Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c79539d9 by security tracker role at 2024-11-01T20:12:45+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,425 @@
+CVE-2024-7456 (A SQL injection vulnerability exists in the
`/api/v1/external-users` r ...)
+ TODO: check
+CVE-2024-51492 (Zusam is a free and open-source way to self-host private
forums. Prior ...)
+ TODO: check
+CVE-2024-51483 (changedetection.io is free, open source web page change
detection soft ...)
+ TODO: check
+CVE-2024-51432 (Cross Site Scripting vulnerability in FiberHome HG6544C RP2743
allows ...)
+ TODO: check
+CVE-2024-51431 (LB-LINK BL-WR 1300H v.1.0.4 contains hardcoded credentials
stored in / ...)
+ TODO: check
+CVE-2024-51407 (Floodlight SDN OpenFlow Controller v.1.2 has an issue that
allows loca ...)
+ TODO: check
+CVE-2024-51406 (Floodlight SDN Open Flow Controller v.1.2 has an issue that
allows loc ...)
+ TODO: check
+CVE-2024-51399 (Altai Technologies Ltd Altai IX500 Indoor 22 802.11ac Wave 2
AP After ...)
+ TODO: check
+CVE-2024-51398 (Altai Technologies Ltd Altai X500 Indoor 22 802.11ac Wave 2 AP
web Man ...)
+ TODO: check
+CVE-2024-51377 (An issue in Ladybird Web Solution Faveo Helpdesk & Servicedesk
(On-Pre ...)
+ TODO: check
+CVE-2024-51252 (In Draytek Vigor3900 1.5.1.3, attackers can inject malicious
commands ...)
+ TODO: check
+CVE-2024-51248 (In Draytek Vigor3900 1.5.1.3, attackers can inject malicious
commands ...)
+ TODO: check
+CVE-2024-51247 (In Draytek Vigor3900 1.5.1.3, attackers can inject malicious
commands ...)
+ TODO: check
+CVE-2024-51245 (In DrayTek Vigor3900 1.5.1.3, attackers can inject malicious
commands ...)
+ TODO: check
+CVE-2024-51244 (In Draytek Vigor3900 1.5.1.3, attackers can inject malicious
commands ...)
+ TODO: check
+CVE-2024-49770 (`oak` is a middleware framework for Deno's native HTTP server,
Deno De ...)
+ TODO: check
+CVE-2024-49256 (Incorrect Authorization vulnerability in WPChill Htaccess File
Editor ...)
+ TODO: check
+CVE-2024-48410 (Cross Site Scripting vulnerability in Camtrace v.9.16.2.1
allows a rem ...)
+ TODO: check
+CVE-2024-48353 (Yealink Meeting Server before V26.0.0.67 allows attackers to
obtain st ...)
+ TODO: check
+CVE-2024-48352 (Yealink Meeting Server before V26.0.0.67 is vulnerable to
sensitive da ...)
+ TODO: check
+CVE-2024-48289 (An issue in the Bluetooth Low Energy implementation of Cypress
Bluetoo ...)
+ TODO: check
+CVE-2024-48270 (An issue in the component /logins of oasys v1.1 allows
attackers to ac ...)
+ TODO: check
+CVE-2024-48217 (An Insecure Direct Object Reference (IDOR) in the dashboard of
SiSMART ...)
+ TODO: check
+CVE-2024-48045 (Missing Authorization vulnerability in Leevio Happy Addons for
Element ...)
+ TODO: check
+CVE-2024-48044 (Missing Authorization vulnerability in ShortPixel \u2013
Convert WebP/ ...)
+ TODO: check
+CVE-2024-48039 (Missing Authorization vulnerability in CubeWP CubeWP \u2013
All-in-One ...)
+ TODO: check
+CVE-2024-47362 (Missing Authorization vulnerability in WPChill Strong
Testimonials all ...)
+ TODO: check
+CVE-2024-47361 (Missing Authorization vulnerability in WPVibes Elementor Addon
Element ...)
+ TODO: check
+CVE-2024-47359 (Missing Authorization vulnerability in Depicter Slider and
Popup by Av ...)
+ TODO: check
+CVE-2024-47358 (Missing Authorization vulnerability in Popup Maker allows
Accessing Fu ...)
+ TODO: check
+CVE-2024-47321 (Missing Authorization vulnerability in Fahad Mahmood WP
Datepicker all ...)
