[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Feb 28 08:12:03 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
cdbd2d91 by security tracker role at 2025-02-28T08:11:57+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,97 @@
+CVE-2025-26325 (ShopXO 6.4.0 is vulnerable to File Upload in ThemeDataService.php.)
+ TODO: check
+CVE-2025-26264 (GeoVision GV-ASWeb with the version 6.1.2.0 or less, contains a Remote ...)
+ TODO: check
+CVE-2025-25730 (An issue in Motorola Mobility Droid Razr HD (Model XT926) System Versi ...)
+ TODO: check
+CVE-2025-25729 (An information disclosure vulnerability in Bosscomm IF740 Firmware ver ...)
+ TODO: check
+CVE-2025-25728 (Bosscomm IF740 Firmware versions:11001.7078 & v11001.0000 and System v ...)
+ TODO: check
+CVE-2025-25727 (Bosscomm IF740 Firmware versions:11001.7078 & v11001.0000 and System v ...)
+ TODO: check
+CVE-2025-25570 (Vue Vben Admin 2.10.1 allows unauthorized login to the backend due to ...)
+ TODO: check
+CVE-2025-25477 (A host header injection vulnerability in SysPass 3.2x allows an attack ...)
+ TODO: check
+CVE-2025-24832 (Arbitrary file overwrite during home directory recovery due to imprope ...)
+ TODO: check
+CVE-2025-23225 (IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD could allow an authenticat ...)
+ TODO: check
+CVE-2025-1757 (The WordPress Portfolio Builder \u2013 Portfolio Gallery plugin for Wo ...)
+ TODO: check
+CVE-2025-1744 (Out-of-bounds Write vulnerability in radareorg radare2 allows heap-b ...)
+ TODO: check
+CVE-2025-1687 (The Cardealer theme for WordPress is vulnerable to Cross-Site Request ...)
+ TODO: check
+CVE-2025-1682 (The Cardealer theme for WordPress is vulnerable to privilege escalatio ...)
+ TODO: check
+CVE-2025-1681 (The Cardealer theme for WordPress is vulnerable to unauthorized modifi ...)
+ TODO: check
+CVE-2025-1572 (The KiviCare \u2013 Clinic & Patient Management System (EHR) plugin fo ...)
+ TODO: check
+CVE-2025-1571 (The Exclusive Addons for Elementor plugin for WordPress is vulnerable ...)
+ TODO: check
+CVE-2025-1513 (The Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Cont ...)
+ TODO: check
+CVE-2025-1511 (The User Registration & Membership \u2013 Custom Registration Form, Lo ...)
+ TODO: check
+CVE-2025-1506 (The Wp Social Login and Register Social Counter plugin for WordPress i ...)
+ TODO: check
+CVE-2025-1505 (The Advanced AJAX Product Filters plugin for WordPress is vulnerable t ...)
+ TODO: check
+CVE-2025-1405 (The Product Catalog Simple plugin for WordPress is vulnerable to Store ...)
+ TODO: check
+CVE-2025-0975 (IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD console could allow an aut ...)
+ TODO: check
+CVE-2025-0823 (IBM Cognos Analytics 11.2.0 through 11.2.4 FP5 and 12.0.0 through 12.0 ...)
+ TODO: check
+CVE-2025-0801 (The RateMyAgent Official plugin for WordPress is vulnerable to Cross-S ...)
+ TODO: check
+CVE-2025-0764 (The wpForo Forum plugin for WordPress is vulnerable to arbitrary file ...)
+ TODO: check
+CVE-2024-56340 (IBM Cognos Analytics 11.2.0 through 11.2.4 FP5 is vulnerable to local ...)
+ TODO: check
+CVE-2024-55160 (GFast between v2 to v3.2 was discovered to contain a SQL injection vul ...)
+ TODO: check
+CVE-2024-54173 (IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD reveals potentially sensit ...)
+ TODO: check
+CVE-2024-51139 (Buffer Overflow vulnerability in Vigor2620/LTE200 3.9.8.9 and earlier ...)
+ TODO: check
+CVE-2024-51138 (Vigor165/166 4.2.7 and earlier; Vigor2620/LTE200 3.9.8.9 and earlier; ...)
+ TODO: check
+CVE-2024-41340 (An issue in Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620 ...)
+ TODO: check
+CVE-2024-41339 (An issue in the CGI endpoint used to upload configurations in Draytek ...)
