[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Sat, 21 Dec 2024 00:12:26 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
4f5bd5a0 by security tracker role at 2024-12-21T08:12:05+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,55 @@
+CVE-2024-56359 (grist-core is a spreadsheet hosting server. A user visiting a 
maliciou ...)
+       TODO: check
+CVE-2024-56358 (grist-core is a spreadsheet hosting server. A user visiting a 
maliciou ...)
+       TODO: check
+CVE-2024-56357 (grist-core is a spreadsheet hosting server. A user visiting a 
maliciou ...)
+       TODO: check
+CVE-2024-56335 (vaultwarden is an unofficial Bitwarden compatible server 
written in Ru ...)
+       TODO: check
+CVE-2024-56334 (systeminformation is a System and OS information library for 
node.js.  ...)
+       TODO: check
+CVE-2024-55509 (SQL injection vulnerability in CodeAstro Complaint Management 
System v ...)
+       TODO: check
+CVE-2024-40875 (There is a cross-site scripting vulnerability in the 
management consol ...)
+       TODO: check
+CVE-2024-12846 (A vulnerability, which was classified as problematic, has been 
found i ...)
+       TODO: check
+CVE-2024-12845 (A vulnerability classified as problematic was found in Emlog 
Pro up to ...)
+       TODO: check
+CVE-2024-12844 (A vulnerability classified as problematic has been found in 
Emlog Pro  ...)
+       TODO: check
+CVE-2024-12843 (A vulnerability was found in Emlog Pro up to 2.4.1. It has 
been rated  ...)
+       TODO: check
+CVE-2024-12771 (The eCommerce Product Catalog Plugin for WordPress plugin for 
WordPres ...)
+       TODO: check
+CVE-2024-12721 (The Custom Product Tabs For WooCommerce plugin for WordPress 
is vulner ...)
+       TODO: check
+CVE-2024-12697 (The real.Kit plugin for WordPress is vulnerable to Stored 
Cross-Site S ...)
+       TODO: check
+CVE-2024-12635 (The WP Docs plugin for WordPress is vulnerable to time-based 
SQL Injec ...)
+       TODO: check
+CVE-2024-12262 (The Ebook Store plugin for WordPress is vulnerable to 
Reflected Cross- ...)
+       TODO: check
+CVE-2024-12066 (The SMSA Shipping(official) plugin for WordPress is vulnerable 
to arbi ...)
+       TODO: check
+CVE-2024-11977 (The The kk Star Ratings \u2013 Rate Post & Collect User 
Feedbacks plug ...)
+       TODO: check
+CVE-2024-11975 (The Reactflow Visitor Recording and Heatmaps plugin for 
WordPress is v ...)
+       TODO: check
+CVE-2024-11938 (The One Click Upsell Funnel for WooCommerce \u2013  Funnel 
Builder for ...)
+       TODO: check
+CVE-2024-11811 (The Feedify \u2013 Web Push Notifications plugin for WordPress 
is vuln ...)
+       TODO: check
+CVE-2024-11682 (The G Web Pro Store Locator plugin for WordPress is vulnerable 
to Refl ...)
+       TODO: check
+CVE-2024-11607 (The GTPayment Donations WordPress plugin through 1.0.0 does 
not have C ...)
+       TODO: check
+CVE-2024-11349 (The AdForest theme for WordPress is vulnerable to 
authentication bypas ...)
+       TODO: check
+CVE-2024-11287 (The Ebook Store plugin for WordPress is vulnerable to 
Reflected Cross- ...)
+       TODO: check
+CVE-2024-11196 (The Multi-column Tag Map plugin for WordPress is vulnerable to 
Stored  ...)
+       TODO: check
 CVE-2024-7726 (There exists an unauthenticated accessible JTAG port on the 
Kioxia PM6 ...)
        NOT-FOR-US: Kioxia
 CVE-2024-56356 (In JetBrains TeamCity before 2024.12 insecure XMLParser 
configuration  ...)
@@ -132797,10 +132849,10 @@ CVE-2023-31282
        RESERVED
 CVE-2023-31281
        RESERVED
-CVE-2023-31280
-       RESERVED
-CVE-2023-31279
-       RESERVED
+CVE-2023-31280 (An AirVantage online Warranty Checker tool vulnerability could 
allow a ...)
+       TODO: check
+CVE-2023-31279 (The AirVantage platform is vulnerable to an unauthorized 
attacker regi ...)
+       TODO: check
 CVE-2023-31245 (Devices using Snap One OvrC cloud are sent to a web address 
when acces ...)
        NOT-FOR-US: Snap One
 CVE-2023-31241 (Snap One OvrC cloud servers contain a route an attacker can 
use to byp ...)
@@ -260816,8 +260868,8 @@ CVE-2021-40961 (CMS Made Simple <=2.2.15 is affected 
by SQL injection in modules
        NOT-FOR-US: CMS Made Simple
 CVE-2021-40960 (Galera WebTemplate 1.0 is affected by a directory traversal 
vulnerabil ...)
        NOT-FOR-US: Galera WebTemplate
-CVE-2021-40959
-       RESERVED
+CVE-2021-40959 (A reflected cross-site scripting vulnerability in MONITORAPP 
Applicati ...)
+       TODO: check
 CVE-2021-40958
        RESERVED
 CVE-2021-40957
@@ -359867,8 +359919,8 @@ CVE-2020-13714
        REJECTED
 CVE-2020-13713
        REJECTED
-CVE-2020-13712
-       RESERVED
+CVE-2020-13712 (A command injection is possible through the user interface, 
allowing a ...)
+       TODO: check
 CVE-2020-13711
        RESERVED
 CVE-2020-13710



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4f5bd5a00de28ae1a6682760bcc942b067d5fbd1

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4f5bd5a00de28ae1a6682760bcc942b067d5fbd1
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to