Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9423eea9 by security tracker role at 2024-10-16T08:12:53+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,10 +1,228 @@
-CVE-2024-45693
+CVE-2024-9966 (Inappropriate implementation in Navigations in Google Chrome
prior to ...)
+ TODO: check
+CVE-2024-9965 (Insufficient data validation in DevTools in Google Chrome on
Windows p ...)
+ TODO: check
+CVE-2024-9964 (Inappropriate implementation in Payments in Google Chrome prior
to 130 ...)
+ TODO: check
+CVE-2024-9963 (Insufficient data validation in Downloads in Google Chrome
prior to 13 ...)
+ TODO: check
+CVE-2024-9962 (Inappropriate implementation in Permissions in Google Chrome
prior to ...)
+ TODO: check
+CVE-2024-9961 (Use after free in ParcelTracking in Google Chrome on iOS prior
to 130. ...)
+ TODO: check
+CVE-2024-9960 (Use after free in Dawn in Google Chrome prior to 130.0.6723.58
allowed ...)
+ TODO: check
+CVE-2024-9959 (Use after free in DevTools in Google Chrome prior to
130.0.6723.58 all ...)
+ TODO: check
+CVE-2024-9958 (Inappropriate implementation in PictureInPicture in Google
Chrome prio ...)
+ TODO: check
+CVE-2024-9957 (Use after free in UI in Google Chrome on iOS prior to
130.0.6723.58 al ...)
+ TODO: check
+CVE-2024-9956 (Inappropriate implementation in WebAuthentication in Google
Chrome on ...)
+ TODO: check
+CVE-2024-9955 (Use after free in WebAuthentication in Google Chrome prior to
130.0.67 ...)
+ TODO: check
+CVE-2024-9954 (Use after free in AI in Google Chrome prior to 130.0.6723.58
allowed a ...)
+ TODO: check
+CVE-2024-9937 (The Woo Manage Fraud Orders plugin for WordPress is vulnerable
to Refl ...)
+ TODO: check
+CVE-2024-9891 (The Multiline files upload for contact form 7 plugin for
WordPress is ...)
+ TODO: check
+CVE-2024-9888 (The ElementInvader Addons for Elementor plugin for WordPress is
vulner ...)
+ TODO: check
+CVE-2024-9873 (The Community by PeepSo \u2013 Social Network, Membership,
Registratio ...)
+ TODO: check
+CVE-2024-9652 (The Locatoraid Store Locator plugin for WordPress is vulnerable
to Ref ...)
+ TODO: check
+CVE-2024-9649 (The WP ULike \u2013 The Ultimate Engagement Toolkit for
Websites plugi ...)
+ TODO: check
+CVE-2024-9647 (The Kama SpamBlock plugin for WordPress is vulnerable to
Reflected Cro ...)
+ TODO: check
+CVE-2024-9634 (The GiveWP \u2013 Donation Plugin and Fundraising Platform
plugin for ...)
+ TODO: check
+CVE-2024-9594 (A security issue was discovered in the Kubernetes Image Builder
versio ...)
+ TODO: check
+CVE-2024-9582 (The Accordion Slider plugin for WordPress is vulnerable to
Stored Cros ...)
+ TODO: check
+CVE-2024-9540 (The Sina Extension for Elementor plugin for WordPress is
vulnerable to ...)
+ TODO: check
+CVE-2024-9521 (The SEO Manager plugin for WordPress is vulnerable to Stored
Cross-Sit ...)
+ TODO: check
+CVE-2024-9486 (A security issue was discovered in the Kubernetes Image Builder
versio ...)
+ TODO: check
+CVE-2024-9305 (The AppPresser \u2013 Mobile App Framework plugin for WordPress
is vul ...)
+ TODO: check
+CVE-2024-9105 (The UltimateAI plugin for WordPress is vulnerable to
authentication by ...)
+ TODO: check
+CVE-2024-9104 (The UltimateAI plugin for WordPress is vulnerable to
authentication by ...)
+ TODO: check
+CVE-2024-9061 (The The WP Popup Builder \u2013 Popup Forms and Marketing Lead
Generat ...)