+ TODO: check
+CVE-2024-47318 (Missing Authorization vulnerability in Magazine3 PWA for WP &
AMP allo ...)
+ TODO: check
+CVE-2024-47317 (Missing Authorization vulnerability in WP Quads Ads by WPQuads
\u2013 ...)
+ TODO: check
+CVE-2024-47314 (Missing Authorization vulnerability in WP Sunshine Sunshine
Photo Cart ...)
+ TODO: check
+CVE-2024-47311 (Missing Authorization vulnerability in Kraft Plugins Wheel of
Life all ...)
+ TODO: check
+CVE-2024-47308 (Missing Authorization vulnerability in Templately allows
Accessing Fun ...)
+ TODO: check
+CVE-2024-47302 (Missing Authorization vulnerability in WPManageNinja LLC
Fluent Suppor ...)
+ TODO: check
+CVE-2024-44052 (Missing Authorization vulnerability in HelloAsso allows
Exploiting Inc ...)
+ TODO: check
+CVE-2024-44038 (Missing Authorization vulnerability in WP Sunshine Sunshine
Photo Cart ...)
+ TODO: check
+CVE-2024-44031 (Missing Authorization vulnerability in BearDev JoomSport
allows Exploi ...)
+ TODO: check
+CVE-2024-44021 (Missing Authorization vulnerability in Truepush allows
Exploiting Inco ...)
+ TODO: check
+CVE-2024-44020 (Missing Authorization vulnerability in Prasad Kirpekar WP Free
SSL \u2 ...)
+ TODO: check
+CVE-2024-44019 (Missing Authorization vulnerability in Renzo Johnson Contact
Form 7 Ca ...)
+ TODO: check
+CVE-2024-44006 (Missing Authorization vulnerability in OnTheGoSystems
WooCommerce Mult ...)
+ TODO: check
+CVE-2024-43998 (Missing Authorization vulnerability in WebsiteinWP Blogpoet
allows Acc ...)
+ TODO: check
+CVE-2024-43982 (Missing Authorization vulnerability in Geek Code Lab Login As
Users al ...)
+ TODO: check
+CVE-2024-43981 (Missing Authorization vulnerability in AyeCode \u2013 WP
Business Dire ...)
+ TODO: check
+CVE-2024-43980 (Missing Authorization vulnerability in CozyThemes Fota WP
allows Explo ...)
+ TODO: check
+CVE-2024-43979 (Missing Authorization vulnerability in CozyThemes Blockbooster
allows ...)
+ TODO: check
+CVE-2024-43974 (Missing Authorization vulnerability in CozyThemes ReviveNews
allows Ac ...)
+ TODO: check
+CVE-2024-43973 (Missing Authorization vulnerability in AyeCode Ltd GetPaid
allows Expl ...)
+ TODO: check
+CVE-2024-43968 (Broken Access Control vulnerability in Automattic Newspack
allows Expl ...)
+ TODO: check
+CVE-2024-43962 (Missing Authorization vulnerability in LWS LWS Affiliation
allows Expl ...)
+ TODO: check
+CVE-2024-43956 (Missing Authorization vulnerability in Caseproof, LLC
Memberpress allo ...)
+ TODO: check
+CVE-2024-43937 (Missing Authorization vulnerability in Themeum WP Crowdfunding
allows ...)
+ TODO: check
+CVE-2024-43932 (Missing Authorization vulnerability in POSIMYTH The Plus
Addons for El ...)
+ TODO: check
+CVE-2024-43929 (Missing Authorization vulnerability in eyecix JobSearch allows
Accessi ...)
+ TODO: check
+CVE-2024-43928 (Missing Authorization vulnerability in eyecix JobSearch allows
Exploit ...)
+ TODO: check
+CVE-2024-43925 (Missing Authorization vulnerability in Envira Gallery Team
Envira Phot ...)
+ TODO: check
+CVE-2024-43923 (Missing Authorization vulnerability in Arraytics Timetics
allows Acces ...)
+ TODO: check
+CVE-2024-43919 (Access Control vulnerability in YARPP YARPP allows . This
issue affec ...)
+ TODO: check
+CVE-2024-43355 (Missing Authorization vulnerability in BearDev JoomSport
allows Exploi ...)
+ TODO: check
+CVE-2024-43343 (Missing Authorization vulnerability in Etoile Web Design Order
Trackin ...)
