Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
67d9d8b1 by security tracker role at 2025-01-16T20:12:09+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,287 @@
+CVE-2025-23783 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-23767 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-23749 (Cross-Site Request Forgery (CSRF) vulnerability in Mahdi
Khaksar mybb ...)
+ TODO: check
+CVE-2025-23745 (Cross-Site Request Forgery (CSRF) vulnerability in Tussendoor
internet ...)
+ TODO: check
+CVE-2025-23743 (Cross-Site Request Forgery (CSRF) vulnerability in Martijn
Scheybeler ...)
+ TODO: check
+CVE-2025-23720 (Cross-Site Request Forgery (CSRF) vulnerability in Mozilla Web
Push al ...)
+ TODO: check
+CVE-2025-23717 (Cross-Site Request Forgery (CSRF) vulnerability in ITMOOTI
Theme My On ...)
+ TODO: check
+CVE-2025-23715 (Cross-Site Request Forgery (CSRF) vulnerability in
RaymondDesign Post ...)
+ TODO: check
+CVE-2025-23713 (Cross-Site Request Forgery (CSRF) vulnerability in Artem
Anikeev Hack ...)
+ TODO: check
+CVE-2025-23712 (Cross-Site Request Forgery (CSRF) vulnerability in Kapost
Kapost allow ...)
+ TODO: check
+CVE-2025-23710 (Cross-Site Request Forgery (CSRF) vulnerability in Mayur
Sojitra Flyin ...)
+ TODO: check
+CVE-2025-23708 (Cross-Site Request Forgery (CSRF) vulnerability in Dominic
Fallows DF ...)
+ TODO: check
+CVE-2025-23703 (Cross-Site Request Forgery (CSRF) vulnerability in CS :
ABS-Hosting.nl ...)
+ TODO: check
+CVE-2025-23702 (Cross-Site Request Forgery (CSRF) vulnerability in Schalk
Burger Anony ...)
+ TODO: check
+CVE-2025-23699 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-23698 (Cross-Site Request Forgery (CSRF) vulnerability in Iv\xe1n R.
Delgado ...)
+ TODO: check
+CVE-2025-23694 (Cross-Site Request Forgery (CSRF) vulnerability in Shabbos
Commerce Sh ...)
+ TODO: check
+CVE-2025-23693 (Cross-Site Request Forgery (CSRF) vulnerability in
Stanis\u0142aw Skon ...)
+ TODO: check
+CVE-2025-23692 (Cross-Site Request Forgery (CSRF) vulnerability in Artem
Anikeev Slide ...)
+ TODO: check
+CVE-2025-23691 (Cross-Site Request Forgery (CSRF) vulnerability in Braulio
Aquino Garc ...)
+ TODO: check
+CVE-2025-23690 (Cross-Site Request Forgery (CSRF) vulnerability in ArtkanMedia
Book a ...)
+ TODO: check
+CVE-2025-23689 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-23677 (Cross-Site Request Forgery (CSRF) vulnerability in DSmidgy
HTTP to HTT ...)
+ TODO: check
+CVE-2025-23675 (Cross-Site Request Forgery (CSRF) vulnerability in SandyIN
Import User ...)
+ TODO: check
+CVE-2025-23673 (Cross-Site Request Forgery (CSRF) vulnerability in Don Kukral
Email on ...)
+ TODO: check
+CVE-2025-23665 (Cross-Site Request Forgery (CSRF) vulnerability in Rapid Sort
RSV GMap ...)
+ TODO: check
+CVE-2025-23664 (Cross-Site Request Forgery (CSRF) vulnerability in Real Seguro
Viagem ...)
+ TODO: check
+CVE-2025-23662 (Cross-Site Request Forgery (CSRF) vulnerability in Ryan Sutana
WP Pano ...)
+ TODO: check
+CVE-2025-23661 (Cross-Site Request Forgery (CSRF) vulnerability in Ryan Sutana
NV Slid ...)
+ TODO: check
+CVE-2025-23660 (Cross-Site Request Forgery (CSRF) vulnerability in Walter
Cerrudo MFPl ...)
+ TODO: check
+CVE-2025-23659 (Cross-Site Request Forgery (CSRF) vulnerability in Hernan
Javier Hegyk ...)
+ TODO: check
+CVE-2025-23654 (Cross-Site Request Forgery (CSRF) vulnerability in Vin\xedcius
Krolow ...)
+ TODO: check
+CVE-2025-23649 (Cross-Site Request Forgery (CSRF) vulnerability in Kreg Steppe
Auphoni ...)