+ TODO: check
+CVE-2024-41338 (A NULL pointer dereference in Draytek devices Vigor 165/166 prior to v ...)
+ TODO: check
+CVE-2024-41336 (Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prio ...)
+ TODO: check
+CVE-2024-41335 (Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prio ...)
+ TODO: check
+CVE-2024-41334 (Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prio ...)
+ TODO: check
+CVE-2024-38292 (In XIQ-SE before 24.2.11, due to a missing access control check, a pat ...)
+ TODO: check
+CVE-2024-38291 (In XIQ-SE before 24.2.11, a low-privileged user may be able to access ...)
+ TODO: check
+CVE-2024-38290 (In XIQ-SE before 24.2.11, a server misconfiguration may allow user enu ...)
+ TODO: check
+CVE-2024-37567 (Infoblox NIOS through 8.6.4 has Improper Access Control for Grids.)
+ TODO: check
+CVE-2024-37566 (Infoblox NIOS through 8.6.4 has Improper Authentication for Grids.)
+ TODO: check
+CVE-2024-36047 (Infoblox NIOS through 8.6.4 and 9.x through 9.0.3 has Improper Input V ...)
+ TODO: check
+CVE-2024-36046 (Infoblox NIOS through 8.6.4 executes with more privileges than require ...)
+ TODO: check
+CVE-2024-13796 (The Post Grid and Gutenberg Blocks \u2013 ComboBlocks plugin for WordP ...)
+ TODO: check
+CVE-2024-12820 (The MK Google Directions plugin for WordPress is vulnerable to Stored ...)
+ TODO: check
+CVE-2024-12811 (The Traveler theme for WordPress is vulnerable to Local File Inclusion ...)
+ TODO: check
CVE-2025-27399 (Mastodon is a self-hosted, federated microblogging platform. In versio ...)
- mastodon <itp> (bug #859741)
CVE-2025-27157 (Mastodon is a self-hosted, federated microblogging platform. Starting ...)
@@ -38,118 +132,118 @@ CVE-2025-22624 (FooGallery \u2013 Responsive Photo Gallery, Image Viewer, Justif
NOT-FOR-US: WordPress plugin
CVE-2025-22280 (Missing Authorization vulnerability in revmakx DefendWP Firewall allow ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-21824 [gpu: host1x: Fix a use of uninitialized mutex]
+CVE-2025-21824 (In the Linux kernel, the following vulnerability has been resolved: g ...)
- linux 6.12.16-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/02458fbfaa0170aabf8506f7d4ed054f02414251 (6.14-rc3)
-CVE-2025-21823 [batman-adv: Drop unmanaged ELP metric worker]
+CVE-2025-21823 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.12.16-1
NOTE: https://git.kernel.org/linus/8c8ecc98f5c65947b0070a24bac11e12e47cc65d (6.14-rc3)
-CVE-2025-21822 [ptp: vmclock: Set driver data before its usage]
+CVE-2025-21822 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f7d07cd4f77d77f366c8ffbb8ba8b61f614e5fce (6.14-rc3)
-CVE-2025-21821 [fbdev: omap: use threaded IRQ for LCD DMA]
+CVE-2025-21821 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.12.16-1
NOTE: https://git.kernel.org/linus/e4b6b665df815b4841e71b72f06446884e8aad40 (6.14-rc1)
-CVE-2025-21820 [tty: xilinx_uartps: split sysrq handling]
+CVE-2025-21820 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.12.15-1
NOTE: https://git.kernel.org/linus/b06f388994500297bb91be60ffaf6825ecfd2afe (6.14-rc1)
-CVE-2025-21819 [Revert "drm/amd/display: Use HW lock mgr for PSR1"]
+CVE-2025-21819 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.12.15-1
NOTE: https://git.kernel.org/linus/f245b400a223a71d6d5f4c72a2cb9b573a7fc2b6 (6.14-rc2)
-CVE-2025-21818 [x86/xen: fix xen_hypercall_hvm() to not clobber %rbx]
+CVE-2025-21818 (In the Linux kernel, the following vulnerability has been resolved: x ...)
- linux 6.12.15-1
NOTE: https://git.kernel.org/linus/98a5cfd2320966f40fe049a9855f8787f0126825 (6.14-rc2)
-CVE-2025-21817 [block: mark GFP_NOIO around sysfs ->store()]
+CVE-2025-21817 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/7c0be4ead1f8f5f8be0803f347de0de81e3b8e1c (6.14-rc1)
-CVE-2025-21816 [hrtimers: Force migrate away hrtimers queued after CPUHP_AP_HRTIMERS_DYING]
+CVE-2025-21816 (In the Linux kernel, the following vulnerability has been resolved: h ...)
