[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat May 10 21:12:12 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3ad528ec by security tracker role at 2025-05-10T20:12:05+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,4 +1,92 @@
-CVE-2023-53145 [Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition]
+CVE-2025-4514 (A vulnerability, which was classified as critical, has been found in Z ...)
+	TODO: check
+CVE-2025-4513 (A vulnerability classified as problematic was found in Catalyst User K ...)
+	TODO: check
+CVE-2025-4512 (A vulnerability classified as problematic has been found in Inetum IOD ...)
+	TODO: check
+CVE-2025-4511 (A vulnerability was found in vector4wang spring-boot-quick up to 20250 ...)
+	TODO: check
+CVE-2025-4510 (A vulnerability was found in Changjietong UFIDA CRM 1.0. It has been d ...)
+	TODO: check
+CVE-2025-4509 (A vulnerability, which was classified as critical, has been found in P ...)
+	TODO: check
+CVE-2025-4508 (A vulnerability classified as critical was found in PHPGurukul e-Diary ...)
+	TODO: check
+CVE-2025-4507 (A vulnerability classified as critical has been found in Campcodes Onl ...)
+	TODO: check
+CVE-2025-4506 (A vulnerability was found in Campcodes Online Food Ordering System 1.0 ...)
+	TODO: check
+CVE-2025-4505 (A vulnerability was found in PHPGurukul Apartment Visitors Management  ...)
+	TODO: check
+CVE-2025-4504 (A vulnerability was found in SourceCodester Online College Library Sys ...)
+	TODO: check
+CVE-2025-4503 (A vulnerability was found in Campcodes Sales and Inventory System 1.0  ...)
+	TODO: check
+CVE-2025-4502 (A vulnerability has been found in Campcodes Sales and Inventory System ...)
+	TODO: check
+CVE-2025-4501 (A vulnerability, which was classified as critical, was found in code-p ...)
+	TODO: check
+CVE-2025-4500 (A vulnerability, which was classified as critical, has been found in c ...)
+	TODO: check
+CVE-2025-4499 (A vulnerability classified as critical was found in code-projects Simp ...)
+	TODO: check
+CVE-2025-4498 (A vulnerability classified as critical has been found in code-projects ...)
+	TODO: check
+CVE-2025-4497 (A vulnerability was found in code-projects Simple Banking System up to ...)
+	TODO: check
+CVE-2025-4496 (A vulnerability was found in TOTOLINK T10, A3100R, A950RG, A800R, N600 ...)
+	TODO: check
+CVE-2025-4495 (A vulnerability has been found in JAdmin-JAVA JAdmin 1.0 and classifie ...)
+	TODO: check
+CVE-2025-4494 (A vulnerability, which was classified as critical, was found in JAdmin ...)
+	TODO: check
+CVE-2025-4492 (A vulnerability, which was classified as critical, has been found in C ...)
+	TODO: check
+CVE-2025-4491 (A vulnerability classified as critical was found in Campcodes Online F ...)
+	TODO: check
+CVE-2025-4490 (A vulnerability classified as critical has been found in Campcodes Onl ...)
+	TODO: check
+CVE-2025-4489 (A vulnerability was found in Campcodes Online Food Ordering System 1.0 ...)
+	TODO: check
+CVE-2025-4447 (In Eclipse OpenJ9 versions up to 0.51, when used with OpenJDK version  ...)
+	TODO: check
+CVE-2025-47770
+	REJECTED
+CVE-2025-47769
+	REJECTED
+CVE-2025-47768
+	REJECTED
+CVE-2025-47767
+	REJECTED
+CVE-2025-47766
+	REJECTED
+CVE-2025-47765
+	REJECTED
+CVE-2025-47764
+	REJECTED
+CVE-2025-47763
+	REJECTED
+CVE-2025-47762
+	REJECTED
+CVE-2025-47424 (Retool (self-hosted) before 3.196.0 allows Host header injection. When ...)
+	TODO: check
+CVE-2025-47269 (code-server runs VS Code on any machine anywhere through browser acces ...)
+	TODO: check
+CVE-2025-3878 (The SMS Alert Order Notifications \u2013 WooCommerce plugin for WordPr ...)
+	TODO: check
+CVE-2025-3876 (The SMS Alert Order Notifications \u2013 WooCommerce plugin for WordPr ...)
+	TODO: check
+CVE-2025-3794 (The WPForms \u2013 Easy Form Builder for WordPress \u2013 Contact Form ...)
+	TODO: check
+CVE-2025-2944 (The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cro ...)
+	TODO: check
+CVE-2025-2158 (The WordPress Review Plugin: The Ultimate Solution for Building a Revi ...)
+	TODO: check
+CVE-2025-1752 (A Denial of Service (DoS) vulnerability has been identified in the Kno ...)
+	TODO: check
+CVE-2025-1137 (IBM Storage Scale 5.2.2.0 and 5.2.2.1, under certain configurations, c ...)
+	TODO: check
+CVE-2023-53145 (In the Linux kernel, the following vulnerability has been resolved:  B ...)
 	- linux 6.3.7-1
 	[bookworm] - linux 6.1.52-1
 	[bullseye] - linux 5.10.197-1
@@ -165,7 +253,7 @@ CVE-2025-3462 ("This issue is limited to motherboards and does not affect laptop
 	NOT-FOR-US: ASUS
 CVE-2025-3455 (The 1 Click WordPress Migration Plugin \u2013 100% FREE for a limited  ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2025-37889 (In the Linux kernel, the following vulnerability has been resolved:  P ...)
+CVE-2025-37889 (In the Linux kernel, the following vulnerability has been resolved:  A ...)
 	- linux 6.12.20-1
 	[bookworm] - linux 6.1.133-1
 	[bullseye] - linux <not-affected> (Vulnerable code not present)
@@ -127810,7 +127898,7 @@ CVE-2024-27097 (A user endpoint didn't perform filtering on an incoming paramete
 	NOT-FOR-US: CKAN
 CVE-2024-25653 (Broken Access Control in the Report functionality of Delinea PAM Secre ...)
 	NOT-FOR-US: Delinea PAM Secret Server
-CVE-2024-25652 (In Delinea PAM Secret Server 11.4, it is possible for a user (with acc ...)
+CVE-2024-25652 (In Delinea PAM Secret Server 11.4, it is possible for a user assigned  ...)
 	NOT-FOR-US: Delinea PAM Secret Server
 CVE-2024-25651 (User enumeration can occur in the Authentication REST API in Delinea P ...)
 	NOT-FOR-US: Delinea PAM Secret Server



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ad528ecf6fd55d71198a1c01f243754b7ae5bb0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ad528ecf6fd55d71198a1c01f243754b7ae5bb0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250510/c1905747/attachment.htm>

More information about the debian-security-tracker-commits mailing list