[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Wed, 30 Oct 2024 13:12:53 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
d9fec77d by security tracker role at 2024-10-30T20:12:38+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,97 @@
+CVE-2024-9419 (Client / Server PCs with the HP Smart Universal Printing Driver 
instal ...)
+       TODO: check
+CVE-2024-9388 (The Black Widgets For Elementor plugin for WordPress is 
vulnerable to  ...)
+       TODO: check
+CVE-2024-9110 (A medium severity vulnerability has been identified within 
Privileged  ...)
+       TODO: check
+CVE-2024-8512 (The W3SPEEDSTER plugin for WordPress is vulnerable to Remote 
Code Exec ...)
+       TODO: check
+CVE-2024-51304 (In Draytek Vigor3900 1.5.1.3, attackers can inject malicious 
commands  ...)
+       TODO: check
+CVE-2024-51301 (In Draytek Vigor3900 1.5.1.3, attackers can inject malicious 
commands  ...)
+       TODO: check
+CVE-2024-51300 (In Draytek Vigor3900 1.5.1.3, attackers can inject malicious 
commands  ...)
+       TODO: check
+CVE-2024-51299 (In Draytek Vigor3900 1.5.1.3, attackers can inject malicious 
commands  ...)
+       TODO: check
+CVE-2024-51298 (In Draytek Vigor3900 1.5.1.3, attackers can inject malicious 
commands  ...)
+       TODO: check
+CVE-2024-51296 (In Draytek Vigor3900 1.5.1.3, attackers can inject malicious 
commands  ...)
+       TODO: check
+CVE-2024-51258 (DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious 
command ...)
+       TODO: check
+CVE-2024-51257 (DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious 
command ...)
+       TODO: check
+CVE-2024-50419 (Incorrect Authorization vulnerability in Wpsoul Greenshift 
\u2013 anim ...)
+       TODO: check
+CVE-2024-50353 (ICG.AspNetCore.Utilities.CloudStorage is a collection of cloud 
storage ...)
+       TODO: check
+CVE-2024-50344 (I, Librarian is an open-source version of a PDF managing SaaS. 
Supplem ...)
+       TODO: check
+CVE-2024-48648 (A Reflected Cross-Site Scripting (XSS) vulnerability exists in 
the Sag ...)
+       TODO: check
+CVE-2024-48647 (A file disclosure vulnerability exists in Sage 1000 v7.0.0. 
This vulne ...)
+       TODO: check
+CVE-2024-48646 (An Unrestricted File Upload vulnerability exists in Sage 1000 
v7.0.0,  ...)
+       TODO: check
+CVE-2024-48569 (Proactive Risk Manager version 9.1.1.0 is affected by multiple 
Cross-S ...)
+       TODO: check
+CVE-2024-48272 (D-Link DSL6740C v6.TR069.20211230 was discovered to use an 
insecure de ...)
+       TODO: check
+CVE-2024-48271 (D-Link DSL6740C v6.TR069.20211230 was discovered to use 
insecure defau ...)
+       TODO: check
+CVE-2024-48241 (An issue in radare2 v5.8.0 through v5.9.4 allows a local 
attacker to c ...)
+       TODO: check
+CVE-2024-48214 (KERUI HD 3MP 1080P Tuya Camera 1.0.4 has a command injection 
vulnerabi ...)
+       TODO: check
+CVE-2024-48202 (icecms <=3.4.7 has a File Upload vulnerability in 
FileUtils.java,uploa ...)
+       TODO: check
+CVE-2024-46531 (phpgurukul Vehicle Record Management System v1.0 was 
discovered to con ...)
+       TODO: check
+CVE-2024-42041 (The com.videodownload.browser.videodownloader (aka 
AppTool-Browser-Vid ...)
+       TODO: check
+CVE-2024-3935 (In Eclipse Mosquito, versions from 2.0.0 through 2.0.18, if a 
Mosquitt ...)
+       TODO: check
+CVE-2024-37573 (The Talkatone com.talkatone.android application 8.4.6 for 
Android enab ...)
+       TODO: check
+CVE-2024-36060 (EnGenius EnStation5-AC A8J-ENS500AC 1.0.0 devices allow blind 
OS comma ...)
+       TODO: check
+CVE-2024-33700 (The LevelOne WBR-6012 router firmware R0.40e6 suffers from an 
input va ...)