- linux 6.12.15-1
NOTE: https://git.kernel.org/linus/53dac345395c0d2493cbc2f4c85fe38aef5b63f5 (6.14-rc2)
-CVE-2025-21815 [mm/compaction: fix UBSAN shift-out-of-bounds warning]
+CVE-2025-21815 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.12.15-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d1366e74342e75555af2648a2964deb2d5c92200 (6.14-rc1)
-CVE-2025-21814 [ptp: Ensure info->enable callback is always set]
+CVE-2025-21814 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.12.15-1
NOTE: https://git.kernel.org/linus/fd53aa40e65f518453115b6f56183b0c201db26b (6.14-rc1)
-CVE-2025-21813 [timers/migration: Fix off-by-one root mis-connection]
+CVE-2025-21813 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.12.15-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/868c9037df626b3c245ee26a290a03ae1f9f58d3 (6.14-rc2)
-CVE-2025-21812 [ax25: rcu protect dev->ax25_ptr]
+CVE-2025-21812 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.12.13-1
NOTE: https://git.kernel.org/linus/95fc45d1dea8e1253f8ec58abc5befb71553d666 (6.14-rc1)
-CVE-2025-21811 [nilfs2: protect access to buffers with no active references]
+CVE-2025-21811 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.13-1
NOTE: https://git.kernel.org/linus/367a9bffabe08c04f6d725032cce3d891b2b9e1a (6.14-rc1)
-CVE-2025-21810 [driver core: class: Fix wild pointer dereferences in API class_dev_iter_next()]
+CVE-2025-21810 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.12.13-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e128f82f7006991c99a58114f70ef61e937b1ac1 (6.14-rc1)
-CVE-2025-21809 [rxrpc, afs: Fix peer hash locking vs RCU callback]
+CVE-2025-21809 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.12.13-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/79d458c13056559d49b5e41fbc4b6890e68cf65b (6.14-rc1)
-CVE-2025-21808 [net: xdp: Disallow attaching device-bound programs in generic mode]
+CVE-2025-21808 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.13-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3595599fa8360bb3c7afa7ee50c810b4a64106ea (6.14-rc1)
-CVE-2025-21807 [block: fix queue freeze vs limits lock order in sysfs store methods]
+CVE-2025-21807 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/c99f66e4084a62a2cc401c4704a84328aeddc9ec (6.14-rc1)
-CVE-2025-21806 [net: let net.core.dev_weight always be non-zero]
+CVE-2025-21806 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.13-1
NOTE: https://git.kernel.org/linus/d1f9f79fa2af8e3b45cffdeef66e05833480148a (6.14-rc1)
-CVE-2025-21805 [RDMA/rtrs: Add missing deinit() call]
+CVE-2025-21805 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.12.13-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/81468c4058a62e84e475433b83b3edc613294f5e (6.14-rc1)
-CVE-2025-21804 [PCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region()]
+CVE-2025-21804 (In the Linux kernel, the following vulnerability has been resolved: P ...)
- linux 6.12.13-1
NOTE: https://git.kernel.org/linus/2d2da5a4c1b4509f6f7e5a8db015cd420144beb4 (6.14-rc1)
-CVE-2025-21803 [LoongArch: Fix warnings during S3 suspend]
+CVE-2025-21803 (In the Linux kernel, the following vulnerability has been resolved: L ...)
