Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f4bbd65c by security tracker role at 2024-11-09T08:12:05+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,133 @@
+CVE-2024-9874 (The Poll Maker \u2013 Versus Polls, Anonymous Polls, Image
Polls plugi ...)
+ TODO: check
+CVE-2024-9775 (The Anih - Creative Agency WordPress Theme theme for WordPress
is vuln ...)
+ TODO: check
+CVE-2024-9270 (The Lenxel Core for Lenxel(LNX) LMS plugin for WordPress is
vulnerable ...)
+ TODO: check
+CVE-2024-9262 (The User Meta \u2013 User Profile Builder and User management
plugin p ...)
+ TODO: check
+CVE-2024-9226 (The Landing Page Cat \u2013 Coming Soon Page, Maintenance Page
& Squee ...)
+ TODO: check
+CVE-2024-8960 (The Cowidgets \u2013 Elementor Addons plugin for WordPress is
vulnerab ...)
+ TODO: check
+CVE-2024-8756 (The Quform - WordPress Form Builder plugin for WordPress is
vulnerable ...)
+ TODO: check
+CVE-2024-52314 (A data.all admin team member who has access to the
customer-owned AWS ...)
+ TODO: check
+CVE-2024-52313 (An authenticated data.all user is able to manipulate a
getDataset quer ...)
+ TODO: check
+CVE-2024-52312 (Due to inconsistent authorization permissions, data.all may
allow an e ...)
+ TODO: check
+CVE-2024-52311 (Authentication tokens issued via Cognito in data.all are not
invalidat ...)
+ TODO: check
+CVE-2024-52009 (Atlantis is a self-hosted golang application that listens for
Terrafor ...)
+ TODO: check
+CVE-2024-52007 (HAPI FHIR is a complete implementation of the HL7 FHIR
standard for he ...)
+ TODO: check
+CVE-2024-52004 (MediaCMS is an open source video and media CMS, written in
Python/Djan ...)
+ TODO: check
+CVE-2024-52002 (Combodo iTop is a simple, web based IT Service Management
tool. Severa ...)
+ TODO: check
+CVE-2024-52001 (Combodo iTop is a simple, web based IT Service Management
tool. In aff ...)
+ TODO: check
+CVE-2024-52000 (Combodo iTop is a simple, web based IT Service Management
tool. Affect ...)
+ TODO: check
+CVE-2024-51157 (07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request
Forgery ...)
+ TODO: check
+CVE-2024-50809 (The theme.php file in SDCMS 2.8 has a command execution
vulnerability ...)
+ TODO: check
+CVE-2024-50808 (SeaCms 13.1 is vulnerable to code injection in the
notification module ...)
+ TODO: check
+CVE-2024-48073 (sunniwell HT3300 before 1.0.0.B022.2 is vulnerable to Insecure
Permiss ...)
+ TODO: check
+CVE-2024-35427 (vmir e8117 was discovered to contain a segmentation violation
via the ...)
+ TODO: check
+CVE-2024-35426 (vmir e8117 was discovered to contain a stack overflow via the
init_loc ...)
+ TODO: check
+CVE-2024-35425 (vmir e8117 was discovered to contain a segmentation violation
via the ...)
+ TODO: check
+CVE-2024-35424 (vmir e8117 was discovered to contain a segmentation violation
via the ...)
+ TODO: check
+CVE-2024-35423 (vmir e8117 was discovered to contain a heap buffer overflow
via the wa ...)
+ TODO: check
+CVE-2024-35422 (vmir e8117 was discovered to contain a heap buffer overflow
via the wa ...)
+ TODO: check
+CVE-2024-35421 (vmir e8117 was discovered to contain a segmentation violation
via the ...)
+ TODO: check
+CVE-2024-35420 (wac commit 385e1 was discovered to contain a heap overflow.)
+ TODO: check
+CVE-2024-35419 (wac commit 385e1 was discovered to contain a heap overflow via
the loa ...)
+ TODO: check
+CVE-2024-35418 (wac commit 385e1 was discovered to contain a heap overflow via
the set ...)
+ TODO: check
+CVE-2024-35410 (wac commit 385e1 was discovered to contain a heap overflow via
the int ...)
+ TODO: check
+CVE-2024-27532 (wasm-micro-runtime (aka WebAssembly Micro Runtime or WAMR)
06df58f is ...)
+ TODO: check
+CVE-2024-27530 (wasm3 139076a contains a Use-After-Free in ForEachModule.)
+ TODO: check
+CVE-2024-27529 (wasm3 139076a contains memory leaks in Read_utf8.)
+ TODO: check
+CVE-2024-27528 (wasm3 139076a suffers from Invalid Memory Read, leading to DoS
and pot ...)
+ TODO: check
+CVE-2024-27527 (wasm3 139076a is vulnerable to Denial of Service (DoS).)
