[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Fri, 14 Feb 2025 00:12:11 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
e404454b by security tracker role at 2025-02-14T08:11:54+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,107 @@
+CVE-2025-26789 (An issue was discovered in Logpoint AgentX before 1.5.0. A 
vulnerabili ...)
+       TODO: check
+CVE-2025-26788 (StrongKey FIDO Server before 4.15.1 treats a non-discoverable 
(namedcr ...)
+       TODO: check
+CVE-2025-26519 (musl libc 0.9.13 through 1.2.5 before 1.2.6 has an 
out-of-bounds write ...)
+       TODO: check
+CVE-2025-26473 (The Mojave Inverter uses the GET method for sensitive 
information.)
+       TODO: check
+CVE-2025-25281 (An attacker may modify the URL to discover sensitive 
information about ...)
+       TODO: check
+CVE-2025-25195 (Zulip is an open source team chat application. A weekly cron 
job (adde ...)
+       TODO: check
+CVE-2025-25067 (mySCADA myPRO Manager   is vulnerable to an OS command 
injection which ...)
+       TODO: check
+CVE-2025-24865 (The administrative web interface of  mySCADA myPRO Manager  
can be acc ...)
+       TODO: check
+CVE-2025-24861 (An attacker may inject commands via specially-crafted post 
requests.)
+       TODO: check
+CVE-2025-24836 (With a specially crafted Python script, an attacker could send 
 contin ...)
+       TODO: check
+CVE-2025-23421 (An attacker could obtain firmware files and reverse engineer 
their  in ...)
+       TODO: check
+CVE-2025-23411 (mySCADA myPRO Manager  is vulnerable to cross-site request 
forgery (CS ...)
+       TODO: check
+CVE-2025-23406 (Out-of-bounds read vulnerability caused by improper checking 
of TCP MS ...)
+       TODO: check
+CVE-2025-22962 (A critical remote code execution (RCE) vulnerability exists in 
the web ...)
+       TODO: check
+CVE-2025-22961 (A critical information disclosure vulnerability exists in the 
web-base ...)
+       TODO: check
+CVE-2025-22960 (A session hijacking vulnerability exists in the web-based 
management i ...)
+       TODO: check
+CVE-2025-22896 (mySCADA myPRO Manager   stores credentials in cleartext, which 
could a ...)
+       TODO: check
+CVE-2025-22630 (Improper Neutralization of Special Elements used in a Command 
('Comman ...)
+       TODO: check
+CVE-2025-20615 (The Qardio Arm iOS application exposes sensitive data such as 
username ...)
+       TODO: check
+CVE-2025-1298 (Logic vulnerability in the mobile application 
(com.transsion.carlcare) ...)
+       TODO: check
+CVE-2025-1283 (The Dingtian DT-R0 Series is vulnerable to an exploit that 
allows  att ...)
+       TODO: check
+CVE-2025-1053 (Under certain error conditions at time of SANnav installation 
or upgra ...)
+       TODO: check
+CVE-2024-9601 (The Qubely \u2013 Advanced Gutenberg Blocks plugin for 
WordPress is vu ...)
+       TODO: check
+CVE-2024-7052 (The Forminator Forms  WordPress plugin before 1.38.3 does not 
sanitise ...)
+       TODO: check
+CVE-2024-57969 (app/Model/Attribute.php in MISP before 2.4.198 ignores an ACL 
during a ...)
+       TODO: check
+CVE-2024-57782 (An issue in Docker-proxy v18.09.0 allows attackers to cause a 
denial o ...)
+       TODO: check
+CVE-2024-57378 (Wazuh SIEM version 4.8.2 is affected by a broken access 
control vulner ...)
+       TODO: check
+CVE-2024-56908 (In Perfex Crm < 3.2.1, an authenticated attacker can send a 
crafted HT ...)
+       TODO: check
+CVE-2024-55904 (IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 / 
IBM Urban ...)
+       TODO: check
+CVE-2024-54951 (Monica 4.1.2 is vulnerable to Cross Site Scripting (XSS). A 
malicious  ...)
