[Git][security-tracker-team/security-tracker][master] automatic update

Thu Jan 16 20:12:16 GMT 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
67d9d8b1 by security tracker role at 2025-01-16T20:12:09+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,287 @@
+CVE-2025-23783 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+	TODO: check
+CVE-2025-23767 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+	TODO: check
+CVE-2025-23749 (Cross-Site Request Forgery (CSRF) vulnerability in Mahdi Khaksar mybb  ...)
+	TODO: check
+CVE-2025-23745 (Cross-Site Request Forgery (CSRF) vulnerability in Tussendoor internet ...)
+	TODO: check
+CVE-2025-23743 (Cross-Site Request Forgery (CSRF) vulnerability in Martijn Scheybeler  ...)
+	TODO: check
+CVE-2025-23720 (Cross-Site Request Forgery (CSRF) vulnerability in Mozilla Web Push al ...)
+	TODO: check
+CVE-2025-23717 (Cross-Site Request Forgery (CSRF) vulnerability in ITMOOTI Theme My On ...)
+	TODO: check
+CVE-2025-23715 (Cross-Site Request Forgery (CSRF) vulnerability in RaymondDesign Post  ...)
+	TODO: check
+CVE-2025-23713 (Cross-Site Request Forgery (CSRF) vulnerability in Artem Anikeev Hack  ...)
+	TODO: check
+CVE-2025-23712 (Cross-Site Request Forgery (CSRF) vulnerability in Kapost Kapost allow ...)
+	TODO: check
+CVE-2025-23710 (Cross-Site Request Forgery (CSRF) vulnerability in Mayur Sojitra Flyin ...)
+	TODO: check
+CVE-2025-23708 (Cross-Site Request Forgery (CSRF) vulnerability in Dominic Fallows DF  ...)
+	TODO: check
+CVE-2025-23703 (Cross-Site Request Forgery (CSRF) vulnerability in CS : ABS-Hosting.nl ...)
+	TODO: check
+CVE-2025-23702 (Cross-Site Request Forgery (CSRF) vulnerability in Schalk Burger Anony ...)
+	TODO: check
+CVE-2025-23699 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+	TODO: check
+CVE-2025-23698 (Cross-Site Request Forgery (CSRF) vulnerability in Iv\xe1n R. Delgado  ...)
+	TODO: check
+CVE-2025-23694 (Cross-Site Request Forgery (CSRF) vulnerability in Shabbos Commerce Sh ...)
+	TODO: check
+CVE-2025-23693 (Cross-Site Request Forgery (CSRF) vulnerability in Stanis\u0142aw Skon ...)
+	TODO: check
+CVE-2025-23692 (Cross-Site Request Forgery (CSRF) vulnerability in Artem Anikeev Slide ...)
+	TODO: check
+CVE-2025-23691 (Cross-Site Request Forgery (CSRF) vulnerability in Braulio Aquino Garc ...)
+	TODO: check
+CVE-2025-23690 (Cross-Site Request Forgery (CSRF) vulnerability in ArtkanMedia Book a  ...)
+	TODO: check
+CVE-2025-23689 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+	TODO: check
+CVE-2025-23677 (Cross-Site Request Forgery (CSRF) vulnerability in DSmidgy HTTP to HTT ...)
+	TODO: check
+CVE-2025-23675 (Cross-Site Request Forgery (CSRF) vulnerability in SandyIN Import User ...)
+	TODO: check
+CVE-2025-23673 (Cross-Site Request Forgery (CSRF) vulnerability in Don Kukral Email on ...)
+	TODO: check
+CVE-2025-23665 (Cross-Site Request Forgery (CSRF) vulnerability in Rapid Sort RSV GMap ...)
+	TODO: check
+CVE-2025-23664 (Cross-Site Request Forgery (CSRF) vulnerability in Real Seguro Viagem  ...)
+	TODO: check
+CVE-2025-23662 (Cross-Site Request Forgery (CSRF) vulnerability in Ryan Sutana WP Pano ...)
+	TODO: check
+CVE-2025-23661 (Cross-Site Request Forgery (CSRF) vulnerability in Ryan Sutana NV Slid ...)
+	TODO: check
+CVE-2025-23660 (Cross-Site Request Forgery (CSRF) vulnerability in Walter Cerrudo MFPl ...)
+	TODO: check
+CVE-2025-23659 (Cross-Site Request Forgery (CSRF) vulnerability in Hernan Javier Hegyk ...)
+	TODO: check
+CVE-2025-23654 (Cross-Site Request Forgery (CSRF) vulnerability in Vin\xedcius Krolow  ...)
+	TODO: check
+CVE-2025-23649 (Cross-Site Request Forgery (CSRF) vulnerability in Kreg Steppe Auphoni ...)