+ TODO: check
+CVE-2024-43341 (Missing Authorization vulnerability in CozyThemes Hello Agency
allows ...)
+ TODO: check
+CVE-2024-43332 (Missing Authorization vulnerability in Jordy Meow Photo Engine
allows ...)
+ TODO: check
+CVE-2024-43323 (Missing Authorization vulnerability in ReviewX allows
Accessing Functi ...)
+ TODO: check
+CVE-2024-43314 (Missing Authorization vulnerability in Gabe Livan Asset
CleanUp: Page ...)
+ TODO: check
+CVE-2024-43312 (Missing Authorization vulnerability in WPClever WPC Frequently
Bought ...)
+ TODO: check
+CVE-2024-43310 (Missing Authorization vulnerability in UkrSolution Print
Barcode Label ...)
+ TODO: check
+CVE-2024-43302 (Missing Authorization vulnerability in Fonts Plugin Fonts
allows Explo ...)
+ TODO: check
+CVE-2024-43298 (Missing Authorization vulnerability in Migrate Clone allows
Exploiting ...)
+ TODO: check
+CVE-2024-43297 (Missing Authorization vulnerability in Migrate Clone allows
Exploiting ...)
+ TODO: check
+CVE-2024-43296 (Missing Authorization vulnerability in bPlugins LLC Flash &
HTML5 Vide ...)
+ TODO: check
+CVE-2024-43293 (Missing Authorization vulnerability in WPZOOM Recipe Card
Blocks for G ...)
+ TODO: check
+CVE-2024-43290 (Missing Authorization vulnerability in Atarim allows Accessing
Functio ...)
+ TODO: check
+CVE-2024-43285 (Missing Authorization vulnerability in Presto Made, Inc Presto
Player ...)
+ TODO: check
+CVE-2024-43277 (Missing Authorization vulnerability in AyeCode Ltd UsersWP
allows Expl ...)
+ TODO: check
+CVE-2024-43274 (Missing Authorization vulnerability in JS Help Desk JS Help
Desk \u201 ...)
+ TODO: check
+CVE-2024-43273 (Missing Authorization vulnerability in icegram Icegram Collect
plugin ...)
+ TODO: check
+CVE-2024-43270 (Missing Authorization vulnerability in WPBackItUp Backup and
Restore W ...)
+ TODO: check
+CVE-2024-43268 (Access Control vulnerability in WPBackItUp Backup and Restore
WordPres ...)
+ TODO: check
+CVE-2024-43260 (Missing Authorization vulnerability in Creative Motion Clearfy
Cache a ...)
+ TODO: check
+CVE-2024-43254 (Missing Authorization vulnerability in Zaytech Smart Online
Order for ...)
+ TODO: check
+CVE-2024-43253 (Missing Authorization vulnerability in Zaytech Smart Online
Order for ...)
+ TODO: check
+CVE-2024-43235 (Missing Authorization vulnerability in MetaBox.Io Meta Box
\u2013 Word ...)
+ TODO: check
+CVE-2024-43229 (Missing Authorization vulnerability in Cornel Raiu WP Search
Analytics ...)
+ TODO: check
+CVE-2024-43223 (Missing Authorization vulnerability in EventPrime Events
EventPrime al ...)
+ TODO: check
+CVE-2024-43219 (Missing Authorization vulnerability in
\u0648\u0648\u06a9\u0627\u0645\ ...)
+ TODO: check
+CVE-2024-43215 (Missing Authorization vulnerability in creativemotion Social
Slider Fe ...)
+ TODO: check
+CVE-2024-43212 (Missing Authorization vulnerability in MagePeople Team
WpTravelly allo ...)
+ TODO: check
+CVE-2024-43211 (Cross Site Scripting (XSS) vulnerability in PluginOps
MailChimp Subscr ...)
+ TODO: check
+CVE-2024-43209 (Missing Authorization vulnerability in Bitly allows Accessing
Function ...)
+ TODO: check
+CVE-2024-43208 (Missing Authorization vulnerability in Miller Media ( Matt
Miller ) Se ...)
+ TODO: check
+CVE-2024-43162 (Missing Authorization vulnerability in Easy Digital Downloads
allows E ...)
+ TODO: check
+CVE-2024-43159 (Missing Authorization vulnerability in Masteriyo Masteriyo -
LMS allow ...)