- linux 6.12.13-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/26c0a2d93af55d30a46d5f45d3e9c42cde730168 (6.14-rc1)
-CVE-2025-21802 [net: hns3: fix oops when unload drivers paralleling]
+CVE-2025-21802 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.13-1
NOTE: https://git.kernel.org/linus/92e5995773774a3e70257e9c95ea03518268bea5 (6.14-rc1)
-CVE-2025-21801 [net: ravb: Fix missing rtnl lock in suspend/resume path]
+CVE-2025-21801 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.13-1
NOTE: https://git.kernel.org/linus/2c2ebb2b49573e5f8726112ad06b1dffc3c9ea03 (6.14-rc1)
-CVE-2025-21800 [net/mlx5: HWS, fix definer's HWS_SET32 macro for negative offset]
+CVE-2025-21800 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.13-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/be482f1d10da781db9445d2753c1e3f1fd82babf (6.14-rc1)
-CVE-2025-21799 [net: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns()]
+CVE-2025-21799 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.13-1
NOTE: https://git.kernel.org/linus/4395a44acb15850e492dd1de9ec4b6479d96bc80 (6.14-rc1)
-CVE-2025-21798 [firewire: test: Fix potential null dereference in firewire kunit test]
+CVE-2025-21798 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.12.13-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/352fafe97784e81a10a7c74bd508f71a19b53c2a (6.14-rc1)
-CVE-2024-58042 [rhashtable: Fix potential deadlock by moving schedule_work outside lock]
+CVE-2024-58042 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.12.13-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e1d3422c95f003eba241c176adfe593c33e8a8f6 (6.14-rc1)
-CVE-2024-58034 [memory: tegra20-emc: fix an OF node reference bug in tegra_emc_find_node_by_ram_code()]
+CVE-2024-58034 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.12.13-1
NOTE: https://git.kernel.org/linus/b9784e5cde1f9fb83661a70e580e381ae1264d12 (6.14-rc1)
-CVE-2024-58022 [mailbox: th1520: Fix a NULL vs IS_ERR() bug]
+CVE-2024-58022 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
@@ -6761,7 +6855,7 @@ CVE-2025-25184 (Rack provides an interface for developing web applications in Ru
CVE-2025-25182 (Stroom is a data processing, storage and analysis platform. A vulnerab ...)
NOT-FOR-US: Stroom
CVE-2025-1244 (A command injection flaw was found in the text editor Emacs. It could ...)
- {DLA-4069-1}
+ {DSA-5871-1 DLA-4069-1}
- emacs 1:30.1+1-1 (bug #1098255)
NOTE: https://debbugs.gnu.org/66390
NOTE: Fixed by: https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=820f0793f0b46448928905552726c1f1b999062f
@@ -7189,67 +7283,67 @@ CVE-2025-24472 (AnAuthentication Bypass Using an Alternate Path or Channel vulne
NOT-FOR-US: FortiGuard
CVE-2025-24470 (AnImproper Resolution of Path Equivalence vulnerability [CWE-41] in Fo ...)
NOT-FOR-US: FortiGuard
-CVE-2025-24438 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
+CVE-2025-24438 (Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
NOT-FOR-US: Adobe
-CVE-2025-24437 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
+CVE-2025-24437 (Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
NOT-FOR-US: Adobe
-CVE-2025-24436 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
+CVE-2025-24436 (Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
NOT-FOR-US: Adobe
-CVE-2025-24435 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
+CVE-2025-24435 (Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
NOT-FOR-US: Adobe
-CVE-2025-24434 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
+CVE-2025-24434 (Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
NOT-FOR-US: Adobe
-CVE-2025-24432 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
+CVE-2025-24432 (Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
NOT-FOR-US: Adobe
-CVE-2025-24430 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
+CVE-2025-24430 (Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
NOT-FOR-US: Adobe
-CVE-2025-24429 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
+CVE-2025-24429 (Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
NOT-FOR-US: Adobe
-CVE-2025-24428 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
+CVE-2025-24428 (Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
NOT-FOR-US: Adobe
-CVE-2025-24427 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
+CVE-2025-24427 (Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
NOT-FOR-US: Adobe
-CVE-2025-24426 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
+CVE-2025-24426 (Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
NOT-FOR-US: Adobe
-CVE-2025-24425 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
+CVE-2025-24425 (Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
NOT-FOR-US: Adobe
-CVE-2025-24424 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
+CVE-2025-24424 (Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
NOT-FOR-US: Adobe
-CVE-2025-24423 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
+CVE-2025-24423 (Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
NOT-FOR-US: Adobe
-CVE-2025-24422 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
+CVE-2025-24422 (Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
NOT-FOR-US: Adobe
-CVE-2025-24421 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
+CVE-2025-24421 (Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
NOT-FOR-US: Adobe
-CVE-2025-24420 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
+CVE-2025-24420 (Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
NOT-FOR-US: Adobe
-CVE-2025-24419 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
+CVE-2025-24419 (Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
NOT-FOR-US: Adobe
-CVE-2025-24418 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
+CVE-2025-24418 (Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
NOT-FOR-US: Adobe
-CVE-2025-24417 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
+CVE-2025-24417 (Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
NOT-FOR-US: Adobe
-CVE-2025-24416 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
+CVE-2025-24416 (Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
NOT-FOR-US: Adobe
-CVE-2025-24415 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
+CVE-2025-24415 (Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
NOT-FOR-US: Adobe
-CVE-2025-24414 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
+CVE-2025-24414 (Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
NOT-FOR-US: Adobe
-CVE-2025-24413 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
+CVE-2025-24413 (Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
NOT-FOR-US: Adobe
-CVE-2025-24412 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
+CVE-2025-24412 (Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
NOT-FOR-US: Adobe
-CVE-2025-24411 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
+CVE-2025-24411 (Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
NOT-FOR-US: Adobe
-CVE-2025-24410 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
+CVE-2025-24410 (Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
NOT-FOR-US: Adobe
-CVE-2025-24409 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
+CVE-2025-24409 (Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
NOT-FOR-US: Adobe
-CVE-2025-24408 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
+CVE-2025-24408 (Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
NOT-FOR-US: Adobe
-CVE-2025-24407 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
+CVE-2025-24407 (Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
NOT-FOR-US: Adobe
-CVE-2025-24406 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
+CVE-2025-24406 (Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
NOT-FOR-US: Adobe
CVE-2025-24042 (Visual Studio Code JS Debug Extension Elevation of Privilege Vulnerabi ...)