+ TODO: check
+CVE-2025-23644 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-23642 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-23641 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-23640 (Cross-Site Request Forgery (CSRF) vulnerability in Nazmul
Ahsan Rename ...)
+ TODO: check
+CVE-2025-23639 (Cross-Site Request Forgery (CSRF) vulnerability in Nazmul
Ahsan MDC Yo ...)
+ TODO: check
+CVE-2025-23627 (Cross-Site Request Forgery (CSRF) vulnerability in Gordon
French Comme ...)
+ TODO: check
+CVE-2025-23623 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-23620 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-23618 (Cross-Site Request Forgery (CSRF) vulnerability in Andrea
Brandi Twitt ...)
+ TODO: check
+CVE-2025-23617 (Cross-Site Request Forgery (CSRF) vulnerability in Oliver
Schaal Float ...)
+ TODO: check
+CVE-2025-23577 (Cross-Site Request Forgery (CSRF) vulnerability in Sourov Amin
Word Fr ...)
+ TODO: check
+CVE-2025-23573 (Cross-Site Request Forgery (CSRF) vulnerability in Sam Burdge
WP Backg ...)
+ TODO: check
+CVE-2025-23572 (Cross-Site Request Forgery (CSRF) vulnerability in Dave
Konopka, Marti ...)
+ TODO: check
+CVE-2025-23569 (Cross-Site Request Forgery (CSRF) vulnerability in Kelvin Ng
Shortcode ...)
+ TODO: check
+CVE-2025-23567 (Cross-Site Request Forgery (CSRF) vulnerability in Intuitive
Design GD ...)
+ TODO: check
+CVE-2025-23566 (Cross-Site Request Forgery (CSRF) vulnerability in Syed Amir
Hussain C ...)
+ TODO: check
+CVE-2025-23560 (Cross-Site Request Forgery (CSRF) vulnerability in Elke Hinze,
Plumeri ...)
+ TODO: check
+CVE-2025-23559 (Cross-Site Request Forgery (CSRF) vulnerability in Stepan
Stepasyuk Me ...)
+ TODO: check
+CVE-2025-23558 (Cross-Site Request Forgery (CSRF) vulnerability in digfish
Geotagged M ...)
+ TODO: check
+CVE-2025-23557 (Cross-Site Request Forgery (CSRF) vulnerability in Kathleen
Malone Fin ...)
+ TODO: check
+CVE-2025-23547 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-23537 (Cross-Site Request Forgery (CSRF) vulnerability in Oren
hahiashvili ad ...)
+ TODO: check
+CVE-2025-23533 (Cross-Site Request Forgery (CSRF) vulnerability in Adrian
Moreno WP Ly ...)
+ TODO: check
+CVE-2025-23532 (Cross-Site Request Forgery (CSRF) vulnerability in Regios
MyAnime Widg ...)
+ TODO: check
+CVE-2025-23530 (Cross-Site Request Forgery (CSRF) vulnerability in Yonatan
Reinberg of ...)
+ TODO: check
+CVE-2025-23528 (Incorrect Privilege Assignment vulnerability in Wouter
Dijkstra DD Rol ...)
+ TODO: check
+CVE-2025-23514 (Missing Authorization vulnerability in Sanjaysolutions
Loginplus allow ...)
+ TODO: check
+CVE-2025-23513 (Cross-Site Request Forgery (CSRF) vulnerability in Joshua
Wieczorek Bi ...)
+ TODO: check
+CVE-2025-23511 (Cross-Site Request Forgery (CSRF) vulnerability in Viktoria
Rei Bauer ...)
+ TODO: check
+CVE-2025-23510 (Cross-Site Request Forgery (CSRF) vulnerability in Zaantar
WordPress L ...)
+ TODO: check
+CVE-2025-23508 (Cross-Site Request Forgery (CSRF) vulnerability in EdesaC
Extra Option ...)
+ TODO: check
+CVE-2025-23501 (Cross-Site Request Forgery (CSRF) vulnerability in SpruceJoy
Cookie Co ...)
+ TODO: check
+CVE-2025-23499 (Cross-Site Request Forgery (CSRF) vulnerability in Pascal
Casier Board ...)
+ TODO: check
+CVE-2025-23497 (Cross-Site Request Forgery (CSRF) vulnerability in Albdesign
Simple Pr ...)
+ TODO: check
+CVE-2025-23483 (Cross-Site Request Forgery (CSRF) vulnerability in Niklas
Olsson Unive ...)
+ TODO: check
+CVE-2025-23476 (Cross-Site Request Forgery (CSRF) vulnerability in isnowfy
my-related- ...)
+ TODO: check
+CVE-2025-23471 (Cross-Site Request Forgery (CSRF) vulnerability in Andy
Chapman ECT Ad ...)
