Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 2ca57aaa by security tracker role at 2024-07-26T08:11:42+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,45 @@ +CVE-2024-7120 (A vulnerability, which was classified as critical, was found in Raisec ...) + TODO: check +CVE-2024-7119 (A vulnerability, which was classified as critical, has been found in M ...) + TODO: check +CVE-2024-7118 (A vulnerability classified as critical was found in MD-MAFUJUL-HASAN O ...) + TODO: check +CVE-2024-7117 (A vulnerability classified as critical has been found in MD-MAFUJUL-HA ...) + TODO: check +CVE-2024-7116 (A vulnerability was found in MD-MAFUJUL-HASAN Online-Payroll-Managemen ...) + TODO: check +CVE-2024-7115 (A vulnerability was found in MD-MAFUJUL-HASAN Online-Payroll-Managemen ...) + TODO: check +CVE-2024-7114 (A vulnerability was found in Tianchoy Blog up to 1.8.8. It has been cl ...) + TODO: check +CVE-2024-7106 (A vulnerability classified as problematic was found in Spina CMS 2.18. ...) + TODO: check +CVE-2024-7105 (A vulnerability classified as critical has been found in ForIP Tecnolo ...) + TODO: check +CVE-2024-6490 (During testing of the Master Slider WordPress plugin through 3.9.10, ...) + TODO: check +CVE-2024-4447 (In the System \u2192 Maintenance tool, the Logged Users tab surfaces s ...) + TODO: check +CVE-2024-41809 (OpenObserve is an open-source observability platform. Starting in vers ...) + TODO: check +CVE-2024-41808 (The OpenObserve open-source observability platform provides the abilit ...) + TODO: check +CVE-2024-41473 (Tenda FH1201 v1.2.0.14 was discovered to contain a command injection v ...) + TODO: check +CVE-2024-41468 (Tenda FH1201 v1.2.0.14 was discovered to contain a command injection v ...) + TODO: check +CVE-2024-40897 (Stack-based buffer overflow vulnerability exists in orcparse.c of ORC ...) + TODO: check +CVE-2024-3938 (The "reset password" login page accepted an HTML injection via URL par ...) + TODO: check +CVE-2024-38103 (Microsoft Edge (Chromium-based) Information Disclosure Vulnerability) + TODO: check +CVE-2024-24623 (Softaculous Webuzo contains a command injection vulnerability in the F ...) + TODO: check +CVE-2024-24622 (Softaculous Webuzo contains a command injection in the password reset ...) + TODO: check +CVE-2024-24621 (Softaculous Webuzo contains an authentication bypass vulnerability thr ...) + TODO: check CVE-2024-35296 [Invalid Accept-Encoding can force forwarding requests] - trafficserver <unfixed> (bug #1077141) NOTE: https://www.openwall.com/lists/oss-security/2024/07/25/1 @@ -316,6 +358,7 @@ CVE-2024-4080 (A memory corruption issue due to an improper length check in LabV CVE-2024-4079 (An out of bounds read due to a missing bounds check in LabVIEW may dis ...) NOT-FOR-US: NI LabVIEW CVE-2024-4076 (Client queries that trigger serving stale data and that also require l ...) + {DSA-5734-1} - bind9 1:9.20.0-1 NOTE: https://kb.isc.org/docs/cve-2024-4076 CVE-2024-41839 (Adobe Experience Manager versions 6.5.20 and earlier are affected by a ...) @@ -347,9 +390,11 @@ CVE-2024-34128 (Adobe Experience Manager versions 6.5.20 and earlier are affecte CVE-2024-29070 (On versions before 2.1.4,session is not invalidated after logout. When ...) NOT-FOR-US: Apache StreamPark CVE-2024-1975 (If a server hosts a zone containing a "KEY" Resource Record, or a reso ...) + {DSA-5734-1} - bind9 1:9.20.0-1 NOTE: https://kb.isc.org/docs/cve-2024-1975 CVE-2024-1737 (Resolver caches and authoritative zone databases that hold significant ...) + {DSA-5734-1} - bind9 1:9.20.0-1 NOTE: https://kb.isc.org/docs/cve-2024-1737 NOTE: RRset limits in zones: https://kb.isc.org/docs/rrset-limits-in-zones @@ -3531,7 +3576,7 @@ CVE-2024-39071 (Fujian Kelixun <=7.6.6.4391 is vulnerable to SQL Injection in se NOT-FOR-US: Fujian Kelixun CVE-2024-39069 (An issue in ifood Order Manager v3.35.5 'Gestor de Peddios.exe' allows ...) NOT-FOR-US: ifood Order Manager -CVE-2024-39031 (In Silverpeas Core <= 6.3.5, inside of mes agendas a user can create a ...) +CVE-2024-39031 (In Silverpeas Core <= 6.3.5, in Mes Agendas, a user can create new eve ...) NOT-FOR-US: Silverpeas Core CVE-2024-38963 (Nopcommerce 4.70.1 is vulnerable to Cross Site Scripting (XSS) via the ...) NOT-FOR-US: Nopcommerce @@ -62077,7 +62122,7 @@ CVE-2023-6710 (A flaw was found in the mod_proxy_cluster in the Apache server. T CVE-2023-5379 (A flaw was found in Undertow. When an AJP request is sent that exceeds ...) - undertow <unfixed> (bug #1059055) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2242099 -CVE-2023-49921 +CVE-2023-49921 (An issue was discovered by Elastic whereby Watcher search input logged ...) - elasticsearch <removed> CVE-2023-6687 (An issue was discovered by Elastic whereby Elastic Agent would log a r ...) NOT-FOR-US: Elastic whereby Elastic Agent View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ca57aaa8a452947b8a51e2c762fdd3dbe8692b7 -- This project does not include diff previews in email notifications. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ca57aaa8a452947b8a51e2c762fdd3dbe8692b7 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits