[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Thu, 06 Mar 2025 00:12:40 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
ecb9b66e by security tracker role at 2025-03-06T08:12:00+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,87 @@
+CVE-2025-27625 (In Jenkins 2.499 and earlier, LTS 2.492.1 and earlier, 
redirects start ...)
+       TODO: check
+CVE-2025-27624 (A cross-site request forgery (CSRF) vulnerability in Jenkins 
2.499 and ...)
+       TODO: check
+CVE-2025-27623 (Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not 
redact enc ...)
+       TODO: check
+CVE-2025-27622 (Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not 
redact enc ...)
+       TODO: check
+CVE-2025-27516 (Jinja is an extensible templating engine. Prior to 3.1.6, an 
oversight ...)
+       TODO: check
+CVE-2025-27508 (Emissary is a P2P based data-driven workflow engine. The 
ChecksumCalcu ...)
+       TODO: check
+CVE-2025-25634 (A vulnerability has been found in Tenda AC15 15.03.05.19 in 
the functi ...)
+       TODO: check
+CVE-2025-25632 (Tenda AC15 v15.03.05.19 is vulnerable to Command Injection via 
the han ...)
+       TODO: check
+CVE-2025-25362 (A Server-Side Template Injection (SSTI) vulnerability in 
Spacy-LLM v0. ...)
+       TODO: check
+CVE-2025-24864 (Incorrect access permission of a specific folder issue exists 
in Remot ...)
+       TODO: check
+CVE-2025-22623 (Ad Inserter - Ad Manager and AdSense Ads 2.8.0 was found to be 
vulnera ...)
+       TODO: check
+CVE-2025-22447 (Incorrect access permission of a specific service issue exists 
in Remo ...)
+       TODO: check
+CVE-2025-20933 (Out-of-bounds read in parsing bmp image in Samsung Notes prior 
to vers ...)
+       TODO: check
+CVE-2025-20932 (Out-of-bounds read in parsing rle of bmp image in Samsung 
Notes prior  ...)
+       TODO: check
+CVE-2025-20931 (Out-of-bounds write in parsing bmp image in Samsung Notes 
prior to ver ...)
+       TODO: check
+CVE-2025-20930 (Out-of-bounds read in parsing jpeg image in Samsung Notes 
prior to ver ...)
+       TODO: check
+CVE-2025-20929 (Out-of-bounds write in parsing jpeg image in Samsung Notes 
prior to ve ...)
+       TODO: check
+CVE-2025-20928 (Out-of-bounds read in parsing wbmp image in Samsung Notes 
prior to vae ...)
+       TODO: check
+CVE-2025-20927 (Out-of-bounds read in parsing image data in Samsung Notes 
prior to vae ...)
+       TODO: check
+CVE-2025-20926 (Improper export of Android application components in My Files 
prior to ...)
+       TODO: check
+CVE-2025-20925 (Out-of-bounds read in applying binary of text data in Samsung 
Notes pr ...)
+       TODO: check
+CVE-2025-20924 (Improper access control in Samsung Notes prior to version 
4.4.26.71 al ...)
+       TODO: check
+CVE-2025-20923 (Improper access control in Galaxy Wearable prior to version 
2.2.61.241 ...)
+       TODO: check
+CVE-2025-20922 (Out-of-bounds read in appending text paragraph in Samsung 
Notes prior  ...)
+       TODO: check
+CVE-2025-20921 (Out-of-bounds read in applying binary of text content in 
Samsung Notes ...)
+       TODO: check
+CVE-2025-20920 (Out-of-bounds read in action link data in Samsung Notes prior 
to versi ...)
+       TODO: check
+CVE-2025-20919 (Out-of-bounds read in applying binary of video content in 
Samsung Note ...)
+       TODO: check
+CVE-2025-20918 (Out-of-bounds read in applying extra data of base content in 
Samsung N ...)
+       TODO: check
+CVE-2025-20917 (Out-of-bounds read in applying binary of pdf content in 
Samsung Notes  ...)
+       TODO: check
+CVE-2025-20916 (Out-of-bounds read in reading string of SPen in Samsung Notes 
prior to ...)
+       TODO: check
+CVE-2025-20915 (Out-of-bounds read in applying binary of voice content in 
Samsung Note ...)
