[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Mar 8 08:12:01 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
500a4127 by security tracker role at 2025-03-08T08:11:54+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,59 @@
+CVE-2025-2097 (A vulnerability, which was classified as critical, has been found in T ...)
+	TODO: check
+CVE-2025-2096 (A vulnerability classified as critical was found in TOTOLINK EX1800T 9 ...)
+	TODO: check
+CVE-2025-2095 (A vulnerability classified as critical has been found in TOTOLINK EX18 ...)
+	TODO: check
+CVE-2025-2094 (A vulnerability was found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316.  ...)
+	TODO: check
+CVE-2025-2093 (A vulnerability was found in PHPGurukul Online Library Management Syst ...)
+	TODO: check
+CVE-2025-27839 (operations/attestation/AttestationTask.kt in the Tangem SDK before 5.1 ...)
+	TODO: check
+CVE-2025-27826 (An XSS issue was discovered in the Bootstrap Lite theme before 1.x-1.4 ...)
+	TODO: check
+CVE-2025-27825 (An XSS issue was discovered in the Bootstrap 5 Lite theme before 1.x-1 ...)
+	TODO: check
+CVE-2025-27824 (An XSS issue was discovered in the Link iframe formatter module before ...)
+	TODO: check
+CVE-2025-27823 (An issue was discovered in the Mail Disguise module before 1.x-1.0.5 f ...)
+	TODO: check
+CVE-2025-27822 (An issue was discovered in the Masquerade module before 1.x-1.0.1 for  ...)
+	TODO: check
+CVE-2025-1504 (The Post Lockdown plugin for WordPress is vulnerable to Information Ex ...)
+	TODO: check
+CVE-2025-1481 (The Shortcode Cleaner Lite plugin for WordPress is vulnerable to unaut ...)
+	TODO: check
+CVE-2025-1261 (The HT Mega \u2013 Absolute Addons For Elementor plugin for WordPress  ...)
+	TODO: check
+CVE-2024-42733 (An issue in Docmosis Tornado v.2.9.7 and before allows a remote attack ...)
+	TODO: check
+CVE-2024-13908 (The SMTP by BestWebSoft plugin for WordPress is vulnerable to arbitrar ...)
+	TODO: check
+CVE-2024-13895 (The The Code Snippets CPT plugin for WordPress is vulnerable to arbitr ...)
+	TODO: check
+CVE-2024-13890 (The Allow PHP Execute plugin for WordPress is vulnerable to PHP Code I ...)
+	TODO: check
+CVE-2024-13844 (The Post SMTP plugin for WordPress is vulnerable to generic SQL Inject ...)
+	TODO: check
+CVE-2024-13835 (The Post Meta Data Manager plugin for WordPress is vulnerable to multi ...)
+	TODO: check
+CVE-2024-13826 (The Email Keep WordPress plugin through 1.1 does not have CSRF check i ...)
+	TODO: check
+CVE-2024-13825 (The Email Keep WordPress plugin through 1.1 does not sanitise and esca ...)
+	TODO: check
+CVE-2024-13774 (The Wishlist for WooCommerce: Multi Wishlists Per Customer plugin for  ...)
+	TODO: check
+CVE-2024-13640 (The Print Invoice & Delivery Notes for WooCommerce plugin for WordPres ...)
+	TODO: check
+CVE-2024-12460 (The Years Since \u2013 Timeless Texts plugin for WordPress is vulnerab ...)
+	TODO: check
+CVE-2024-12119 (The FooGallery \u2013 Responsive Photo Gallery, Image Viewer, Justifie ...)
+	TODO: check
+CVE-2024-12114 (The FooGallery \u2013 Responsive Photo Gallery, Image Viewer, Justifie ...)
+	TODO: check
+CVE-2024-11087 (The miniOrange Social Login and Register (Discord, Google, Twitter, Li ...)
+	TODO: check
 CVE-2025-2090 (A vulnerability was found in PHPGurukul Pre-School Enrollment System 1 ...)
 	NOT-FOR-US: PHPGurukul
 CVE-2025-2089 (A vulnerability has been found in StarSea99 starsea-mall 1.0/2.X and c ...)
@@ -212,7 +268,7 @@ CVE-2025-2041 (A vulnerability, which was classified as critical, has been found
 	NOT-FOR-US: s-a-zhd Ecommerce-Website-using-PHP
 CVE-2025-27816 (A vulnerability was discovered in the Arctera InfoScale 7.0 through 8. ...)
 	NOT-FOR-US: Arctera InfoScale
-CVE-2025-27796 (WPG in GraphicsMagick before 1.3.46 mishandles palette buffer allocati ...)
+CVE-2025-27796 (ReadWPGImage in WPG in GraphicsMagick before 1.3.46 mishandles palette ...)
 	- graphicsmagick <unfixed>
 	NOTE: https://foss.heptapod.net/graphicsmagick/graphicsmagick/-/commit/883ebf8cae6dfa5873d975fe3476b1a188ef3f9f
 CVE-2025-27795 (ReadJXLImage in JXL in GraphicsMagick before 1.3.46 lacks image dimens ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/500a4127e76a42144023a33741459d2a02982f47

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/500a4127e76a42144023a33741459d2a02982f47
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250308/3b85312d/attachment.htm>

More information about the debian-security-tracker-commits mailing list