[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Mar 3 20:12:04 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c89dd193 by security tracker role at 2025-03-03T20:11:58+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,574 @@
-CVE-2024-24778
+CVE-2025-27501 (OpenZiti is a free and open source project focused on bringing zero tr ...)
+ TODO: check
+CVE-2025-27500 (OpenZiti is a free and open source project focused on bringing zero tr ...)
+ TODO: check
+CVE-2025-27499 (WeGIA is an open source Web Manager for Institutions with a focus on P ...)
+ TODO: check
+CVE-2025-27498 (aes-gcm is a pure Rust implementation of the AES-GCM. In decrypt_in_pl ...)
+ TODO: check
+CVE-2025-27423 (Vim is an open source, command line text editor. Vim is distributed wi ...)
+ TODO: check
+CVE-2025-27422 (FACTION is a PenTesting Report Generation and Collaboration Framework. ...)
+ TODO: check
+CVE-2025-27421 (Abacus is a highly scalable and stateless counting API. A critical gor ...)
+ TODO: check
+CVE-2025-27420 (WeGIA is an open source Web Manager for Institutions with a focus on P ...)
+ TODO: check
+CVE-2025-27419 (WeGIA is an open source Web Manager for Institutions with a focus on P ...)
+ TODO: check
+CVE-2025-27418 (WeGIA is an open source Web Manager for Institutions with a focus on P ...)
+ TODO: check
+CVE-2025-27417 (WeGIA is an open source Web Manager for Institutions with a focus on P ...)
+ TODO: check
+CVE-2025-27371 (In certain IETF OAuth 2.0-related specifications, when the JSON Web To ...)
+ TODO: check
+CVE-2025-27370 (OpenID Connect Core through 1.0 errata set 2 allows audience injection ...)
+ TODO: check
+CVE-2025-27279 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-27278 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-27275 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-27274 (Path Traversal vulnerability in NotFound GPX Viewer allows Path Traver ...)
+ TODO: check
+CVE-2025-27273 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-27271 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-27270 (Missing Authorization vulnerability in NotFound Residential Address De ...)
+ TODO: check
+CVE-2025-27269 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-27268 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2025-27264 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-27263 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2025-27099 (Tuleap is an Open Source Suite to improve management of software devel ...)
+ TODO: check
+CVE-2025-27094 (Tuleap is an open-source suite designed to improve software developmen ...)
+ TODO: check
+CVE-2025-26999 (Deserialization of Untrusted Data vulnerability in Metagauss ProfileGr ...)
+ TODO: check
+CVE-2025-26994 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-26989 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-26988 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2025-26984 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-26970 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
+ TODO: check
+CVE-2025-26967 (Deserialization of Untrusted Data vulnerability in Stiofan Events Cale ...)
+ TODO: check
+CVE-2025-26918 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-26917 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-26914 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-26885 (Deserialization of Untrusted Data vulnerability in Brent Jett Assistan ...)
+ TODO: check
+CVE-2025-26879 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-26589 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-26588 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-26587 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-26586 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-26585 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-26563 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-26557 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-26540 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
+ TODO: check
+CVE-2025-26535 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2025-26534 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
+ TODO: check
+CVE-2025-26206 (Cross Site Request Forgery vulnerability in sell done storefront v.1.0 ...)
+ TODO: check
+CVE-2025-25967 (Acora CMS version 10.1.1 is vulnerable to Cross-Site Request Forgery ( ...)
+ TODO: check
+CVE-2025-25939 (Reprise License Manager 14.2 is vulnerable to reflected cross-site scr ...)
+ TODO: check
+CVE-2025-25303 (The MouseTooltipTranslator Chrome extension allows mouseover translati ...)
+ TODO: check
+CVE-2025-25302 (Rembg is a tool to remove images background. In Rembg 2.0.57 and earli ...)
+ TODO: check
+CVE-2025-25301 (Rembg is a tool to remove images background. In Rembg 2.0.57 and earli ...)
+ TODO: check
+CVE-2025-25280 (Buffer overflow vulnerability exists in FutureNet AS series (Industria ...)
+ TODO: check
+CVE-2025-25185 (GPT Academic provides interactive interfaces for large language models ...)