+ TODO: check
+CVE-2024-43158 (Missing Authorization vulnerability in Masteriyo Masteriyo -
LMS allow ...)
+ TODO: check
+CVE-2024-43157 (Missing Authorization vulnerability in nCrafts FormCraft
allows Exploi ...)
+ TODO: check
+CVE-2024-43154 (Missing Authorization vulnerability in BracketSpace Advanced
Cron Mana ...)
+ TODO: check
+CVE-2024-43146 (Missing Authorization vulnerability in Ahmed Kaludi, Mohammed
Kaludi A ...)
+ TODO: check
+CVE-2024-43143 (Missing Authorization vulnerability in Roundup WP
Registrations for th ...)
+ TODO: check
+CVE-2024-43142 (Missing Authorization vulnerability in Themeum Tutor LMS
allows Exploi ...)
+ TODO: check
+CVE-2024-43136 (Missing Authorization vulnerability in WP Sunshine Sunshine
Photo Cart ...)
+ TODO: check
+CVE-2024-43134 (Missing Authorization vulnerability in xootix Waitlist
Woocommerce ( B ...)
+ TODO: check
+CVE-2024-43122 (Missing Authorization vulnerability in Creative Motion Robin
image opt ...)
+ TODO: check
+CVE-2024-43120 (Missing Authorization vulnerability in XSERVER Inc. TypeSquare
Webfont ...)
+ TODO: check
+CVE-2024-43119 (Missing Authorization vulnerability in Aruba.It Aruba HiSpeed
Cache al ...)
+ TODO: check
+CVE-2024-43118 (Missing Authorization vulnerability in WPMU DEV Hummingbird
allows Exp ...)
+ TODO: check
+CVE-2024-41745 (IBM CICS TX Standard is vulnerable to cross-site scripting.
This vulne ...)
+ TODO: check
+CVE-2024-41744 (IBM CICS TX Standard 11.1 is vulnerable to cross-site request
forgery ...)
+ TODO: check
+CVE-2024-41741 (IBM TXSeries for Multiplatforms 10.1 could allow an attacker
to determ ...)
+ TODO: check
+CVE-2024-41738 (IBM TXSeries for Multiplatforms 10.1 could allow an attacker
to obtain ...)
+ TODO: check
+CVE-2024-40490 (An issue in Sourcebans++ before v.1.8.0 allows a remote
attacker to ob ...)
+ TODO: check
+CVE-2024-39664 (Missing Authorization vulnerability in YMC Filter & Grids
allows Acces ...)
+ TODO: check
+CVE-2024-39654 (Missing Authorization vulnerability in Fetch Designs Sign-up
Sheets al ...)
+ TODO: check
+CVE-2024-39650 (Missing Authorization vulnerability in WPWeb Elite WooCommerce
PDF Vou ...)
+ TODO: check
+CVE-2024-39640 (Missing Authorization vulnerability in QuadLayers WP Social
Feed Galle ...)
+ TODO: check
+CVE-2024-39639 (Broken Access Control vulnerability in Nickolas Bossinas
WordPress Fil ...)
+ TODO: check
+CVE-2024-39635 (Missing Authorization vulnerability in KaineLabs Youzify
allows Exploi ...)
+ TODO: check
+CVE-2024-39625 (Missing Authorization vulnerability in icegram Icegram allows
Accessin ...)
+ TODO: check
+CVE-2024-38794 (Missing Authorization vulnerability in MediaRon LLC Custom
Query Block ...)
+ TODO: check
+CVE-2024-38792 (Missing Authorization vulnerability in ConveyThis Translate
Team Langu ...)
+ TODO: check
+CVE-2024-38783 (Missing Authorization vulnerability in Tyche Softwares Arconix
FAQ all ...)
+ TODO: check
+CVE-2024-38777 (Missing Authorization vulnerability in CreativeMotion Titan
Anti-spam ...)
+ TODO: check
+CVE-2024-38774 (Missing Authorization vulnerability in SiteGround SiteGround
Security ...)
+ TODO: check
+CVE-2024-38771 (Missing Authorization vulnerability in Atarim allows Accessing
Functio ...)
+ TODO: check
+CVE-2024-38769 (Missing Authorization vulnerability in Tyche Softwares Arconix
Shortco ...)
+ TODO: check
+CVE-2024-38748 (Access Control vulnerability in TheInnovs EleForms allows .
This issu ...)