+ TODO: check
+CVE-2024-21994 (StorageGRID (formerly StorageGRID Webscale) versions prior to
11.9 are ...)
+ TODO: check
+CVE-2024-11026 (A vulnerability was found in Intelligent Apps Freenow App
12.10.0 on A ...)
+ TODO: check
+CVE-2024-10953 (An authenticated data.all user is able to perform mutating
UPDATE oper ...)
+ TODO: check
+CVE-2024-10876 (The Charitable \u2013 Donation Plugin for WordPress \u2013
Fundraising ...)
+ TODO: check
+CVE-2024-10871 (The Category Ajax Filter plugin for WordPress is vulnerable to
Local F ...)
+ TODO: check
+CVE-2024-10814 (The Code Embed plugin for WordPress is vulnerable to
Server-Side Reque ...)
+ TODO: check
+CVE-2024-10801 (The WordPress User Extra Fields plugin for WordPress is
vulnerable to ...)
+ TODO: check
+CVE-2024-10779 (The Cowidgets \u2013 Elementor Addons plugin for WordPress is
vulnerab ...)
+ TODO: check
+CVE-2024-10770 (The Envo Extra plugin for WordPress is vulnerable to
Information Expos ...)
+ TODO: check
+CVE-2024-10693 (The SKT Addons for Elementor plugin for WordPress is
vulnerable to Inf ...)
+ TODO: check
+CVE-2024-10688 (The Attesa Extra plugin for WordPress is vulnerable to
Information Exp ...)
+ TODO: check
+CVE-2024-10683 (The Contact Form 7 \u2013 PayPal & Stripe Add-on plugin for
WordPress ...)
+ TODO: check
+CVE-2024-10674 (The Th Shop Mania theme for WordPress is vulnerable to
unauthorized ar ...)
+ TODO: check
+CVE-2024-10673 (The Top Store theme for WordPress is vulnerable to
unauthorized arbitr ...)
+ TODO: check
+CVE-2024-10669 (The Countdown Timer block \u2013 Display the event's date
into a ...)
+ TODO: check
+CVE-2024-10667 (The Content Slider Block plugin for WordPress is vulnerable to
Informa ...)
+ TODO: check
+CVE-2024-10627 (The WooCommerce Support Ticket System plugin for WordPress is
vulnerab ...)
+ TODO: check
+CVE-2024-10626 (The WooCommerce Support Ticket System plugin for WordPress is
vulnerab ...)
+ TODO: check
+CVE-2024-10625 (The WooCommerce Support Ticket System plugin for WordPress is
vulnerab ...)
+ TODO: check
+CVE-2024-10589 (The Leopard - WordPress Offload Media plugin for WordPress is
vulnerab ...)
+ TODO: check
+CVE-2024-10588 (The Debug Tool plugin for WordPress is vulnerable to
unauthorized acce ...)
+ TODO: check
+CVE-2024-10586 (The Debug Tool plugin for WordPress is vulnerable to arbitrary
file cr ...)
+ TODO: check
+CVE-2024-10547 (The WP Membership plugin for WordPress is vulnerable to
arbitrary file ...)
+ TODO: check
+CVE-2024-10508 (The RegistrationMagic \u2013 User Registration Plugin with
Custom Regi ...)
+ TODO: check
+CVE-2024-10470 (The WPLMS Learning Management System for WordPress, WordPress
LMS them ...)
+ TODO: check
+CVE-2024-10294 (The CE21 Suite plugin for WordPress is vulnerable to
unauthorized modi ...)
+ TODO: check
+CVE-2024-10285 (The CE21 Suite plugin for WordPress is vulnerable to sensitive
informa ...)
+ TODO: check
+CVE-2024-10284 (The CE21 Suite plugin for WordPress is vulnerable to
authentication by ...)
+ TODO: check
CVE-2024-10973
NOT-FOR-US: Keycloak
CVE-2024-9841 (A Reflected Cross-Site Scripting (XSS) vulnerability has been
identifi ...)
@@ -7360,7 +7490,7 @@ CVE-2024-41311 (In Libheif 1.17.6, insufficient checks in
ImageOverlay::parse()
NOTE: https://github.com/strukturag/libheif/issues/1226
NOTE: https://github.com/strukturag/libheif/pull/1227
NOTE:
https://github.com/strukturag/libheif/commit/a3ed1b1eb178c5d651d6ac619c8da3d71ac2be36
(v1.18.0)
-CVE-2024-38204 (Improper Access Control in Imagine Cup allows an authorized
attacker t ...)
+CVE-2024-38204 (Improper access control in Imagine Cup allows an authorized
attacker t ...)
NOT-FOR-US: Microsoft
CVE-2024-38190 (Missing authorization in Power Platform allows an
unauthenticated atta ...)
NOT-FOR-US: Microsoft
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4bbd65c8108ca2006464b1ab12d0f03e87bab89
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4bbd65c8108ca2006464b1ab12d0f03e87bab89
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