+ TODO: check
+CVE-2025-23470 (Cross-Site Request Forgery (CSRF) vulnerability in X
Villamuera Visit ...)
+ TODO: check
+CVE-2025-23467 (Cross-Site Request Forgery (CSRF) vulnerability in Vimal
Ghorecha RSS ...)
+ TODO: check
+CVE-2025-23463 (Cross-Site Request Forgery (CSRF) vulnerability in Mukesh Dak
MD Custo ...)
+ TODO: check
+CVE-2025-23456 (Cross-Site Request Forgery (CSRF) vulnerability in
Somethinkodd.com De ...)
+ TODO: check
+CVE-2025-23455 (Cross-Site Request Forgery (CSRF) vulnerability in
mastersoftwaresolut ...)
+ TODO: check
+CVE-2025-23453 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-23452 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-23445 (Cross-Site Request Forgery (CSRF) vulnerability in Scott
Swezey Easy T ...)
+ TODO: check
+CVE-2025-23444 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-23442 (Cross-Site Request Forgery (CSRF) vulnerability in matias s
Shockingly ...)
+ TODO: check
+CVE-2025-23438 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-23436 (Cross-Site Request Forgery (CSRF) vulnerability in Capa
Wp-Scribd-List ...)
+ TODO: check
+CVE-2025-23435 (Cross-Site Request Forgery (CSRF) vulnerability in David
Marcucci Pass ...)
+ TODO: check
+CVE-2025-23434 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-23432 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-23430 (Cross-Site Request Forgery (CSRF) vulnerability in Oren Yomtov
Mass Cu ...)
+ TODO: check
+CVE-2025-23429 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-23426 (Cross-Site Request Forgery (CSRF) vulnerability in Wizcrew
Technologie ...)
+ TODO: check
+CVE-2025-23424 (Cross-Site Request Forgery (CSRF) vulnerability in Brian
Novotny \u201 ...)
+ TODO: check
+CVE-2025-23423 (Missing Authorization vulnerability in Smackcoders SendGrid
for WordPr ...)
+ TODO: check
+CVE-2025-20630 (Mattermost Mobile versions <=2.22.0 fail to properly handle
posts with ...)
+ TODO: check
+CVE-2025-20621 (Mattermost versions 10.2.x <= 10.2.0, 9.11.x <= 9.11.5, 10.0.x
<= 10.0 ...)
+ TODO: check
+CVE-2025-20072 (Mattermost Mobile versions <= 2.22.0 fail to properly validate
the sty ...)
+ TODO: check
+CVE-2025-0518 (Unchecked Return Value, Out-of-bounds Read vulnerability in
FFmpeg all ...)
+ TODO: check
+CVE-2025-0473 (Vulnerability in the PMB platform that allows an attacker to
persist t ...)
+ TODO: check
+CVE-2025-0472 (Information exposure in the PMB platform affecting versions
4.2.13 and ...)
+ TODO: check
+CVE-2025-0471 (Unrestricted file upload vulnerability in the PMB platform,
affecting ...)
+ TODO: check
+CVE-2024-57776 (A cross-site scripting (XSS) vulnerability in the
/apply/getEditPage?v ...)
+ TODO: check
+CVE-2024-57775 (JFinalOA before v2025.01.01 was discovered to contain a SQL
injection ...)
+ TODO: check
+CVE-2024-57774 (A cross-site scripting (XSS) vulnerability in the
getBusinessUploadLis ...)
+ TODO: check
+CVE-2024-57773 (A cross-site scripting (XSS) vulnerability in the
openSelectManyUserPa ...)
+ TODO: check
+CVE-2024-57772 (A cross-site scripting (XSS) vulnerability in the
/bumph/getDraftListP ...)
+ TODO: check
+CVE-2024-57771 (A cross-site scripting (XSS) vulnerability in the
common/getEditPage?v ...)
+ TODO: check
+CVE-2024-57770 (JFinalOA before v2025.01.01 was discovered to contain a SQL
injection ...)
+ TODO: check
+CVE-2024-57769 (JFinalOA before v2025.01.01 was discovered to contain a SQL
injection ...)
+ TODO: check
+CVE-2024-57768 (JFinalOA before v2025.01.01 was discovered to contain a SQL
injection ...)
+ TODO: check
+CVE-2024-57684 (An access control issue in the component formDMZ.cgi of D-Link
816A2_F ...)
+ TODO: check
+CVE-2024-57683 (An access control issue in the component websURLFilterAddDel
of D-Link ...)
+ TODO: check
+CVE-2024-57682 (An information disclosure vulnerability in the component
d_status.asp ...)