NOT-FOR-US: Microsoft
@@ -22320,7 +22414,7 @@ CVE-2024-12784 (A vulnerability was found in itsourcecode Vehicle Management Sys
NOT-FOR-US: itsourcecode Vehicle Management System
CVE-2024-12783 (A vulnerability was found in itsourcecode Vehicle Management System 1. ...)
NOT-FOR-US: itsourcecode Vehicle Management System
-CVE-2024-12782 (A vulnerability has been found in Fujifilm Apeos C3070, Apeos C5570 an ...)
+CVE-2024-12782 (A vulnerability has been found in Fujifilm Business Innovation Apeos C ...)
NOT-FOR-US: Apeos
CVE-2024-12626 (The AutomatorWP \u2013 Automator plugin for no-code automations, webho ...)
NOT-FOR-US: WordPress plugin
@@ -24508,7 +24602,7 @@ CVE-2024-47835 (GStreamer is a library for constructing graphs of media-handling
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/4c40f73b7002967e824ef34a5435282f4a0ea363
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/1a5fdba14a1ccfe473bc4429f22ee5bbaee034eb (1.24.10)
CVE-2024-47834 (GStreamer is a library for constructing graphs of media-handling compo ...)
- {DSA-5838-1}
+ {DSA-5838-1 DLA-4071-1}
- gst-plugins-good1.0 1.24.10-1
- gst-plugins-good0.10 <removed>
NOTE: https://securitylab.github.com/advisories/GHSL-2024-280_Gstreamer/
@@ -24517,7 +24611,7 @@ CVE-2024-47834 (GStreamer is a library for constructing graphs of media-handling
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8057
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8058 (1.24.10)
CVE-2024-47778 (GStreamer is a library for constructing graphs of media-handling compo ...)
- {DSA-5838-1}
+ {DSA-5838-1 DLA-4071-1}
- gst-plugins-good1.0 1.24.10-1
- gst-plugins-good0.10 <removed>
NOTE: https://securitylab.github.com/advisories/GHSL-2024-258_Gstreamer/
@@ -24527,7 +24621,7 @@ CVE-2024-47778 (GStreamer is a library for constructing graphs of media-handling
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8054 (1.24.10)
CVE-2024-47777 (GStreamer is a library for constructing graphs of media-handling compo ...)
- {DSA-5838-1}
+ {DSA-5838-1 DLA-4071-1}
- gst-plugins-good1.0 1.24.10-1
- gst-plugins-good0.10 <removed>
NOTE: https://securitylab.github.com/advisories/GHSL-2024-259_Gstreamer/
@@ -24537,7 +24631,7 @@ CVE-2024-47777 (GStreamer is a library for constructing graphs of media-handling
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8054 (1.24.10)
CVE-2024-47776 (GStreamer is a library for constructing graphs of media-handling compo ...)
- {DSA-5838-1}
+ {DSA-5838-1 DLA-4071-1}
- gst-plugins-good1.0 1.24.10-1
- gst-plugins-good0.10 <removed>
NOTE: https://securitylab.github.com/advisories/GHSL-2024-260_Gstreamer/
@@ -24547,7 +24641,7 @@ CVE-2024-47776 (GStreamer is a library for constructing graphs of media-handling
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8054 (1.24.10)
CVE-2024-47775 (GStreamer is a library for constructing graphs of media-handling compo ...)
