[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Mar 7 08:12:08 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
97abd188 by security tracker role at 2025-03-07T08:12:02+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,89 @@
+CVE-2025-2067 (A vulnerability was found in projectworlds Life Insurance Management S ...)
+	TODO: check
+CVE-2025-2066 (A vulnerability has been found in projectworlds Life Insurance Managem ...)
+	TODO: check
+CVE-2025-2065 (A vulnerability, which was classified as critical, was found in projec ...)
+	TODO: check
+CVE-2025-2064 (A vulnerability, which was classified as critical, has been found in p ...)
+	TODO: check
+CVE-2025-2063 (A vulnerability classified as critical was found in projectworlds Life ...)
+	TODO: check
+CVE-2025-2062 (A vulnerability classified as critical has been found in projectworlds ...)
+	TODO: check
+CVE-2025-2061 (A vulnerability was found in code-projects Online Ticket Reservation S ...)
+	TODO: check
+CVE-2025-2060 (A vulnerability was found in PHPGurukul Emergency Ambulance Hiring Por ...)
+	TODO: check
+CVE-2025-2059 (A vulnerability was found in PHPGurukul Emergency Ambulance Hiring Por ...)
+	TODO: check
+CVE-2025-2058 (A vulnerability has been found in PHPGurukul Emergency Ambulance Hirin ...)
+	TODO: check
+CVE-2025-2057 (A vulnerability, which was classified as critical, was found in PHPGur ...)
+	TODO: check
+CVE-2025-2054 (A vulnerability was found in code-projects Blood Bank Management Syste ...)
+	TODO: check
+CVE-2025-2053 (A vulnerability was found in PHPGurukul Apartment Visitors Management  ...)
+	TODO: check
+CVE-2025-2052 (A vulnerability was found in PHPGurukul Apartment Visitors Management  ...)
+	TODO: check
+CVE-2025-2051 (A vulnerability has been found in PHPGurukul Apartment Visitors Manage ...)
+	TODO: check
+CVE-2025-2050 (A vulnerability classified as critical was found in PHPGurukul User Re ...)
+	TODO: check
+CVE-2025-2049 (A vulnerability classified as problematic has been found in code-proje ...)
+	TODO: check
+CVE-2025-2047 (A vulnerability was found in PHPGurukul Art Gallery Management System  ...)
+	TODO: check
+CVE-2025-2046 (A vulnerability was found in SourceCodester Best Employee Management S ...)
+	TODO: check
+CVE-2025-2044 (A vulnerability was found in code-projects Blood Bank Management Syste ...)
+	TODO: check
+CVE-2025-2043 (A vulnerability was found in LinZhaoguan pb-cms 1.0.0 and classified a ...)
+	TODO: check
+CVE-2025-2042 (A vulnerability has been found in huang-yk student-manage 1.0 and clas ...)
+	TODO: check
+CVE-2025-2041 (A vulnerability, which was classified as critical, has been found in s ...)
+	TODO: check
+CVE-2025-27816 (A vulnerability was discovered in the Arctera InfoScale 7.0 through 8. ...)
+	TODO: check
+CVE-2025-27796 (WPG in GraphicsMagick before 1.3.46 mishandles palette buffer allocati ...)
+	TODO: check
+CVE-2025-27795 (JXL in GraphicsMagick before 1.3.46 lacks image dimension resource lim ...)
+	TODO: check
+CVE-2025-27598 (ImageSharp is a 2D graphics API. An Out-of-bounds Write vulnerability  ...)
+	TODO: check
+CVE-2025-26708 (There is a configuration defect vulnerability in ZTELink 5.4.9 for iOS ...)
+	TODO: check
+CVE-2025-25763 (crmeb CRMEB-KY v5.4.0 and before has a SQL Injection vulnerability at  ...)
+	TODO: check
+CVE-2025-1475 (The WPCOM Member plugin for WordPress is vulnerable to authentication  ...)
+	TODO: check
+CVE-2025-1309 (The UiPress lite | Effortless custom dashboards, admin themes and page ...)
+	TODO: check
+CVE-2025-1121 (Privilege escalation in Installer and Recovery image handling in Googl ...)
+	TODO: check
+CVE-2025-0863 (The Flexmls\xae IDX Plugin plugin for WordPress is vulnerable to Store ...)
+	TODO: check
+CVE-2025-0749 (The Homey theme for WordPress is vulnerable to authentication bypass i ...)
+	TODO: check
+CVE-2025-0748 (The Homey theme for WordPress is vulnerable to Cross-Site Request Forg ...)
+	TODO: check
+CVE-2024-57972 (The pairing API request handler in Microsoft HoloLens 1 (Windows Holog ...)
+	TODO: check
+CVE-2024-13906 (The Gallery by BestWebSoft \u2013 Customizable Image and Photo Galleri ...)
+	TODO: check
+CVE-2024-13655 (The Flex Mag - Responsive WordPress News Theme theme for WordPress is  ...)
+	TODO: check
+CVE-2024-13526 (The EventPrime \u2013 Events Calendar, Bookings and Tickets plugin for ...)
+	TODO: check
+CVE-2024-13320 (The CURCY - WooCommerce Multi Currency - Currency Switcher plugin for  ...)
+	TODO: check
+CVE-2024-12837 (Software installed and run as a non-privileged user may conduct improp ...)
+	TODO: check
+CVE-2024-12809 (The Wishlist plugin for WordPress is vulnerable to Stored Cross-Site S ...)
+	TODO: check
+CVE-2024-12576 (Software installed and run as a non-privileged user may conduct improp ...)
+	TODO: check
 CVE-2025-2045 (Improper authorization in GitLab EE affecting all versions from 17.7 p ...)
 	- gitlab <not-affected> (Specific to EE)
 CVE-2025-2040 (A vulnerability classified as critical was found in zhijiantianya ruoy ...)
@@ -152951,13 +153037,13 @@ CVE-2023-36287 (An unauthenticated Cross-Site Scripting (XSS) vulnerability foun
 	NOT-FOR-US: Webkul QloApps
 CVE-2023-36284 (An unauthenticated Time-Based SQL injection found in Webkul QloApps 1. ...)
 	NOT-FOR-US: Webkul QloApps
-CVE-2023-36274 (LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via  ...)
+CVE-2023-36274 (LibreDWG v0.11 to v0.12.5 was discovered to contain a heap buffer over ...)
 	- libredwg <itp> (bug #595191)
 CVE-2023-36273 (LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via  ...)
 	- libredwg <itp> (bug #595191)
-CVE-2023-36272 (LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via  ...)
+CVE-2023-36272 (LibreDWG v0.10 to v0.12.5 was discovered to contain a heap buffer over ...)
 	- libredwg <itp> (bug #595191)
-CVE-2023-36271 (LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via  ...)
+CVE-2023-36271 (LibreDWG v0.10 to v0.12.5 was discovered to contain a heap buffer over ...)
 	- libredwg <itp> (bug #595191)
 CVE-2023-35931 (Shescape is a simple shell escape library for JavaScript. An attacker  ...)
 	NOT-FOR-US: Shescape



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/97abd188c7bb4ba2bd07e7bca117425585511e7f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/97abd188c7bb4ba2bd07e7bca117425585511e7f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250307/2139eba9/attachment.htm>

More information about the debian-security-tracker-commits mailing list