+ TODO: check
+CVE-2024-8918 (The File Manager Pro plugin for WordPress is vulnerable to
Limited Jav ...)
+ TODO: check
+CVE-2024-8787 (The Smart Online Order for Clover plugin for WordPress is
vulnerable t ...)
+ TODO: check
+CVE-2024-8746 (The File Manager Pro plugin for WordPress is vulnerable to
arbitrary b ...)
+ TODO: check
+CVE-2024-8541 (The Discount Rules for WooCommerce \u2013 Create Smart
WooCommerce Cou ...)
+ TODO: check
+CVE-2024-8507 (The File Manager Pro plugin for WordPress is vulnerable to
Cross-Site ...)
+ TODO: check
+CVE-2024-49340 (IBM Watson Studio Local 1.2.3 is vulnerable to cross-site
request forg ...)
+ TODO: check
+CVE-2024-48783 (An issue in Ruijie NBR3000D-E Gateway allows a remote attacker
to obta ...)
+ TODO: check
+CVE-2024-48782 (File Upload vulnerability in DYCMS Open-Source Version
v2.0.9.41 allow ...)
+ TODO: check
+CVE-2024-48781 (An issue in Wanxing Technology Yitu Project Management Kirin
Edition 2 ...)
+ TODO: check
+CVE-2024-48779 (An issue in Wanxing Technology's Yitu project Management
Software 3.2. ...)
+ TODO: check
+CVE-2024-48714 (In TP-Link TL-WDR7660 v1.0, the guestRuleJsonToBin function
handles th ...)
+ TODO: check
+CVE-2024-48713 (In TP-Link TL-WDR7660 1.0, the wacWhitelistJsonToBin function
handles ...)
+ TODO: check
+CVE-2024-48712 (In TP-Link TL-WDR7660 1.0, the rtRuleJsonToBin function
handles the pa ...)
+ TODO: check
+CVE-2024-48710 (In TP-Link TL-WDR7660 1.0, the wlanTimerRuleJsonToBin function
handles ...)
+ TODO: check
+CVE-2024-48411 (itsourcecode Online Tours and Travels Management System v1.0
is vulner ...)
+ TODO: check
+CVE-2024-45715 (The SolarWinds Platform was susceptible to a Cross-Site
Scripting vuln ...)
+ TODO: check
+CVE-2024-45714 (Application is vulnerable to Cross Site Scripting (XSS) an
authenticat ...)
+ TODO: check
+CVE-2024-45711 (SolarWinds Serv-U is vulnerable to a directory traversal
vulnerabili ...)
+ TODO: check
+CVE-2024-45710 (SolarWinds Platform is susceptible to an Uncontrolled Search
Path Elem ...)
+ TODO: check
+CVE-2024-45217 (Insecure Default Initialization of Resource vulnerability in
Apache So ...)
+ TODO: check
+CVE-2024-45216 (Improper Authentication vulnerability in Apache Solr. Solr
instances ...)
+ TODO: check
+CVE-2024-45085 (IBM WebSphere Application Server 8.5 is vulnerable to a denial
of serv ...)
+ TODO: check
+CVE-2024-44775 (An issue in kmqtt v0.2.7 allows attackers to cause a Denial of
Service ...)
+ TODO: check
+CVE-2024-41311 (In Libheif 1.17.6, insufficient checks in
ImageOverlay::parse() decodi ...)
+ TODO: check
+CVE-2024-38204 (Improper Access Control in Imagine Cup allows an authorized
attacker t ...)
+ TODO: check
+CVE-2024-38190 (Missing authorization in Power Platform allows an
unauthenticated atta ...)
+ TODO: check
+CVE-2024-38139 (Improper authentication in Microsoft Dataverse allows an
authorized at ...)
+ TODO: check
+CVE-2024-31955 (An issue was discovered in Samsung eMMC with KLMAG2GE4A and
KLM8G1WEMB ...)
+ TODO: check
+CVE-2024-10018 (Improper permission control in the mobile application
(com.transsion.a ...)
+ TODO: check
+CVE-2024-10004 (Opening an external link to an HTTP website when Firefox iOS
was previ ...)