- {DSA-5838-1}
+ {DSA-5838-1 DLA-4071-1}
- gst-plugins-good1.0 1.24.10-1
- gst-plugins-good0.10 <removed>
NOTE: https://securitylab.github.com/advisories/GHSL-2024-261_Gstreamer/
@@ -24557,7 +24651,7 @@ CVE-2024-47775 (GStreamer is a library for constructing graphs of media-handling
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8054 (1.24.10)
CVE-2024-47774 (GStreamer is a library for constructing graphs of media-handling compo ...)
- {DSA-5838-1}
+ {DSA-5838-1 DLA-4071-1}
- gst-plugins-good1.0 1.24.10-1
- gst-plugins-good0.10 <removed>
NOTE: https://securitylab.github.com/advisories/GHSL-2024-262_Gstreamer/
@@ -24585,7 +24679,7 @@ CVE-2024-47615 (GStreamer is a library for constructing graphs of media-handling
NOTE: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/30fa21ac45ef5dad2fef0d98f0e7130c75f0b628 (1.24.10)
NOTE: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/c94c44ce497d285ebcfe866b9faaae9c66c81132 (1.24.10)
CVE-2024-47613 (GStreamer is a library for constructing graphs of media-handling compo ...)
- {DSA-5838-1}
+ {DSA-5838-1 DLA-4071-1}
- gst-plugins-good1.0 1.24.10-1
- gst-plugins-good0.10 <removed>
NOTE: https://securitylab.github.com/advisories/GHSL-2024-115_GHSL-2024-118_Gstreamer/
@@ -24603,7 +24697,7 @@ CVE-2024-47607 (GStreamer is a library for constructing graphs of media-handling
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/2838374d6ee4a0c9c4c4221ac46d5c1688f26e59
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/804eca458fb547942ed70b88c021b996be9228a2 (1.24.10)
CVE-2024-47606 (GStreamer is a library for constructing graphs of media-handling compo ...)
- {DSA-5838-1 DSA-5832-1 DLA-3994-1}
+ {DSA-5838-1 DSA-5832-1 DLA-4071-1 DLA-3994-1}
- gstreamer1.0 1.24.10-1
- gstreamer0.10 <not-affected> (Vulnerable code introduced in 1.0)
- gst-plugins-good1.0 1.24.10-1
@@ -24616,7 +24710,7 @@ CVE-2024-47606 (GStreamer is a library for constructing graphs of media-handling
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/f8e398c46fc074f266edb3f20479c0ca31b52448
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/2d7a11f5e6be5c323b2fed8158bc9df37752e495 (1.24.10)
CVE-2024-47603 (GStreamer is a library for constructing graphs of media-handling compo ...)
- {DSA-5838-1}
+ {DSA-5838-1 DLA-4071-1}
- gst-plugins-good1.0 1.24.10-1
- gst-plugins-good0.10 <removed>
NOTE: https://securitylab.github.com/advisories/GHSL-2024-251_Gstreamer/
@@ -24625,7 +24719,7 @@ CVE-2024-47603 (GStreamer is a library for constructing graphs of media-handling
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8057
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8058 (1.24.10)
CVE-2024-47602 (GStreamer is a library for constructing graphs of media-handling compo ...)
- {DSA-5838-1}
+ {DSA-5838-1 DLA-4071-1}
- gst-plugins-good1.0 1.24.10-1
- gst-plugins-good0.10 <removed>
NOTE: https://securitylab.github.com/advisories/GHSL-2024-250_Gstreamer/
@@ -24634,7 +24728,7 @@ CVE-2024-47602 (GStreamer is a library for constructing graphs of media-handling
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8057
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8058 (1.24.10)
CVE-2024-47601 (GStreamer is a library for constructing graphs of media-handling compo ...)
- {DSA-5838-1}
+ {DSA-5838-1 DLA-4071-1}
- gst-plugins-good1.0 1.24.10-1
- gst-plugins-good0.10 <removed>
NOTE: https://securitylab.github.com/advisories/GHSL-2024-249_Gstreamer/
@@ -24652,7 +24746,7 @@ CVE-2024-47600 (GStreamer is a library for constructing graphs of media-handling
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/aa07d94c10d71fac389dbbb264a59c1f6117eead
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/5b205225e2c6a19ddcace350fdc18a0edf87bcb5 (1.24.10)
CVE-2024-47599 (GStreamer is a library for constructing graphs of media-handling compo ...)