+ TODO: check
+CVE-2025-25170 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-25169 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-25165 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-25164 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-25162 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
+ TODO: check
+CVE-2025-25161 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-25158 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-25157 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-25150 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2025-25142 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-25137 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-25133 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-25132 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-25131 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-25130 (Relative Path Traversal vulnerability in NotFound Delete Comments By S ...)
+ TODO: check
+CVE-2025-25129 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-25127 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-25124 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-25122 (Path Traversal vulnerability in NotFound WizShop allows PHP Local File ...)
+ TODO: check
+CVE-2025-25121 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-25119 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-25118 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-25115 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-25114 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-25113 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-25112 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2025-25109 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-25108 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-25102 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-25099 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-25092 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-25090 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-25089 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-25087 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-25084 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-25083 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-25070 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-24846 (Authentication bypass vulnerability exists in FutureNet AS series (Ind ...)
+ TODO: check
+CVE-2025-24758 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-24694 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-24654 (Missing Authorization vulnerability in SEO Squirrly SEO Plugin by Squi ...)
+ TODO: check
+CVE-2025-24023 (Flask-AppBuilder is an application development framework. Prior to 4.5 ...)
+ TODO: check
+CVE-2025-23956 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23945 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-23904 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23903 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23883 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23881 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23879 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23852 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23850 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23847 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23843 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23829 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23814 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23813 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23763 (Missing Authorization vulnerability in Alex Volkov WAH Forms allows Ex ...)
+ TODO: check
+CVE-2025-23762 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23753 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23741 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23740 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23739 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23738 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23736 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23731 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23726 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23721 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23718 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23716 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23688 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23670 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23668 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23663 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23637 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23635 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23619 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23616 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23615 (Missing Authorization vulnerability in NotFound Interactive Page Hiera ...)
+ TODO: check
+CVE-2025-23613 (Missing Authorization vulnerability in NotFound WP Journal allows Expl ...)
+ TODO: check
+CVE-2025-23600 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23595 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23587 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23586 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23585 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23584 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23579 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23576 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23575 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23570 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23565 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23564 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23563 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23556 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23555 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23553 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23552 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23549 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23539 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23538 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23536 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23526 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23524 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23521 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23520 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23519 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23518 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23517 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23516 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23515 (Missing Authorization vulnerability in tsecher ts-tree allows Exploiti ...)
+ TODO: check
+CVE-2025-23505 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23502 (Cross-Site Request Forgery (CSRF) vulnerability in NotFound Curated Se ...)
+ TODO: check
+CVE-2025-23496 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23494 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23493 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23490 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23488 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23487 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23485 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23484 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23482 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23481 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23480 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23479 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23478 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23473 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23472 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23468 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23465 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23464 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23451 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23450 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23447 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23446 (Cross-Site Request Forgery (CSRF) vulnerability in NotFound WP SpaceCo ...)
+ TODO: check
+CVE-2025-23441 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23440 (Missing Authorization vulnerability in radicaldesigns radSLIDE allows ...)
+ TODO: check
+CVE-2025-23439 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23437 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23433 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-23425 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-21424 (Memory corruption while calling the NPU driver APIs concurrently.)
+ TODO: check
+CVE-2025-1889 (picklescan before 0.0.22 only considers standard pickle file extension ...)
+ TODO: check
+CVE-2025-1880 (A vulnerability was found in i-Drive i11 and i12 up to 20250227. It ha ...)
+ TODO: check
+CVE-2025-1879 (A vulnerability was found in i-Drive i11 and i12 up to 20250227 and cl ...)
+ TODO: check
+CVE-2025-1878 (A vulnerability has been found in i-Drive i11 and i12 up to 20250227 a ...)
+ TODO: check
+CVE-2025-1877 (A vulnerability, which was classified as critical, was found in D-Link ...)
+ TODO: check
+CVE-2025-1876 (A vulnerability, which was classified as critical, has been found in D ...)
+ TODO: check
+CVE-2025-1875 (SQL injection vulnerability have been found in 101news affecting versi ...)
+ TODO: check
+CVE-2025-1874 (SQL injection vulnerability have been found in 101news affecting versi ...)
+ TODO: check
+CVE-2025-1873 (SQL injection vulnerability have been found in 101news affecting versi ...)