+       TODO: check
+CVE-2024-53311 (A Stack buffer overflow in the arguments parameter in Immunity 
Inc. Im ...)
+       TODO: check
+CVE-2024-53310 (A Structured Exception Handler based buffer overflow 
vulnerability exi ...)
+       TODO: check
+CVE-2024-53309 (A stack-based buffer overflow vulnerability exists in 
Effectmatrix Tot ...)
+       TODO: check
+CVE-2024-37603 (An issue was discovered in Mercedes Benz NTG (New Telematics 
Generatio ...)
+       TODO: check
+CVE-2024-37602 (An issue was discovered in Mercedes Benz NTG (New Telematics 
Generatio ...)
+       TODO: check
+CVE-2024-37601 (An issue was discovered in Mercedes Benz NTG (New Telematics 
Generatio ...)
+       TODO: check
+CVE-2024-37600 (An issue was discovered in Mercedes Benz NTG (New Telematics 
Generatio ...)
+       TODO: check
+CVE-2024-2240 (Docker daemon in Brocade SANnav before SANnav 2.3.1b runs 
without audi ...)
+       TODO: check
+CVE-2024-13692 (The Return Refund and Exchange For WooCommerce \u2013 Return 
Managemen ...)
+       TODO: check
+CVE-2024-13641 (The Return Refund and Exchange For WooCommerce \u2013 Return 
Managemen ...)
+       TODO: check
+CVE-2024-13493 (The Sensly Online Presence WordPress plugin through 0.6 does 
not sanit ...)
+       TODO: check
+CVE-2024-12054 (ZF Roll Stability Support Plus (RSSPlus)  is vulnerable to an 
authenti ...)
+       TODO: check
+CVE-2024-10404 (CalInvocationHandler in Brocade  SANnav before 2.3.1b logs 
sensitive i ...)
+       TODO: check
+CVE-2023-34406 (An issue was discovered on Mercedes Benz NTG 6. A possible 
integer ove ...)
+       TODO: check
+CVE-2023-34404 (Mercedes-Benz head-unit NTG6 has Ethernet pins on Base Board 
to connec ...)
+       TODO: check
+CVE-2023-34403 (Mercedes-Benz head-unit NTG6 has Ethernet pins on Base Board 
to connec ...)
+       TODO: check
+CVE-2023-34402 (Mercedes-Benz head-unit NTG6 contains functions to import or 
export pr ...)
+       TODO: check
+CVE-2023-34401 (Mercedes-Benz head-unit NTG6 contains functions to import or 
export pr ...)
+       TODO: check
+CVE-2023-34400 (Mercedes-Benz head-unit NTG6 contains functions to import or 
export pr ...)
+       TODO: check
+CVE-2023-34399 (Mercedes-Benz head-unit NTG6 contains functions to import or 
export pr ...)
+       TODO: check
+CVE-2023-34398 (Mercedes-Benz head-unit NTG6 contains functions to import or 
export pr ...)
+       TODO: check
+CVE-2023-34397 (Mercedes Benz head-unit NTG 6 contains functions to import or 
export p ...)
+       TODO: check
 CVE-2025-1057
        NOT-FOR-US: Keylime
 CVE-2025-1272
@@ -143,15 +247,19 @@ CVE-2025-21700 (In the Linux kernel, the following 
vulnerability has been resolv
 CVE-2024-3303 (An issue was discovered in GitLab EE affecting all versions 
starting f ...)
        - gitlab <not-affected> (Specific to EE)
 CVE-2025-0998
+       {DSA-5866-1}
        - chromium 133.0.6943.98-1
        [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2025-0997
+       {DSA-5866-1}
        - chromium 133.0.6943.98-1
        [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2025-0996
+       {DSA-5866-1}
        - chromium 133.0.6943.98-1
        [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2025-0995
+       {DSA-5866-1}
        - chromium 133.0.6943.98-1
        [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2025-25286 (Crayfish is a collection of Islandora 8 microservices, one of 
which, H ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e404454bfc470bc14dc7ba307c83ec8c32178535

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e404454bfc470bc14dc7ba307c83ec8c32178535
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to