Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
91282547 by security tracker role at 2024-10-23T20:12:17+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,217 @@
+CVE-2024-9949 (Denial of Service in Forescout SecureConnector11.1.02.1019 on
Windows ...)
+ TODO: check
+CVE-2024-8500 (The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for
WordPre ...)
+ TODO: check
+CVE-2024-5764 (Use of Hard-coded Credentials vulnerability in Sonatype Nexus
Reposito ...)
+ TODO: check
+CVE-2024-50383 (Botan before 3.6.0, when certain GCC versions are used, has a
compiler ...)
+ TODO: check
+CVE-2024-50382 (Botan before 3.6.0, when certain LLVM versions are used, has
compiler- ...)
+ TODO: check
+CVE-2024-50050 (Llama Stack prior to revision
7a8aa775e5a267cf8660d83140011a0b7f91e005 ...)
+ TODO: check
+CVE-2024-49756 (AshPostgres is the PostgreSQL data layer for Ash Framework.
Starting i ...)
+ TODO: check
+CVE-2024-49751 (Press, a Frappe custom app that runs Frappe Cloud, manages
infrastruct ...)
+ TODO: check
+CVE-2024-49701 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
+ TODO: check
+CVE-2024-49690 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
+ TODO: check
+CVE-2024-49684 (Deserialization of Untrusted Data vulnerability in Revmakx
Backup and ...)
+ TODO: check
+CVE-2024-49676 (Unrestricted Upload of File with Dangerous Type vulnerability
in Micha ...)
+ TODO: check
+CVE-2024-49675 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
+ TODO: check
+CVE-2024-49671 (Unrestricted Upload of File with Dangerous Type vulnerability
in Dogu ...)
+ TODO: check
+CVE-2024-49669 (Unrestricted Upload of File with Dangerous Type vulnerability
in Alexa ...)
+ TODO: check
+CVE-2024-49668 (Unrestricted Upload of File with Dangerous Type vulnerability
in Admin ...)
+ TODO: check
+CVE-2024-49658 (Unrestricted Upload of File with Dangerous Type vulnerability
in Ecome ...)
+ TODO: check
+CVE-2024-49657 (Missing Authorization vulnerability in ReneeCussack 3D Work In
Progres ...)
+ TODO: check
+CVE-2024-49653 (Unrestricted Upload of File with Dangerous Type vulnerability
in James ...)
+ TODO: check
+CVE-2024-49652 (Unrestricted Upload of File with Dangerous Type vulnerability
in Renee ...)
+ TODO: check
+CVE-2024-49370 (Pimcore is an open source data and experience management
platform. Whe ...)
+ TODO: check
+CVE-2024-48964 (The package Snyk CLI before 1.1294.0 is vulnerable to Code
Injection w ...)
+ TODO: check
+CVE-2024-48963 (The package Snyk CLI before 1.1294.0 is vulnerable to Code
Injection w ...)
+ TODO: check
+CVE-2024-47904 (A vulnerability has been identified in InterMesh 7177 Hybrid
2.0 Subsc ...)
+ TODO: check
+CVE-2024-47903 (A vulnerability has been identified in InterMesh 7177 Hybrid
2.0 Subsc ...)
+ TODO: check
+CVE-2024-47902 (A vulnerability has been identified in InterMesh 7177 Hybrid
2.0 Subsc ...)
+ TODO: check
+CVE-2024-47901 (A vulnerability has been identified in InterMesh 7177 Hybrid
2.0 Subsc ...)
+ TODO: check
+CVE-2024-47575 (A missing authentication for critical function in FortiManager
7.6.0, ...)
+ TODO: check
+CVE-2024-30124 (HCL Sametime is impacted by insecure services in-use on the
UIM client ...)
+ TODO: check
+CVE-2024-30122 (HCL Sametime is impacted by misconfigured security related
HTTP header ...)
+ TODO: check
+CVE-2024-20526 (A vulnerability in the SSH server of Cisco Adaptive Security
Appliance ...)
+ TODO: check
+CVE-2024-20495 (A vulnerability in the Remote Access VPN feature of Cisco
Adaptive Sec ...)
+ TODO: check
+CVE-2024-20494 (A vulnerability in the TLS cryptography functionality of Cisco
Adaptiv ...)
+ TODO: check
+CVE-2024-20493 (A vulnerability in the login authentication functionality of
the Remot ...)
+ TODO: check
+CVE-2024-20485 (A vulnerability in the VPN web server of Cisco Adaptive
Security Appli ...)
+ TODO: check
+CVE-2024-20482 (A vulnerability in the web-based management interface of Cisco
Secure ...)
+ TODO: check
+CVE-2024-20481 (A vulnerability in the Remote Access VPN (RAVPN) service of
Cisco Adap ...)
+ TODO: check
+CVE-2024-20474 (A vulnerability in Internet Key Exchange version 2 (IKEv2)
processing ...)