+ TODO: check
+CVE-2024-38745 (Missing Authorization vulnerability in Rymera Web Co Wholesale
Suite a ...)
+ TODO: check
+CVE-2024-38744 (Missing Authorization vulnerability in Upqode Plum: Spin Wheel
& Email ...)
+ TODO: check
+CVE-2024-38743 (Access Control vulnerability in Upqode Plum: Spin Wheel &
Email Pop-up ...)
+ TODO: check
+CVE-2024-38740 (Missing Authorization vulnerability in Packlink Shipping S.L.
Packlink ...)
+ TODO: check
+CVE-2024-38737 (Missing Authorization vulnerability in Reservation Diary ReDi
Restaura ...)
+ TODO: check
+CVE-2024-38733 (Missing Authorization vulnerability in Meks Meks Video
Importer allows ...)
+ TODO: check
+CVE-2024-38727 (Missing Authorization vulnerability in Seraphinite Solutions
Seraphini ...)
+ TODO: check
+CVE-2024-38726 (Missing Authorization vulnerability in PickPlugins Product
Designer al ...)
+ TODO: check
+CVE-2024-38721 (Missing Authorization vulnerability in spider-themes EazyDocs
allows E ...)
+ TODO: check
+CVE-2024-38719 (Missing Authorization vulnerability in Creative Motion Auto
Featured I ...)
+ TODO: check
+CVE-2024-38714 (Missing Authorization vulnerability in Epsiloncool WP Fast
Total Searc ...)
+ TODO: check
+CVE-2024-38707 (Missing Authorization vulnerability in WPDeveloper EmbedPress
allows E ...)
+ TODO: check
+CVE-2024-38702 (Missing Authorization vulnerability in Tyche Softwares Product
Deliver ...)
+ TODO: check
+CVE-2024-38695 (Missing Authorization vulnerability in Martin Gibson WP
GoToWebinar al ...)
+ TODO: check
+CVE-2024-38690 (Missing Authorization vulnerability in Avirtum iPanorama 360
WordPress ...)
+ TODO: check
+CVE-2024-37929 (Missing Authorization vulnerability in solwin User Activity
Log Pro al ...)
+ TODO: check
+CVE-2024-37926 (Missing Authorization vulnerability in Alex Volkov WP
Accessibility He ...)
+ TODO: check
+CVE-2024-37921 (Missing Authorization vulnerability in Kiboko Labs Chained
Quiz allows ...)
+ TODO: check
+CVE-2024-37517 (Missing Authorization vulnerability in Brainstorm Force
Spectra allows ...)
+ TODO: check
+CVE-2024-37516 (Missing Authorization vulnerability in fifu.App Featured Image
from UR ...)
+ TODO: check
+CVE-2024-37510 (Missing Authorization vulnerability in Charitable Donations &
Fundrais ...)
+ TODO: check
+CVE-2024-37506 (Missing Authorization vulnerability in Charitable Donations &
Fundrais ...)
+ TODO: check
+CVE-2024-37505 (Missing Authorization vulnerability in Rara Themes Business
One Page a ...)
+ TODO: check
+CVE-2024-37483 (Missing Authorization vulnerability in Post Grid Team by
RadiusTheme T ...)
+ TODO: check
+CVE-2024-37482 (Missing Authorization vulnerability in Post Grid Team by
RadiusTheme T ...)
+ TODO: check
+CVE-2024-37481 (Missing Authorization vulnerability in Post Grid Team by
RadiusTheme T ...)
+ TODO: check
+CVE-2024-37477 (Missing Authorization vulnerability in Automattic Newspack
Content Con ...)
+ TODO: check
+CVE-2024-37475 (Missing Authorization vulnerability in Automattic Newspack
Newsletters ...)
+ TODO: check
+CVE-2024-37470 (Missing Authorization vulnerability in WofficeIO Woffice Core
allows A ...)
+ TODO: check
+CVE-2024-37468 (Missing Authorization vulnerability in blazethemes Newsmatic
allows Ex ...)
+ TODO: check
+CVE-2024-37463 (Missing Authorization vulnerability in CRM Perks CRM Perks
Forms allow ...)
+ TODO: check
+CVE-2024-37456 (Missing Authorization vulnerability in Noptin Newsletter
Noptin allows ...)
+ TODO: check
+CVE-2024-37453 (Missing Authorization vulnerability in ProfileGrid User
Profiles Profi ...)