+       TODO: check
+CVE-2024-33699 (The LevelOne WBR-6012 router's web application has a 
vulnerability in  ...)
+       TODO: check
+CVE-2024-33626 (The LevelOne WBR-6012 router contains a vulnerability within 
its web a ...)
+       TODO: check
+CVE-2024-33623 (A denial of service vulnerability exists in the Web 
Application functi ...)
+       TODO: check
+CVE-2024-33603 (The LevelOne WBR-6012 router has an information disclosure 
vulnerabili ...)
+       TODO: check
+CVE-2024-32946 (A vulnerability in the LevelOne WBR-6012 router's firmware 
version R0. ...)
+       TODO: check
+CVE-2024-31975 (EnGenius ESR580 devices through 1.1.30 allow a remote attacker 
to cond ...)
+       TODO: check
+CVE-2024-31973 (Hitron CODA-4582 2AHKM-CODA4589 7.2.4.5.1b8 devices allow a 
remote att ...)
+       TODO: check
+CVE-2024-31972 (EnGenius ESR580 A8J-EMR5000 devices allow a remote attacker to 
conduct ...)
+       TODO: check
+CVE-2024-31152 (The LevelOne WBR-6012 router with firmware R0.40e6 is 
vulnerable to im ...)
+       TODO: check
+CVE-2024-31151 (A security flaw involving hard-coded credentials in LevelOne 
WBR-6012' ...)
+       TODO: check
+CVE-2024-28875 (A security flaw involving hard-coded credentials in LevelOne 
WBR-6012' ...)
+       TODO: check
+CVE-2024-28052 (The WBR-6012 is a wireless SOHO router. It is a low-cost 
device which  ...)
+       TODO: check
+CVE-2024-24777 (A cross-site request forgery (CSRF) vulnerability exists in 
the Web Ap ...)
+       TODO: check
+CVE-2024-23309 (The LevelOne WBR-6012 router with firmware R0.40e6 has an 
authenticati ...)
+       TODO: check
+CVE-2024-10546 (A vulnerability classified as critical was found in 
open-scratch Teach ...)
+       TODO: check
+CVE-2024-10525 (In Eclipse Mosquitto, from version 1.3.2 through 2.0.18, if a 
maliciou ...)
+       TODO: check
+CVE-2024-10456 (Delta Electronics InfraSuite Device Master versions prior to 
1.0.12 ar ...)
+       TODO: check
 CVE-2024-XXXX [buffer overflow involving "Frankenstein streams"]
        - mpg123 1.32.8-1 (bug #1086443)
        NOTE: https://www.openwall.com/lists/oss-security/2024/10/30/2
@@ -30176,7 +30270,7 @@ CVE-2024-29953 (A vulnerability in the web interface in 
Brocade Fabric OS before
        NOT-FOR-US: Brocade
 CVE-2024-29177 (Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 
7.10.1. ...)
        NOT-FOR-US: Dell
-CVE-2024-29176 (Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 
7.10.1. ...)
+CVE-2024-29176 (Dell PowerProtect DD, version(s) 8.0, 7.13.1.0, 7.10.1.30, 
7.7.5.40, c ...)
        NOT-FOR-US: Dell
 CVE-2024-29175 (Dell PowerProtect Data Domain, versions prior to 7.13.0.0, LTS 
7.7.5.4 ...)
        NOT-FOR-US: Dell
@@ -73268,7 +73362,7 @@ CVE-2024-24690 (Improper input validation in some Zoom 
clients may allow an auth
        NOT-FOR-US: Zoom
 CVE-2024-24142 (Sourcecodester School Task Manager 1.0 allows SQL Injection 
via the 's ...)
        NOT-FOR-US: Sourcecodester School Task Manager
-CVE-2024-22455 (Dell E-Lab Navigator, [3.1.9, 3.2.0], contains an Insecure 
Direct Obje ...)
+CVE-2024-22455 (Dell Mobility - E-Lab Navigator, version(s) 3.1.9, 3.2.0, 
contain(s) a ...)
        NOT-FOR-US: Dell
 CVE-2024-1485 (A flaw was found in the decompression function of 
registry-support. Th ...)
        NOT-FOR-US: OpenShift



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d9fec77d10a3daa2de1e612bc85c535c189f9f7e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d9fec77d10a3daa2de1e612bc85c535c189f9f7e
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to