+ TODO: check
+CVE-2024-20473 (A vulnerability in the web-based management interface of Cisco
Secure ...)
+ TODO: check
+CVE-2024-20472 (A vulnerability in the web-based management interface of Cisco
Secure ...)
+ TODO: check
+CVE-2024-20471 (A vulnerability in the web-based management interface of Cisco
Secure ...)
+ TODO: check
+CVE-2024-20431 (A vulnerability in the geolocation access control feature of
Cisco Fir ...)
+ TODO: check
+CVE-2024-20426 (A vulnerability in the Internet Key Exchange version 2 (IKEv2)
protoco ...)
+ TODO: check
+CVE-2024-20424 (A vulnerability in the web-based management interface of Cisco
Secure ...)
+ TODO: check
+CVE-2024-20415 (A vulnerability in the web-based management interface of Cisco
Firepow ...)
+ TODO: check
+CVE-2024-20412 (A vulnerability in Cisco Firepower Threat Defense (FTD)
Software for C ...)
+ TODO: check
+CVE-2024-20410 (A vulnerability in the web-based management interface of Cisco
Firepow ...)
+ TODO: check
+CVE-2024-20409 (A vulnerability in the web-based management interface of Cisco
Firepow ...)
+ TODO: check
+CVE-2024-20408 (A vulnerability in the Dynamic Access Policies (DAP) feature
of Cisco ...)
+ TODO: check
+CVE-2024-20407 (A vulnerability in the interaction between the TCP Intercept
feature a ...)
+ TODO: check
+CVE-2024-20403 (A vulnerability in the web-based management interface of Cisco
Firepow ...)
+ TODO: check
+CVE-2024-20402 (A vulnerability in the SSL VPN feature for Cisco Adaptive
Security App ...)
+ TODO: check
+CVE-2024-20388 (A vulnerability in the password change feature of Cisco
Firepower Mana ...)
+ TODO: check
+CVE-2024-20387 (A vulnerability in the web-based management interface of Cisco
FMC Sof ...)
+ TODO: check
+CVE-2024-20386 (A vulnerability in the web-based management interface of Cisco
Firepow ...)
+ TODO: check
+CVE-2024-20384 (A vulnerability in the Network Service Group (NSG) feature of
Cisco Ad ...)
+ TODO: check
+CVE-2024-20382 (A vulnerability in the VPN web client services feature of
Cisco Adapti ...)
+ TODO: check
+CVE-2024-20379 (A vulnerability in the web-based management interface of Cisco
Secure ...)
+ TODO: check
+CVE-2024-20377 (A vulnerability in the web-based management interface of Cisco
Firepow ...)
+ TODO: check
+CVE-2024-20374 (A vulnerability in the web-based management interface of Cisco
Secure ...)
+ TODO: check
+CVE-2024-20372 (A vulnerability in the web-based management interface of Cisco
Firepow ...)
+ TODO: check
+CVE-2024-20370 (A vulnerability in the Cisco FXOS CLI feature on specific
hardware pla ...)
+ TODO: check
+CVE-2024-20364 (A vulnerability in the web-based management interface of Cisco
Firepow ...)
+ TODO: check
+CVE-2024-20351 (A vulnerability in the TCP/IP traffic handling function of the
Snort D ...)
+ TODO: check
+CVE-2024-20342 (Multiple Cisco products are affected by a vulnerability in the
rate fi ...)
+ TODO: check
+CVE-2024-20341 (A vulnerability in the VPN web client services feature of
Cisco Adapti ...)
+ TODO: check
+CVE-2024-20340 (A vulnerability in the web-based management interface of Cisco
Secure ...)
+ TODO: check
+CVE-2024-20339 (A vulnerability in the TLS processing feature of Cisco
Firepower Threa ...)
+ TODO: check
+CVE-2024-20331 (A vulnerability in the session authentication functionality of
the Rem ...)
+ TODO: check
+CVE-2024-20330 (A vulnerability in the Snort 2 and Snort 3 TCP and UDP
detection engin ...)
+ TODO: check
+CVE-2024-20329 (A vulnerability in the SSH subsystem of Cisco Adaptive
Security Applia ...)
+ TODO: check
+CVE-2024-20300 (A vulnerability in the web-based management interface of Cisco
Firepow ...)
+ TODO: check
+CVE-2024-20299 (A vulnerability in the AnyConnect firewall for Cisco Adaptive
Security ...)
+ TODO: check
+CVE-2024-20298 (A vulnerability in the web-based management interface of Cisco
Firepow ...)
+ TODO: check
+CVE-2024-20297 (A vulnerability in the AnyConnect firewall for Cisco Adaptive
Security ...)
+ TODO: check
+CVE-2024-20275 (A vulnerability in the cluster backup feature of Cisco Secure
Firewall ...)
+ TODO: check
+CVE-2024-20274 (A vulnerability in the web-based management interface of Cisco
Secure ...)
