[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Apr 4 09:12:14 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6223d6b4 by security tracker role at 2025-04-04T08:12:06+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,145 @@
+CVE-2025-3220 (A vulnerability was found in PHPGurukul e-Diary Management System 1.0. ...)
+ TODO: check
+CVE-2025-3219 (A vulnerability was found in CodeCanyon Perfex CRM 3.2.1. It has been ...)
+ TODO: check
+CVE-2025-3217 (A vulnerability was found in PHPGurukul e-Diary Management System 1.0. ...)
+ TODO: check
+CVE-2025-3216 (A vulnerability was found in PHPGurukul e-Diary Management System 1.0. ...)
+ TODO: check
+CVE-2025-3215 (A vulnerability was found in PHPGurukul Restaurant Table Booking Syste ...)
+ TODO: check
+CVE-2025-3214 (A vulnerability has been found in JFinal CMS up to 5.2.4 and classifie ...)
+ TODO: check
+CVE-2025-3213 (A vulnerability classified as critical was found in PHPGurukul e-Diary ...)
+ TODO: check
+CVE-2025-3211 (A vulnerability classified as critical has been found in code-projects ...)
+ TODO: check
+CVE-2025-3210 (A vulnerability was found in code-projects Patient Record Management S ...)
+ TODO: check
+CVE-2025-3209 (A vulnerability was found in code-projects Patient Record Management S ...)
+ TODO: check
+CVE-2025-3208 (A vulnerability was found in code-projects Patient Record Management S ...)
+ TODO: check
+CVE-2025-3207 (A vulnerability was found in code-projects Patient Record Management S ...)
+ TODO: check
+CVE-2025-3206 (A vulnerability has been found in code-projects Hospital Management Sy ...)
+ TODO: check
+CVE-2025-3205 (A vulnerability, which was classified as critical, was found in CodeAs ...)
+ TODO: check
+CVE-2025-3204 (A vulnerability, which was classified as critical, has been found in C ...)
+ TODO: check
+CVE-2025-3203 (A vulnerability classified as problematic was found in Tenda W18E 16.0 ...)
+ TODO: check
+CVE-2025-3202 (A vulnerability classified as critical has been found in ageerle ruoyi ...)
+ TODO: check
+CVE-2025-3199 (A vulnerability was found in ageerle ruoyi-ai up to 2.0.1 and classifi ...)
+ TODO: check
+CVE-2025-3198 (A vulnerability has been found in GNU Binutils 2.43/2.44 and classifie ...)
+ TODO: check
+CVE-2025-3197 (Versions of the package expand-object from 0.0.0 are vulnerable to Pro ...)
+ TODO: check
+CVE-2025-3196 (A vulnerability, which was classified as critical, was found in Open A ...)
+ TODO: check
+CVE-2025-3195 (A vulnerability, which was classified as critical, has been found in i ...)
+ TODO: check
+CVE-2025-3194 (Versions of the package bigint-buffer from 0.0.0 are vulnerable to Buf ...)
+ TODO: check
+CVE-2025-3192 (Versions of the package spatie/browsershot from 0.0.0 are vulnerable t ...)
+ TODO: check
+CVE-2025-3191 (All versions of the package react-draft-wysiwyg are vulnerable to Cros ...)
+ TODO: check
+CVE-2025-3188 (A vulnerability classified as critical has been found in PHPGurukul e- ...)
+ TODO: check
+CVE-2025-3187 (A vulnerability was found in PHPGurukul e-Diary Management System 1.0. ...)
+ TODO: check
+CVE-2025-3186 (A vulnerability was found in projectworlds Online Doctor Appointment B ...)
+ TODO: check
+CVE-2025-3185 (A vulnerability was found in projectworlds Online Doctor Appointment B ...)
+ TODO: check
+CVE-2025-3184 (A vulnerability was found in projectworlds Online Doctor Appointment B ...)
+ TODO: check
+CVE-2025-3183 (A vulnerability has been found in projectworlds Online Doctor Appointm ...)
+ TODO: check
+CVE-2025-3182 (A vulnerability, which was classified as critical, was found in projec ...)
+ TODO: check
+CVE-2025-3181 (A vulnerability, which was classified as critical, has been found in p ...)