+	TODO: check
+CVE-2025-23644 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+	TODO: check
+CVE-2025-23642 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+	TODO: check
+CVE-2025-23641 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+	TODO: check
+CVE-2025-23640 (Cross-Site Request Forgery (CSRF) vulnerability in Nazmul Ahsan Rename ...)
+	TODO: check
+CVE-2025-23639 (Cross-Site Request Forgery (CSRF) vulnerability in Nazmul Ahsan MDC Yo ...)
+	TODO: check
+CVE-2025-23627 (Cross-Site Request Forgery (CSRF) vulnerability in Gordon French Comme ...)
+	TODO: check
+CVE-2025-23623 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+	TODO: check
+CVE-2025-23620 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+	TODO: check
+CVE-2025-23618 (Cross-Site Request Forgery (CSRF) vulnerability in Andrea Brandi Twitt ...)
+	TODO: check
+CVE-2025-23617 (Cross-Site Request Forgery (CSRF) vulnerability in Oliver Schaal Float ...)
+	TODO: check
+CVE-2025-23577 (Cross-Site Request Forgery (CSRF) vulnerability in Sourov Amin Word Fr ...)
+	TODO: check
+CVE-2025-23573 (Cross-Site Request Forgery (CSRF) vulnerability in Sam Burdge WP Backg ...)
+	TODO: check
+CVE-2025-23572 (Cross-Site Request Forgery (CSRF) vulnerability in Dave Konopka, Marti ...)
+	TODO: check
+CVE-2025-23569 (Cross-Site Request Forgery (CSRF) vulnerability in Kelvin Ng Shortcode ...)
+	TODO: check
+CVE-2025-23567 (Cross-Site Request Forgery (CSRF) vulnerability in Intuitive Design GD ...)
+	TODO: check
+CVE-2025-23566 (Cross-Site Request Forgery (CSRF) vulnerability in Syed Amir Hussain C ...)
+	TODO: check
+CVE-2025-23560 (Cross-Site Request Forgery (CSRF) vulnerability in Elke Hinze, Plumeri ...)
+	TODO: check
+CVE-2025-23559 (Cross-Site Request Forgery (CSRF) vulnerability in Stepan Stepasyuk Me ...)
+	TODO: check
+CVE-2025-23558 (Cross-Site Request Forgery (CSRF) vulnerability in digfish Geotagged M ...)
+	TODO: check
+CVE-2025-23557 (Cross-Site Request Forgery (CSRF) vulnerability in Kathleen Malone Fin ...)
+	TODO: check
+CVE-2025-23547 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+	TODO: check
+CVE-2025-23537 (Cross-Site Request Forgery (CSRF) vulnerability in Oren hahiashvili ad ...)
+	TODO: check
+CVE-2025-23533 (Cross-Site Request Forgery (CSRF) vulnerability in Adrian Moreno WP Ly ...)
+	TODO: check
+CVE-2025-23532 (Cross-Site Request Forgery (CSRF) vulnerability in Regios MyAnime Widg ...)
+	TODO: check
+CVE-2025-23530 (Cross-Site Request Forgery (CSRF) vulnerability in Yonatan Reinberg of ...)
+	TODO: check
+CVE-2025-23528 (Incorrect Privilege Assignment vulnerability in Wouter Dijkstra DD Rol ...)
+	TODO: check
+CVE-2025-23514 (Missing Authorization vulnerability in Sanjaysolutions Loginplus allow ...)
+	TODO: check
+CVE-2025-23513 (Cross-Site Request Forgery (CSRF) vulnerability in Joshua Wieczorek Bi ...)
+	TODO: check
+CVE-2025-23511 (Cross-Site Request Forgery (CSRF) vulnerability in Viktoria Rei Bauer  ...)
+	TODO: check
+CVE-2025-23510 (Cross-Site Request Forgery (CSRF) vulnerability in Zaantar WordPress L ...)
+	TODO: check
+CVE-2025-23508 (Cross-Site Request Forgery (CSRF) vulnerability in EdesaC Extra Option ...)
+	TODO: check
+CVE-2025-23501 (Cross-Site Request Forgery (CSRF) vulnerability in SpruceJoy Cookie Co ...)
+	TODO: check
+CVE-2025-23499 (Cross-Site Request Forgery (CSRF) vulnerability in Pascal Casier Board ...)
+	TODO: check
+CVE-2025-23497 (Cross-Site Request Forgery (CSRF) vulnerability in Albdesign Simple Pr ...)
+	TODO: check
+CVE-2025-23483 (Cross-Site Request Forgery (CSRF) vulnerability in Niklas Olsson Unive ...)
+	TODO: check
+CVE-2025-23476 (Cross-Site Request Forgery (CSRF) vulnerability in isnowfy my-related- ...)
