[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Feb 14 08:12:01 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e404454b by security tracker role at 2025-02-14T08:11:54+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,107 @@
+CVE-2025-26789 (An issue was discovered in Logpoint AgentX before 1.5.0. A vulnerabili ...)
+ TODO: check
+CVE-2025-26788 (StrongKey FIDO Server before 4.15.1 treats a non-discoverable (namedcr ...)
+ TODO: check
+CVE-2025-26519 (musl libc 0.9.13 through 1.2.5 before 1.2.6 has an out-of-bounds write ...)
+ TODO: check
+CVE-2025-26473 (The Mojave Inverter uses the GET method for sensitive information.)
+ TODO: check
+CVE-2025-25281 (An attacker may modify the URL to discover sensitive information about ...)
+ TODO: check
+CVE-2025-25195 (Zulip is an open source team chat application. A weekly cron job (adde ...)
+ TODO: check
+CVE-2025-25067 (mySCADA myPRO Manager is vulnerable to an OS command injection which ...)
+ TODO: check
+CVE-2025-24865 (The administrative web interface of mySCADA myPRO Manager can be acc ...)
+ TODO: check
+CVE-2025-24861 (An attacker may inject commands via specially-crafted post requests.)
+ TODO: check
+CVE-2025-24836 (With a specially crafted Python script, an attacker could send contin ...)
+ TODO: check
+CVE-2025-23421 (An attacker could obtain firmware files and reverse engineer their in ...)
+ TODO: check
+CVE-2025-23411 (mySCADA myPRO Manager is vulnerable to cross-site request forgery (CS ...)
+ TODO: check
+CVE-2025-23406 (Out-of-bounds read vulnerability caused by improper checking of TCP MS ...)
+ TODO: check
+CVE-2025-22962 (A critical remote code execution (RCE) vulnerability exists in the web ...)
+ TODO: check
+CVE-2025-22961 (A critical information disclosure vulnerability exists in the web-base ...)
+ TODO: check
+CVE-2025-22960 (A session hijacking vulnerability exists in the web-based management i ...)
+ TODO: check
+CVE-2025-22896 (mySCADA myPRO Manager stores credentials in cleartext, which could a ...)
+ TODO: check
+CVE-2025-22630 (Improper Neutralization of Special Elements used in a Command ('Comman ...)
+ TODO: check
+CVE-2025-20615 (The Qardio Arm iOS application exposes sensitive data such as username ...)
+ TODO: check
+CVE-2025-1298 (Logic vulnerability in the mobile application (com.transsion.carlcare) ...)
+ TODO: check
+CVE-2025-1283 (The Dingtian DT-R0 Series is vulnerable to an exploit that allows att ...)
+ TODO: check
+CVE-2025-1053 (Under certain error conditions at time of SANnav installation or upgra ...)
+ TODO: check
+CVE-2024-9601 (The Qubely \u2013 Advanced Gutenberg Blocks plugin for WordPress is vu ...)
+ TODO: check
+CVE-2024-7052 (The Forminator Forms WordPress plugin before 1.38.3 does not sanitise ...)
+ TODO: check
+CVE-2024-57969 (app/Model/Attribute.php in MISP before 2.4.198 ignores an ACL during a ...)
+ TODO: check
+CVE-2024-57782 (An issue in Docker-proxy v18.09.0 allows attackers to cause a denial o ...)
+ TODO: check
+CVE-2024-57378 (Wazuh SIEM version 4.8.2 is affected by a broken access control vulner ...)
+ TODO: check
+CVE-2024-56908 (In Perfex Crm < 3.2.1, an authenticated attacker can send a crafted HT ...)
+ TODO: check
+CVE-2024-55904 (IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 / IBM Urban ...)
+ TODO: check
+CVE-2024-54951 (Monica 4.1.2 is vulnerable to Cross Site Scripting (XSS). A malicious ...)
