[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Feb 18 08:12:40 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b3c76924 by security tracker role at 2025-02-18T08:12:33+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,123 @@
+CVE-2025-25224 (The LuxCal Web Calendar prior to 5.3.3M (MySQL version) and prior to 5 ...)
+ TODO: check
+CVE-2025-25223 (The LuxCal Web Calendar prior to 5.3.3M (MySQL version) and prior to 5 ...)
+ TODO: check
+CVE-2025-25222 (The LuxCal Web Calendar prior to 5.3.3M (MySQL version) and prior to 5 ...)
+ TODO: check
+CVE-2025-25221 (The LuxCal Web Calendar prior to 5.3.3M (MySQL version) and prior to 5 ...)
+ TODO: check
+CVE-2025-25055 (Authentication bypass by spoofing issue exists in FileMegane versions ...)
+ TODO: check
+CVE-2025-20075 (Server-side request forgery (SSRF) vulnerability exists in FileMegane ...)
+ TODO: check
+CVE-2025-1390 (The PAM module pam_cap.so of libcap configuration supports group names ...)
+ TODO: check
+CVE-2025-0864 (The Active Products Tables for WooCommerce. Use constructor to create ...)
+ TODO: check
+CVE-2025-0805 (The Mortgage Calculator / Loan Calculator plugin for WordPress is vuln ...)
+ TODO: check
+CVE-2025-0796 (The Mortgage Lead Capture System plugin for WordPress is vulnerable to ...)
+ TODO: check
+CVE-2025-0425 (Via the GUI of the "bestinformed Infoclient", a low-privileged user is ...)
+ TODO: check
+CVE-2025-0424 (In the "bestinformed Web" application, some user input was not properl ...)
+ TODO: check
+CVE-2025-0423 (In the "bestinformed Web" application, some user input was not properl ...)
+ TODO: check
+CVE-2025-0422 (An authenticated user in the "bestinformed Web" application can execut ...)
+ TODO: check
+CVE-2024-57964 (Insecure Loading of Dynamic Link Libraries have been discovered in HVA ...)
+ TODO: check
+CVE-2024-57963 (Insecure Loading of Dynamic Link Libraries have been discovered in USB ...)
+ TODO: check
+CVE-2024-45320 (Out-of-bounds write vulnerability exists in DocuPrint CP225w 01.22.01 ...)
+ TODO: check
+CVE-2024-25066 (RSA Authentication Manager before 8.7 SP2 Patch 1 allows XML External ...)
+ TODO: check
+CVE-2024-13852 (The Option Editor plugin for WordPress is vulnerable to Cross-Site Req ...)
+ TODO: check
+CVE-2024-13848 (The Reaction Buttons plugin for WordPress is vulnerable to Stored Cros ...)
+ TODO: check
+CVE-2024-13795 (The Ecwid by Lightspeed Ecommerce Shopping Cart plugin for WordPress i ...)
+ TODO: check
+CVE-2024-13741 (The ProfileGrid \u2013 User Profiles, Groups and Communities plugin fo ...)
+ TODO: check
+CVE-2024-13740 (The ProfileGrid \u2013 User Profiles, Groups and Communities plugin fo ...)
+ TODO: check
+CVE-2024-13725 (The Keap Official Opt-in Forms plugin for WordPress is vulnerable to L ...)
+ TODO: check
+CVE-2024-13704 (The Super Testimonials plugin for WordPress is vulnerable to Stored Cr ...)
+ TODO: check
+CVE-2024-13687 (The Team Builder \u2013 Meet the Team plugin for WordPress is vulnerab ...)
+ TODO: check
+CVE-2024-13684 (The Reset plugin for WordPress is vulnerable to Cross-Site Request For ...)
+ TODO: check
+CVE-2024-13677 (The GetBookingsWP \u2013 Appointments Booking Calendar Plugin For Word ...)
+ TODO: check
+CVE-2024-13622 (The File Uploads Addon for WooCommerce plugin for WordPress is vulnera ...)
+ TODO: check
+CVE-2024-13609 (The 1 Click WordPress Migration Plugin \u2013 100% FREE for a limited ...)
+ TODO: check
+CVE-2024-13595 (The Simple Signup Form plugin for WordPress is vulnerable to SQL Injec ...)
