Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
241e0da3 by security tracker role at 2025-02-17T08:12:31+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,101 @@
+CVE-2025-26779 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
+ TODO: check
+CVE-2025-26768 (Cross-Site Request Forgery (CSRF) vulnerability in what3words
what3wor ...)
+ TODO: check
+CVE-2025-26767 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-26766 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-26765 (Missing Authorization vulnerability in enituretechnology
Distance Base ...)
+ TODO: check
+CVE-2025-26761 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-26759 (Cross-Site Request Forgery (CSRF) vulnerability in alexvtn
Content Sni ...)
+ TODO: check
+CVE-2025-26755 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2025-26700 (Authentication bypass using an alternate path or channel issue
exists ...)
+ TODO: check
+CVE-2025-23975 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-22689 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-22680 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-22676 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-22291 (Missing Authorization vulnerability in enituretechnology LTL
Freight Q ...)
+ TODO: check
+CVE-2025-22290 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2025-22289 (Missing Authorization vulnerability in NotFound LTL Freight
Quotes \u2 ...)
+ TODO: check
+CVE-2025-22286 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-22284 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-1389 (Orca HCM from Learning Digital has a SQL Injection
vulnerability, allo ...)
+ TODO: check
+CVE-2025-1388 (Orca HCM from LEARNING DIGITAL has an Arbitrary File Upload
vulnerabil ...)
+ TODO: check
+CVE-2025-1387 (Orca HCM from LEARNING DIGITAL has an Improper Authentication
vulnerab ...)
+ TODO: check
+CVE-2025-1381 (A vulnerability was found in code-projects Real Estate Property
Manage ...)
+ TODO: check
+CVE-2025-1380 (A vulnerability was found in Codezips Gym Management System 1.0
and cl ...)
+ TODO: check
+CVE-2025-1379 (A vulnerability has been found in code-projects Real Estate
Property M ...)
+ TODO: check
+CVE-2025-1378 (A vulnerability, which was classified as problematic, was found
in rad ...)
+ TODO: check
+CVE-2025-1377 (A vulnerability, which was classified as problematic, has been
found i ...)
+ TODO: check
+CVE-2025-1376 (A vulnerability classified as problematic was found in GNU
elfutils 0. ...)
+ TODO: check
+CVE-2025-1374 (A vulnerability classified as critical has been found in
code-projects ...)
+ TODO: check
+CVE-2025-1373 (A vulnerability was found in FFmpeg up to 7.1. It has been
rated as pr ...)
+ TODO: check
+CVE-2025-1372 (A vulnerability was found in GNU elfutils 0.192. It has been
declared ...)
+ TODO: check
+CVE-2025-1371 (A vulnerability has been found in GNU elfutils 0.192 and
classified as ...)
+ TODO: check
+CVE-2025-1370 (A vulnerability, which was classified as critical, has been
found in M ...)
+ TODO: check
+CVE-2025-1369 (A vulnerability classified as critical was found in MicroWord
eScan An ...)
+ TODO: check
+CVE-2025-1368 (A vulnerability was found in MicroWord eScan Antivirus 7.0.32
on Linux ...)
+ TODO: check
+CVE-2025-1367 (A vulnerability was found in MicroWord eScan Antivirus 7.0.32
on Linux ...)
+ TODO: check
+CVE-2025-1366 (A vulnerability was found in MicroWord eScan Antivirus 7.0.32
on Linux ...)
+ TODO: check
+CVE-2025-1365 (A vulnerability, which was classified as critical, was found in
GNU el ...)
+ TODO: check
+CVE-2025-1364 (A vulnerability has been found in MicroWord eScan Antivirus
7.0.32 on ...)
+ TODO: check
+CVE-2025-1360 (A vulnerability, which was classified as problematic, was found
in Int ...)
+ TODO: check
+CVE-2025-0924 (The WP Activity Log plugin for WordPress is vulnerable to
Stored Cross ...)
+ TODO: check
+CVE-2025-0591 (Out-of-bounds Read vulnerability (CWE-125) was found in
CX-Programmer. ...)
+ TODO: check
+CVE-2024-47935 (Improper Validation of Integrity Check Value vulnerability in
TXOne Ne ...)
+ TODO: check
+CVE-2024-44044 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2024-13726 (The Coder WordPress plugin through 1.3.4 does not properly
sanitise ...)
+ TODO: check
+CVE-2024-13627 (The OWL Carousel Slider WordPress plugin through 2.2 does not
sanitise ...)
+ TODO: check
+CVE-2024-13626 (The VR-Frases (collect & share quotes) WordPress plugin
through 3.0.1 ...)
+ TODO: check
+CVE-2024-13625 (The Tube Video Ads Lite WordPress plugin through 1.5.7 does
not saniti ...)
+ TODO: check
+CVE-2024-13608 (The Track Logins WordPress plugin through 1.0 does not
sanitize and es ...)
+ TODO: check
+CVE-2024-13603 (The Wise Forms WordPress plugin through 1.2.0 does not
sanitise and es ...)
+ TODO: check
CVE-2025-1359 (A vulnerability, which was classified as problematic, has been
found i ...)
NOT-FOR-US: SIAM Industria de Automacao e Monitoramento SIAM
CVE-2025-1358 (A vulnerability classified as problematic was found in Pix
Software Vi ...)
@@ -44695,7 +44793,7 @@ CVE-2024-8586 (WebITR from Uniong has an Open Redirect
vulnerability, which allo
NOT-FOR-US: WebITR
CVE-2024-8585 (Orca HCM from LEARNING DIGITA does not properly restrict a
specific pa ...)
NOT-FOR-US: Orca HCM
-CVE-2024-8584 (Orca HCM from LEARNING DIGITAL does not properly restrict
access to a ...)
+CVE-2024-8584 (Orca HCM from LEARNING DIGITAL has an Missing Authentication
vulnerabi ...)
NOT-FOR-US: Orca HCM
CVE-2024-8583 (A vulnerability was found in SourceCodester Online Bank
Management Sys ...)
NOT-FOR-US: SourceCodester Online Bank Management System and Online
Bank Management System
@@ -137017,7 +137115,7 @@ CVE-2023-39944 (OS command injection vulnerability in
WRC-F1167ACF all versions,
NOT-FOR-US: WRC-F1167ACF
CVE-2023-39455 (OS command injection vulnerability in ELECOM wireless LAN
routers allo ...)
NOT-FOR-US: ELECOM wireless LAN routers
-CVE-2023-39454 (Buffer overflow vulnerability in WRC-X1800GS-B v1.13 and
earlier, WRC- ...)
+CVE-2023-39454 (Buffer overflow vulnerability exists in ELECOM wireless LAN
routers, w ...)
NOT-FOR-US: WRC-X1800GS-B
CVE-2023-39445 (Hidden functionality vulnerability in LAN-WH300N/RE all
versions provi ...)
NOT-FOR-US: LAN-WH300N/RE
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/241e0da32f0c015072d706689df1f517ea55973f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/241e0da32f0c015072d706689df1f517ea55973f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