- {DSA-5838-1}
+ {DSA-5838-1 DLA-4071-1}
- gst-plugins-good1.0 1.24.10-1
- gst-plugins-good0.10 <removed>
NOTE: https://securitylab.github.com/advisories/GHSL-2024-247_Gstreamer/
@@ -24661,7 +24755,7 @@ CVE-2024-47599 (GStreamer is a library for constructing graphs of media-handling
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/3cdf206f4fc5a9860bfe1437ed3d01e7d23c6c3e
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/8b1c866e93749fd42d1908ec77a4f339343acbb2 (1.24.10)
CVE-2024-47598 (GStreamer is a library for constructing graphs of media-handling compo ...)
- {DSA-5838-1}
+ {DSA-5838-1 DLA-4071-1}
- gst-plugins-good1.0 1.24.10-1
- gst-plugins-good0.10 <removed>
NOTE: https://securitylab.github.com/advisories/GHSL-2024-246_Gstreamer/
@@ -24670,7 +24764,7 @@ CVE-2024-47598 (GStreamer is a library for constructing graphs of media-handling
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8060 (1.24.10)
CVE-2024-47597 (GStreamer is a library for constructing graphs of media-handling compo ...)
- {DSA-5838-1}
+ {DSA-5838-1 DLA-4071-1}
- gst-plugins-good1.0 1.24.10-1
- gst-plugins-good0.10 <removed>
NOTE: https://securitylab.github.com/advisories/GHSL-2024-245_Gstreamer/
@@ -24679,7 +24773,7 @@ CVE-2024-47597 (GStreamer is a library for constructing graphs of media-handling
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8060 (1.24.10)
CVE-2024-47596 (GStreamer is a library for constructing graphs of media-handling compo ...)
- {DSA-5838-1}
+ {DSA-5838-1 DLA-4071-1}
- gst-plugins-good1.0 1.24.10-1
- gst-plugins-good0.10 <removed>
NOTE: https://securitylab.github.com/advisories/GHSL-2024-244_Gstreamer/
@@ -24688,7 +24782,7 @@ CVE-2024-47596 (GStreamer is a library for constructing graphs of media-handling
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8060 (1.24.10)
CVE-2024-47546 (GStreamer is a library for constructing graphs of media-handling compo ...)
- {DSA-5838-1}
+ {DSA-5838-1 DLA-4071-1}
- gst-plugins-good1.0 1.24.10-1
- gst-plugins-good0.10 <removed>
NOTE: https://securitylab.github.com/advisories/GHSL-2024-243_Gstreamer/
@@ -24697,7 +24791,7 @@ CVE-2024-47546 (GStreamer is a library for constructing graphs of media-handling
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8060 (1.24.10)
CVE-2024-47545 (GStreamer is a library for constructing graphs of media-handling compo ...)
- {DSA-5838-1}
+ {DSA-5838-1 DLA-4071-1}
- gst-plugins-good1.0 1.24.10-1
- gst-plugins-good0.10 <removed>
NOTE: https://securitylab.github.com/advisories/GHSL-2024-242_Gstreamer/
@@ -24706,7 +24800,7 @@ CVE-2024-47545 (GStreamer is a library for constructing graphs of media-handling
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8060 (1.24.10)
CVE-2024-47544 (GStreamer is a library for constructing graphs of media-handling compo ...)
- {DSA-5838-1}
+ {DSA-5838-1 DLA-4071-1}
- gst-plugins-good1.0 1.24.10-1
- gst-plugins-good0.10 <removed>
NOTE: https://securitylab.github.com/advisories/GHSL-2024-238_Gstreamer/
@@ -24715,7 +24809,7 @@ CVE-2024-47544 (GStreamer is a library for constructing graphs of media-handling
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8060 (1.24.10)
CVE-2024-47543 (GStreamer is a library for constructing graphs of media-handling compo ...)