+ TODO: check
+CVE-2024-20273 (A vulnerability in the web-based management interface of Cisco
Firepow ...)
+ TODO: check
+CVE-2024-20269 (A vulnerability in the web-based management interface of Cisco
Firepow ...)
+ TODO: check
+CVE-2024-20268 (A vulnerability in the Simple Network Management Protocol
(SNMP) featu ...)
+ TODO: check
+CVE-2024-20264 (A vulnerability in the web-based management interface of Cisco
Firepow ...)
+ TODO: check
+CVE-2024-20260 (A vulnerability in the VPN and management web servers of the
Cisco Ada ...)
+ TODO: check
+CVE-2024-10301 (A vulnerability, which was classified as critical, was found
in PHPGur ...)
+ TODO: check
+CVE-2024-10300 (A vulnerability, which was classified as critical, has been
found in P ...)
+ TODO: check
+CVE-2024-10299 (A vulnerability classified as critical was found in PHPGurukul
Medical ...)
+ TODO: check
+CVE-2024-10298 (A vulnerability classified as critical has been found in
PHPGurukul Me ...)
+ TODO: check
+CVE-2024-10297 (A vulnerability was found in PHPGurukul Medical Card
Generation System ...)
+ TODO: check
+CVE-2024-10296 (A vulnerability was found in PHPGurukul Medical Card
Generation System ...)
+ TODO: check
+CVE-2024-10293 (A vulnerability was found in ZZCMS 2023. It has been
classified as cri ...)
+ TODO: check
+CVE-2024-10292 (A vulnerability was found in ZZCMS 2023 and classified as
critical. Th ...)
+ TODO: check
+CVE-2024-10291 (A vulnerability has been found in ZZCMS 2023 and classified as
critica ...)
+ TODO: check
+CVE-2024-10290 (A vulnerability, which was classified as problematic, was
found in ZZC ...)
+ TODO: check
+CVE-2024-10289 (Cross-Site Scripting (XSS) vulnerability affecting LocalServer
1.0.9 t ...)
+ TODO: check
+CVE-2024-10288 (Cross-Site Scripting (XSS) vulnerability affecting LocalServer
1.0.9 t ...)
+ TODO: check
+CVE-2024-10287 (Cross-Site Scripting (XSS) vulnerability affecting LocalServer
1.0.9 t ...)
+ TODO: check
+CVE-2024-10286 (Cross-Site Scripting (XSS) vulnerability affecting LocalServer
1.0.9 t ...)
+ TODO: check
+CVE-2024-10283 (A vulnerability, which was classified as critical, has been
found in T ...)
+ TODO: check
+CVE-2024-10282 (A vulnerability classified as critical was found in Tenda RX9
and RX9 ...)
+ TODO: check
+CVE-2024-10281 (A vulnerability classified as critical has been found in Tenda
RX9 and ...)
+ TODO: check
+CVE-2024-10280 (A vulnerability was found in Tenda AC6, AC7, AC8, AC9, AC10,
AC10U, AC ...)
+ TODO: check
+CVE-2024-10279 (A vulnerability was found in ESAFENET CDG 5. It has been
declared as c ...)
+ TODO: check
+CVE-2024-10278 (A vulnerability was found in ESAFENET CDG 5. It has been
classified as ...)
+ TODO: check
+CVE-2024-10277 (A vulnerability was found in ESAFENET CDG 5 and classified as
critical ...)
+ TODO: check
+CVE-2024-10276 (A vulnerability has been found in Tektronix Sentry 6.0.9 and
classifie ...)
+ TODO: check
+CVE-2024-10250 (The Nioland theme for WordPress is vulnerable to Reflected
Cross-Site ...)
+ TODO: check
+CVE-2024-10041 (A vulnerability was found in PAM. The secret information is
stored in ...)
+ TODO: check
+CVE-2023-50310 (IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3
transmits ...)
+ TODO: check
CVE-2024-9947 (The ProfilePress Pro plugin for WordPress is vulnerable to
authenticat ...)
NOT-FOR-US: WordPress plugin
CVE-2024-9927 (The WooCommerce Order Proposal plugin for WordPress is
vulnerable to p ...)
@@ -58815,7 +59029,7 @@ CVE-2024-22353 (IBM WebSphere Application Server
Liberty 17.0.0.3 through 24.0.0
NOT-FOR-US: IBM
CVE-2023-50959 (IBM Cloud Pak for Business Automation 18.0.0, 18.0.1,
18.0.2,19.0.1, 1 ...)
NOT-FOR-US: IBM
-CVE-2023-50311 (IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3
transmits ...)
+CVE-2023-50311 (IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3
could disc ...)
NOT-FOR-US: IBM
CVE-2020-36828 (A vulnerability was found in DiscuzX up to 3.4-20200818. It
has been c ...)
NOT-FOR-US: DiscuzX
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/912825478a6fbad1ab9eccd4aa9be446735bde10
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/912825478a6fbad1ab9eccd4aa9be446735bde10
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
