[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Mar 4 08:27:31 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3248f412 by security tracker role at 2025-03-04T08:27:19+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,147 @@
+CVE-2025-27521 (Vulnerability of improper access permission in the process management ...)
+ TODO: check
+CVE-2025-27221 (In the URI gem before 1.0.3 for Ruby, the URI handling methods (URI.jo ...)
+ TODO: check
+CVE-2025-27220 (In the CGI gem before 0.4.2 for Ruby, a Regular Expression Denial of S ...)
+ TODO: check
+CVE-2025-27219 (In the CGI gem before 0.4.2 for Ruby, the CGI::Cookie.parse method in ...)
+ TODO: check
+CVE-2025-24309 (in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitr ...)
+ TODO: check
+CVE-2025-24301 (in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitr ...)
+ TODO: check
+CVE-2025-23420 (in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitr ...)
+ TODO: check
+CVE-2025-23418 (in OpenHarmony v5.0.2 and prior versions allow a local attacker cause ...)
+ TODO: check
+CVE-2025-23414 (in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitr ...)
+ TODO: check
+CVE-2025-23409 (in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitr ...)
+ TODO: check
+CVE-2025-23240 (in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitr ...)
+ TODO: check
+CVE-2025-23234 (in OpenHarmony v5.0.2 and prior versions allow a local attacker cause ...)
+ TODO: check
+CVE-2025-22897 (in OpenHarmony v5.0.2 and prior versions allow a local attacker cause ...)
+ TODO: check
+CVE-2025-22847 (in OpenHarmony v5.0.2 and prior versions allow a local attacker cause ...)
+ TODO: check
+CVE-2025-22841 (in OpenHarmony v5.0.2 and prior versions allow a local attacker cause ...)
+ TODO: check
+CVE-2025-22837 (in OpenHarmony v5.0.2 and prior versions allow a local attacker cause ...)
+ TODO: check
+CVE-2025-22835 (in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitr ...)
+ TODO: check
+CVE-2025-22443 (in OpenHarmony v5.0.2 and prior versions allow a local attacker cause ...)
+ TODO: check
+CVE-2025-21098 (in OpenHarmony v5.0.2 and prior versions allow a local attacker cause ...)
+ TODO: check
+CVE-2025-21097 (in OpenHarmony v5.0.2 and prior versions allow a local attacker cause ...)
+ TODO: check
+CVE-2025-21089 (in OpenHarmony v5.0.2 and prior versions allow a local attacker cause ...)
+ TODO: check
+CVE-2025-21084 (in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitr ...)
+ TODO: check
+CVE-2025-20626 (in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitr ...)
+ TODO: check
+CVE-2025-20091 (in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitr ...)
+ TODO: check
+CVE-2025-20081 (in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitr ...)
+ TODO: check
+CVE-2025-20042 (in OpenHarmony v5.0.2 and prior versions allow a local attacker cause ...)
+ TODO: check
+CVE-2025-20024 (in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitr ...)
+ TODO: check
+CVE-2025-20021 (in OpenHarmony v5.0.2 and prior versions allow a local attacker cause ...)
+ TODO: check
+CVE-2025-20011 (in OpenHarmony v5.0.2 and prior versions allow a local attacker case D ...)
+ TODO: check
+CVE-2025-1906 (A vulnerability has been found in PHPGurukul Restaurant Table Booking ...)
+ TODO: check
+CVE-2025-1905 (A vulnerability, which was classified as problematic, was found in Sou ...)
+ TODO: check
+CVE-2025-1904 (A vulnerability, which was classified as problematic, has been found i ...)
+ TODO: check
+CVE-2025-1903 (A vulnerability was found in Codezips Online Shopping Website 1.0. It ...)
+ TODO: check
+CVE-2025-1902 (A vulnerability was found in PHPGurukul Student Record System 3.2. It ...)
+ TODO: check
+CVE-2025-1901 (A vulnerability was found in PHPGurukul Restaurant Table Booking Syste ...)
+ TODO: check
+CVE-2025-1900 (A vulnerability was found in PHPGurukul Restaurant Table Booking Syste ...)
+ TODO: check
+CVE-2025-1899 (A vulnerability has been found in Tenda TX3 16.03.13.11_multi and clas ...)
+ TODO: check
+CVE-2025-1898 (A vulnerability, which was classified as critical, was found in Tenda ...)
+ TODO: check
+CVE-2025-1897 (A vulnerability, which was classified as critical, has been found in T ...)
+ TODO: check
+CVE-2025-1896 (A vulnerability classified as critical was found in Tenda TX3 16.03.13 ...)
+ TODO: check
+CVE-2025-1895 (A vulnerability classified as critical has been found in Tenda TX3 16. ...)
+ TODO: check
+CVE-2025-1894 (A vulnerability was found in PHPGurukul Restaurant Table Booking Syste ...)
+ TODO: check
+CVE-2025-1893 (A vulnerability was found in Open5GS up to 2.7.2. It has been declared ...)
+ TODO: check
+CVE-2025-1892 (A vulnerability was found in shishuocms 1.1. It has been classified as ...)
+ TODO: check
+CVE-2025-1891 (A vulnerability was found in shishuocms 1.1 and classified as problema ...)
+ TODO: check
+CVE-2025-1890 (A vulnerability has been found in shishuocms 1.1 and classified as cri ...)
