[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Feb 24 08:12:02 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
23f5b8d1 by security tracker role at 2025-02-24T08:11:55+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,69 @@
+CVE-2025-25279 (Mattermost versions 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3 ...)
+ TODO: check
+CVE-2025-24526 (Mattermost versions 10.1.x <= 10.1.3, 10.4.x <= 10.4.1, 9.11.x <= 9.11 ...)
+ TODO: check
+CVE-2025-24490 (Mattermost versions 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3 ...)
+ TODO: check
+CVE-2025-22635 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-22633 (Insertion of Sensitive Information into Externally-Accessible File or ...)
+ TODO: check
+CVE-2025-22632 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-22631 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-20051 (Mattermost versions 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3 ...)
+ TODO: check
+CVE-2025-1629 (A vulnerability was found in Excitel Broadband Private my Excitel App ...)
+ TODO: check
+CVE-2025-1618 (A vulnerability has been found in vTiger CRM 6.4.0 and classified as p ...)
+ TODO: check
+CVE-2025-1617 (A vulnerability, which was classified as problematic, was found in Net ...)
+ TODO: check
+CVE-2025-1616 (A vulnerability, which was classified as critical, has been found in F ...)
+ TODO: check
+CVE-2025-1615 (A vulnerability classified as problematic was found in FiberHome AN550 ...)
+ TODO: check
+CVE-2025-1614 (A vulnerability classified as problematic has been found in FiberHome ...)
+ TODO: check
+CVE-2025-1613 (A vulnerability was found in FiberHome AN5506-01A ONU GPON RP2511. It ...)
+ TODO: check
+CVE-2025-1612 (A vulnerability was found in Edimax BR-6288ACL 1.30. It has been decla ...)
+ TODO: check
+CVE-2025-1611 (A vulnerability was found in ShopXO up to 6.4.0. It has been classifie ...)
+ TODO: check
+CVE-2025-1610 (A vulnerability was found in LB-LINK AC1900 Router 1.0.2 and classifie ...)
+ TODO: check
+CVE-2025-1609 (A vulnerability has been found in LB-LINK AC1900 Router 1.0.2 and clas ...)
+ TODO: check
+CVE-2025-1608 (A vulnerability, which was classified as critical, was found in LB-LIN ...)
+ TODO: check
+CVE-2025-1607 (A vulnerability, which was classified as problematic, has been found i ...)
+ TODO: check
+CVE-2025-1606 (A vulnerability classified as problematic was found in SourceCodester ...)
+ TODO: check
+CVE-2025-1599 (A vulnerability was found in SourceCodester Best Church Management Sof ...)
+ TODO: check
+CVE-2025-1598 (A vulnerability was found in SourceCodester Best Church Management Sof ...)
+ TODO: check
+CVE-2025-1597 (A vulnerability was found in SourceCodester Best Church Management Sof ...)
+ TODO: check
+CVE-2025-1596 (A vulnerability was found in SourceCodester Best Church Management Sof ...)
+ TODO: check
+CVE-2025-1595 (A vulnerability has been found in Anhui Xufan Information Technology E ...)
+ TODO: check
+CVE-2025-1594 (A vulnerability, which was classified as critical, was found in FFmpeg ...)
+ TODO: check
+CVE-2025-1412 (Mattermost versions 9.11.x <= 9.11.6, 10.4.x <= 10.4.1 fail to invalid ...)
+ TODO: check
+CVE-2024-55898 (IBM i 7.2, 7.3, 7.4, and 7.5 could allow a user with the capability to ...)
+ TODO: check
+CVE-2024-13822 (The Photo Contest | Competition | Video Contest WordPress plugin thro ...)
+ TODO: check
+CVE-2024-13605 (The Form Maker by 10Web WordPress plugin before 1.15.33 does not sani ...)
+ TODO: check
+CVE-2024-12308 (The Logo Slider WordPress plugin before 4.6.0 does not validate and e ...)
+ TODO: check
CVE-2025-1593 (A vulnerability classified as critical has been found in SourceCodeste ...)
NOT-FOR-US: SourceCodester Best Employee Management System
CVE-2025-1592 (A vulnerability was found in SourceCodester Best Employee Management S ...)
@@ -969,7 +1035,7 @@ CVE-2025-1118 (A flaw was found in grub2. Grub's dump command is not blocked whe
- grub2 <unfixed> (bug #1098319)
NOTE: https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html
NOTE: https://www.openwall.com/lists/oss-security/2025/02/18/3
-CVE-2025-0690 [read: Integer overflow may lead to out-of-bounds write]
+CVE-2025-0690 (The read command is used to read the keyboard input from the user, whi ...)