+ TODO: check
+CVE-2025-1872 (SQL injection vulnerability have been found in 101news affecting versi ...)
+ TODO: check
+CVE-2025-1871 (SQL injection vulnerability have been found in 101news affecting versi ...)
+ TODO: check
+CVE-2025-1870 (SQL injection vulnerability have been found in 101news affecting versi ...)
+ TODO: check
+CVE-2025-1869 (SQL injection vulnerability have been found in 101news affecting versi ...)
+ TODO: check
+CVE-2025-1868 (Vulnerability of unauthorized exposure of confidential information aff ...)
+ TODO: check
+CVE-2025-1867 (Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response S ...)
+ TODO: check
+CVE-2025-1866 (Improper Restriction of Operations within the Bounds of a Memory Buffe ...)
+ TODO: check
+CVE-2025-1864 (Improper Restriction of Operations within the Bounds of a Memory Buffe ...)
+ TODO: check
+CVE-2025-1859 (A vulnerability, which was classified as critical, has been found in P ...)
+ TODO: check
+CVE-2025-1858 (A vulnerability classified as critical was found in Codezips Online Sh ...)
+ TODO: check
+CVE-2025-0289 (Paragon Partition Manager version 17, both community and Business vers ...)
+ TODO: check
+CVE-2025-0288 (Paragon Partition Manager version 7.9.1 contains an arbitrary kernel m ...)
+ TODO: check
+CVE-2025-0287 (Paragon Partition Manager version 7.9.1 contains a null pointer derefe ...)
+ TODO: check
+CVE-2025-0286 (Paragon Partition Manager version 7.9.1 contains an arbitrary kernel m ...)
+ TODO: check
+CVE-2025-0285 (Paragon Partition Manager version 7.9.1 contains an arbitrary kernel m ...)
+ TODO: check
+CVE-2024-8262 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
+ TODO: check
+CVE-2024-8261 (Authorization Bypass Through User-Controlled Key vulnerability in Prol ...)
+ TODO: check
+CVE-2024-5888 (There is a stored Cross-site Scripting vulnerability in ArcGIS Server ...)
+ TODO: check
+CVE-2024-57240 (A Cross-Site Scripting (XSS) vulnerability in the Rendering Engine com ...)
+ TODO: check
+CVE-2024-55570 (/api/user/users in the web GUI for the Cubro EXA48200 network packet b ...)
+ TODO: check
+CVE-2024-55532 (Improper Neutralization of Formula Elements in Export CSV feature of A ...)
+ TODO: check
+CVE-2024-54179 (IBM Business Automation Workflow and IBM Business Automation Workflow ...)
+ TODO: check
+CVE-2024-53388 (A DOM Clobbering vulnerability in mavo v0.3.2 allows attackers to exec ...)
+ TODO: check
+CVE-2024-53387 (A DOM Clobbering vulnerability in umeditor v1.2.3 allows attackers to ...)
+ TODO: check
+CVE-2024-53384 (A DOM Clobbering vulnerability in tsup v8.3.4 allows attackers to exec ...)
+ TODO: check
+CVE-2024-53034 (Memory corruption occurs during an Escape call if an invalid Kernel Mo ...)
+ TODO: check
+CVE-2024-53033 (Memory corruption while doing Escape call when user provides valid ker ...)
+ TODO: check
+CVE-2024-53032 (Memory corruption may occur in keyboard virtual device due to guest VM ...)
+ TODO: check
+CVE-2024-53031 (Memory corruption while reading a type value from a buffer controlled ...)
+ TODO: check
+CVE-2024-53030 (Memory corruption while processing input message passed from FE driver ...)
+ TODO: check
+CVE-2024-53029 (Memory corruption while reading a value from a buffer controlled by th ...)
+ TODO: check
+CVE-2024-53028 (Memory corruption may occur while processing message from frontend dur ...)
+ TODO: check
+CVE-2024-53027 (Transient DOS may occur while processing the country IE.)
+ TODO: check
+CVE-2024-53025 (Transient DOS can occur while processing UCI command.)
+ TODO: check
+CVE-2024-53024 (Memory corruption in display driver while detaching a device.)
