Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: aa0c1d80 by security tracker role at 2024-06-22T08:11:45+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,47 @@ +CVE-2024-6120 (The Sparkle Demo Importer plugin for WordPress is vulnerable to unauth ...) + TODO: check +CVE-2024-5966 (The Grey Opaque theme for WordPress is vulnerable to Stored Cross-Site ...) + TODO: check +CVE-2024-5965 (The Mosaic theme for WordPress is vulnerable to Stored Cross-Site Scri ...) + TODO: check +CVE-2024-5791 (The Online Booking & Scheduling Calendar for WordPress by vcita plugin ...) + TODO: check +CVE-2024-5596 (The ARMember Premium plugin for WordPress is vulnerable to Cross-Site ...) + TODO: check +CVE-2024-5346 (The Flatsome theme for WordPress is vulnerable to Stored Cross-Site Sc ...) + TODO: check +CVE-2024-4940 (An open redirect vulnerability exists in the gradio-app/gradio, affect ...) + TODO: check +CVE-2024-4874 (The Bricks Builder plugin for WordPress is vulnerable to Insecure Dire ...) + TODO: check +CVE-2024-4313 (The Table Addons for Elementor plugin for WordPress is vulnerable to S ...) + TODO: check +CVE-2024-3593 (The UberMenu plugin for WordPress is vulnerable to Cross-Site Request ...) + TODO: check +CVE-2024-37694 (ArcGIS Enterprise Server 10.8.0 allows a remote attacker to obtain sen ...) + TODO: check +CVE-2024-37654 (An issue in BAS-IP AV-01D, AV-01MD, AV-01MFD, AV-01ED, AV-01KD, AV-01B ...) + TODO: check +CVE-2024-36532 (Insecure permissions in kruise v1.6.2 allows attackers to access sensi ...) + TODO: check +CVE-2024-34989 (In the module RSI PDF/HTML catalog evolution (prestapdf) <= 7.0.0 from ...) + TODO: check +CVE-2024-34452 (CMSimple_XH 1.7.6 allows XSS by uploading a crafted SVG document.) + TODO: check +CVE-2024-2484 (The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Store ...) + TODO: check +CVE-2024-21519 (This affects versions of the package opencart/opencart from 4.0.0.0. A ...) + TODO: check +CVE-2024-21518 (This affects versions of the package opencart/opencart from 4.0.0.0. A ...) + TODO: check +CVE-2024-21517 (This affects versions of the package opencart/opencart from 4.0.0.0. A ...) + TODO: check +CVE-2024-21516 (This affects versions of the package opencart/opencart from 4.0.0.0. A ...) + TODO: check +CVE-2024-21515 (This affects versions of the package opencart/opencart from 4.0.0.0. A ...) + TODO: check +CVE-2024-21514 (This affects versions of the package opencart/opencart from 0.0.0. An ...) + TODO: check CVE-2024-6241 (A vulnerability was found in Pear Admin Boot up to 2.0.2 and classifie ...) NOT-FOR-US: Pear Admin Boot CVE-2024-6240 (Improper privilege management vulnerability in Parallels Desktop Softw ...) @@ -133776,8 +133820,8 @@ CVE-2022-42976 RESERVED CVE-2022-42975 (socket/transport.ex in Phoenix before 1.6.14 mishandles check_origin w ...) NOT-FOR-US: Phoenix -CVE-2022-42974 - RESERVED +CVE-2022-42974 (In Kostal PIKO 1.5-1 MP plus HMI OEM p 1.0.1, the web application for ...) + TODO: check CVE-2022-42973 (A CWE-798: Use of Hard-coded Credentials vulnerability exists that cou ...) NOT-FOR-US: Schneider CVE-2022-42972 (A CWE-732: Incorrect Permission Assignment for Critical Resource vulne ...) @@ -571208,8 +571252,8 @@ CVE-2014-8770 (Unrestricted file upload vulnerability in magmi/web/magmi.php in NOT-FOR-US: Magento CVE-2012-6665 (Directory traversal vulnerability in index.php in phpMoneyBooks 1.0.4 ...) NOT-FOR-US: phpMoneyBooks -CVE-2012-6664 - RESERVED +CVE-2012-6664 (Multiple directory traversal vulnerabilities in the TFTP Server in Dis ...) + TODO: check CVE-2012-6663 (General Electric D20ME devices are not properly configured and reveal ...) NOT-FOR-US: General Electric D20ME devices CVE-2014-8988 (MantisBT before 1.2.18 allows remote authenticated users to bypass the ...) @@ -579271,8 +579315,8 @@ CVE-2014-5474 RESERVED CVE-2014-5473 RESERVED -CVE-2014-5470 - RESERVED +CVE-2014-5470 (Actual Analyzer through 2014-08-29 allows code execution via shell met ...) + TODO: check CVE-2014-5469 RESERVED CVE-2014-5468 (A File Inclusion vulnerability exists in Railo 4.2.1 and earlier via a ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aa0c1d80221c16e899f4690f87c6e522a0dd5b4f -- This project does not include diff previews in email notifications. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aa0c1d80221c16e899f4690f87c6e522a0dd5b4f You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits