[Git][security-tracker-team/security-tracker][master] automatic update

Tue, 18 Feb 2025 00:12:49 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
b3c76924 by security tracker role at 2025-02-18T08:12:33+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,123 @@
+CVE-2025-25224 (The LuxCal Web Calendar prior to 5.3.3M (MySQL version) and 
prior to 5 ...)
+       TODO: check
+CVE-2025-25223 (The LuxCal Web Calendar prior to 5.3.3M (MySQL version) and 
prior to 5 ...)
+       TODO: check
+CVE-2025-25222 (The LuxCal Web Calendar prior to 5.3.3M (MySQL version) and 
prior to 5 ...)
+       TODO: check
+CVE-2025-25221 (The LuxCal Web Calendar prior to 5.3.3M (MySQL version) and 
prior to 5 ...)
+       TODO: check
+CVE-2025-25055 (Authentication bypass by spoofing issue exists in FileMegane 
versions  ...)
+       TODO: check
+CVE-2025-20075 (Server-side request forgery (SSRF) vulnerability exists in 
FileMegane  ...)
+       TODO: check
+CVE-2025-1390 (The PAM module pam_cap.so of libcap configuration supports 
group names ...)
+       TODO: check
+CVE-2025-0864 (The Active Products Tables for WooCommerce. Use constructor to 
create  ...)
+       TODO: check
+CVE-2025-0805 (The Mortgage Calculator / Loan Calculator plugin for WordPress 
is vuln ...)
+       TODO: check
+CVE-2025-0796 (The Mortgage Lead Capture System plugin for WordPress is 
vulnerable to ...)
+       TODO: check
+CVE-2025-0425 (Via the GUI of the "bestinformed Infoclient", a low-privileged 
user is ...)
+       TODO: check
+CVE-2025-0424 (In the "bestinformed Web" application, some user input was not 
properl ...)
+       TODO: check
+CVE-2025-0423 (In the "bestinformed Web" application, some user input was not 
properl ...)
+       TODO: check
+CVE-2025-0422 (An authenticated user in the "bestinformed Web" application can 
execut ...)
+       TODO: check
+CVE-2024-57964 (Insecure Loading of Dynamic Link Libraries have been 
discovered in HVA ...)
+       TODO: check
+CVE-2024-57963 (Insecure Loading of Dynamic Link Libraries have been 
discovered in USB ...)
+       TODO: check
+CVE-2024-45320 (Out-of-bounds write vulnerability exists in DocuPrint CP225w 
01.22.01  ...)
+       TODO: check
+CVE-2024-25066 (RSA Authentication Manager before 8.7 SP2 Patch 1 allows XML 
External  ...)
+       TODO: check
+CVE-2024-13852 (The Option Editor plugin for WordPress is vulnerable to 
Cross-Site Req ...)
+       TODO: check
+CVE-2024-13848 (The Reaction Buttons plugin for WordPress is vulnerable to 
Stored Cros ...)
+       TODO: check
+CVE-2024-13795 (The Ecwid by Lightspeed Ecommerce Shopping Cart plugin for 
WordPress i ...)
+       TODO: check
+CVE-2024-13741 (The ProfileGrid \u2013 User Profiles, Groups and Communities 
plugin fo ...)
+       TODO: check
+CVE-2024-13740 (The ProfileGrid \u2013 User Profiles, Groups and Communities 
plugin fo ...)
+       TODO: check
+CVE-2024-13725 (The Keap Official Opt-in Forms plugin for WordPress is 
vulnerable to L ...)
+       TODO: check
+CVE-2024-13704 (The Super Testimonials plugin for WordPress is vulnerable to 
Stored Cr ...)
+       TODO: check
+CVE-2024-13687 (The Team Builder \u2013 Meet the Team plugin for WordPress is 
vulnerab ...)
+       TODO: check
+CVE-2024-13684 (The Reset plugin for WordPress is vulnerable to Cross-Site 
Request For ...)
+       TODO: check
+CVE-2024-13677 (The GetBookingsWP \u2013 Appointments Booking Calendar Plugin 
For Word ...)
+       TODO: check
+CVE-2024-13622 (The File Uploads Addon for WooCommerce plugin for WordPress is 
vulnera ...)
+       TODO: check
+CVE-2024-13609 (The 1 Click WordPress Migration Plugin \u2013 100% FREE for a 
limited  ...)
+       TODO: check
+CVE-2024-13595 (The Simple Signup Form plugin for WordPress is vulnerable to 
