Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
79cafbdf by security tracker role at 2024-04-06T08:11:48+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,63 @@
+CVE-2024-3362 (A vulnerability was found in SourceCodester Online Library
System 1.0 ...)
+ TODO: check
+CVE-2024-3361 (A vulnerability has been found in SourceCodester Online Library
System ...)
+ TODO: check
+CVE-2024-3360 (A vulnerability, which was classified as critical, was found in
Source ...)
+ TODO: check
+CVE-2024-3359 (A vulnerability, which was classified as critical, has been
found in S ...)
+ TODO: check
+CVE-2024-3358 (A vulnerability classified as problematic was found in
SourceCodester ...)
+ TODO: check
+CVE-2024-3357 (A vulnerability classified as problematic has been found in
SourceCode ...)
+ TODO: check
+CVE-2024-3356 (A vulnerability was found in SourceCodester Aplaya Beach Resort
Online ...)
+ TODO: check
+CVE-2024-3355 (A vulnerability was found in SourceCodester Aplaya Beach Resort
Online ...)
+ TODO: check
+CVE-2024-3245 (The EmbedPress \u2013 Embed PDF, Google Docs, Vimeo, Wistia,
Embed You ...)
+ TODO: check
+CVE-2024-3216 (The WooCommerce PDF Invoices, Packing Slips, Delivery Notes and
Shippi ...)
+ TODO: check
+CVE-2024-30977 (An issue in Secnet Security Network Intelligent AC Management
System v ...)
+ TODO: check
+CVE-2024-2950 (The BoldGrid Easy SEO \u2013 Simple and Effective SEO plugin
for WordP ...)
+ TODO: check
+CVE-2024-2949 (The Carousel, Slider, Gallery by WP Carousel \u2013 Image
Carousel & P ...)
+ TODO: check
+CVE-2024-2656 (The Email Subscribers by Icegram Express \u2013 Email
Marketing, Newsl ...)
+ TODO: check
+CVE-2024-2471 (The FooGallery plugin for WordPress is vulnerable to Stored
Cross-Site ...)
+ TODO: check
+CVE-2024-2458 (The Powerkit \u2013 Supercharge your WordPress Site plugin for
WordPre ...)
+ TODO: check
+CVE-2024-2444 (The Inline Related Posts WordPress plugin before 3.5.0 does not
saniti ...)
+ TODO: check
+CVE-2024-27912 (A denial of service vulnerability was reported in some Lenovo
Printers ...)
+ TODO: check
+CVE-2024-27911 (A vulnerability was reported in some Lenovo Printers that
could allow ...)
+ TODO: check
+CVE-2024-27910 (A vulnerability was reported in some Lenovo Printers that
could allow ...)
+ TODO: check
+CVE-2024-27909 (A denial of service vulnerability was reported in the HTTPS
service of ...)
+ TODO: check
+CVE-2024-27908 (A buffer overflow vulnerability was reported in the HTTPS
service of s ...)
+ TODO: check
+CVE-2024-23592 (An authentication bypass vulnerability was reported in Lenovo
devices ...)
+ TODO: check
+CVE-2024-21506 (Versions of the package pymongo before 4.6.3 are vulnerable to
Out-of- ...)
+ TODO: check
+CVE-2024-1994 (The Image Watermark plugin for WordPress is vulnerable to
unauthorized ...)
+ TODO: check
+CVE-2024-1428 (The Element Pack Elementor Addons (Header Footer, Free Template
Librar ...)
+ TODO: check
+CVE-2024-1385 (The WP-Stateless \u2013 Google Cloud Storage plugin for
WordPress is v ...)
+ TODO: check
+CVE-2024-0837 (The Element Pack Elementor Addons (Header Footer, Free Template
Librar ...)
+ TODO: check
+CVE-2023-5912 (A potential memory leakage vulnerability was reported in some
Lenovo N ...)
+ TODO: check
+CVE-2023-4605 (A valid authenticated Lenovo XClarity Administrator (LXCA) user
can po ...)
+ TODO: check
CVE-2024-3354 (A vulnerability was found in SourceCodester Aplaya Beach Resort
Online ...)
NOT-FOR-US: SourceCodester Aplaya Beach Resort Online Reservation System
CVE-2024-3353 (A vulnerability was found in SourceCodester Aplaya Beach Resort
Online ...)
@@ -6827,6 +6887,7 @@ CVE-2024-24693 (Improper access control in the installer
for Zoom Rooms Client f
CVE-2024-24692 (Race condition in the installer for Zoom Rooms Client for
Windows befo ...)
NOT-FOR-US: Zoom
CVE-2024-24549 (Denial of Service due to improper input validation
vulnerability for H ...)
+ {DLA-3779-1}
- tomcat10 <unfixed> (bug #1066878)
- tomcat9 9.0.70-2
NOTE: https://lists.apache.org/thread/4c50rmomhbbsdgfjsgwlb51xdwfjdcvg
@@ -6834,6 +6895,7 @@ CVE-2024-24549 (Denial of Service due to improper input
validation vulnerability
NOTE:
https://github.com/apache/tomcat/commit/8e03be9f2698f2da9027d40b9e9c0c9429b74dc0
(9.0.86)
NOTE: Starting with 9.0.70-2 Tomcat9 no longer ships the server stack,
using that as the fixed version
CVE-2024-23672 (Denial of Service via incomplete cleanup vulnerability in
Apache Tomca ...)
+ {DLA-3779-1}
- tomcat10 <unfixed> (bug #1066877)
- tomcat9 9.0.70-2
NOTE: https://lists.apache.org/thread/cmpswfx6tj4s7x0nxxosvfqs11lvdx2f
@@ -76526,10 +76588,10 @@ CVE-2023-25496 (A privilege escalation vulnerability
was reported in Lenovo Driv
NOT-FOR-US: Lenovo
CVE-2023-25495 (A valid, authenticated administrative user can query a web
interface A ...)
NOT-FOR-US: Lenovo
-CVE-2023-25494
- RESERVED
-CVE-2023-25493
- RESERVED
+CVE-2023-25494 (A potential vulnerability were reported in the BIOS of some
Desktop, S ...)
+ TODO: check
+CVE-2023-25493 (A potential vulnerability was reported in the BIOS update tool
driver ...)
+ TODO: check
CVE-2023-25492 (A valid, authenticated user may be able to trigger a denial of
service ...)
NOT-FOR-US: Lenovo
CVE-2023-25491 (Auth. (admin+) Stored Cross-Site Scripting (XSS)
vulnerabilityin Samue ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/79cafbdff9db78c0e7974e3c80325f06d663bca0
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/79cafbdff9db78c0e7974e3c80325f06d663bca0
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