+ TODO: check
+CVE-2024-37444 (Missing Authorization vulnerability in WPMU DEV Defender
Security allo ...)
+ TODO: check
+CVE-2024-37443 (Missing Authorization vulnerability in Automattic WP Job
Manager - Res ...)
+ TODO: check
+CVE-2024-37440 (Missing Authorization vulnerability in Andy Moyle Church Admin
allows ...)
+ TODO: check
+CVE-2024-37439 (Missing Authorization vulnerability in Uncanny Owl Uncanny
Toolkit Pro ...)
+ TODO: check
+CVE-2024-37427 (Missing Authorization vulnerability in Arraytics Timetics
allows Explo ...)
+ TODO: check
+CVE-2024-37425 (Missing Authorization vulnerability in Automattic Newspack
Blocks news ...)
+ TODO: check
+CVE-2024-37423 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
+ TODO: check
+CVE-2024-37415 (Missing Authorization vulnerability in E2Pdf.Com allows
Exploiting Inc ...)
+ TODO: check
+CVE-2024-37411 (Missing Authorization vulnerability in Team Emilia Projects
Progress P ...)
+ TODO: check
+CVE-2024-37277 (Authorization Bypass Through User-Controlled Key vulnerability
in Paid ...)
+ TODO: check
+CVE-2024-37276 (Missing Authorization vulnerability in fifu.App Featured Image
from UR ...)
+ TODO: check
+CVE-2024-37269 (Missing Authorization vulnerability in StylemixThemes
Masterstudy Elem ...)
+ TODO: check
+CVE-2024-37255 (Missing Authorization vulnerability in Wpmet Elements kit
Elementor ad ...)
+ TODO: check
+CVE-2024-37254 (Missing Authorization vulnerability in mndpsingh287 File
Manager allow ...)
+ TODO: check
+CVE-2024-37250 (Missing Authorization vulnerability in WPEngine Inc. Advanced
Custom F ...)
+ TODO: check
+CVE-2024-37249 (Missing Authorization vulnerability in WPEngine Inc. Advanced
Custom F ...)
+ TODO: check
+CVE-2024-37232 (Missing Authorization vulnerability in Hercules Design
Hercules Core a ...)
+ TODO: check
+CVE-2024-37226 (Missing Authorization vulnerability in Kanban for WordPress
Kanban Boa ...)
+ TODO: check
+CVE-2024-37220 (Missing Authorization vulnerability in OptinlyHQ Optinly
allows Exploi ...)
+ TODO: check
+CVE-2024-37218 (Missing Authorization vulnerability in WordPress Page Builder
Sandwich ...)
+ TODO: check
+CVE-2024-37214 (Missing Authorization vulnerability in Dropshipping Guru
Ali2Woo Lite ...)
+ TODO: check
+CVE-2024-37209 (Access Control vulnerability in Prism IT Systems User Rights
Access Ma ...)
+ TODO: check
+CVE-2024-37207 (Missing Authorization vulnerability in Theme4Press Demo
Awesome allows ...)
+ TODO: check
+CVE-2024-37204 (Missing Authorization vulnerability in PropertyHive allows
Exploiting ...)
+ TODO: check
+CVE-2024-37203 (Missing Authorization vulnerability in Laybuy Laybuy Payment
Extension ...)
+ TODO: check
+CVE-2024-37201 (Missing Authorization vulnerability in javmah Woocommerce
Customers Or ...)
+ TODO: check
+CVE-2024-37123 (Missing Authorization vulnerability in VowelWeb Ibtana allows
Exploiti ...)
+ TODO: check
+CVE-2024-37119 (Missing Authorization vulnerability in Uncanny Owl Uncanny
Automator P ...)
+ TODO: check
+CVE-2024-37108 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
+ TODO: check
+CVE-2024-37106 (Missing Authorization vulnerability in WishList Products
WishList Memb ...)
+ TODO: check
+CVE-2024-37096 (Missing Authorization vulnerability in Popup Box Team Popup
allows Exp ...)
+ TODO: check
+CVE-2024-37095 (Missing Authorization vulnerability in Envira Gallery Team
Envira Phot ...)
+ TODO: check
+CVE-2024-37094 (Access Control vulnerability in StylemixThemes MasterStudy LMS
allows ...)
+ TODO: check
+CVE-2024-28265 (IBOS v4.5.5 has an arbitrary file deletion vulnerability via
\system\m ...)
