Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4877c6da by security tracker role at 2025-02-15T08:11:59+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,31 @@
+CVE-2025-26819 (Monero through 0.18.3.4 before ec74ff4 does not have response
limits o ...)
+ TODO: check
+CVE-2025-21401 (Microsoft Edge (Chromium-based) Security Feature Bypass
Vulnerability)
+ TODO: check
+CVE-2025-1302 (Versions of the package jsonpath-plus before 10.3.0 are
vulnerable to ...)
+ TODO: check
+CVE-2025-0593 (The vulnerability may allow a remote low priviledged attacker
to run a ...)
+ TODO: check
+CVE-2025-0592 (The vulnerability may allow a remote low priviledged attacker
to run a ...)
+ TODO: check
+CVE-2024-5462 (If Brocade Fabric OS before Fabric OS 9.2.0 configuration
settings are ...)
+ TODO: check
+CVE-2024-5461 (Implementation of the Simple Network Management Protocol
(SNMP) opera ...)
+ TODO: check
+CVE-2024-4282 (Brocade SANnav OVA before SANnav 2.3.1b enables SHA1 deprecated
settin ...)
+ TODO: check
+CVE-2024-37375
+ REJECTED
+CVE-2024-37374
+ REJECTED
+CVE-2024-13513 (The Oliver POS \u2013 A WooCommerce Point of Sale (POS) plugin
for Wor ...)
+ TODO: check
+CVE-2024-13306 (The Maps Plugin using Google Maps for WordPress WordPress
plugin befo ...)
+ TODO: check
+CVE-2024-13208 (The Maps Plugin using Google Maps for WordPress WordPress
plugin befo ...)
+ TODO: check
+CVE-2024-10405 (Brocade SANnav before SANnav 2.3.1b enables weak TLS ciphers
on ports ...)
+ TODO: check
CVE-2025-26524 (This vulnerability exists in RupeeWeb trading platform due to
missing ...)
NOT-FOR-US: RupeeWeb
CVE-2025-26523 (This vulnerability exists in RupeeWeb trading platform due to
insuffic ...)
@@ -470,19 +498,19 @@ CVE-2025-21700 (In the Linux kernel, the following
vulnerability has been resolv
NOTE:
https://git.kernel.org/linus/bc50835e83f60f56e9bec2b392fb5544f250fb6f (6.14-rc1)
CVE-2024-3303 (An issue was discovered in GitLab EE affecting all versions
starting f ...)
- gitlab <not-affected> (Specific to EE)
-CVE-2025-0998
+CVE-2025-0998 (Out of bounds memory access in V8 in Google Chrome prior to
133.0.6943 ...)
{DSA-5866-1}
- chromium 133.0.6943.98-1
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2025-0997
+CVE-2025-0997 (Use after free in Navigation in Google Chrome prior to
133.0.6943.98 a ...)
{DSA-5866-1}
- chromium 133.0.6943.98-1
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2025-0996
+CVE-2025-0996 (Inappropriate implementation in Browser UI in Google Chrome on
Android ...)
{DSA-5866-1}
- chromium 133.0.6943.98-1
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2025-0995
+CVE-2025-0995 (Use after free in V8 in Google Chrome prior to 133.0.6943.98
allowed a ...)
{DSA-5866-1}
- chromium 133.0.6943.98-1
[bullseye] - chromium <end-of-life> (see #1061268)
@@ -89941,7 +89969,7 @@ CVE-2024-31145 (Certain PCI devices in a system might
be assigned Reserved Memor
- xen 4.19.1-1
[bullseye] - xen <end-of-life> (EOLed in Bullseye)
NOTE: https://xenbits.xen.org/xsa/advisory-460.html
-CVE-2024-31144 [Xapi: Metadata injection attack against backup/restore
functionality]
+CVE-2024-31144 (For a brief summary of Xapi terminology, see:
https://xapi-project ...)
- xen-api <removed>
NOTE: https://xenbits.xen.org/xsa/advisory-459.html
CVE-2024-31143 (An optional feature of PCI MSI called "Multiple Message"
allows a devi ...)
@@ -232182,8 +232210,7 @@ CVE-2022-29478
RESERVED
CVE-2022-29470 (Improper access control in the Intel\xae DTT Software before
version 8 ...)
NOT-FOR-US: Intel
-CVE-2022-28693
- RESERVED
+CVE-2022-28693 (Unprotected alternative channel of return branch target
prediction in ...)
NOT-FOR-US: Intel
NOTE:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00707.html
CVE-2022-27877
@@ -244738,8 +244765,8 @@ CVE-2022-26124 (Improper buffer restrictions in BIOS
firmware for some Intel(R)
NOT-FOR-US: Intel
CVE-2022-26086 (Uncontrolled search path element in the PresentMon software
maintained ...)
NOT-FOR-US: Intel
-CVE-2022-26083
- RESERVED
+CVE-2022-26083 (Generation of weak initialization vector in an Intel(R) IPP
Cryptograp ...)
+ TODO: check
CVE-2022-26074 (Incomplete cleanup in a firmware subsystem for Intel(R) SPS
before ver ...)
NOT-FOR-US: Intel
CVE-2022-26072
@@ -311664,7 +311691,7 @@ CVE-2021-27799 (ean_leading_zeroes in
backend/upcean.c in Zint Barcode Generator
- zint 2.9.1-1.1 (bug #983610)
NOTE: https://sourceforge.net/p/zint/tickets/218/
NOTE:
https://sourceforge.net/p/zint/code/ci/7f8c8114f31c09a986597e0ba63a49f96150368a/
-CVE-2021-27798 (A vulnerability in Brocade Fabric OS versions v7.4.1b and
v7.3.1d coul ...)
+CVE-2021-27798 (A vulnerability in Brocade Fabric OS versions 7.4.1b and
7.3.1d could ...)
NOT-FOR-US: Brocade
CVE-2021-27797 (Brocade Fabric OS before Brocade Fabric OS v8.2.1c, v8.1.2h,
and all v ...)
NOT-FOR-US: Brocade
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4877c6da09c80eace9236c06ae3bd462fba2458c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4877c6da09c80eace9236c06ae3bd462fba2458c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