+ TODO: check
+CVE-2024-53023 (Memory corruption may occur while accessing a variable during extended ...)
+ TODO: check
+CVE-2024-53022 (Memory corruption may occur during communication between primary and g ...)
+ TODO: check
+CVE-2024-53014 (Memory corruption may occur while validating ports and channels in Au ...)
+ TODO: check
+CVE-2024-53012 (Memory corruption may occur due to improper input validation in clock ...)
+ TODO: check
+CVE-2024-53011 (Information disclosure may occur due to improper permission and access ...)
+ TODO: check
+CVE-2024-51966 (There is a path traversal vulnerability in ESRI ArcGIS Server versions ...)
+ TODO: check
+CVE-2024-51963 (There is a stored Cross-site Scripting vulnerability in ArcGIS Server ...)
+ TODO: check
+CVE-2024-51962 (A SQL injection vulnerability in ArcGIS Server allows an EDIToperation ...)
+ TODO: check
+CVE-2024-51961 (There is a local file inclusion vulnerability in ArcGIS Server 10.9.1 ...)
+ TODO: check
+CVE-2024-51960 (There is a stored Cross-site Scripting vulnerability in ArcGIS Server ...)
+ TODO: check
+CVE-2024-51959 (There is a stored Cross-site Scripting vulnerability in ArcGIS Server ...)
+ TODO: check
+CVE-2024-51958 (There is a path traversal vulnerability in ESRI ArcGIS Server versions ...)
+ TODO: check
+CVE-2024-51957 (There is a stored Cross-site Scripting vulnerability in ArcGIS Server ...)
+ TODO: check
+CVE-2024-51956 (There is a stored Cross-site Scripting vulnerability in ArcGIS Server ...)
+ TODO: check
+CVE-2024-51954 (There is an improper access control issue in ArcGIS Server versions 10 ...)
+ TODO: check
+CVE-2024-51953 (There is a stored Cross-site Scripting vulnerability in ArcGIS Server ...)
+ TODO: check
+CVE-2024-51952 (There is a stored Cross-site Scripting vulnerability in ArcGIS Server ...)
+ TODO: check
+CVE-2024-51951 (There is a stored Cross-site Scripting vulnerability in ArcGIS Server ...)
+ TODO: check
+CVE-2024-51950 (There is a stored Cross-site Scripting vulnerability in ArcGIS Server ...)
+ TODO: check
+CVE-2024-51949 (There is a stored Cross-site Scripting vulnerability in ArcGIS Server ...)
+ TODO: check
+CVE-2024-51948 (There is a stored Cross-site Scripting vulnerability in ArcGIS Server ...)
+ TODO: check
+CVE-2024-51947 (There is a stored Cross-site Scripting vulnerability in ArcGIS Server ...)
+ TODO: check
+CVE-2024-51946 (There is a stored Cross-site Scripting vulnerability in ArcGIS Server ...)
+ TODO: check
+CVE-2024-51945 (There is a stored Cross-site Scripting vulnerability in ArcGIS Server ...)
+ TODO: check
+CVE-2024-51944 (There is a stored Cross-site Scripting vulnerability in ArcGIS Server ...)
+ TODO: check
+CVE-2024-51942 (There is a stored Cross-site Scripting vulnerability in ArcGIS Server ...)
+ TODO: check
+CVE-2024-51091 (Cross Site Scripting vulnerability in seajs v.2.2.3 allows a remote at ...)
+ TODO: check
+CVE-2024-49836 (Memory corruption may occur during the synchronization of the camera`s ...)
+ TODO: check
+CVE-2024-47092 (Insecure deserialization and improper certificate validation in Checkm ...)
+ TODO: check
+CVE-2024-45580 (Memory corruption while handling multuple IOCTL calls from userspace f ...)
+ TODO: check
+CVE-2024-43169 (IBM Engineering Requirements Management DOORS Next 7.0.2, 7.0.3, and 7 ...)
+ TODO: check
+CVE-2024-43062 (Memory corruption caused by missing locks and checks on the DMA fence ...)
+ TODO: check
+CVE-2024-43061 (Memory corruption during voice activation, when sound model parameters ...)
+ TODO: check
+CVE-2024-43060 (Memory corruption during voice activation, when sound model parameters ...)