SQL Injec ...)
+       TODO: check
+CVE-2024-13588 (The Simplebooklet PDF Viewer and Embedder plugin for WordPress 
is vuln ...)
+       TODO: check
+CVE-2024-13587 (The Zigaform \u2013 Price Calculator & Cost Estimation Form 
Builder Li ...)
+       TODO: check
+CVE-2024-13582 (The Simple Pricing Tables For WPBakery Page Builder(Formerly 
Visual Co ...)
+       TODO: check
+CVE-2024-13581 (The Simple Charts plugin for WordPress is vulnerable to Stored 
Cross-S ...)
+       TODO: check
+CVE-2024-13579 (The WP-Asambleas plugin for WordPress is vulnerable to Stored 
Cross-Si ...)
+       TODO: check
+CVE-2024-13578 (The WP-BibTeX plugin for WordPress is vulnerable to Stored 
Cross-Site  ...)
+       TODO: check
+CVE-2024-13577 (The CATS Job Listings plugin for WordPress is vulnerable to 
Stored Cro ...)
+       TODO: check
+CVE-2024-13576 (The Gumlet Video plugin for WordPress is vulnerable to Stored 
Cross-Si ...)
+       TODO: check
+CVE-2024-13575 (The Web Stories Enhancer \u2013 Level Up Your Web Stories 
plugin for W ...)
+       TODO: check
+CVE-2024-13573 (The Zigaform \u2013 Form Builder Lite plugin for WordPress is 
vulnerab ...)
+       TODO: check
+CVE-2024-13565 (The Simple Map No Api plugin for WordPress is vulnerable to 
Stored Cro ...)
+       TODO: check
+CVE-2024-13556 (The Affiliate Links: WordPress Plugin for Link Cloaking and 
Link Manag ...)
+       TODO: check
+CVE-2024-13555 (The 1 Click WordPress Migration Plugin \u2013 100% FREE for a 
limited  ...)
+       TODO: check
+CVE-2024-13540 (The WooODT Lite \u2013 Delivery & pickup date time location 
for WooCom ...)
+       TODO: check
+CVE-2024-13538 (The BigBuy Dropshipping Connector for WooCommerce plugin for 
WordPress ...)
+       TODO: check
+CVE-2024-13535 (The Actionwear products sync plugin for WordPress is 
vulnerable to Ful ...)
+       TODO: check
+CVE-2024-13523 (The MemorialDay plugin for WordPress is vulnerable to 
Cross-Site Reque ...)
+       TODO: check
+CVE-2024-13522 (The magayo Lottery Results plugin for WordPress is vulnerable 
to Cross ...)
+       TODO: check
+CVE-2024-13501 (The WP-FormAssembly plugin for WordPress is vulnerable to 
Stored Cross ...)
+       TODO: check
+CVE-2024-13465 (The aBlocks \u2013 WordPress Gutenberg Blocks plugin for 
WordPress is  ...)
+       TODO: check
+CVE-2024-13464 (The Library Bookshelves plugin for WordPress is vulnerable to 
Stored C ...)
+       TODO: check
+CVE-2024-13438 (The SpeedSize Image & Video AI-Optimizer plugin for WordPress 
is vulne ...)
+       TODO: check
+CVE-2024-13315 (The Shopwarden \u2013 Automated WooCommerce monitoring & 
testing plugi ...)
+       TODO: check
+CVE-2024-12813 (The Open Hours \u2013  Easy Opening Hours plugin for WordPress 
is vuln ...)
+       TODO: check
+CVE-2024-12525 (The Easy MLS Listings Import plugin for WordPress is 
vulnerable to Sto ...)
+       TODO: check
+CVE-2024-12314 (The Rapid Cache plugin for WordPress is vulnerable to Cache 
Poisoning  ...)
+       TODO: check
+CVE-2024-11895 (The Online Payments \u2013 Get Paid with PayPal, Square & 
Stripe plugi ...)
+       TODO: check
+CVE-2024-11376 (The s2Member \u2013 Excellent for All Kinds of Memberships, 
Content Re ...)
+       TODO: check
+CVE-2021-46686 (Improper neutralization of special elements used in an OS 
command ('OS ...)
+       TODO: check
 CVE-2024-57259 [Heap corruption in U-Boot's SquashFS directory listing 
function]
        - u-boot <unfixed>
        NOTE: https://www.openwall.com/lists/oss-security/2025/02/17/2



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b3c769240ad3a4951789998f4d47affbe19b7a29

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b3c769240ad3a4951789998f4d47affbe19b7a29
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to