Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3248f412 by security tracker role at 2025-03-04T08:27:19+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,147 @@
+CVE-2025-27521 (Vulnerability of improper access permission in the process
management ...)
+ TODO: check
+CVE-2025-27221 (In the URI gem before 1.0.3 for Ruby, the URI handling methods
(URI.jo ...)
+ TODO: check
+CVE-2025-27220 (In the CGI gem before 0.4.2 for Ruby, a Regular Expression
Denial of S ...)
+ TODO: check
+CVE-2025-27219 (In the CGI gem before 0.4.2 for Ruby, the CGI::Cookie.parse
method in ...)
+ TODO: check
+CVE-2025-24309 (in OpenHarmony v5.0.2 and prior versions allow a local
attacker arbitr ...)
+ TODO: check
+CVE-2025-24301 (in OpenHarmony v5.0.2 and prior versions allow a local
attacker arbitr ...)
+ TODO: check
+CVE-2025-23420 (in OpenHarmony v5.0.2 and prior versions allow a local
attacker arbitr ...)
+ TODO: check
+CVE-2025-23418 (in OpenHarmony v5.0.2 and prior versions allow a local
attacker cause ...)
+ TODO: check
+CVE-2025-23414 (in OpenHarmony v5.0.2 and prior versions allow a local
attacker arbitr ...)
+ TODO: check
+CVE-2025-23409 (in OpenHarmony v5.0.2 and prior versions allow a local
attacker arbitr ...)
+ TODO: check
+CVE-2025-23240 (in OpenHarmony v5.0.2 and prior versions allow a local
attacker arbitr ...)
+ TODO: check
+CVE-2025-23234 (in OpenHarmony v5.0.2 and prior versions allow a local
attacker cause ...)
+ TODO: check
+CVE-2025-22897 (in OpenHarmony v5.0.2 and prior versions allow a local
attacker cause ...)
+ TODO: check
+CVE-2025-22847 (in OpenHarmony v5.0.2 and prior versions allow a local
attacker cause ...)
+ TODO: check
+CVE-2025-22841 (in OpenHarmony v5.0.2 and prior versions allow a local
attacker cause ...)
+ TODO: check
+CVE-2025-22837 (in OpenHarmony v5.0.2 and prior versions allow a local
attacker cause ...)
+ TODO: check
+CVE-2025-22835 (in OpenHarmony v5.0.2 and prior versions allow a local
attacker arbitr ...)
+ TODO: check
+CVE-2025-22443 (in OpenHarmony v5.0.2 and prior versions allow a local
attacker cause ...)
+ TODO: check
+CVE-2025-21098 (in OpenHarmony v5.0.2 and prior versions allow a local
attacker cause ...)
+ TODO: check
+CVE-2025-21097 (in OpenHarmony v5.0.2 and prior versions allow a local
attacker cause ...)
+ TODO: check
+CVE-2025-21089 (in OpenHarmony v5.0.2 and prior versions allow a local
attacker cause ...)
+ TODO: check
+CVE-2025-21084 (in OpenHarmony v5.0.2 and prior versions allow a local
attacker arbitr ...)
+ TODO: check
+CVE-2025-20626 (in OpenHarmony v5.0.2 and prior versions allow a local
attacker arbitr ...)
+ TODO: check
+CVE-2025-20091 (in OpenHarmony v5.0.2 and prior versions allow a local
attacker arbitr ...)
+ TODO: check
+CVE-2025-20081 (in OpenHarmony v5.0.2 and prior versions allow a local
attacker arbitr ...)
+ TODO: check
+CVE-2025-20042 (in OpenHarmony v5.0.2 and prior versions allow a local
attacker cause ...)
+ TODO: check
+CVE-2025-20024 (in OpenHarmony v5.0.2 and prior versions allow a local
attacker arbitr ...)
+ TODO: check
+CVE-2025-20021 (in OpenHarmony v5.0.2 and prior versions allow a local
attacker cause ...)
