[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Mar 23 20:12:46 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
473a3292 by security tracker role at 2025-03-23T20:12:39+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,49 @@
+CVE-2025-30474 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
+ TODO: check
+CVE-2025-2691 (Versions of the package nossrf before 1.0.4 are vulnerable to Server-S ...)
+ TODO: check
+CVE-2025-2662 (A vulnerability was found in Project Worlds Online Time Table Generato ...)
+ TODO: check
+CVE-2025-2661 (A vulnerability was found in Project Worlds Online Time Table Generato ...)
+ TODO: check
+CVE-2025-2660 (A vulnerability has been found in Project Worlds Online Time Table Gen ...)
+ TODO: check
+CVE-2025-2659 (A vulnerability, which was classified as critical, was found in Projec ...)
+ TODO: check
+CVE-2025-2658 (A vulnerability, which was classified as critical, has been found in P ...)
+ TODO: check
+CVE-2025-2657 (A vulnerability classified as critical was found in projectworlds Apar ...)
+ TODO: check
+CVE-2025-2656 (A vulnerability classified as critical has been found in PHPGurukul Zo ...)
+ TODO: check
+CVE-2025-2655 (A vulnerability was found in SourceCodester AC Repair and Services Sys ...)
+ TODO: check
+CVE-2025-2654 (A vulnerability was found in SourceCodester AC Repair and Services Sys ...)
+ TODO: check
+CVE-2025-2653 (A vulnerability was found in FoxCMS 1.25 and classified as problematic ...)
+ TODO: check
+CVE-2025-2652 (A vulnerability has been found in SourceCodester Employee and Visitor ...)
+ TODO: check
+CVE-2025-2651 (A vulnerability, which was classified as problematic, was found in Sou ...)
+ TODO: check
+CVE-2025-2650 (A vulnerability, which was classified as problematic, has been found i ...)
+ TODO: check
+CVE-2025-2649 (A vulnerability classified as critical was found in PHPGurukul Doctor ...)
+ TODO: check
+CVE-2025-2648 (A vulnerability classified as critical has been found in PHPGurukul Ar ...)
+ TODO: check
+CVE-2025-2647 (A vulnerability was found in PHPGurukul Art Gallery Management System ...)
+ TODO: check
+CVE-2025-2646 (A vulnerability was found in PHPGurukul Art Gallery Management System ...)
+ TODO: check
+CVE-2025-2645 (A vulnerability was found in PHPGurukul Art Gallery Management System ...)
+ TODO: check
+CVE-2025-29806 (No cwe for this issue in Microsoft Edge (Chromium-based) allows an una ...)
+ TODO: check
+CVE-2025-29795 (Improper link resolution before file access ('link following') in Micr ...)
+ TODO: check
+CVE-2025-27553 (Relative Path Traversal vulnerability in Apache Commons VFS before 2.1 ...)
+ TODO: check
CVE-2025-2644 (A vulnerability was found in PHPGurukul Art Gallery Management System ...)
NOT-FOR-US: PHPGurukul
CVE-2025-2643 (A vulnerability has been found in PHPGurukul Art Gallery Management Sy ...)
@@ -2106,6 +2152,7 @@ CVE-2025-2056 (The WP Ghost (Hide My WP Ghost) \u2013 Security & Firewall plugin
CVE-2025-26163 (CM Soluces Informatica Ltda Auto Atendimento 1.x.x was discovered to c ...)
NOT-FOR-US: CM Soluces Informatica Ltda Auto Atendimento
CVE-2025-24855 (numbers.c in libxslt before 1.1.43 has a use-after-free because, in ne ...)
+ {DSA-5884-1}
- libxslt 1.1.35-1.2 (bug #1100566)
NOTE: https://gitlab.gnome.org/GNOME/libxslt/-/issues/128
NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxslt/-/commit/c7c7f1f78dd202a053996fcefe57eb994aec8ef2 (v1.1.43)
@@ -2124,6 +2171,7 @@ CVE-2025-0955 (The VidoRev Extensions plugin for WordPress is vulnerable to unau
CVE-2025-0952 (The Eco Nature - Environment & Ecology WordPress Theme theme for WordP ...)
NOT-FOR-US: WordPress plugin
CVE-2024-55549 (xsltGetInheritedNsList in libxslt before 1.1.43 has a use-after-free i ...)
+ {DSA-5884-1}
- libxslt 1.1.35-1.2 (bug #1100565)
NOTE: https://gitlab.gnome.org/GNOME/libxslt/-/issues/127
NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxslt/-/commit/46041b65f2fbddf5c284ee1a1332fa2c515c0515 (v1.1.43)
@@ -7205,7 +7253,7 @@ CVE-2022-49732 (In the Linux kernel, the following vulnerability has been resolv
- linux 5.18.14-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e34a07c0ae3906f97eb18df50902e2a01c1015b6 (5.19-rc4)
-CVE-2025-0927 [hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key]
+CVE-2025-0927 (Attila Sz\xe1sz discovered that the HFS+ file system implementation in ...)
- linux <unfixed>
NOTE: https://lore.kernel.org/lkml/20241019191303.24048-1-kovalev@altlinux.org/T/
NOTE: https://ssd-disclosure.com/ssd-advisory-linux-kernel-hfsplus-slab-out-of-bounds-write/
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/473a329208f0c5ee848a978341e28aaa7c3a9ba5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/473a329208f0c5ee848a978341e28aaa7c3a9ba5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250323/6aff2c92/attachment.htm>
More information about the debian-security-tracker-commits
mailing list