+	TODO: check
+CVE-2025-23471 (Cross-Site Request Forgery (CSRF) vulnerability in Andy Chapman ECT Ad ...)
+	TODO: check
+CVE-2025-23470 (Cross-Site Request Forgery (CSRF) vulnerability in X Villamuera Visit  ...)
+	TODO: check
+CVE-2025-23467 (Cross-Site Request Forgery (CSRF) vulnerability in Vimal Ghorecha RSS  ...)
+	TODO: check
+CVE-2025-23463 (Cross-Site Request Forgery (CSRF) vulnerability in Mukesh Dak MD Custo ...)
+	TODO: check
+CVE-2025-23456 (Cross-Site Request Forgery (CSRF) vulnerability in Somethinkodd.com De ...)
+	TODO: check
+CVE-2025-23455 (Cross-Site Request Forgery (CSRF) vulnerability in mastersoftwaresolut ...)
+	TODO: check
+CVE-2025-23453 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+	TODO: check
+CVE-2025-23452 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+	TODO: check
+CVE-2025-23445 (Cross-Site Request Forgery (CSRF) vulnerability in Scott Swezey Easy T ...)
+	TODO: check
+CVE-2025-23444 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+	TODO: check
+CVE-2025-23442 (Cross-Site Request Forgery (CSRF) vulnerability in matias s Shockingly ...)
+	TODO: check
+CVE-2025-23438 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+	TODO: check
+CVE-2025-23436 (Cross-Site Request Forgery (CSRF) vulnerability in Capa Wp-Scribd-List ...)
+	TODO: check
+CVE-2025-23435 (Cross-Site Request Forgery (CSRF) vulnerability in David Marcucci Pass ...)
+	TODO: check
+CVE-2025-23434 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+	TODO: check
+CVE-2025-23432 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+	TODO: check
+CVE-2025-23430 (Cross-Site Request Forgery (CSRF) vulnerability in Oren Yomtov Mass Cu ...)
+	TODO: check
+CVE-2025-23429 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+	TODO: check
+CVE-2025-23426 (Cross-Site Request Forgery (CSRF) vulnerability in Wizcrew Technologie ...)
+	TODO: check
+CVE-2025-23424 (Cross-Site Request Forgery (CSRF) vulnerability in Brian Novotny \u201 ...)
+	TODO: check
+CVE-2025-23423 (Missing Authorization vulnerability in Smackcoders SendGrid for WordPr ...)
+	TODO: check
+CVE-2025-20630 (Mattermost Mobile versions <=2.22.0 fail to properly handle posts with ...)
+	TODO: check
+CVE-2025-20621 (Mattermost versions 10.2.x <= 10.2.0, 9.11.x <= 9.11.5, 10.0.x <= 10.0 ...)
+	TODO: check
+CVE-2025-20072 (Mattermost Mobile versions <= 2.22.0 fail to properly validate the sty ...)
+	TODO: check
+CVE-2025-0518 (Unchecked Return Value, Out-of-bounds Read vulnerability in FFmpeg all ...)
+	TODO: check
+CVE-2025-0473 (Vulnerability in the PMB platform that allows an attacker to persist t ...)
+	TODO: check
+CVE-2025-0472 (Information exposure in the PMB platform affecting versions 4.2.13 and ...)
+	TODO: check
+CVE-2025-0471 (Unrestricted file upload vulnerability in the PMB platform, affecting  ...)
+	TODO: check
+CVE-2024-57776 (A cross-site scripting (XSS) vulnerability in the /apply/getEditPage?v ...)
+	TODO: check
+CVE-2024-57775 (JFinalOA before v2025.01.01 was discovered to contain a SQL injection  ...)
+	TODO: check
+CVE-2024-57774 (A cross-site scripting (XSS) vulnerability in the getBusinessUploadLis ...)
+	TODO: check
+CVE-2024-57773 (A cross-site scripting (XSS) vulnerability in the openSelectManyUserPa ...)
+	TODO: check
+CVE-2024-57772 (A cross-site scripting (XSS) vulnerability in the /bumph/getDraftListP ...)
+	TODO: check
+CVE-2024-57771 (A cross-site scripting (XSS) vulnerability in the common/getEditPage?v ...)
+	TODO: check
+CVE-2024-57770 (JFinalOA before v2025.01.01 was discovered to contain a SQL injection  ...)
+	TODO: check
+CVE-2024-57769 (JFinalOA before v2025.01.01 was discovered to contain a SQL injection  ...)
+	TODO: check
+CVE-2024-57768 (JFinalOA before v2025.01.01 was discovered to contain a SQL injection  ...)
+	TODO: check
+CVE-2024-57684 (An access control issue in the component formDMZ.cgi of D-Link 816A2_F ...)
