Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5d0d1a8d by security tracker role at 2024-10-26T08:12:36+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,81 @@
+CVE-2024-9933 (The WatchTowerHQ plugin for WordPress is vulnerable to
authentication ...)
+ TODO: check
+CVE-2024-9932 (The Wux Blog Editor plugin for WordPress is vulnerable to
arbitrary fi ...)
+ TODO: check
+CVE-2024-9931 (The Wux Blog Editor plugin for WordPress is vulnerable to
authenticati ...)
+ TODO: check
+CVE-2024-9930 (The Extensions by HocWP Team plugin for WordPress is vulnerable
to aut ...)
+ TODO: check
+CVE-2024-9890 (The User Toolkit plugin for WordPress is vulnerable to
authentication ...)
+ TODO: check
+CVE-2024-9626 (The Editorial Assistant by Sovrn plugin for WordPress is
vulnerable to ...)
+ TODO: check
+CVE-2024-9613 (The FormFacade \u2013 WordPress plugin for Google Forms plugin
for Wor ...)
+ TODO: check
+CVE-2024-9475 (The Poll Maker \u2013 Versus Polls, Anonymous Polls, Image
Polls plugi ...)
+ TODO: check
+CVE-2024-9462 (The Poll Maker \u2013 Versus Polls, Anonymous Polls, Image
Polls plugi ...)
+ TODO: check
+CVE-2024-9456 (The WP Awesome Login plugin for WordPress is vulnerable to
Stored Cros ...)
+ TODO: check
+CVE-2024-9454 (The PriPre plugin for WordPress is vulnerable to Stored
Cross-Site Scr ...)
+ TODO: check
+CVE-2024-8870 (The Forms for Mailchimp by Optin Cat \u2013 Grow Your MailChimp
List p ...)
+ TODO: check
+CVE-2024-48396 (AIML Chatbot 1.0 (fixed in 2.0) is vulnerable to Cross Site
Scripting ...)
+ TODO: check
+CVE-2024-48239 (An issue was discovered in WTCMS 1.0. In the plupload method
in \Asset ...)
+ TODO: check
+CVE-2024-48238 (WTCMS 1.0 is vulnerable to SQL Injection in the edit_post
method of /A ...)
+ TODO: check
+CVE-2024-48237 (WTCMS 1.0 is vulnerable to Incorrect Access Control in
\Common\Control ...)
+ TODO: check
+CVE-2024-48236 (An issue in ofcms 1.1.2 allows a remote attacker to execute
arbitrary ...)
+ TODO: check
+CVE-2024-48235 (An issue in ofcms 1.1.2 allows a remote attacker to execute
arbitrary ...)
+ TODO: check
+CVE-2024-48234 (An issue was discovered in mipjz 5.0.5. In the push method of
app\tag\ ...)
+ TODO: check
+CVE-2024-48233 (mipjz 5.0.5 is vulnerable to Cross Site Scripting (XSS) in
\app\settin ...)
+ TODO: check
+CVE-2024-48232 (An issue was found in mipjz 5.0.5. In the mipPost method of
\app\setti ...)
+ TODO: check
+CVE-2024-48230 (funadmin 5.0.2 is vulnerable to SQL Injection via the
parentField para ...)
+ TODO: check
+CVE-2024-48229 (funadmin 5.0.2 has a SQL injection vulnerability in the Curd
one click ...)
+ TODO: check
+CVE-2024-48228 (An issue was found in funadmin 5.0.2. The selectfiles method
in \backe ...)
+ TODO: check
+CVE-2024-48227 (Funadmin 5.0.2 has a logical flaw in the Curd one click
command deleti ...)
+ TODO: check
+CVE-2024-48226 (Funadmin 5.0.2 is vulnerable to SQL Injection in
curd/table/savefield.)
+ TODO: check
+CVE-2024-48225 (Funadmin v5.0.2 has an arbitrary file deletion vulnerability
in /curd/ ...)
+ TODO: check
+CVE-2024-48224 (Funadmin v5.0.2 has an arbitrary file read vulnerability in
/curd/inde ...)
+ TODO: check
+CVE-2024-48223 (Funadmin v5.0.2 has a SQL injection vulnerability in
/curd/table/field ...)
+ TODO: check
+CVE-2024-48222 (Funadmin v5.0.2 has a SQL injection vulnerability in
/curd/table/edit.)
+ TODO: check
+CVE-2024-48218 (Funadmin v5.0.2 has a SQL injection vulnerability in
/curd/table/list.)
+ TODO: check
+CVE-2024-47821 (pyLoad is a free and open-source Download Manager. The folder
`/.pyloa ...)
+ TODO: check
+CVE-2024-10092 (The Download Monitor plugin for WordPress is vulnerable to
unauthorize ...)
+ TODO: check
+CVE-2024-10091 (The ElementsKit Elementor addons plugin for WordPress is
vulnerable to ...)
+ TODO: check
+CVE-2024-0121 (NVIDIA GPU Display Driver for Windows contains a vulnerability
in the ...)
+ TODO: check
+CVE-2024-0120 (NVIDIA GPU Display Driver for Windows contains a vulnerability
in the ...)
+ TODO: check
+CVE-2024-0119 (NVIDIA GPU Display Driver for Windows contains a vulnerability
in the ...)
+ TODO: check
+CVE-2024-0118 (NVIDIA GPU Display Driver for Windows contains a vulnerability
in the ...)
+ TODO: check
+CVE-2024-0117 (NVIDIA GPU Display Driver for Windows contains a vulnerability
in the ...)
+ TODO: check
CVE-2024-9991 (This vulnerability exists in Philips lighting devices due to
storage o ...)
NOT-FOR-US: Philips lighting devices
CVE-2024-9585 (The Image Map Pro plugin for WordPress is vulnerable to Stored
Cross-S ...)
@@ -469,7 +547,7 @@ CVE-2024-40431 (A lack of input validation in Realtek SD
card reader driver befo
NOT-FOR-US: Realtek
CVE-2023-50355 (HCL Sametime is impacted by the error messages containing
sensitive in ...)
NOT-FOR-US: HCL
-CVE-2024-0126
+CVE-2024-0126 (NVIDIA GPU Display Driver for Windows and Linux contains a
vulnerabili ...)
- nvidia-graphics-drivers <unfixed> (bug #1085968)
[bookworm] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
[bullseye] - nvidia-graphics-drivers <ignored> (Non-free not supported)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d0d1a8d43075bba093a5d38293037516ee8a95c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d0d1a8d43075bba093a5d38293037516ee8a95c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