+ TODO: check
+CVE-2024-13588 (The Simplebooklet PDF Viewer and Embedder plugin for WordPress is vuln ...)
+ TODO: check
+CVE-2024-13587 (The Zigaform \u2013 Price Calculator & Cost Estimation Form Builder Li ...)
+ TODO: check
+CVE-2024-13582 (The Simple Pricing Tables For WPBakery Page Builder(Formerly Visual Co ...)
+ TODO: check
+CVE-2024-13581 (The Simple Charts plugin for WordPress is vulnerable to Stored Cross-S ...)
+ TODO: check
+CVE-2024-13579 (The WP-Asambleas plugin for WordPress is vulnerable to Stored Cross-Si ...)
+ TODO: check
+CVE-2024-13578 (The WP-BibTeX plugin for WordPress is vulnerable to Stored Cross-Site ...)
+ TODO: check
+CVE-2024-13577 (The CATS Job Listings plugin for WordPress is vulnerable to Stored Cro ...)
+ TODO: check
+CVE-2024-13576 (The Gumlet Video plugin for WordPress is vulnerable to Stored Cross-Si ...)
+ TODO: check
+CVE-2024-13575 (The Web Stories Enhancer \u2013 Level Up Your Web Stories plugin for W ...)
+ TODO: check
+CVE-2024-13573 (The Zigaform \u2013 Form Builder Lite plugin for WordPress is vulnerab ...)
+ TODO: check
+CVE-2024-13565 (The Simple Map No Api plugin for WordPress is vulnerable to Stored Cro ...)
+ TODO: check
+CVE-2024-13556 (The Affiliate Links: WordPress Plugin for Link Cloaking and Link Manag ...)
+ TODO: check
+CVE-2024-13555 (The 1 Click WordPress Migration Plugin \u2013 100% FREE for a limited ...)
+ TODO: check
+CVE-2024-13540 (The WooODT Lite \u2013 Delivery & pickup date time location for WooCom ...)
+ TODO: check
+CVE-2024-13538 (The BigBuy Dropshipping Connector for WooCommerce plugin for WordPress ...)
+ TODO: check
+CVE-2024-13535 (The Actionwear products sync plugin for WordPress is vulnerable to Ful ...)
+ TODO: check
+CVE-2024-13523 (The MemorialDay plugin for WordPress is vulnerable to Cross-Site Reque ...)
+ TODO: check
+CVE-2024-13522 (The magayo Lottery Results plugin for WordPress is vulnerable to Cross ...)
+ TODO: check
+CVE-2024-13501 (The WP-FormAssembly plugin for WordPress is vulnerable to Stored Cross ...)
+ TODO: check
+CVE-2024-13465 (The aBlocks \u2013 WordPress Gutenberg Blocks plugin for WordPress is ...)
+ TODO: check
+CVE-2024-13464 (The Library Bookshelves plugin for WordPress is vulnerable to Stored C ...)
+ TODO: check
+CVE-2024-13438 (The SpeedSize Image & Video AI-Optimizer plugin for WordPress is vulne ...)
+ TODO: check
+CVE-2024-13315 (The Shopwarden \u2013 Automated WooCommerce monitoring & testing plugi ...)
+ TODO: check
+CVE-2024-12813 (The Open Hours \u2013 Easy Opening Hours plugin for WordPress is vuln ...)
+ TODO: check
+CVE-2024-12525 (The Easy MLS Listings Import plugin for WordPress is vulnerable to Sto ...)
+ TODO: check
+CVE-2024-12314 (The Rapid Cache plugin for WordPress is vulnerable to Cache Poisoning ...)
+ TODO: check
+CVE-2024-11895 (The Online Payments \u2013 Get Paid with PayPal, Square & Stripe plugi ...)
+ TODO: check
+CVE-2024-11376 (The s2Member \u2013 Excellent for All Kinds of Memberships, Content Re ...)
+ TODO: check
+CVE-2021-46686 (Improper neutralization of special elements used in an OS command ('OS ...)
+ TODO: check
CVE-2024-57259 [Heap corruption in U-Boot's SquashFS directory listing function]
- u-boot <unfixed>
NOTE: https://www.openwall.com/lists/oss-security/2025/02/17/2
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b3c769240ad3a4951789998f4d47affbe19b7a29
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b3c769240ad3a4951789998f4d47affbe19b7a29
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250218/5f8aad16/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list