+ TODO: check
+CVE-2024-57681 (An access control issue in the component form2alg.cgi of
D-Link 816A2_ ...)
+ TODO: check
+CVE-2024-57680 (An access control issue in the component
form2PortriggerRule.cgi of D- ...)
+ TODO: check
+CVE-2024-57679 (An access control issue in the component
form2RepeaterSetup.cgi of D-L ...)
+ TODO: check
+CVE-2024-57678 (An access control issue in the component form2WlAc.cgi of
D-Link 816A2 ...)
+ TODO: check
+CVE-2024-57677 (An access control issue in the component form2Wan.cgi of
D-Link 816A2_ ...)
+ TODO: check
+CVE-2024-57676 (An access control issue in the component
form2WlanBasicSetup.cgi of D- ...)
+ TODO: check
+CVE-2024-57611 (07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request
Forgery ...)
+ TODO: check
+CVE-2024-57162 (Campcodes Cybercafe Management System v1.0 is vulnerable to
SQL Inject ...)
+ TODO: check
+CVE-2024-57161 (07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request
Forgery ...)
+ TODO: check
+CVE-2024-57160 (07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request
Forgery ...)
+ TODO: check
+CVE-2024-57159 (07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request
Forgery ...)
+ TODO: check
+CVE-2024-56515 (Matrix Media Repo (MMR) is a highly configurable
multi-homeserver medi ...)
+ TODO: check
+CVE-2024-56136 (Zulip server provides an open-source team chat that helps
teams stay p ...)
+ TODO: check
+CVE-2024-55954 (OpenObserve is a cloud-native observability platform. A
vulnerability ...)
+ TODO: check
+CVE-2024-52791 (Matrix Media Repo (MMR) is a highly configurable
multi-homeserver medi ...)
+ TODO: check
+CVE-2024-52602 (Matrix Media Repo (MMR) is a highly configurable
multi-homeserver medi ...)
+ TODO: check
+CVE-2024-52594 (Gomatrixserverlib is a Go library for matrix federation.
Gomatrixserve ...)
+ TODO: check
+CVE-2024-50633 (A Broken Object Level Authorization (BOLA) vulnerability in
Indico v3. ...)
+ TODO: check
+CVE-2024-50563 (A weak authentication in Fortinet FortiManager Cloud,
FortiAnalyzer ve ...)
+ TODO: check
+CVE-2024-48885 (A improper limitation of a pathname to a restricted directory
('path t ...)
+ TODO: check
+CVE-2024-45331 (A incorrect privilege assignment in Fortinet FortiAnalyzer
versions 7. ...)
+ TODO: check
+CVE-2024-41746 (IBM CICS TX Advanced 10.1, 11.1, and Standard 11.1 is
vulnerable to st ...)
+ TODO: check
+CVE-2024-37181 (Time-of-check time-of-use race condition in some Intel(R)
Neural Compr ...)
+ TODO: check
+CVE-2024-36403 (Matrix Media Repo (MMR) is a highly configurable
multi-homeserver medi ...)
+ TODO: check
+CVE-2024-36402 (Matrix Media Repo (MMR) is a highly configurable
multi-homeserver medi ...)
+ TODO: check
+CVE-2024-13387 (The WP Responsive Tabs plugin for WordPress is vulnerable to
Stored Cr ...)
+ TODO: check
+CVE-2024-13355 (The Admin and Customer Messages After Order for WooCommerce:
OrderConv ...)
+ TODO: check
+CVE-2024-12615 (The Passwords Manager plugin for WordPress is vulnerable to
SQL Inject ...)
+ TODO: check
+CVE-2024-12614 (The Passwords Manager plugin for WordPress is vulnerable to
unauthoriz ...)
+ TODO: check
+CVE-2024-12613 (The Passwords Manager plugin for WordPress is vulnerable to
SQL Inject ...)
+ TODO: check
+CVE-2024-12427 (The Multi Step Form plugin for WordPress is vulnerable to
unauthorized ...)
+ TODO: check
+CVE-2023-4319
+ REJECTED
+CVE-2018-25108 (An unauthenticated remote attacker can cause a DoS in the
controller d ...)
+ TODO: check
CVE-2025-22976 (SQL Injection vulnerability in dingfanzuCMS v.1.0 allows a
local attac ...)
NOT-FOR-US: dingfanzuCMS
CVE-2025-22964 (SQL Injection vulnerability in DDSN Net Pty Ltd (DDSN
Interactive) DDS ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/67d9d8b19eacbf0d94dcebb5c464bec9afea28b1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/67d9d8b19eacbf0d94dcebb5c464bec9afea28b1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
