 1:128.3.0esr-1
@@ -5258,7 +5274,7 @@ CVE-2024-8660 (Concrete CMS versions 9.0.0 through 9.3.3 
are affected by a store
 CVE-2024-7873 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
        NOT-FOR-US: Veribase Order
 CVE-2024-7788 (Improper Digital Signature Invalidation vulnerability in Zip 
Repair Mo ...)
-       {DSA-5772-1}
+       {DSA-5772-1 DLA-3915-1}
        - libreoffice 4:24.2.5-1
        NOTE: 
https://www.libreoffice.org/about-us/security/advisories/CVE-2024-7788
        NOTE: https://gerrit.libreoffice.org/c/core/+/169952



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b9a6c33ef94da8dafa60de7b80bccc402ea27f3f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b9a6c33ef94da8dafa60de7b80bccc402ea27f3f
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to