Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 98d6f9df by security tracker role at 2024-06-24T08:12:29+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,6 +1,46 @@ +CVE-2024-6280 (A vulnerability was found in SourceCodester Simple Online Bidding Syst ...) + TODO: check +CVE-2024-6279 (A vulnerability was found in lahirudanushka School Management System 1 ...) + TODO: check +CVE-2024-6278 (A vulnerability has been found in lahirudanushka School Management Sys ...) + TODO: check +CVE-2024-6277 (A vulnerability, which was classified as critical, was found in lahiru ...) + TODO: check +CVE-2024-6276 (A vulnerability, which was classified as critical, has been found in l ...) + TODO: check +CVE-2024-6275 (A vulnerability classified as critical was found in lahirudanushka Sch ...) + TODO: check +CVE-2024-6274 (A vulnerability classified as critical has been found in lahirudanushk ...) + TODO: check +CVE-2024-6273 (A vulnerability was found in SourceCodester Clinic Queuing System 1.0. ...) + TODO: check +CVE-2024-4900 (The SEOPress WordPress plugin before 7.8 does not validate and escape ...) + TODO: check +CVE-2024-4899 (The SEOPress WordPress plugin before 7.8 does not sanitise and escape ...) + TODO: check +CVE-2024-4499 (A Cross-Site Request Forgery (CSRF) vulnerability exists in the XTTS s ...) + TODO: check +CVE-2024-4460 (A denial of service (DoS) vulnerability exists in zenml-io/zenml versi ...) + TODO: check +CVE-2024-3121 (A remote code execution vulnerability exists in the create_conda_env f ...) + TODO: check +CVE-2024-39337 (Click Studios Passwordstate Core before 9.8 build 9858 allows Authenti ...) + TODO: check +CVE-2024-39334 (MENDELSON AS4 before 2024 B376 has a client-side vulnerability when a ...) + TODO: check +CVE-2024-24554 (Bludit uses predictable methods in combination with the MD5 hashing al ...) + TODO: check +CVE-2024-24553 (Bludit uses the SHA-1 hashing algorithm to compute password hashes. Th ...) + TODO: check +CVE-2024-24552 (A session fixation vulnerability in Bludit allows an attacker to bypas ...) + TODO: check +CVE-2024-24551 (A security vulnerability has been identified in Bludit, allowing authe ...) + TODO: check +CVE-2024-24550 (A security vulnerability has been identified in Bludit, allowing attac ...) + TODO: check CVE-2024-29868 NOT-FOR-US: Apache StreamPipes -CVE-2024-27136 +CVE-2024-27136 (XSS in Upload page in Apache JSPWiki 2.12.1 and priors allows the atta ...) - jspwiki <removed> CVE-2024-28882 - openvpn <unfixed> @@ -16,7 +56,7 @@ CVE-2024-6268 (A vulnerability, which was classified as critical, has been found NOT-FOR-US: lahirudanushka School Management System CVE-2024-4841 (A Path Traversal vulnerability exists in the parisneo/lollms-webui, sp ...) NOT-FOR-US: parisneo/lollms-webui -CVE-2024-39331 [org-link-expand-abbrev: Do not evaluate arbitrary unsafe Elisp code] +CVE-2024-39331 (In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a % ...) - emacs <unfixed> (bug #1074137) - org-mode <unfixed> (bug #1074136) [bookworm] - org-mode <ignored> (Produces only a dependency binary package) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/98d6f9df74414a5a4f8790e47cf77ec5c2ad884f -- This project does not include diff previews in email notifications. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/98d6f9df74414a5a4f8790e47cf77ec5c2ad884f You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits