Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 45fd8b11 by Moritz Muehlenhoff at 2024-04-19T10:22:16+02:00 NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -107,15 +107,15 @@ CVE-2024-32552 (Improper Neutralization of Input During Web Page Generation ('Cr CVE-2024-32551 (Improper Neutralization of Special Elements used in an SQL Command ('S ...) NOT-FOR-US: WordPress plugin CVE-2024-32477 (Deno is a JavaScript, TypeScript, and WebAssembly runtime with secure ...) - TODO: check + NOT-FOR-US: Deno CVE-2024-32475 (Envoy is a cloud-native, open source edge and service proxy. When an u ...) - envoyproxy <itp> (bug #987544) CVE-2024-32474 (Sentry is an error tracking and performance monitoring platform. Prior ...) NOT-FOR-US: Sentry CVE-2024-32470 (Tolgee is an open-source localization platform. When API key created b ...) - TODO: check + NOT-FOR-US: Tolgee CVE-2024-32466 (Tolgee is an open-source localization platform. For the `/v2/projects/ ...) - TODO: check + NOT-FOR-US: Tolgee CVE-2024-32462 (Flatpak is a system for building, distributing, and running sandboxed ...) - flatpak 1.14.6-1 NOTE: https://www.openwall.com/lists/oss-security/2024/04/18/5 @@ -145,55 +145,55 @@ CVE-2024-32126 (Improper Neutralization of Input During Web Page Generation ('Cr CVE-2024-31229 (Server-Side Request Forgery (SSRF) vulnerability in Really Simple Plug ...) NOT-FOR-US: WordPress plugin CVE-2024-30564 (An issue inandrei-tatar nora-firebase-common between v.1.0.41 and v.1. ...) - TODO: check + NOT-FOR-US: nora-firebase-common CVE-2024-30257 (1Panel is an open source Linux server operation and maintenance manage ...) - TODO: check + NOT-FOR-US: 1Panel CVE-2024-2833 (The Jobs for WordPress plugin for WordPress is vulnerable to Reflected ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-2796 (A server-side request forgery (SSRF) was discovered in the Akana Commu ...) - TODO: check + NOT-FOR-US: Akana Community Manager Developer Portal CVE-2024-29987 (Microsoft Edge (Chromium-based) Information Disclosure Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2024-29986 (Microsoft Edge for Android (Chromium-based) Information Disclosure Vul ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2024-29021 (Judge0 is an open-source online code execution system. The default con ...) - TODO: check + NOT-FOR-US: Judge0 CVE-2024-29003 (The SolarWinds Platform was susceptible to a XSS vulnerability that af ...) - TODO: check + NOT-FOR-US: SolarWinds CVE-2024-29001 (A SolarWinds Platform SWQL Injection Vulnerability was identified in t ...) - TODO: check + NOT-FOR-US: SolarWinds CVE-2024-28189 (Judge0 is an open-source online code execution system. The application ...) - TODO: check + NOT-FOR-US: Judge0 CVE-2024-28185 (Judge0 is an open-source online code execution system. The application ...) - TODO: check + NOT-FOR-US: Judge0 CVE-2024-28076 (The SolarWinds Platform was susceptible to a Arbitrary Open Redirectio ...) - TODO: check + NOT-FOR-US: SolarWinds CVE-2024-27306 (aiohttp is an asynchronous HTTP client/server framework for asyncio an ...) TODO: check CVE-2024-24910 (A local attacker can escalate privileges on affected Check Point ZoneA ...) - TODO: check + NOT-FOR-US: Check Point CVE-2024-23557 (HCL Connections contains a user enumeration vulnerability. Certain act ...) - TODO: check + NOT-FOR-US: HCL CVE-2024-20380 (A vulnerability in the HTML parser of ClamAV could allow an unauthenti ...) TODO: check CVE-2023-6897 (The EAN for WooCommerce plugin for WordPress is vulnerable to Insecure ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6892 (The EAN for WooCommerce plugin for WordPress is vulnerable to Stored C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-50885 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-49768 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-49742 (Missing Authorization vulnerability in Support Genix.This issue affect ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-47843 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-41864 (Cross-Site Request Forgery (CSRF) vulnerability in Pepro Dev. Group Pe ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-3758 (A race condition flaw was found in sssd where the GPO policy is not co ...) TODO: check CVE-2023-3675 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...) - TODO: check + NOT-FOR-US: Secomea GateManager CVE-2024-XXXX [tryton zipbomb DoS] - tryton-server 6.0.45-1 [bookworm] - tryton-server <no-dsa> (Minor issue) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/45fd8b11d8c87dc23b15201db1217c055fbd076a -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/45fd8b11d8c87dc23b15201db1217c055fbd076a You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits