Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
64233557 by security tracker role at 2024-11-01T08:11:59+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,67 @@
+CVE-2024-9655 (The Gutenberg Blocks with AI by Kadence WP \u2013 Page Builder
Feature ...)
+ TODO: check
+CVE-2024-7424 (The Multiple Page Generator Plugin \u2013 MPG plugin for
WordPress is ...)
+ TODO: check
+CVE-2024-6480 (The SIP Reviews Shortcode for WooCommerce plugin for WordPress
is vuln ...)
+ TODO: check
+CVE-2024-6479 (The SIP Reviews Shortcode for WooCommerce plugin for WordPress
is vuln ...)
+ TODO: check
+CVE-2024-49501 (Sysmac Studio provided by OMRON Corporation contains an
incorrect auth ...)
+ TODO: check
+CVE-2024-47939 (Stack-based buffer overflow vulnerability exists in multiple
Ricoh las ...)
+ TODO: check
+CVE-2024-21510 (Versions of the package sinatra from 0.0.0 are vulnerable to
Reliance ...)
+ TODO: check
+CVE-2024-10620 (A vulnerability was found in knightliao Disconf 2.6.36. It has
been cl ...)
+ TODO: check
+CVE-2024-10619 (A vulnerability, which was classified as critical, was found
in Tongda ...)
+ TODO: check
+CVE-2024-10618 (A vulnerability, which was classified as critical, has been
found in T ...)
+ TODO: check
+CVE-2024-10617 (A vulnerability classified as critical was found in Tongda OA
up to 11 ...)
+ TODO: check
+CVE-2024-10616 (A vulnerability classified as critical has been found in
Tongda OA up ...)
+ TODO: check
+CVE-2024-10615 (A vulnerability was found in Tongda OA 2017 up to 11.10. It
has been r ...)
+ TODO: check
+CVE-2024-10613 (A vulnerability was found in ESAFENET CDG 5. It has been
declared as c ...)
+ TODO: check
+CVE-2024-10612 (A vulnerability was found in ESAFENET CDG 5. It has been
classified as ...)
+ TODO: check
+CVE-2024-10611 (A vulnerability was found in ESAFENET CDG 5 and classified as
critical ...)
+ TODO: check
+CVE-2024-10610 (A vulnerability has been found in ESAFENET CDG 5 and
classified as cri ...)
+ TODO: check
+CVE-2024-10609 (A vulnerability, which was classified as critical, was found
in itsour ...)
+ TODO: check
+CVE-2024-10608 (A vulnerability was found in code-projects Courier Management
System 1 ...)
+ TODO: check
+CVE-2024-10607 (A vulnerability was found in code-projects Courier Management
System 1 ...)
+ TODO: check
+CVE-2024-10605 (A vulnerability was found in code-projects Blood Bank
Management Syste ...)
+ TODO: check
+CVE-2024-10602 (A vulnerability was found in Tongda OA 2017 up to 11.9 and
classified ...)
+ TODO: check
+CVE-2024-10601 (A vulnerability has been found in Tongda OA 2017 up to 11.10
and class ...)
+ TODO: check
+CVE-2024-10600 (A vulnerability, which was classified as critical, was found
in Tongda ...)
+ TODO: check
+CVE-2024-10599 (A vulnerability, which was classified as problematic, has been
found i ...)
+ TODO: check
+CVE-2024-10598 (A vulnerability classified as critical was found in Tongda OA
11.2/11. ...)
+ TODO: check
+CVE-2024-10597 (A vulnerability classified as critical has been found in
ESAFENET CDG ...)
+ TODO: check
+CVE-2024-10596 (A vulnerability was found in ESAFENET CDG 5. It has been rated
as crit ...)
+ TODO: check
+CVE-2024-10595 (A vulnerability was found in ESAFENET CDG 5. It has been
declared as c ...)
+ TODO: check
+CVE-2024-10594 (A vulnerability was found in ESAFENET CDG 5. It has been
classified as ...)
+ TODO: check
+CVE-2024-0106 (NVIDIA ConnectX Host Firmware for the BlueField Data Processing
Unit ( ...)
+ TODO: check
+CVE-2024-0105 (NVIDIA ConnectX Firmware contains a vulnerability where an
attacker ma ...)
+ TODO: check
CVE-2024-8934 (A local user with administrative access rights can enter
specialy craf ...)
NOT-FOR-US: TwinCAT Package Manager
CVE-2024-8553 (A vulnerability was found in Foreman's loader macros introduced
with r ...)
@@ -379,8 +443,8 @@ CVE-2024-48138 (A remote code execution (RCE) vulnerability
in the component /Pl
CVE-2024-48063 (In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE.)
- pytorch <unfixed> (unimportant)
NOTE:
https://rumbling-slice-eb0.notion.site/Distributed-RPC-Framework-RemoteModule-has-Deserialization-RCE-in-pytorch-pytorch-111e3cda9e8c8021a7d3cbc61ee1a20c
- NOTE: Non issue as only documented to be used for internal
communication:
- NOTE:
https://github.com/pytorch/pytorch/security/policy#using-distributed-features
+ NOTE: Non issue as only documented to be used for internal
communication:
+ NOTE:
https://github.com/pytorch/pytorch/security/policy#using-distributed-features
TODO: should probably be rejected, similar as CVE-2024-5480 got
rejected, MITRE contacted
CVE-2024-44081 (In Jitsi Meet before 2.0.9779, the functionality to share a
video file ...)
- jitsi-meet <itp> (bug #760485)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/642335573bed1c92c840e71a1ea3c6f6b260fcaa
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/642335573bed1c92c840e71a1ea3c6f6b260fcaa
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