- {DSA-5838-1}
+ {DSA-5838-1 DLA-4071-1}
- gst-plugins-good1.0 1.24.10-1
- gst-plugins-good0.10 <removed>
NOTE: https://securitylab.github.com/advisories/GHSL-2024-236_Gstreamer/
@@ -24745,7 +24839,7 @@ CVE-2024-47541 (GStreamer is a library for constructing graphs of media-handling
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/b66cf81e99ab9f400b6aea79a4b597c5ddac324d (1.24.10)
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/7108073b5be73eb2482eb8494745962b8c0571f1 (1.24.10)
CVE-2024-47540 (GStreamer is a library for constructing graphs of media-handling compo ...)
- {DSA-5838-1}
+ {DSA-5838-1 DLA-4071-1}
- gst-plugins-good1.0 1.24.10-1
- gst-plugins-good0.10 <removed>
NOTE: https://securitylab.github.com/advisories/GHSL-2024-197_GStreamer/
@@ -24754,7 +24848,7 @@ CVE-2024-47540 (GStreamer is a library for constructing graphs of media-handling
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/c0dceda8e969f74f2326539c1f0368c2fd7afcd7
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/a16851ebf34a9f9be4285b2c0d75fe7844354efe (1.24.10)
CVE-2024-47539 (GStreamer is a library for constructing graphs of media-handling compo ...)
- {DSA-5838-1}
+ {DSA-5838-1 DLA-4071-1}
- gst-plugins-good1.0 1.24.10-1
- gst-plugins-good0.10 <removed>
NOTE: https://securitylab.github.com/advisories/GHSL-2024-195_Gstreamer/
@@ -24772,7 +24866,7 @@ CVE-2024-47538 (GStreamer is a library for constructing graphs of media-handling
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/5093691ef2ef5c7a6e03a20bce39db143b9cdc43
NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/7eb26b198beffecdba4dbb64299f9cb09a9181d6 (1.24.10)
CVE-2024-47537 (GStreamer is a library for constructing graphs of media-handling compo ...)
- {DSA-5838-1}
+ {DSA-5838-1 DLA-4071-1}
- gst-plugins-good1.0 1.24.10-1
- gst-plugins-good0.10 <removed>
NOTE: https://securitylab.github.com/advisories/GHSL-2024-094_Gstreamer/
@@ -28128,7 +28222,7 @@ CVE-2024-11738 (A flaw was found in Rustls 0.23.13 and related APIs. This vulner
NOTE: https://rustsec.org/advisories/RUSTSEC-2024-0399.html
NOTE: https://github.com/rustls/rustls/issues/2227
CVE-2024-53920 (In elisp-mode.el in GNU Emacs through 30.0.92, a user who chooses to i ...)
- {DLA-4069-1}
+ {DSA-5871-1 DLA-4069-1}
- emacs 1:30.1+1-1 (bug #1088690)
NOTE: https://eshelyaron.com/posts/2024-11-27-emacs-aritrary-code-execution-and-how-to-avoid-it.html
NOTE: https://yhetil.org/emacs/CAFXAjY5f4YfHAtZur1RAqH34UbYU56_t6t2Er0YEh1Sb7-W=hg%40mail.gmail.com/
@@ -213247,6 +213341,7 @@ CVE-2022-39322 (@keystone-6/core is a core package for Keystone 6, a content man
CVE-2022-39321 (GitHub Actions Runner is the application that runs a job from a GitHub ...)
NOT-FOR-US: GitHub Actions Runner
CVE-2022-39320 (FreeRDP is a free remote desktop protocol library and clients. Affecte ...)
+ {DLA-4070-1}
- freerdp2 2.9.0+dfsg1-1 (bug #1024511)
[buster] - freerdp2 <no-dsa> (Minor issue)
NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-qfq2-82qr-7f4j
@@ -254961,6 +255056,7 @@ CVE-2022-24883 (FreeRDP is a free implementation of the Remote Desktop Protocol
NOTE: Fixed by: https://github.com/FreeRDP/FreeRDP/commit/4661492e5a617199457c8074bad22f766a116cdc
NOTE: Fixed by (backport): https://github.com/FreeRDP/FreeRDP/commit/6f473b273a4b6f0cb6aca32b95e22fd0de88e144
CVE-2022-24882 (FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). ...)
+ {DLA-4070-1}
- freerdp2 2.7.0+dfsg1-1
[buster] - freerdp2 <no-dsa> (Minor issue)
- freerdp <removed>
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cdbd2d91d41ff31fac10d057e936c3080e433ef7
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cdbd2d91d41ff31fac10d057e936c3080e433ef7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250228/c6da278b/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list