+ TODO: check
+CVE-2025-20011 (in OpenHarmony v5.0.2 and prior versions allow a local
attacker case D ...)
+ TODO: check
+CVE-2025-1906 (A vulnerability has been found in PHPGurukul Restaurant Table
Booking ...)
+ TODO: check
+CVE-2025-1905 (A vulnerability, which was classified as problematic, was found
in Sou ...)
+ TODO: check
+CVE-2025-1904 (A vulnerability, which was classified as problematic, has been
found i ...)
+ TODO: check
+CVE-2025-1903 (A vulnerability was found in Codezips Online Shopping Website
1.0. It ...)
+ TODO: check
+CVE-2025-1902 (A vulnerability was found in PHPGurukul Student Record System
3.2. It ...)
+ TODO: check
+CVE-2025-1901 (A vulnerability was found in PHPGurukul Restaurant Table
Booking Syste ...)
+ TODO: check
+CVE-2025-1900 (A vulnerability was found in PHPGurukul Restaurant Table
Booking Syste ...)
+ TODO: check
+CVE-2025-1899 (A vulnerability has been found in Tenda TX3 16.03.13.11_multi
and clas ...)
+ TODO: check
+CVE-2025-1898 (A vulnerability, which was classified as critical, was found in
Tenda ...)
+ TODO: check
+CVE-2025-1897 (A vulnerability, which was classified as critical, has been
found in T ...)
+ TODO: check
+CVE-2025-1896 (A vulnerability classified as critical was found in Tenda TX3
16.03.13 ...)
+ TODO: check
+CVE-2025-1895 (A vulnerability classified as critical has been found in Tenda
TX3 16. ...)
+ TODO: check
+CVE-2025-1894 (A vulnerability was found in PHPGurukul Restaurant Table
Booking Syste ...)
+ TODO: check
+CVE-2025-1893 (A vulnerability was found in Open5GS up to 2.7.2. It has been
declared ...)
+ TODO: check
+CVE-2025-1892 (A vulnerability was found in shishuocms 1.1. It has been
classified as ...)
+ TODO: check
+CVE-2025-1891 (A vulnerability was found in shishuocms 1.1 and classified as
problema ...)
+ TODO: check
+CVE-2025-1890 (A vulnerability has been found in shishuocms 1.1 and classified
as cri ...)
+ TODO: check
+CVE-2025-1882 (A vulnerability was found in i-Drive i11 and i12 up to
20250227. It ha ...)
+ TODO: check
+CVE-2025-1881 (A vulnerability was found in i-Drive i11 and i12 up to
20250227. It ha ...)
+ TODO: check
+CVE-2025-1695 (In NGINX Unit before version 1.34.2 with the Java Language
Module in u ...)
+ TODO: check
+CVE-2025-1639 (The Animation Addons for Elementor Pro plugin for WordPress is
vulnera ...)
+ TODO: check
+CVE-2025-1321 (The teachPress plugin for WordPress is vulnerable to SQL
Injection via ...)
+ TODO: check
+CVE-2025-1307 (The Newscrunch theme for WordPress is vulnerable to arbitrary
file upl ...)
+ TODO: check
+CVE-2025-1306 (The Newscrunch theme for WordPress is vulnerable to Cross-Site
Request ...)
+ TODO: check
+CVE-2025-0912 (The Donations Widget plugin for WordPress is vulnerable to PHP
Object ...)
+ TODO: check
+CVE-2025-0587 (in OpenHarmony v5.0.2 and prior versions allow a local attacker
arbitr ...)
+ TODO: check
+CVE-2025-0360 (During an annual penetration test conducted on behalf of Axis
Communic ...)
+ TODO: check
+CVE-2025-0359 (During an annual penetration test conducted on behalf of Axis
Communic ...)
+ TODO: check
+CVE-2024-58050 (Vulnerability of improper access permission in the HDC module
Impact: ...)