+ TODO: check
+CVE-2023-7296 (The BigBlueButton plugin for WordPress is vulnerable to Stored
Cross-S ...)
+ TODO: check
+CVE-2023-7295 (The Video Grid plugin for WordPress is vulnerable to Reflected
Cross-S ...)
+ TODO: check
+CVE-2023-7294 (The Paytium: Mollie payment forms & donations plugin for
WordPress is ...)
+ TODO: check
+CVE-2023-7293 (The Paytium: Mollie payment forms & donations plugin for
WordPress is ...)
+ TODO: check
+CVE-2023-7292 (The Paytium: Mollie payment forms & donations plugin for
WordPress is ...)
+ TODO: check
+CVE-2023-7291 (The Paytium: Mollie payment forms & donations plugin for
WordPress is ...)
+ TODO: check
+CVE-2023-7290 (The Paytium: Mollie payment forms & donations plugin for
WordPress is ...)
+ TODO: check
+CVE-2023-7289 (The Paytium: Mollie payment forms & donations plugin for
WordPress is ...)
+ TODO: check
+CVE-2023-7288 (The Paytium: Mollie payment forms & donations plugin for
WordPress is ...)
+ TODO: check
+CVE-2023-7287 (The Paytium: Mollie payment forms & donations plugin for
WordPress is ...)
+ TODO: check
+CVE-2023-7286 (The plugin ACF Quick Edit Fields for WordPress is vulnerable to
Insecu ...)
+ TODO: check
+CVE-2022-4974 (The Freemius SDK, as used by hundreds of WordPress plugin and
theme de ...)
+ TODO: check
+CVE-2022-4973 (WordPress Core, in versions up to 6.0.2, is vulnerable to
Authenticate ...)
+ TODO: check
+CVE-2022-4972 (The Download Monitor plugin for WordPress is vulnerable to
authorizati ...)
+ TODO: check
+CVE-2022-4971 (The Sassy Social Share plugin for WordPress is vulnerable to
Reflected ...)
+ TODO: check
+CVE-2021-4452 (The Google Language Translator plugin for WordPress is
vulnerable to R ...)
+ TODO: check
+CVE-2021-4451 (The NinjaFirewall plugin for WordPress is vulnerable to
Authenticated ...)
+ TODO: check
+CVE-2021-4450 (The Post Grid plugin for WordPress is vulnerable to blind SQL
Injectio ...)
+ TODO: check
+CVE-2021-4449 (The ZoomSounds plugin for WordPress is vulnerable to arbitrary
file up ...)
+ TODO: check
+CVE-2021-4448 (The Kaswara Modern VC Addons plugin for WordPress is vulnerable
to aut ...)
+ TODO: check
+CVE-2021-4447 (The Essential Addons for Elementor plugin for WordPress is
vulnerable ...)
+ TODO: check
+CVE-2021-4446 (The Essential Addons for Elementor plugin for WordPress is
vulnerable ...)
+ TODO: check
+CVE-2021-4445 (The Premium Addons for Elementor plugin for WordPress is
vulnerable to ...)
+ TODO: check
+CVE-2021-4444 (The Product Filter by WooBeWoo plugin for WordPress is
vulnerable to a ...)
+ TODO: check
+CVE-2021-4443 (The WordPress Mega Menu plugin for WordPress is vulnerable to
Arbitrar ...)
+ TODO: check
+CVE-2020-36842 (The Migration, Backup, Staging \u2013 WPvivid plugin for
WordPress is ...)
+ TODO: check
+CVE-2020-36840 (The Timetable and Event Schedule by MotoPress plugin for
WordPress is ...)
+ TODO: check
+CVE-2020-36839 (The WP Lead Plus X plugin for WordPress is vulnerable to
Cross-Site Re ...)
+ TODO: check
+CVE-2020-36838 (The Facebook Chat Plugin for WordPress is vulnerable to
authorization ...)
+ TODO: check
+CVE-2020-36837 (The ThemeGrill Demo Importer plugin for WordPress is
vulnerable to aut ...)
+ TODO: check
+CVE-2020-36836 (The WP Fastest Cache plugin for WordPress is vulnerable to
unauthorize ...)