+ TODO: check
+CVE-2024-53311 (A Stack buffer overflow in the arguments parameter in Immunity Inc. Im ...)
+ TODO: check
+CVE-2024-53310 (A Structured Exception Handler based buffer overflow vulnerability exi ...)
+ TODO: check
+CVE-2024-53309 (A stack-based buffer overflow vulnerability exists in Effectmatrix Tot ...)
+ TODO: check
+CVE-2024-37603 (An issue was discovered in Mercedes Benz NTG (New Telematics Generatio ...)
+ TODO: check
+CVE-2024-37602 (An issue was discovered in Mercedes Benz NTG (New Telematics Generatio ...)
+ TODO: check
+CVE-2024-37601 (An issue was discovered in Mercedes Benz NTG (New Telematics Generatio ...)
+ TODO: check
+CVE-2024-37600 (An issue was discovered in Mercedes Benz NTG (New Telematics Generatio ...)
+ TODO: check
+CVE-2024-2240 (Docker daemon in Brocade SANnav before SANnav 2.3.1b runs without audi ...)
+ TODO: check
+CVE-2024-13692 (The Return Refund and Exchange For WooCommerce \u2013 Return Managemen ...)
+ TODO: check
+CVE-2024-13641 (The Return Refund and Exchange For WooCommerce \u2013 Return Managemen ...)
+ TODO: check
+CVE-2024-13493 (The Sensly Online Presence WordPress plugin through 0.6 does not sanit ...)
+ TODO: check
+CVE-2024-12054 (ZF Roll Stability Support Plus (RSSPlus) is vulnerable to an authenti ...)
+ TODO: check
+CVE-2024-10404 (CalInvocationHandler in Brocade SANnav before 2.3.1b logs sensitive i ...)
+ TODO: check
+CVE-2023-34406 (An issue was discovered on Mercedes Benz NTG 6. A possible integer ove ...)
+ TODO: check
+CVE-2023-34404 (Mercedes-Benz head-unit NTG6 has Ethernet pins on Base Board to connec ...)
+ TODO: check
+CVE-2023-34403 (Mercedes-Benz head-unit NTG6 has Ethernet pins on Base Board to connec ...)
+ TODO: check
+CVE-2023-34402 (Mercedes-Benz head-unit NTG6 contains functions to import or export pr ...)
+ TODO: check
+CVE-2023-34401 (Mercedes-Benz head-unit NTG6 contains functions to import or export pr ...)
+ TODO: check
+CVE-2023-34400 (Mercedes-Benz head-unit NTG6 contains functions to import or export pr ...)
+ TODO: check
+CVE-2023-34399 (Mercedes-Benz head-unit NTG6 contains functions to import or export pr ...)
+ TODO: check
+CVE-2023-34398 (Mercedes-Benz head-unit NTG6 contains functions to import or export pr ...)
+ TODO: check
+CVE-2023-34397 (Mercedes Benz head-unit NTG 6 contains functions to import or export p ...)
+ TODO: check
CVE-2025-1057
NOT-FOR-US: Keylime
CVE-2025-1272
@@ -143,15 +247,19 @@ CVE-2025-21700 (In the Linux kernel, the following vulnerability has been resolv
CVE-2024-3303 (An issue was discovered in GitLab EE affecting all versions starting f ...)
- gitlab <not-affected> (Specific to EE)
CVE-2025-0998
+ {DSA-5866-1}
- chromium 133.0.6943.98-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-0997
+ {DSA-5866-1}
- chromium 133.0.6943.98-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-0996
+ {DSA-5866-1}
- chromium 133.0.6943.98-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-0995
+ {DSA-5866-1}
- chromium 133.0.6943.98-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-25286 (Crayfish is a collection of Islandora 8 microservices, one of which, H ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e404454bfc470bc14dc7ba307c83ec8c32178535
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e404454bfc470bc14dc7ba307c83ec8c32178535
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250214/d9b0159c/attachment.htm>
More information about the debian-security-tracker-commits
mailing list