+ TODO: check
+CVE-2024-58049 (Permission verification vulnerability in the media library
module Impa ...)
+ TODO: check
+CVE-2024-58048 (Multi-thread problem vulnerability in the package management
module Im ...)
+ TODO: check
+CVE-2024-58047 (Permission verification vulnerability in the media library
module Impa ...)
+ TODO: check
+CVE-2024-58046 (Permission management vulnerability in the lock screen module
Impact: ...)
+ TODO: check
+CVE-2024-58045 (Multi-concurrency vulnerability in the media digital copyright
protect ...)
+ TODO: check
+CVE-2024-58044 (Permission verification bypass vulnerability in the
notification modul ...)
+ TODO: check
+CVE-2024-58043 (Permission bypass vulnerability in the window module Impact:
Successfu ...)
+ TODO: check
+CVE-2024-55064 (Multiple cross-site scripting (XSS) vulnerabilities in
EasyVirt DC Net ...)
+ TODO: check
+CVE-2024-48248 (NAKIVO Backup & Replication before 11.0.0.88174 allows
absolute path t ...)
+ TODO: check
+CVE-2024-47262 (Dzmitry Lukyanenka, member of the AXIS OS Bug Bounty Program,
has foun ...)
+ TODO: check
+CVE-2024-47260 (51l3nc3, member of the AXIS OS Bug Bounty Program, has found
that the ...)
+ TODO: check
+CVE-2024-47259 (Girishunawane, member of the AXIS OS Bug Bounty Program, has
found tha ...)
+ TODO: check
+CVE-2024-13686 (The VW Storefront theme for WordPress is vulnerable to
unauthorized mo ...)
+ TODO: check
+CVE-2024-13685 (The Admin and Site Enhancements (ASE) WordPress plugin before
7.6.10 r ...)
+ TODO: check
CVE-2025-27501 (OpenZiti is a free and open source project focused on bringing
zero tr ...)
NOT-FOR-US: OpenZiti
CVE-2025-27500 (OpenZiti is a free and open source project focused on bringing
zero tr ...)
@@ -10281,13 +10425,13 @@ CVE-2025-0148 (Missing password field masking in the
Zoom Jenkins Marketplace pl
NOT-FOR-US: Zoom
CVE-2024-57451 (ChestnutCMS <=1.5.0 has a directory traversal vulnerability in
content ...)
NOT-FOR-US: ChestnutCMS
-CVE-2024-56903 (A Cross-Site Request Forgery (CSRF) in Geovision GV-ASWeb with
the ver ...)
+CVE-2024-56903 (Geovision GV-ASWeb with the version 6.1.1.0 or less allows
attackers t ...)
NOT-FOR-US: Geovision GV-ASWeb
-CVE-2024-56902 (An issue in Geovision GV-ASWeb with version 6.1.0.0 or less
allows una ...)
+CVE-2024-56902 (Information disclosure vulnerability in Geovision GV-ASManager
web app ...)
NOT-FOR-US: Geovision GV-ASWeb
-CVE-2024-56901 (A Cross-Site Request Forgery (CSRF) in the Account Management
componen ...)
+CVE-2024-56901 (A Cross-Site Request Forgery (CSRF) vulnerability in Geovision
GV-ASWe ...)
NOT-FOR-US: Geovision GV-ASWeb
-CVE-2024-56898 (Incorrect access control in Geovision GV-ASWeb version 6.1.0.0
or less ...)
+CVE-2024-56898 (Broken access control vulnerability in Geovision GV-ASWeb with
version ...)
NOT-FOR-US: Geovision GV-ASWeb
CVE-2024-47770 (Wazuh is a free and open source platform used for threat
prevention, d ...)
NOT-FOR-US: Wazuh
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3248f41241575c78a6647ccf4b70a3f858017db2
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3248f41241575c78a6647ccf4b70a3f858017db2
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