+       TODO: check
+CVE-2025-20914 (Out-of-bounds read in applying binary of hand writing content 
in Samsu ...)
+       TODO: check
+CVE-2025-20913 (Out-of-bounds read in applying binary of drawing content in 
Samsung No ...)
+       TODO: check
+CVE-2025-20912 (Incorrect default permission in DiagMonAgent prior to SMR 
Mar-2025 Rel ...)
+       TODO: check
+CVE-2025-20911 (Improper access control in sem_wifi service prior to SMR 
Mar-2025 Rele ...)
+       TODO: check
+CVE-2025-20910 (Incorrect default permission in Galaxy Watch Gallery prior to 
SMR Mar- ...)
+       TODO: check
+CVE-2025-20909 (Use of implicit intent for sensitive communication in Settings 
prior t ...)
+       TODO: check
+CVE-2025-20908 (Use of insufficiently random values in Auracast prior to SMR 
Mar-2025  ...)
+       TODO: check
+CVE-2025-20903 (Improper access control in SecSettingsIntelligence prior to 
SMR Mar-20 ...)
+       TODO: check
+CVE-2025-1979 (Versions of the package ray before 2.43.0 are vulnerable to 
Insertion  ...)
+       TODO: check
+CVE-2024-57174 (A misconfiguration in Alphion ASEE-1443 Firmware 
v0.4.H.00.02.15 defin ...)
+       TODO: check
+CVE-2024-13868 (The URL Shortener | Conversion Tracking  | AB Testing  | 
WooCommerce W ...)
+       TODO: check
 CVE-2025-2003 (Incorrect authorization in PAM vaults in Devolutions Server 
2024.3.12  ...)
        NOT-FOR-US: Devolutions
 CVE-2025-27517 (Volt is an elegantly crafted functional API for Livewire. 
Malicious, u ...)
@@ -286769,7 +286853,7 @@ CVE-2021-40575 (The binary MP4Box in Gpac 1.0.1 has a 
null pointer dereference v
        [stretch] - gpac <end-of-life> (No longer supported in LTS)
        NOTE: https://github.com/gpac/gpac/issues/1905
        NOTE: 
https://github.com/gpac/gpac/commit/5f2c2a16d30229b6241f02fa28e3d6b810d64858 
(v2.0.0)
-CVE-2021-40574 (The binary MP4Box in Gpac 1.0.1 has a double-free 
vulnerability in the ...)
+CVE-2021-40574 (The binary MP4Box in Gpac from 0.9.0-preview to 1.0.1 has a 
double-fre ...)
        {DSA-5411-1}
        - gpac 2.0.0+dfsg1-2
        [buster] - gpac <end-of-life> (EOL in buster LTS)
@@ -359030,7 +359114,7 @@ CVE-2020-24831
        RESERVED
 CVE-2020-24830
        RESERVED
-CVE-2020-24829 (An issue was discovered in GPAC v0.8.0, as demonstrated by 
MP4Box. It  ...)
+CVE-2020-24829 (An issue was discovered in GPAC from v0.5.2 to v0.8.0, as 
demonstrated ...)
        - gpac 1.0.1+dfsg1-2
        [buster] - gpac <end-of-life> (EOL in buster LTS)
        [stretch] - gpac <end-of-life> (No longer supported in LTS)
@@ -408523,7 +408607,7 @@ CVE-2019-20210 (The CTHthemes CityBook before 2.3.4, 
TownHub before 1.0.6, and E
        NOT-FOR-US: themes for WordPress
 CVE-2019-20209 (The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and 
EasyBoo ...)
        NOT-FOR-US: themes for WordPress
-CVE-2019-20208 (dimC_Read in isomedia/box_code_3gpp.c in GPAC 0.8.0 has a 
stack-based  ...)
+CVE-2019-20208 (dimC_Read in isomedia/box_code_3gpp.c in GPAC from 0.5.2 to 
0.8.0 has  ...)
        {DLA-2072-1}
        - gpac 1.0.1+dfsg1-2 (bug #972053)
        [buster] - gpac <no-dsa> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ecb9b66ee95bd9dbe62bf3e1e7dc29604e918418

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ecb9b66ee95bd9dbe62bf3e1e7dc29604e918418
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to