[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Feb 17 08:12:37 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
241e0da3 by security tracker role at 2025-02-17T08:12:31+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,101 @@
+CVE-2025-26779 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
+ TODO: check
+CVE-2025-26768 (Cross-Site Request Forgery (CSRF) vulnerability in what3words what3wor ...)
+ TODO: check
+CVE-2025-26767 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-26766 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-26765 (Missing Authorization vulnerability in enituretechnology Distance Base ...)
+ TODO: check
+CVE-2025-26761 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-26759 (Cross-Site Request Forgery (CSRF) vulnerability in alexvtn Content Sni ...)
+ TODO: check
+CVE-2025-26755 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2025-26700 (Authentication bypass using an alternate path or channel issue exists ...)
+ TODO: check
+CVE-2025-23975 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-22689 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-22680 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-22676 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-22291 (Missing Authorization vulnerability in enituretechnology LTL Freight Q ...)
+ TODO: check
+CVE-2025-22290 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2025-22289 (Missing Authorization vulnerability in NotFound LTL Freight Quotes \u2 ...)
+ TODO: check
+CVE-2025-22286 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-22284 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-1389 (Orca HCM from Learning Digital has a SQL Injection vulnerability, allo ...)
+ TODO: check
+CVE-2025-1388 (Orca HCM from LEARNING DIGITAL has an Arbitrary File Upload vulnerabil ...)
+ TODO: check
+CVE-2025-1387 (Orca HCM from LEARNING DIGITAL has an Improper Authentication vulnerab ...)
+ TODO: check
+CVE-2025-1381 (A vulnerability was found in code-projects Real Estate Property Manage ...)
+ TODO: check
+CVE-2025-1380 (A vulnerability was found in Codezips Gym Management System 1.0 and cl ...)
+ TODO: check
+CVE-2025-1379 (A vulnerability has been found in code-projects Real Estate Property M ...)
+ TODO: check
+CVE-2025-1378 (A vulnerability, which was classified as problematic, was found in rad ...)
+ TODO: check
+CVE-2025-1377 (A vulnerability, which was classified as problematic, has been found i ...)
+ TODO: check
+CVE-2025-1376 (A vulnerability classified as problematic was found in GNU elfutils 0. ...)
+ TODO: check
+CVE-2025-1374 (A vulnerability classified as critical has been found in code-projects ...)
+ TODO: check
+CVE-2025-1373 (A vulnerability was found in FFmpeg up to 7.1. It has been rated as pr ...)
+ TODO: check
+CVE-2025-1372 (A vulnerability was found in GNU elfutils 0.192. It has been declared ...)
+ TODO: check
+CVE-2025-1371 (A vulnerability has been found in GNU elfutils 0.192 and classified as ...)
+ TODO: check
+CVE-2025-1370 (A vulnerability, which was classified as critical, has been found in M ...)
+ TODO: check
+CVE-2025-1369 (A vulnerability classified as critical was found in MicroWord eScan An ...)
+ TODO: check
+CVE-2025-1368 (A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux ...)
+ TODO: check
+CVE-2025-1367 (A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux ...)
+ TODO: check
+CVE-2025-1366 (A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux ...)
+ TODO: check
+CVE-2025-1365 (A vulnerability, which was classified as critical, was found in GNU el ...)
+ TODO: check
+CVE-2025-1364 (A vulnerability has been found in MicroWord eScan Antivirus 7.0.32 on ...)
+ TODO: check
+CVE-2025-1360 (A vulnerability, which was classified as problematic, was found in Int ...)
+ TODO: check
+CVE-2025-0924 (The WP Activity Log plugin for WordPress is vulnerable to Stored Cross ...)
+ TODO: check
+CVE-2025-0591 (Out-of-bounds Read vulnerability (CWE-125) was found in CX-Programmer. ...)
+ TODO: check
+CVE-2024-47935 (Improper Validation of Integrity Check Value vulnerability in TXOne Ne ...)
+ TODO: check
+CVE-2024-44044 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2024-13726 (The Coder WordPress plugin through 1.3.4 does not properly sanitise ...)
+ TODO: check
+CVE-2024-13627 (The OWL Carousel Slider WordPress plugin through 2.2 does not sanitise ...)
+ TODO: check
+CVE-2024-13626 (The VR-Frases (collect & share quotes) WordPress plugin through 3.0.1 ...)
+ TODO: check
+CVE-2024-13625 (The Tube Video Ads Lite WordPress plugin through 1.5.7 does not saniti ...)
+ TODO: check
+CVE-2024-13608 (The Track Logins WordPress plugin through 1.0 does not sanitize and es ...)
+ TODO: check
+CVE-2024-13603 (The Wise Forms WordPress plugin through 1.2.0 does not sanitise and es ...)
+ TODO: check
CVE-2025-1359 (A vulnerability, which was classified as problematic, has been found i ...)
NOT-FOR-US: SIAM Industria de Automacao e Monitoramento SIAM
CVE-2025-1358 (A vulnerability classified as problematic was found in Pix Software Vi ...)
@@ -44695,7 +44793,7 @@ CVE-2024-8586 (WebITR from Uniong has an Open Redirect vulnerability, which allo
NOT-FOR-US: WebITR
CVE-2024-8585 (Orca HCM from LEARNING DIGITA does not properly restrict a specific pa ...)
NOT-FOR-US: Orca HCM
-CVE-2024-8584 (Orca HCM from LEARNING DIGITAL does not properly restrict access to a ...)
+CVE-2024-8584 (Orca HCM from LEARNING DIGITAL has an Missing Authentication vulnerabi ...)
NOT-FOR-US: Orca HCM
CVE-2024-8583 (A vulnerability was found in SourceCodester Online Bank Management Sys ...)
NOT-FOR-US: SourceCodester Online Bank Management System and Online Bank Management System
@@ -137017,7 +137115,7 @@ CVE-2023-39944 (OS command injection vulnerability in WRC-F1167ACF all versions,
NOT-FOR-US: WRC-F1167ACF
CVE-2023-39455 (OS command injection vulnerability in ELECOM wireless LAN routers allo ...)
NOT-FOR-US: ELECOM wireless LAN routers
-CVE-2023-39454 (Buffer overflow vulnerability in WRC-X1800GS-B v1.13 and earlier, WRC- ...)
+CVE-2023-39454 (Buffer overflow vulnerability exists in ELECOM wireless LAN routers, w ...)
NOT-FOR-US: WRC-X1800GS-B
CVE-2023-39445 (Hidden functionality vulnerability in LAN-WH300N/RE all versions provi ...)
NOT-FOR-US: LAN-WH300N/RE
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/241e0da32f0c015072d706689df1f517ea55973f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/241e0da32f0c015072d706689df1f517ea55973f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250217/dbf6ce35/attachment.htm>
More information about the debian-security-tracker-commits
mailing list