Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ee7881f4 by security tracker role at 2025-01-15T08:12:38+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,91 @@
+CVE-2025-23061 (Mongoose before 8.9.5 can improperly use a nested $where
filter with a ...)
+ TODO: check
+CVE-2025-23013 (In Yubico pam-u2f before 1.3.1, local privilege escalation can
sometim ...)
+ TODO: check
+CVE-2025-22997 (A stored cross-site scripting (XSS) vulnerability in the
prf_table_con ...)
+ TODO: check
+CVE-2025-22996 (A stored cross-site scripting (XSS) vulnerability in the
spf_table_con ...)
+ TODO: check
+CVE-2025-22394 (Dell Display Manager, versions prior to 2.3.2.18, contain a
Time-of-ch ...)
+ TODO: check
+CVE-2025-21101 (Dell Display Manager, versions prior to 2.3.2.20, contain a
race condi ...)
+ TODO: check
+CVE-2025-0356 (NEC Corporation Aterm WX1500HP Ver.1.4.2 and earlier and
WX3600HP Ver. ...)
+ TODO: check
+CVE-2025-0355 (Missing Authentication for Critical Function vulnerability in
NEC Corp ...)
+ TODO: check
+CVE-2025-0354 (Cross-site scripting vulnerability in NEC Corporation Aterm
WG2600HS V ...)
+ TODO: check
+CVE-2025-0343 (Swift ASN.1 can be caused to crash when parsing certain BER/DER
constr ...)
+ TODO: check
+CVE-2024-7322 (A ZigBee coordinator, router, or end device may change their
node ID w ...)
+ TODO: check
+CVE-2024-57767 (MSFM before v2025.01.01 was discovered to contain a
Server-Side Reques ...)
+ TODO: check
+CVE-2024-57766 (MSFM before 2025.01.01 was discovered to contain a fastjson
deserializ ...)
+ TODO: check
+CVE-2024-57765 (MSFM before 2025.01.01 was discovered to contain a SQL
injection vulne ...)
+ TODO: check
+CVE-2024-57764 (MSFM before 2025.01.01 was discovered to contain a fastjson
deserializ ...)
+ TODO: check
+CVE-2024-57763 (MSFM before 2025.01.01 was discovered to contain a fastjson
deserializ ...)
+ TODO: check
+CVE-2024-57762 (MSFM before v2025.01.01 was discovered to contain a
deserialization vu ...)
+ TODO: check
+CVE-2024-57761 (An arbitrary file upload vulnerability in the parserXML()
method of Je ...)
+ TODO: check
+CVE-2024-57760 (JeeWMS before v2025.01.01 was discovered to contain a SQL
injection vu ...)
+ TODO: check
+CVE-2024-57757 (JeeWMS before v2025.01.01 was discovered to contain a
permission bypas ...)
+ TODO: check
+CVE-2024-57483 (Tenda i24 V2.0.0.5 is vulnerable to Buffer Overflow in the
addWifiMacF ...)
+ TODO: check
+CVE-2024-57482 (H3C N12 V100R005 contains a buffer overflow vulnerability due
to the l ...)
+ TODO: check
+CVE-2024-57480 (H3C N12 V100R005 contains a buffer overflow vulnerability due
to the l ...)
+ TODO: check
+CVE-2024-57479 (H3C N12 V100R005 contains a buffer overflow vulnerability due
to the l ...)
+ TODO: check
+CVE-2024-57473 (H3C N12 V100R005 contains a buffer overflow vulnerability due
to the l ...)
+ TODO: check
+CVE-2024-57471 (H3C N12 V100R005 contains a buffer overflow vulnerability due
to the l ...)
+ TODO: check
+CVE-2024-55577 (Stack-based buffer overflow vulnerability exists in Linux
Ratfor 1.06 ...)
+ TODO: check
+CVE-2024-54730 (Flatnotes <v5.3.1 is vulnerable to denial of service through
the uploa ...)
+ TODO: check
+CVE-2024-54142 (Discourse AI is a Discourse plugin which provides a number of
AI featu ...)
+ TODO: check
+CVE-2024-53277 (Silverstripe Framework is a PHP framework which powers the
Silverstrip ...)
+ TODO: check
+CVE-2024-50861 (The ip_mod_dns_key_form.cgi request in GestioIP v3.5.7 is
vulnerable t ...)
+ TODO: check
+CVE-2024-50859 (The ip_import_acl_csv request in GestioIP v3.5.7 is vulnerable
to Refl ...)
+ TODO: check
+CVE-2024-50858 (Multiple endpoints in GestioIP v3.5.7 are vulnerable to
Cross-Site Req ...)
+ TODO: check
+CVE-2024-50857 (The ip_do_job request in GestioIP v3.5.7 is vulnerable to
Cross-Site S ...)
+ TODO: check
+CVE-2024-4227 (In Genivia gSOAP with a specific configuration an
unauthenticated remo ...)
+ TODO: check
+CVE-2024-48760 (An issue in GestioIP v3.5.7 allows a remote attacker to
execute arbitr ...)
+ TODO: check
+CVE-2024-47605 (silverstripe-asset-admin is a silverstripe assets gallery for
asset ma ...)
+ TODO: check
+CVE-2024-45102 (A privilege escalation vulnerability was discovered that could
allow a ...)
+ TODO: check
+CVE-2024-42911 (ECOVACS Robotics Deebot T20 OMNI and T20e OMNI before 1.24.0
was disco ...)
+ TODO: check
+CVE-2024-13394 (The ViewMedica 9 plugin for WordPress is vulnerable to Stored
Cross-Si ...)
+ TODO: check
+CVE-2024-13334 (The Car Demon plugin for WordPress is vulnerable to Reflected
Cross-Si ...)
+ TODO: check
+CVE-2024-11870 (The Event Registration Calendar By vcita plugin for WordPress
is vulne ...)
+ TODO: check
+CVE-2024-10254 (A potential buffer overflow vulnerability was reported in PC
Manager, ...)
+ TODO: check
+CVE-2024-10253 (A potential TOCTOU vulnerability was reported in PC Manager,
Lenovo Br ...)
+ TODO: check
CVE-2025-0448
- chromium 132.0.6834.83-1
[bullseye] - chromium <end-of-life> (see #1061268)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ee7881f4373f39fcba1dfa2ba5bcd36b3cd69cf0
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ee7881f4373f39fcba1dfa2ba5bcd36b3cd69cf0
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