- grub2 <unfixed> (bug #1098319)
NOTE: https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html
NOTE: https://www.openwall.com/lists/oss-security/2025/02/18/3
@@ -5953,6 +6019,7 @@ CVE-2024-12163 (The goodlayers-core WordPress plugin before 2.1.3 allows users w
CVE-2024-10309 (The Tracking Code Manager WordPress plugin before 2.4.0 does not sanit ...)
NOT-FOR-US: WordPress plugin
CVE-2025-24528 [Prevent overflow when calculating ulog block size]
+ {DLA-4065-1}
- krb5 <unfixed> (bug #1094730)
[bookworm] - krb5 <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2342796
@@ -18191,6 +18258,7 @@ CVE-2024-56174 (In Optimizely Configured Commerce before 5.2.2408, malicious pay
CVE-2024-56173 (In Optimizely Configured Commerce before 5.2.2408, malicious payloads ...)
NOT-FOR-US: Optimizely Configured Commerce
CVE-2024-48943
+ {DLA-4066-1}
- fort-validator 1.6.4-1
NOTE: https://nicmx.github.io/FORT-validator/CVE.html
NOTE: https://github.com/NICMx/FORT-validator/commit/4ee88d1c3fa7df763dd52312134cd93c1ce50870 (1.6.4)
@@ -48936,26 +49004,32 @@ CVE-2024-45244 (Hyperledger Fabric through 2.5.9 does not verify that a request
CVE-2024-45240 (The TikTok (aka com.zhiliaoapp.musically) application before 34.5.5 fo ...)
NOT-FOR-US: TikTok (aka com.zhiliaoapp.musically) application
CVE-2024-45239 (An issue was discovered in Fort before 1.6.3. A malicious RPKI reposit ...)
+ {DLA-4066-1}
- fort-validator 1.6.3-1
NOTE: https://nicmx.github.io/FORT-validator/CVE.html
NOTE: https://github.com/NICMx/FORT-validator/commit/942f921ba7244cdcf4574cedc4c16392a7cc594b (1.6.3)
CVE-2024-45238 (An issue was discovered in Fort before 1.6.3. A malicious RPKI reposit ...)
+ {DLA-4066-1}
- fort-validator 1.6.3-1
NOTE: https://nicmx.github.io/FORT-validator/CVE.html
NOTE: https://github.com/NICMx/FORT-validator/commit/5689dea5e878fed28c5f338a27d7cda4151a14f1 (1.6.3)
CVE-2024-45237 (An issue was discovered in Fort before 1.6.3. A malicious RPKI reposit ...)
+ {DLA-4066-1}
- fort-validator 1.6.3-1
NOTE: https://nicmx.github.io/FORT-validator/CVE.html
NOTE: https://github.com/NICMx/FORT-validator/commit/939d988551d17996be73f52c376a70a3d6ba69f9 (1.6.3)
CVE-2024-45236 (An issue was discovered in Fort before 1.6.3. A malicious RPKI reposit ...)
+ {DLA-4066-1}
- fort-validator 1.6.3-1
NOTE: https://nicmx.github.io/FORT-validator/CVE.html
NOTE: https://github.com/NICMx/FORT-validator/commit/4dafbd9de64a5a0616af97365bc1751465b29d2e (1.6.3)
CVE-2024-45235 (An issue was discovered in Fort before 1.6.3. A malicious RPKI reposit ...)
+ {DLA-4066-1}
- fort-validator 1.6.3-1
NOTE: https://nicmx.github.io/FORT-validator/CVE.html
NOTE: https://github.com/NICMx/FORT-validator/commit/b1eb3c507ae920859bbe294776ebc2bb30bb7e56 (1.6.3)
CVE-2024-45234 (An issue was discovered in Fort before 1.6.3. A malicious RPKI reposit ...)
+ {DLA-4066-1}
- fort-validator 1.6.3-1
NOTE: https://nicmx.github.io/FORT-validator/CVE.html
NOTE: https://github.com/NICMx/FORT-validator/commit/521b1a0db5041258096fbabdf8fc1e10ecc793cf (1.6.3)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/23f5b8d15164b16f7d4a18983f3721964ccc7690
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/23f5b8d15164b16f7d4a18983f3721964ccc7690
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250224/1aaa748e/attachment.htm>
More information about the debian-security-tracker-commits
mailing list