+ TODO: check
+CVE-2020-36835 (The Migration, Backup, Staging \u2013 WPvivid plugin for
WordPress is ...)
+ TODO: check
+CVE-2020-36834 (The Discount Rules for WooCommerce plugin for WordPress is
vulnerable ...)
+ TODO: check
+CVE-2020-36833 (The Indeed Membership Pro plugin for WordPress is vulnerable
to author ...)
+ TODO: check
+CVE-2020-36832 (The Ultimate Membership Pro plugin for WordPress is vulnerable
to Auth ...)
+ TODO: check
+CVE-2020-36831 (The NextScripts: Social Networks Auto-Poster plugin for
WordPress is v ...)
+ TODO: check
+CVE-2019-25217 (The SiteGround Optimizer plugin for WordPress is vulnerable to
authori ...)
+ TODO: check
+CVE-2019-25216 (The Rich Review plugin for WordPress is vulnerable to Stored
Cross-Sit ...)
+ TODO: check
+CVE-2019-25215 (The ARI-Adminer plugin for WordPress is vulnerable to
authorization by ...)
+ TODO: check
+CVE-2019-25214 (The ShopWP plugin for WordPress is vulnerable to authorization
bypass ...)
+ TODO: check
+CVE-2019-25213 (The Advanced Access Manager plugin for WordPress is vulnerable
to Unau ...)
+ TODO: check
+CVE-2018-25105 (The File Manager plugin for WordPress is vulnerable to
authorization ...)
+ TODO: check
+CVE-2017-20194 (The Formidable Form Builder plugin for WordPress is vulnerable
to Sens ...)
+ TODO: check
+CVE-2017-20193 (The Product Vendors is vulnerable to Reflected Cross-Site
Scripting vi ...)
+ TODO: check
+CVE-2017-20192 (The Formidable Form Builder plugin for WordPress is vulnerable
to Stor ...)
+ TODO: check
+CVE-2016-15042 (The Frontend File Manager (versions < 4.0), N-Media Post
Front-end For ...)
+ TODO: check
+CVE-2016-15041 (The MainWP Dashboard \u2013 The Private WordPress Manager for
Multiple ...)
+ TODO: check
+CVE-2016-15040 (The Kento Post View Counter plugin for WordPress is vulnerable
to SQL ...)
+ TODO: check
+CVE-2012-10018 (The Mapplic and Mapplic Lite plugins for WordPress are
vulnerable to S ...)
+ TODO: check
+CVE-2024-45693 (Users logged into the Apache CloudStack's web interface can be
tricked ...)
NOT-FOR-US: Apache CloudStack
-CVE-2024-45462
+CVE-2024-45462 (The logout operation in the CloudStack web interface does not
expire t ...)
NOT-FOR-US: Apache CloudStack
-CVE-2024-45461
+CVE-2024-45461 (The CloudStack Quota feature allows cloud administrators to
implement ...)
NOT-FOR-US: Apache CloudStack
-CVE-2024-45219
+CVE-2024-45219 (Account users in Apache CloudStack by default are allowed to
upload an ...)
NOT-FOR-US: Apache CloudStack
CVE-2024-9986 (A vulnerability was found in code-projects Blood Bank
Management Syste ...)
NOT-FOR-US: code-projects Blood Bank Management System
@@ -139540,8 +139758,8 @@ CVE-2023-22651 (Improper Privilege Management
vulnerability in SUSE Rancher allo
NOT-FOR-US: Rancher
CVE-2023-22650
RESERVED
-CVE-2023-22649
- RESERVED
+CVE-2023-22649 (A vulnerability has been identified which may lead to
sensitive data b ...)
+ TODO: check
CVE-2023-22648 (A Improper Privilege Management vulnerability in SUSE Rancher
causes p ...)
NOT-FOR-US: Rancher
CVE-2023-22647 (An Improper Privilege Management vulnerability in SUSE Rancher
allowed ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9423eea9f6b1fa30ade3c21d72a75e9e5aa19c46
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9423eea9f6b1fa30ade3c21d72a75e9e5aa19c46
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