+ TODO: check
+CVE-2024-43059 (Memory corruption while invoking IOCTL calls from the use-space for HG ...)
+ TODO: check
+CVE-2024-43057 (Memory corruption while processing command in Glink linux.)
+ TODO: check
+CVE-2024-43056 (Transient DOS during hypervisor virtual I/O operation in a virtual mac ...)
+ TODO: check
+CVE-2024-43055 (Memory corruption while processing camera use case IOCTL call.)
+ TODO: check
+CVE-2024-43051 (Information disclosure while deriving keys for a session for any Widev ...)
+ TODO: check
+CVE-2024-41771 (IBM Engineering Requirements Management DOORS Next 7.0.2, 7.0.3, and 7 ...)
+ TODO: check
+CVE-2024-41770 (IBM Engineering Requirements Management DOORS Next 7.0.2, 7.0.3, and 7 ...)
+ TODO: check
+CVE-2024-38426 (While processing the authentication message in UE, improper authentica ...)
+ TODO: check
+CVE-2024-30154 (HCL SX is vulnerable to cross-site request forgery vulnerability which ...)
+ TODO: check
+CVE-2024-10904 (There is a stored Cross-site Scripting vulnerability in ArcGIS Server ...)
+ TODO: check
+CVE-2023-49031 (Directory Traversal (Local File Inclusion) vulnerability in Tikit (now ...)
+ TODO: check
+CVE-2024-24778 (Improper privilege management in a REST interface allowed registered u ...)
NOT-FOR-US: Apache StreamPipes
CVE-2025-27590 (In oxidized-web (aka Oxidized Web) before 0.15.0, the RANCID migration ...)
NOT-FOR-US: oxidized-web
@@ -95,7 +665,7 @@ CVE-2024-53386 (Stage.js through 0.8.10 allows DOM Clobbering (with resultant XS
CVE-2024-53382 (Prism (aka PrismJS) through 1.29.0 allows DOM Clobbering (with resulta ...)
- node-prismjs <unfixed>
NOTE: https://gist.github.com/jackfromeast/aeb128e44f05f95828a1a824708df660
-CVE-2025-1801
+CVE-2025-1801 (A flaw was found in the Ansible aap-gateway. Concurrent requests handl ...)
NOT-FOR-US: RedHat Ansible Automation Platform Gateway
CVE-2024-12225
NOT-FOR-US: Quarkus
@@ -1424,13 +1994,13 @@ CVE-2024-46226 (A stored cross site scripting (XSS) vulnerability in HelpDeskZ <
NOT-FOR-US: HelpDeskZ
CVE-2024-13560 (The Subscriptions & Memberships for PayPal plugin for WordPress is vul ...)
NOT-FOR-US: WordPress plugin
-CVE-2024-8186
+CVE-2024-8186 (An issue has been discovered in GitLab CE/EE affecting all versions fr ...)
- gitlab <unfixed>
-CVE-2025-0555
+CVE-2025-0555 (A Cross Site Scripting (XSS) vulnerability in GitLab-EE affecting all ...)
- gitlab <not-affected> (Specific to EE)
-CVE-2024-10925
+CVE-2024-10925 (A vulnerability in GitLab-EE affecting all versions from 16.2 prior to ...)
- gitlab <not-affected> (Specific to EE)
-CVE-2025-0475
+CVE-2025-0475 (An issue has been discovered in GitLab CE/EE affecting all versions fr ...)
- gitlab <unfixed>
CVE-2022-49732 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 5.18.14-1
@@ -5867,7 +6437,7 @@ CVE-2024-13316 (The Scratch & Win \u2013 Giveaways and Contests. Boost subscribe
NOT-FOR-US: WordPress plugin
CVE-2024-12860 (The CarSpot \u2013 Dealership Wordpress Classified Theme theme for Wor ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-1125 [fs/hfs: Interger overflow may lead to heap based out-of-bounds write]
+CVE-2025-1125 (When reading data from a hfs filesystem, grub's hfs filesystem module ...)
