[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jun 19 09:12:09 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e5f8eeb2 by security tracker role at 2025-06-19T08:12:02+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,59 @@
+CVE-2025-6201 (The Pixel Manager for WooCommerce \u2013 Track Conversions and Analyti ...)
+	TODO: check
+CVE-2025-5524 (The OceanWP theme for WordPress is vulnerable to Stored Cross-Site Scr ...)
+	TODO: check
+CVE-2025-5490 (The Football Pool plugin for WordPress is vulnerable to Stored Cross-S ...)
+	TODO: check
+CVE-2025-52474 (WeGIA is a web manager for charitable institutions. Prior to version 3 ...)
+	TODO: check
+CVE-2025-52467 (pgai is a Python library that transforms PostgreSQL into a retrieval e ...)
+	TODO: check
+CVE-2025-50201 (WeGIA is a web manager for charitable institutions. Prior to version 3 ...)
+	TODO: check
+CVE-2025-50183 (OpenList Frontend is a UI component for OpenList. Prior to version 4.0 ...)
+	TODO: check
+CVE-2025-50182 (urllib3 is a user-friendly HTTP client library for Python. Prior to 2. ...)
+	TODO: check
+CVE-2025-50181 (urllib3 is a user-friendly HTTP client library for Python. Prior to 2. ...)
+	TODO: check
+CVE-2025-4965 (The WPBakery Page Builder for WordPress plugin for WordPress is vulner ...)
+	TODO: check
+CVE-2025-4661 (A path transversal vulnerability in  Brocade Fabric OS 9.1.0 through 9 ...)
+	TODO: check
+CVE-2025-4571 (The GiveWP \u2013 Donation Plugin and Fundraising Platform plugin for  ...)
+	TODO: check
+CVE-2025-4479 (The ElementsKit Elementor Addons and Templates plugin for WordPress is ...)
+	TODO: check
+CVE-2025-4367 (The Download Manager plugin for WordPress is vulnerable to Stored Cros ...)
+	TODO: check
+CVE-2025-49591 (CryptPad is a collaboration suite. Prior to version 2025.3.0, enforcem ...)
+	TODO: check
+CVE-2025-49590 (CryptPad is a collaboration suite. Prior to version 2025.3.0, the "Lin ...)
+	TODO: check
+CVE-2025-24291 (The Versa Director SD-WAN orchestration platform provides functionalit ...)
+	TODO: check
+CVE-2025-24288 (The Versa Director software exposes a number of services by default an ...)
+	TODO: check
+CVE-2025-24287 (A vulnerability allowing local system users to modify directory conten ...)
+	TODO: check
+CVE-2025-24286 (A vulnerability allowing an authenticated user with the Backup Operato ...)
+	TODO: check
+CVE-2025-23173 (The Versa Director SD-WAN orchestration platform provides direct web-b ...)
+	TODO: check
+CVE-2025-23172 (The Versa Director SD-WAN orchestration platform includes a Webhook fe ...)
+	TODO: check
+CVE-2025-23171 (The Versa Director SD-WAN orchestration platform provides an option to ...)
+	TODO: check
+CVE-2025-23170 (The Versa Director SD-WAN orchestration platform includes functionalit ...)
+	TODO: check
+CVE-2025-23169 (The Versa Director SD-WAN orchestration platform allows customization  ...)
+	TODO: check
+CVE-2025-23168 (The Versa Director SD-WAN orchestration platform implements Two-Factor ...)
+	TODO: check
+CVE-2025-23121 (A vulnerability allowing remote code execution (RCE) on the Backup Ser ...)
+	TODO: check
+CVE-2024-45208 (The Versa Director SD-WAN orchestration platform which makes use of Ci ...)
+	TODO: check
 CVE-2025-6240 (Improper Input Validation vulnerability in Profisee on Windows (filesy ...)
 	NOT-FOR-US: Profisee
 CVE-2025-6220 (The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable ...)
@@ -1806,9 +1862,11 @@ CVE-2025-6018 [LPE from unprivileged to allow_active in SUSE 15's PAM]
 	NOTE: https://www.openwall.com/lists/oss-security/2025/06/17/4
 	NOTE: https://www.qualys.com/2025/06/17/suse15-pam-udisks-lpe.txt
 CVE-2025-6192 (Use after free in Metrics in Google Chrome prior to 137.0.7151.119 all ...)
+	{DSA-5944-1}
 	- chromium 137.0.7151.119-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2025-6191 (Integer overflow in V8 in Google Chrome prior to 137.0.7151.119 allowe ...)
+	{DSA-5944-1}
 	- chromium 137.0.7151.119-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2025-49180 (A flaw was found in the RandR extension, where the RRChangeProviderPro ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e5f8eeb2b0dcc209075493287a4bcd778ba79357

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e5f8eeb2b0dcc209075493287a4bcd778ba79357
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250619/cfaeb0c4/attachment.htm>

More information about the debian-security-tracker-commits mailing list