+ TODO: check
+CVE-2025-3180 (A vulnerability classified as critical was found in projectworlds Onli ...)
+ TODO: check
+CVE-2025-3179 (A vulnerability classified as critical has been found in projectworlds ...)
+ TODO: check
+CVE-2025-3178 (A vulnerability was found in projectworlds Online Doctor Appointment B ...)
+ TODO: check
+CVE-2025-3105 (The Vehica Core plugin for WordPress, used by the Vehica - Car Dealer ...)
+ TODO: check
+CVE-2025-3087 (Stored XSS in M-Files Web versions from 25.1.14445.5 to 25.2.14524.4 a ...)
+ TODO: check
+CVE-2025-3086 (Improper isolation of users in M-Files Server version before 25.3.1454 ...)
+ TODO: check
+CVE-2025-32111 (The Docker image from acme.sh before 40b6db6 is based on a .github/wor ...)
+ TODO: check
+CVE-2025-30370 (jupyterlab-git is a JupyterLab extension for version control using Git ...)
+ TODO: check
+CVE-2025-2836 (The RegistrationMagic \u2013 Custom Registration Forms, User Registrat ...)
+ TODO: check
+CVE-2025-2797 (The Woffice Core plugin for WordPress is vulnerable to Cross-Site Requ ...)
+ TODO: check
+CVE-2025-2780 (The Woffice Core plugin for WordPress, used by the Woffice Theme, is v ...)
+ TODO: check
+CVE-2025-2317 (The Product Filter by WBW plugin for WordPress is vulnerable to time-b ...)
+ TODO: check
+CVE-2025-2279 (The Maps WordPress plugin through 1.0.6 does not validate and escape ...)
+ TODO: check
+CVE-2025-2270 (The Countdown, Coming Soon, Maintenance \u2013 Countdown & Clock plugi ...)
+ TODO: check
+CVE-2025-2159 (Stored XSS in Desktop UI in M-Files Server Admin tool before version 2 ...)
+ TODO: check
+CVE-2025-2075 (The Uncanny Automator \u2013 Easy Automation, Integration, Webhooks & ...)
+ TODO: check
+CVE-2025-29815 (Use after free in Microsoft Edge (Chromium-based) allows an authorized ...)
+ TODO: check
+CVE-2025-29796 (User interface (ui) misrepresentation of critical information in Micro ...)
+ TODO: check
+CVE-2025-26401 (Weak encoding for password vulnerability exists in HMI ViewJet C-more ...)
+ TODO: check
+CVE-2025-25061 (Unintended proxy or intermediary ('Confused Deputy') issue exists in H ...)
+ TODO: check
+CVE-2025-25001 (Improper neutralization of input during web page generation ('cross-si ...)
+ TODO: check
+CVE-2025-25000 (Access of resource using incompatible type ('type confusion') in Micro ...)
+ TODO: check
+CVE-2025-24317 (Allocation of resources without limits or throttling issue exists in H ...)
+ TODO: check
+CVE-2025-24310 (Improper restriction of rendered UI layers or frames issue exists in H ...)
+ TODO: check
+CVE-2025-0279 (HCL Traveler generates some error messages that provide detailed infor ...)
+ TODO: check
+CVE-2025-0278 (HCL Traveler is affected by an internal path disclosure in a Windows a ...)
+ TODO: check
+CVE-2024-56528 (This vulnerability affects Snowplow Collector 3.x before 3.3.0 (unless ...)
+ TODO: check
+CVE-2024-47217 (An issue was discovered in Iglu Server 0.13.0 and below. It is similar ...)
+ TODO: check
+CVE-2024-47215 (An issue was discovered in Snowbridge setups sending data to Google Ta ...)
+ TODO: check
+CVE-2024-47214 (An issue was discovered in Iglu Server 0.13.0 and below. It is similar ...)
+ TODO: check
+CVE-2024-47213 (An issue was discovered affecting Enrich 5.1.0 and below. It involves ...)
+ TODO: check
+CVE-2024-47212 (An issue was discovered in Iglu Server 0.13.0 and below. It involves s ...)
+ TODO: check
+CVE-2024-45199 (insightsoftware Hive JDBC through 2.6.13 has a remote code execution v ...)