- grub2 <unfixed> (bug #1098319)
NOTE: https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html
NOTE: https://www.openwall.com/lists/oss-security/2025/02/18/3
@@ -5879,23 +6449,23 @@ CVE-2025-0690 (The read command is used to read the keyboard input from the user
- grub2 <unfixed> (bug #1098319)
NOTE: https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html
NOTE: https://www.openwall.com/lists/oss-security/2025/02/18/3
-CVE-2025-0689 [udf: Heap based buffer overflow in grub_udf_read_block() may lead to arbitrary code execution]
+CVE-2025-0689 (When reading data from disk, the grub's UDF filesystem module utilizes ...)
- grub2 <unfixed> (bug #1098319)
NOTE: https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html
NOTE: https://www.openwall.com/lists/oss-security/2025/02/18/3
-CVE-2025-0686 [romfs: Integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading data]
+CVE-2025-0686 (A flaw was found in grub2. When performing a symlink lookup from a rom ...)
- grub2 <unfixed> (bug #1098319)
NOTE: https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html
NOTE: https://www.openwall.com/lists/oss-security/2025/02/18/3
-CVE-2025-0685 [jfs: Integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading data]
+CVE-2025-0685 (A flaw was found in grub2. When reading data from a jfs filesystem, gr ...)
- grub2 <unfixed> (bug #1098319)
NOTE: https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html
NOTE: https://www.openwall.com/lists/oss-security/2025/02/18/3
-CVE-2025-0684 [reiserfs: Integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading data]
+CVE-2025-0684 (A flaw was found in grub2. When performing a symlink lookup from a rei ...)
- grub2 <unfixed> (bug #1098319)
NOTE: https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html
NOTE: https://www.openwall.com/lists/oss-security/2025/02/18/3
-CVE-2025-0678 [squash4: Integer overflow may lead to heap based out-of-bounds write when reading data]
+CVE-2025-0678 (A flaw was found in grub2. When reading data from a squash4 filesystem ...)
- grub2 <unfixed> (bug #1098319)
NOTE: https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html
NOTE: https://www.openwall.com/lists/oss-security/2025/02/18/3
@@ -5915,7 +6485,7 @@ CVE-2024-45783 (A flaw was found in grub2. When failing to mount an HFS+ grub, t
- grub2 <unfixed> (bug #1098319)
NOTE: https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html
NOTE: https://www.openwall.com/lists/oss-security/2025/02/18/3
-CVE-2024-45782 [fs/hfs: strcpy() using the volume name (fs/hfs.c:382)]
+CVE-2024-45782 (A flaw was found in the HFS filesystem. When reading an HFS volume's n ...)
- grub2 <unfixed> (bug #1098319)
NOTE: https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html
NOTE: https://www.openwall.com/lists/oss-security/2025/02/18/3
@@ -5923,15 +6493,15 @@ CVE-2024-45781 (A flaw was found in grub2. When reading a symbolic link's name f
- grub2 <unfixed> (bug #1098319)
NOTE: https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html
NOTE: https://www.openwall.com/lists/oss-security/2025/02/18/3
-CVE-2024-45780 [fs/tar: Integer Overflow causes Heap OOB Write]
+CVE-2024-45780 (A flaw was found in grub2. When reading tar files, grub2 allocates an ...)
- grub2 <unfixed> (bug #1098319)
NOTE: https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html
NOTE: https://www.openwall.com/lists/oss-security/2025/02/18/3
-CVE-2024-45779 [fs/bfs: Integer overflow leads to Heap OOB Read (Write?) in the BFS parser]
+CVE-2024-45779 (An integer overflow flaw was found in the BFS file system driver in gr ...)
- grub2 <unfixed> (bug #1098319)
NOTE: https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html
NOTE: https://www.openwall.com/lists/oss-security/2025/02/18/3
-CVE-2024-45778 [fs/bfs: Integer overflow in the BFS parser]
+CVE-2024-45778 (A stack overflow flaw was found when reading a BFS file system. A craf ...)
- grub2 <unfixed> (bug #1098319)
NOTE: https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html
NOTE: https://www.openwall.com/lists/oss-security/2025/02/18/3
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c89dd193a294df9d2de9e6b5e098ddfaa5b45648
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c89dd193a294df9d2de9e6b5e098ddfaa5b45648
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250303/de4779af/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list