[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d47ebb8e by security tracker role at 2025-01-23T08:11:49+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,51 @@
+CVE-2025-24530 (An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnera ...)
+	TODO: check
+CVE-2025-24529 (An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnera ...)
+	TODO: check
+CVE-2025-24030 (Envoy Gateway is an open source project for managing Envoy Proxy as a  ...)
+	TODO: check
+CVE-2024-57724 (lunasvg v3.0.0 was discovered to contain a segmentation violation via  ...)
+	TODO: check
+CVE-2024-57723 (lunasvg v3.0.0 was discovered to contain a segmentation violation via  ...)
+	TODO: check
+CVE-2024-57722 (lunasvg v3.0.0 was discovered to contain a allocation-size-too-big bug ...)
+	TODO: check
+CVE-2024-57721 (lunasvg v3.0.0 was discovered to contain a segmentation violation via  ...)
+	TODO: check
+CVE-2024-57720 (lunasvg v3.0.0 was discovered to contain a segmentation violation via  ...)
+	TODO: check
+CVE-2024-57719 (lunasvg v3.0.0 was discovered to contain a segmentation violation via  ...)
+	TODO: check
+CVE-2024-56924 (A Cross Site Request Forgery (CSRF) vulnerability in Code Astro Intern ...)
+	TODO: check
+CVE-2024-56923 (Stored Cross-Site Scripting (XSS) in the Categorization Option of My S ...)
+	TODO: check
+CVE-2024-52975 (An issue was identified in Fleet Server where Fleet policies that coul ...)
+	TODO: check
+CVE-2024-52972 (An allocation of resources without limits or throttling in Kibana can  ...)
+	TODO: check
+CVE-2024-43710 (A server side request forgery vulnerability was identified in Kibana w ...)
+	TODO: check
+CVE-2024-43707 (An issue was identified in Kibana where a user without access to Fleet ...)
+	TODO: check
+CVE-2024-42187 (BigFix Patch Download Plug-ins are affected by path traversal vulnerab ...)
+	TODO: check
+CVE-2024-42186 (BigFix Patch Download Plug-ins are affected by an insecure protocol su ...)
+	TODO: check
+CVE-2024-42185 (BigFix Patch Download Plug-ins are affected by an insecure package whi ...)
+	TODO: check
+CVE-2024-42184 (BigFix Patch Download Plug-ins are affected by insecure support for fi ...)
+	TODO: check
+CVE-2024-42183 (BigFix Patch Download Plug-ins are affected by an arbitrary file downl ...)
+	TODO: check
+CVE-2024-42182 (BigFix Patch Download Plug-ins are affected by Server-Side Request For ...)
+	TODO: check
+CVE-2024-12477 (The Avada Builder plugin for WordPress is vulnerable to Stored Cross-S ...)
+	TODO: check
+CVE-2023-50309 (IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0is vuln ...)
+	TODO: check
+CVE-2023-32340 (IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 is vul ...)
+	TODO: check
 CVE-2025-23050
 	- qt6-connectivity 6.7.2-8
 	- qtconnectivity-opensource-src <unfixed>
@@ -5839,7 +5887,8 @@ CVE-2024-55412 (A vulnerability exits in driver snxpsamd.sys in SUNIX Serial Dri
 	NOT-FOR-US: SUNIX
 CVE-2024-55411 (An issue in the snxpcamd.sys component of SUNIX Multi I/O Card v10.1.0 ...)
 	NOT-FOR-US: SUNIX
-CVE-2024-55410 (An issue in the 690b33e1-0462-4e84-9bea-c7552b45432a.sys component of  ...)
+CVE-2024-55410
+	REJECTED
 	NOT-FOR-US: ASUS
 CVE-2024-55218 (IceWarp Server 10.2.1 is vulnerable to Cross Site Scripting (XSS) via  ...)
 	NOT-FOR-US: IceWarp Server



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d47ebb8e75fe26ec909b3b1ff8df8c40add7bcf1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d47ebb8e75fe26ec909b3b1ff8df8c40add7bcf1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250123/e84370ec/attachment.htm>