Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
98d6f9df by security tracker role at 2024-06-24T08:12:29+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,6 +1,46 @@
+CVE-2024-6280 (A vulnerability was found in SourceCodester Simple Online
Bidding Syst ...)
+ TODO: check
+CVE-2024-6279 (A vulnerability was found in lahirudanushka School Management
System 1 ...)
+ TODO: check
+CVE-2024-6278 (A vulnerability has been found in lahirudanushka School
Management Sys ...)
+ TODO: check
+CVE-2024-6277 (A vulnerability, which was classified as critical, was found in
lahiru ...)
+ TODO: check
+CVE-2024-6276 (A vulnerability, which was classified as critical, has been
found in l ...)
+ TODO: check
+CVE-2024-6275 (A vulnerability classified as critical was found in
lahirudanushka Sch ...)
+ TODO: check
+CVE-2024-6274 (A vulnerability classified as critical has been found in
lahirudanushk ...)
+ TODO: check
+CVE-2024-6273 (A vulnerability was found in SourceCodester Clinic Queuing
System 1.0. ...)
+ TODO: check
+CVE-2024-4900 (The SEOPress WordPress plugin before 7.8 does not validate and
escape ...)
+ TODO: check
+CVE-2024-4899 (The SEOPress WordPress plugin before 7.8 does not sanitise and
escape ...)
+ TODO: check
+CVE-2024-4499 (A Cross-Site Request Forgery (CSRF) vulnerability exists in the
XTTS s ...)
+ TODO: check
+CVE-2024-4460 (A denial of service (DoS) vulnerability exists in
zenml-io/zenml versi ...)
+ TODO: check
+CVE-2024-3121 (A remote code execution vulnerability exists in the
create_conda_env f ...)
+ TODO: check
+CVE-2024-39337 (Click Studios Passwordstate Core before 9.8 build 9858 allows
Authenti ...)
+ TODO: check
+CVE-2024-39334 (MENDELSON AS4 before 2024 B376 has a client-side vulnerability
when a ...)
+ TODO: check
+CVE-2024-24554 (Bludit uses predictable methods in combination with the MD5
hashing al ...)
+ TODO: check
+CVE-2024-24553 (Bludit uses the SHA-1 hashing algorithm to compute password
hashes. Th ...)
+ TODO: check
+CVE-2024-24552 (A session fixation vulnerability in Bludit allows an attacker
to bypas ...)
+ TODO: check
+CVE-2024-24551 (A security vulnerability has been identified in Bludit,
allowing authe ...)
+ TODO: check
+CVE-2024-24550 (A security vulnerability has been identified in Bludit,
allowing attac ...)
+ TODO: check
CVE-2024-29868
NOT-FOR-US: Apache StreamPipes
-CVE-2024-27136
+CVE-2024-27136 (XSS in Upload page in Apache JSPWiki 2.12.1 and priors allows
the atta ...)
- jspwiki <removed>
CVE-2024-28882
- openvpn <unfixed>
@@ -16,7 +56,7 @@ CVE-2024-6268 (A vulnerability, which was classified as
critical, has been found
NOT-FOR-US: lahirudanushka School Management System
CVE-2024-4841 (A Path Traversal vulnerability exists in the
parisneo/lollms-webui, sp ...)
NOT-FOR-US: parisneo/lollms-webui
-CVE-2024-39331 [org-link-expand-abbrev: Do not evaluate arbitrary unsafe Elisp
code]
+CVE-2024-39331 (In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el
expands a % ...)
- emacs <unfixed> (bug #1074137)
- org-mode <unfixed> (bug #1074136)
[bookworm] - org-mode <ignored> (Produces only a dependency binary
package)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/98d6f9df74414a5a4f8790e47cf77ec5c2ad884f
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/98d6f9df74414a5a4f8790e47cf77ec5c2ad884f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