+ TODO: check
+CVE-2024-42208 (HCL Connections is vulnerable to an information disclosure vulnerabili ...)
+ TODO: check
+CVE-2024-13898 (The Simple Banner \u2013 Easily add multiple Banners/Bars/Notification ...)
+ TODO: check
+CVE-2024-13744 (The Booster for WooCommerce plugin for WordPress is vulnerable to arbi ...)
+ TODO: check
+CVE-2024-13708 (The Booster for WooCommerce plugin for WordPress is vulnerable to Stor ...)
+ TODO: check
+CVE-2024-13645 (The tagDiv Composer plugin for WordPress is vulnerable to PHP Object I ...)
+ TODO: check
CVE-2025-3190
REJECTED
CVE-2025-3177 (A vulnerability was found in FastCMS 0.1.5. It has been declared as cr ...)
@@ -2504,25 +2646,34 @@ CVE-2025-2974 (A vulnerability has been found in CodeCanyon Perfex CRM up to 3.2
NOT-FOR-US: CodeCanyon Perfex CRM
CVE-2025-2973 (A vulnerability, which was classified as critical, was found in code-p ...)
NOT-FOR-US: code-projects
-CVE-2025-2972 (A vulnerability, which was classified as problematic, has been found i ...)
+CVE-2025-2972
+ REJECTED
NOT-FOR-US: ConcreteCMS
CVE-2025-2971 (A vulnerability classified as problematic was found in ConcreteCMS up ...)
NOT-FOR-US: ConcreteCMS
-CVE-2025-2970 (A vulnerability classified as problematic has been found in ConcreteCM ...)
+CVE-2025-2970
+ REJECTED
NOT-FOR-US: ConcreteCMS
-CVE-2025-2969 (A vulnerability was found in ConcreteCMS up to 9.3.9. It has been rate ...)
+CVE-2025-2969
+ REJECTED
NOT-FOR-US: ConcreteCMS
-CVE-2025-2968 (A vulnerability was found in ConcreteCMS up to 9.3.9. It has been decl ...)
+CVE-2025-2968
+ REJECTED
NOT-FOR-US: ConcreteCMS
-CVE-2025-2967 (A vulnerability was found in ConcreteCMS up to 9.3.9. It has been clas ...)
+CVE-2025-2967
+ REJECTED
NOT-FOR-US: ConcreteCMS
-CVE-2025-2966 (A vulnerability was found in ConcreteCMS up to 9.3.9 and classified as ...)
+CVE-2025-2966
+ REJECTED
NOT-FOR-US: ConcreteCMS
-CVE-2025-2965 (A vulnerability has been found in ConcreteCMS up to 9.3.9 and classifi ...)
+CVE-2025-2965
+ REJECTED
NOT-FOR-US: ConcreteCMS
-CVE-2025-2964 (A vulnerability, which was classified as problematic, was found in Con ...)
+CVE-2025-2964
+ REJECTED
NOT-FOR-US: ConcreteCMS
-CVE-2025-2963 (A vulnerability, which was classified as problematic, has been found i ...)
+CVE-2025-2963
+ REJECTED
NOT-FOR-US: ConcreteCMS
CVE-2025-2961 (A vulnerability classified as problematic was found in opensolon up to ...)
NOT-FOR-US: opensolon
@@ -4061,6 +4212,7 @@ CVE-2025-30355 (Synapse is an open source Matrix homeserver implementation. A ma
NOTE: https://github.com/element-hq/synapse/security/advisories/GHSA-v56r-hwv5-mxg6
NOTE: https://github.com/element-hq/synapse/commit/2277df2a1eb685f85040ef98fa21d41aa4cdd389 (v1.127.1)
CVE-2025-31160 (atop through 2.11.0 allows local users to cause a denial of service (e ...)
+ {DSA-5892-1}
- atop 2.11.1-1
NOTE: https://www.openwall.com/lists/oss-security/2025/03/26/2
NOTE: https://github.com/Atoptool/atop/issues/334
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6223d6b41db983a65bc1985489b39bf0174aa027
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6223d6b41db983a65bc1985489b39bf0174aa027
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250404/db51bccf/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list