Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f130da71 by security tracker role at 2024-10-26T20:12:18+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,29 @@
+CVE-2024-9967 (The WP show more plugin for WordPress is vulnerable to Stored
Cross-Si ...)
+ TODO: check
+CVE-2024-9853 (The ID-SK Toolkit plugin for WordPress is vulnerable to Stored
Cross-S ...)
+ TODO: check
+CVE-2024-9772 (The The Uix Shortcodes \u2013 Compatible with Gutenberg plugin
for Wor ...)
+ TODO: check
+CVE-2024-9642 (The Editor Custom Color Palette plugin for WordPress is
vulnerable to ...)
+ TODO: check
+CVE-2024-9637 (The School Management System \u2013 WPSchoolPress plugin for
WordPress ...)
+ TODO: check
+CVE-2024-9501 (The Wp Social Login and Register Social Counter plugin for
WordPress i ...)
+ TODO: check
+CVE-2024-9116 (The Monkee-Boy Essentials plugin for WordPress is vulnerable to
Stored ...)
+ TODO: check
+CVE-2024-8392 (The WordPress Post Grid Layouts with Pagination \u2013 Sogrid
plugin f ...)
+ TODO: check
+CVE-2024-10402 (The Forminator Forms \u2013 Contact Form, Payment Form &
Custom Form B ...)
+ TODO: check
+CVE-2024-10357 (The Clever Addons for Elementor plugin for WordPress is
vulnerable to ...)
+ TODO: check
+CVE-2024-10117 (The WP Crowdfunding plugin for WordPress is vulnerable to
Stored Cross ...)
+ TODO: check
+CVE-2024-0128 (NVIDIA vGPU software contains a vulnerability in the Virtual
GPU Manag ...)
+ TODO: check
+CVE-2024-0127 (NVIDIA vGPU software contains a vulnerability in the GPU kernel
driver ...)
+ TODO: check
CVE-2024-9933 (The WatchTowerHQ plugin for WordPress is vulnerable to
authentication ...)
NOT-FOR-US: WordPress plugin
CVE-2024-9932 (The Wux Blog Editor plugin for WordPress is vulnerable to
arbitrary fi ...)
@@ -92327,7 +92353,7 @@ CVE-2023-46852 (In Memcached before 1.6.22, a buffer
overflow exists when proces
[buster] - memcached <not-affected> (The vulnerable code was introduced
later)
NOTE:
https://github.com/memcached/memcached/commit/76a6c363c18cfe7b6a1524ae64202ac9db330767
(1.6.22)
CVE-2023-46604 (The Java OpenWire protocol marshaller is vulnerable to Remote
Code Ex ...)
- {DLA-3936-1 DLA-3657-1}
+ {DSA-5798-1 DLA-3936-1 DLA-3657-1}
- activemq 5.17.6+dfsg-1 (bug #1054909)
NOTE:
https://activemq.apache.org/security-advisories.data/CVE-2023-46604-announcement.txt
NOTE: http://www.openwall.com/lists/oss-security/2023/10/27/5
@@ -168031,7 +168057,7 @@ CVE-2022-41680 (Forma LMS on its 3.1.0 version and
earlier is vulnerable to a SQ
CVE-2022-41679 (Forma LMS version 3.1.0 and earlier are affected by an
Cross-Site scri ...)
NOT-FOR-US: Forma LMS
CVE-2022-41678 (Once an user is authenticated on Jolokia, he can potentially
trigger a ...)
- {DLA-3936-1}
+ {DSA-5798-1 DLA-3936-1}
- activemq 5.17.6+dfsg-1 (unimportant)
NOTE: https://lists.apache.org/thread/7g17kwbtjl011mm4tr8bn1vnoq9wh4sl
NOTE:
https://activemq.apache.org/security-advisories.data/CVE-2022-41678-announcement.txt
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f130da71e5fc5e3bd72d327f8c14cb0ebba95d34
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f130da71e5fc5e3bd72d327f8c14cb0ebba95d34
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
