[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
af34f828 by security tracker role at 2025-03-15T08:12:25+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,49 @@
+CVE-2025-30066 (tj-actions changed-files through 45.0.7 allows remote attackers to dis ...)
+	TODO: check
+CVE-2025-2325 (The WP Test Email plugin for WordPress is vulnerable to Stored Cross-S ...)
+	TODO: check
+CVE-2025-2320 (A vulnerability has been found in 274056675 springboot-openai-chatgpt  ...)
+	TODO: check
+CVE-2025-2310 (A vulnerability was found in HDF5 1.14.6 and classified as critical. T ...)
+	TODO: check
+CVE-2025-2309 (A vulnerability has been found in HDF5 1.14.6 and classified as critic ...)
+	TODO: check
+CVE-2025-2308 (A vulnerability, which was classified as critical, was found in HDF5 1 ...)
+	TODO: check
+CVE-2025-2295 (EDK2 contains a vulnerability in BIOS where a user may cause an Intege ...)
+	TODO: check
+CVE-2025-2267 (The WP01 plugin for WordPress is vulnerable to Arbitrary File Download ...)
+	TODO: check
+CVE-2025-2164 (The pixelstats plugin for WordPress is vulnerable to Reflected Cross-S ...)
+	TODO: check
+CVE-2025-2163 (The Zoorum Comments plugin for WordPress is vulnerable to Cross-Site R ...)
+	TODO: check
+CVE-2025-2157 (A flaw was found in Foreman/Red Hat Satellite. Improper file permissio ...)
+	TODO: check
+CVE-2025-1773 (The Traveler theme for WordPress is vulnerable to Reflected Cross-Site ...)
+	TODO: check
+CVE-2025-1771 (The Traveler theme for WordPress is vulnerable to Local File Inclusion ...)
+	TODO: check
+CVE-2025-1670 (The School Management System \u2013 WPSchoolPress plugin for WordPress ...)
+	TODO: check
+CVE-2025-1669 (The School Management System \u2013 WPSchoolPress plugin for WordPress ...)
+	TODO: check
+CVE-2025-1668 (The School Management System \u2013 WPSchoolPress plugin for WordPress ...)
+	TODO: check
+CVE-2025-1667 (The School Management System \u2013 WPSchoolPress plugin for WordPress ...)
+	TODO: check
+CVE-2025-1657 (The Directory Listings WordPress plugin \u2013 uListing plugin for Wor ...)
+	TODO: check
+CVE-2025-1653 (The Directory Listings WordPress plugin \u2013 uListing plugin for Wor ...)
+	TODO: check
+CVE-2024-13847 (The Portfolio and Projects plugin for WordPress is vulnerable to Store ...)
+	TODO: check
+CVE-2024-13497 (The WordPress form builder plugin for contact forms, surveys and quizz ...)
+	TODO: check
+CVE-2024-12336 (The WC Affiliate \u2013 A Complete WooCommerce Affiliate Plugin plugin ...)
+	TODO: check
+CVE-2019-25222 (The Thumbnail carousel slider plugin for WordPress is vulnerable to SQ ...)
+	TODO: check
 CVE-2025-2304 (A Privilege Escalation through a Mass Assignment exists in Camaleon CM ...)
 	NOT-FOR-US: Camaleon CMS
 CVE-2025-2268 (The HP LaserJet MFP M232-M237 Printer Series may be vulnerable to a de ...)
@@ -2412,7 +2458,7 @@ CVE-2025-23416 (Path traversal may lead to arbitrary file deletion. The score wi
 	NOT-FOR-US: Keysight
 CVE-2025-22493 (Secure flag not set and SameSIte was set to Lax in the Foreseer Report ...)
 	NOT-FOR-US: Eaton
-CVE-2025-22212 (A SQL injection vulnerability in the ConvertForms component versions 1 ...)
+CVE-2025-22212 (A SQL injection vulnerability in the Convert Forms component versions  ...)
 	NOT-FOR-US: ConvertForms component for Joomla
 CVE-2025-21095 (Path traversal may lead to arbitrary file download. The score without  ...)
 	NOT-FOR-US: Keysight



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/af34f828e59a915995db0e6d8cd23cec21b6cdc7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/af34f828e59a915995db0e6d8cd23cec21b6cdc7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250315/dcf5a985/attachment.htm>