+ TODO: check
+CVE-2025-1882 (A vulnerability was found in i-Drive i11 and i12 up to 20250227. It ha ...)
+ TODO: check
+CVE-2025-1881 (A vulnerability was found in i-Drive i11 and i12 up to 20250227. It ha ...)
+ TODO: check
+CVE-2025-1695 (In NGINX Unit before version 1.34.2 with the Java Language Module in u ...)
+ TODO: check
+CVE-2025-1639 (The Animation Addons for Elementor Pro plugin for WordPress is vulnera ...)
+ TODO: check
+CVE-2025-1321 (The teachPress plugin for WordPress is vulnerable to SQL Injection via ...)
+ TODO: check
+CVE-2025-1307 (The Newscrunch theme for WordPress is vulnerable to arbitrary file upl ...)
+ TODO: check
+CVE-2025-1306 (The Newscrunch theme for WordPress is vulnerable to Cross-Site Request ...)
+ TODO: check
+CVE-2025-0912 (The Donations Widget plugin for WordPress is vulnerable to PHP Object ...)
+ TODO: check
+CVE-2025-0587 (in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitr ...)
+ TODO: check
+CVE-2025-0360 (During an annual penetration test conducted on behalf of Axis Communic ...)
+ TODO: check
+CVE-2025-0359 (During an annual penetration test conducted on behalf of Axis Communic ...)
+ TODO: check
+CVE-2024-58050 (Vulnerability of improper access permission in the HDC module Impact: ...)
+ TODO: check
+CVE-2024-58049 (Permission verification vulnerability in the media library module Impa ...)
+ TODO: check
+CVE-2024-58048 (Multi-thread problem vulnerability in the package management module Im ...)
+ TODO: check
+CVE-2024-58047 (Permission verification vulnerability in the media library module Impa ...)
+ TODO: check
+CVE-2024-58046 (Permission management vulnerability in the lock screen module Impact: ...)
+ TODO: check
+CVE-2024-58045 (Multi-concurrency vulnerability in the media digital copyright protect ...)
+ TODO: check
+CVE-2024-58044 (Permission verification bypass vulnerability in the notification modul ...)
+ TODO: check
+CVE-2024-58043 (Permission bypass vulnerability in the window module Impact: Successfu ...)
+ TODO: check
+CVE-2024-55064 (Multiple cross-site scripting (XSS) vulnerabilities in EasyVirt DC Net ...)
+ TODO: check
+CVE-2024-48248 (NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path t ...)
+ TODO: check
+CVE-2024-47262 (Dzmitry Lukyanenka, member of the AXIS OS Bug Bounty Program, has foun ...)
+ TODO: check
+CVE-2024-47260 (51l3nc3, member of the AXIS OS Bug Bounty Program, has found that the ...)
+ TODO: check
+CVE-2024-47259 (Girishunawane, member of the AXIS OS Bug Bounty Program, has found tha ...)
+ TODO: check
+CVE-2024-13686 (The VW Storefront theme for WordPress is vulnerable to unauthorized mo ...)
+ TODO: check
+CVE-2024-13685 (The Admin and Site Enhancements (ASE) WordPress plugin before 7.6.10 r ...)
+ TODO: check
CVE-2025-27501 (OpenZiti is a free and open source project focused on bringing zero tr ...)
NOT-FOR-US: OpenZiti
CVE-2025-27500 (OpenZiti is a free and open source project focused on bringing zero tr ...)
@@ -10281,13 +10425,13 @@ CVE-2025-0148 (Missing password field masking in the Zoom Jenkins Marketplace pl
NOT-FOR-US: Zoom
CVE-2024-57451 (ChestnutCMS <=1.5.0 has a directory traversal vulnerability in content ...)
NOT-FOR-US: ChestnutCMS
-CVE-2024-56903 (A Cross-Site Request Forgery (CSRF) in Geovision GV-ASWeb with the ver ...)
+CVE-2024-56903 (Geovision GV-ASWeb with the version 6.1.1.0 or less allows attackers t ...)
NOT-FOR-US: Geovision GV-ASWeb
-CVE-2024-56902 (An issue in Geovision GV-ASWeb with version 6.1.0.0 or less allows una ...)
+CVE-2024-56902 (Information disclosure vulnerability in Geovision GV-ASManager web app ...)
NOT-FOR-US: Geovision GV-ASWeb
-CVE-2024-56901 (A Cross-Site Request Forgery (CSRF) in the Account Management componen ...)
+CVE-2024-56901 (A Cross-Site Request Forgery (CSRF) vulnerability in Geovision GV-ASWe ...)
NOT-FOR-US: Geovision GV-ASWeb
-CVE-2024-56898 (Incorrect access control in Geovision GV-ASWeb version 6.1.0.0 or less ...)
+CVE-2024-56898 (Broken access control vulnerability in Geovision GV-ASWeb with version ...)
NOT-FOR-US: Geovision GV-ASWeb
CVE-2024-47770 (Wazuh is a free and open source platform used for threat prevention, d ...)
NOT-FOR-US: Wazuh
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3248f41241575c78a6647ccf4b70a3f858017db2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3248f41241575c78a6647ccf4b70a3f858017db2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250304/67b74714/attachment.htm>
More information about the debian-security-tracker-commits
mailing list