[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Sat, 08 Mar 2025 00:19:01 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
500a4127 by security tracker role at 2025-03-08T08:11:54+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,59 @@
+CVE-2025-2097 (A vulnerability, which was classified as critical, has been 
found in T ...)
+       TODO: check
+CVE-2025-2096 (A vulnerability classified as critical was found in TOTOLINK 
EX1800T 9 ...)
+       TODO: check
+CVE-2025-2095 (A vulnerability classified as critical has been found in 
TOTOLINK EX18 ...)
+       TODO: check
+CVE-2025-2094 (A vulnerability was found in TOTOLINK EX1800T 
9.1.0cu.2112_B20220316.  ...)
+       TODO: check
+CVE-2025-2093 (A vulnerability was found in PHPGurukul Online Library 
Management Syst ...)
+       TODO: check
+CVE-2025-27839 (operations/attestation/AttestationTask.kt in the Tangem SDK 
before 5.1 ...)
+       TODO: check
+CVE-2025-27826 (An XSS issue was discovered in the Bootstrap Lite theme before 
1.x-1.4 ...)
+       TODO: check
+CVE-2025-27825 (An XSS issue was discovered in the Bootstrap 5 Lite theme 
before 1.x-1 ...)
+       TODO: check
+CVE-2025-27824 (An XSS issue was discovered in the Link iframe formatter 
module before ...)
+       TODO: check
+CVE-2025-27823 (An issue was discovered in the Mail Disguise module before 
1.x-1.0.5 f ...)
+       TODO: check
+CVE-2025-27822 (An issue was discovered in the Masquerade module before 
1.x-1.0.1 for  ...)
+       TODO: check
+CVE-2025-1504 (The Post Lockdown plugin for WordPress is vulnerable to 
Information Ex ...)
+       TODO: check
+CVE-2025-1481 (The Shortcode Cleaner Lite plugin for WordPress is vulnerable 
to unaut ...)
+       TODO: check
+CVE-2025-1261 (The HT Mega \u2013 Absolute Addons For Elementor plugin for 
WordPress  ...)
+       TODO: check
+CVE-2024-42733 (An issue in Docmosis Tornado v.2.9.7 and before allows a 
remote attack ...)
+       TODO: check
+CVE-2024-13908 (The SMTP by BestWebSoft plugin for WordPress is vulnerable to 
arbitrar ...)
+       TODO: check
+CVE-2024-13895 (The The Code Snippets CPT plugin for WordPress is vulnerable 
to arbitr ...)
+       TODO: check
+CVE-2024-13890 (The Allow PHP Execute plugin for WordPress is vulnerable to 
PHP Code I ...)
+       TODO: check
+CVE-2024-13844 (The Post SMTP plugin for WordPress is vulnerable to generic 
SQL Inject ...)
+       TODO: check
+CVE-2024-13835 (The Post Meta Data Manager plugin for WordPress is vulnerable 
to multi ...)
+       TODO: check
+CVE-2024-13826 (The Email Keep WordPress plugin through 1.1 does not have CSRF 
check i ...)
+       TODO: check
+CVE-2024-13825 (The Email Keep WordPress plugin through 1.1 does not sanitise 
and esca ...)
+       TODO: check
+CVE-2024-13774 (The Wishlist for WooCommerce: Multi Wishlists Per Customer 
plugin for  ...)
+       TODO: check
+CVE-2024-13640 (The Print Invoice & Delivery Notes for WooCommerce plugin for 
WordPres ...)
+       TODO: check
+CVE-2024-12460 (The Years Since \u2013 Timeless Texts plugin for WordPress is 
vulnerab ...)
+       TODO: check
+CVE-2024-12119 (The FooGallery \u2013 Responsive Photo Gallery, Image Viewer, 
Justifie ...)
+       TODO: check
+CVE-2024-12114 (The FooGallery \u2013 Responsive Photo Gallery, Image Viewer, 
Justifie ...)
+       TODO: check
+CVE-2024-11087 (The miniOrange Social Login and Register (Discord, Google, 
Twitter, Li ...)
+       TODO: check
 CVE-2025-2090 (A vulnerability was found in PHPGurukul Pre-School Enrollment 
System 1 ...)
        NOT-FOR-US: PHPGurukul
 CVE-2025-2089 (A vulnerability has been found in StarSea99 starsea-mall 
1.0/2.X and c ...)
@@ -212,7 +268,7 @@ CVE-2025-2041 (A vulnerability, which was classified as 
critical, has been found
        NOT-FOR-US: s-a-zhd Ecommerce-Website-using-PHP
 CVE-2025-27816 (A vulnerability was discovered in the Arctera InfoScale 7.0 
through 8. ...)
        NOT-FOR-US: Arctera InfoScale
-CVE-2025-27796 (WPG in GraphicsMagick before 1.3.46 mishandles palette buffer 
allocati ...)
+CVE-2025-27796 (ReadWPGImage in WPG in GraphicsMagick before 1.3.46 mishandles 
palette ...)
        - graphicsmagick <unfixed>
        NOTE: 
https://foss.heptapod.net/graphicsmagick/graphicsmagick/-/commit/883ebf8cae6dfa5873d975fe3476b1a188ef3f9f
 CVE-2025-27795 (ReadJXLImage in JXL in GraphicsMagick before 1.3.46 lacks 
image dimens ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/500a4127e76a42144023a33741459d2a02982f47

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/500a4127e76a42144023a33741459d2a02982f47
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to