+ TODO: check
+CVE-2024-27525 (Cross Site Scripting vulnerability in Chamilo LMS v.1.11.26
allows a r ...)
+ TODO: check
+CVE-2024-27524 (Cross Site Scripting vulnerability in Chamilo LMS v.1.11.26
allows a r ...)
+ TODO: check
+CVE-2024-22733 (TP Link MR200 V4 Firmware version 210201 was discovered to
contain a n ...)
+ TODO: check
+CVE-2024-10662 (A vulnerability was found in Tenda AC15 15.03.05.19 and
classified as ...)
+ TODO: check
+CVE-2024-10661 (A vulnerability has been found in Tenda AC15 15.03.05.19 and
classifie ...)
+ TODO: check
+CVE-2024-10660 (A vulnerability, which was classified as critical, was found
in ESAFEN ...)
+ TODO: check
+CVE-2024-10659 (A vulnerability, which was classified as critical, has been
found in E ...)
+ TODO: check
+CVE-2024-10658 (A vulnerability classified as critical was found in Tongda OA
up to 11 ...)
+ TODO: check
+CVE-2024-10657 (A vulnerability classified as critical has been found in
Tongda OA up ...)
+ TODO: check
+CVE-2024-10656 (A vulnerability was found in Tongda OA 2017 up to 11.9. It has
been ra ...)
+ TODO: check
+CVE-2024-10655 (A vulnerability was found in Tongda OA 2017 up to 11.9. It has
been de ...)
+ TODO: check
+CVE-2024-10654 (A vulnerability has been found in TOTOLINK LR350 up to
9.3.5u.6369 and ...)
+ TODO: check
+CVE-2024-10653 (IDExpert from CHANGING Information Technology does not
properly valida ...)
+ TODO: check
+CVE-2024-10652 (IDExpert from CHANGING Information Technology does not
properly valida ...)
+ TODO: check
+CVE-2024-10651 (IDExpert from CHANGING Information Technology does not
properly valida ...)
+ TODO: check
+CVE-2024-10367 (The Otter Blocks \u2013 Gutenberg Blocks, Page Builder for
Gutenberg E ...)
+ TODO: check
+CVE-2024-10232 (The Group Chat & Video Chat by AtomChat plugin for WordPress
is vulner ...)
+ TODO: check
CVE-2024-9655 (The Gutenberg Blocks with AI by Kadence WP \u2013 Page Builder
Feature ...)
NOT-FOR-US: WordPress plugin
CVE-2024-7424 (The Multiple Page Generator Plugin \u2013 MPG plugin for
WordPress is ...)
@@ -191,7 +613,7 @@ CVE-2024-48807 (Cross Site Scripting vulnerability in
PHPGurukul Doctor Appointm
NOT-FOR-US: PHPGurukul Doctor Appointment Management System
CVE-2024-48735 (Directory Traversal in
/SASStudio/sasexec/sessions/{sessionID}/workspa ...)
NOT-FOR-US: SAS Studio
-CVE-2024-48734 (*Unrestricted file upload in
/SASStudio/SASStudio/sasexec/{sessionID}/ ...)
+CVE-2024-48734 (Unrestricted file upload in
/SASStudio/SASStudio/sasexec/{sessionID}/{ ...)
NOT-FOR-US: SAS Studio
CVE-2024-48733 (SQL injection vulnerability in
/SASStudio/sasexec/sessions/{sessionID} ...)
NOT-FOR-US: SAS Studio
@@ -451,7 +873,7 @@ CVE-2024-48206 (A Deserialization of Untrusted Data
vulnerability in chainer v7.
NOT-FOR-US: chainer
CVE-2024-48138 (A remote code execution (RCE) vulnerability in the component
/PluXml/c ...)
- pluxml <removed>
-CVE-2024-48063 (In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE.)
+CVE-2024-48063 (In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE.
NOTE: th ...)
- pytorch <unfixed> (unimportant)
NOTE:
https://rumbling-slice-eb0.notion.site/Distributed-RPC-Framework-RemoteModule-has-Deserialization-RCE-in-pytorch-pytorch-111e3cda9e8c8021a7d3cbc61ee1a20c
NOTE: Non issue as only documented to be used for internal
communication:
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c79539d94d48c79136e81028f8843484d93ccb68
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c79539d94d48c79136e81028f8843484d93ccb68
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