+	TODO: check
+CVE-2024-57683 (An access control issue in the component websURLFilterAddDel of D-Link ...)
+	TODO: check
+CVE-2024-57682 (An information disclosure vulnerability in the component d_status.asp  ...)
+	TODO: check
+CVE-2024-57681 (An access control issue in the component form2alg.cgi of D-Link 816A2_ ...)
+	TODO: check
+CVE-2024-57680 (An access control issue in the component form2PortriggerRule.cgi of D- ...)
+	TODO: check
+CVE-2024-57679 (An access control issue in the component form2RepeaterSetup.cgi of D-L ...)
+	TODO: check
+CVE-2024-57678 (An access control issue in the component form2WlAc.cgi of D-Link 816A2 ...)
+	TODO: check
+CVE-2024-57677 (An access control issue in the component form2Wan.cgi of D-Link 816A2_ ...)
+	TODO: check
+CVE-2024-57676 (An access control issue in the component form2WlanBasicSetup.cgi of D- ...)
+	TODO: check
+CVE-2024-57611 (07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery ...)
+	TODO: check
+CVE-2024-57162 (Campcodes Cybercafe Management System v1.0 is vulnerable to SQL Inject ...)
+	TODO: check
+CVE-2024-57161 (07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery ...)
+	TODO: check
+CVE-2024-57160 (07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery ...)
+	TODO: check
+CVE-2024-57159 (07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery ...)
+	TODO: check
+CVE-2024-56515 (Matrix Media Repo (MMR) is a highly configurable multi-homeserver medi ...)
+	TODO: check
+CVE-2024-56136 (Zulip server provides an open-source team chat that helps teams stay p ...)
+	TODO: check
+CVE-2024-55954 (OpenObserve is a cloud-native observability platform. A vulnerability  ...)
+	TODO: check
+CVE-2024-52791 (Matrix Media Repo (MMR) is a highly configurable multi-homeserver medi ...)
+	TODO: check
+CVE-2024-52602 (Matrix Media Repo (MMR) is a highly configurable multi-homeserver medi ...)
+	TODO: check
+CVE-2024-52594 (Gomatrixserverlib is a Go library for matrix federation. Gomatrixserve ...)
+	TODO: check
+CVE-2024-50633 (A Broken Object Level Authorization (BOLA) vulnerability in Indico v3. ...)
+	TODO: check
+CVE-2024-50563 (A weak authentication in Fortinet FortiManager Cloud, FortiAnalyzer ve ...)
+	TODO: check
+CVE-2024-48885 (A improper limitation of a pathname to a restricted directory ('path t ...)
+	TODO: check
+CVE-2024-45331 (A incorrect privilege assignment in Fortinet FortiAnalyzer versions 7. ...)
+	TODO: check
+CVE-2024-41746 (IBM CICS TX Advanced 10.1, 11.1, and Standard 11.1 is vulnerable to st ...)
+	TODO: check
+CVE-2024-37181 (Time-of-check time-of-use race condition in some Intel(R) Neural Compr ...)
+	TODO: check
+CVE-2024-36403 (Matrix Media Repo (MMR) is a highly configurable multi-homeserver medi ...)
+	TODO: check
+CVE-2024-36402 (Matrix Media Repo (MMR) is a highly configurable multi-homeserver medi ...)
+	TODO: check
+CVE-2024-13387 (The WP Responsive Tabs plugin for WordPress is vulnerable to Stored Cr ...)
+	TODO: check
+CVE-2024-13355 (The Admin and Customer Messages After Order for WooCommerce: OrderConv ...)
+	TODO: check
+CVE-2024-12615 (The Passwords Manager plugin for WordPress is vulnerable to SQL Inject ...)
+	TODO: check
+CVE-2024-12614 (The Passwords Manager plugin for WordPress is vulnerable to unauthoriz ...)
+	TODO: check
+CVE-2024-12613 (The Passwords Manager plugin for WordPress is vulnerable to SQL Inject ...)
+	TODO: check
+CVE-2024-12427 (The Multi Step Form plugin for WordPress is vulnerable to unauthorized ...)
+	TODO: check
+CVE-2023-4319
+	REJECTED
+CVE-2018-25108 (An unauthenticated remote attacker can cause a DoS in the controller d ...)
+	TODO: check
 CVE-2025-22976 (SQL Injection vulnerability in dingfanzuCMS v.1.0 allows a local attac ...)
 	NOT-FOR-US: dingfanzuCMS
 CVE-2025-22964 (SQL Injection vulnerability in DDSN Net Pty Ltd (DDSN Interactive) DDS ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/67d9d8b19eacbf0d94dcebb5c464bec9afea28b1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/67d9d8b19eacbf0d94dcebb5c464bec9afea28b1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250116/1b22bf19/attachment-0001.htm>
