[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Sun, 16 Mar 2025 01:12:20 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
d210c0f3 by security tracker role at 2025-03-16T08:11:50+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,75 @@
+CVE-2025-30077 (Open Networking Foundation SD-RAN ONOS onos-lib-go 0.10.28 
allows an i ...)
+       TODO: check
+CVE-2025-30076 (Koha before 24.11.02 allows admins to execute arbitrary 
commands via s ...)
+       TODO: check
+CVE-2025-30074 (Alludo Parallels Desktop before 19.4.2 and 20.x before 20.2.2 
for macO ...)
+       TODO: check
+CVE-2025-2335 (A vulnerability classified as problematic was found in Drivin 
Solu\xe7 ...)
+       TODO: check
+CVE-2025-2334 (A vulnerability classified as problematic has been found in 
274056675  ...)
+       TODO: check
+CVE-2025-27281 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
+       TODO: check
+CVE-2025-26978 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
+       TODO: check
+CVE-2025-26976 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
+       TODO: check
+CVE-2025-26972 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
+       TODO: check
+CVE-2025-26969 (Missing Authorization vulnerability in Aldo Latino 
PrivateContent. Thi ...)
+       TODO: check
+CVE-2025-26961 (Missing Authorization vulnerability in NotFound Fresh 
Framework allows ...)
+       TODO: check
+CVE-2025-26940 (Path Traversal vulnerability in NotFound Pie Register Premium. 
This is ...)
+       TODO: check
+CVE-2025-26924 (Improper Control of Generation of Code ('Code Injection') 
vulnerabilit ...)
+       TODO: check
+CVE-2025-26921 (Deserialization of Untrusted Data vulnerability in 
magepeopleteam Book ...)
+       TODO: check
+CVE-2025-26899 (Cross-Site Request Forgery (CSRF) vulnerability in Recapture 
Cart Reco ...)
+       TODO: check
+CVE-2025-26895 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
+       TODO: check
+CVE-2025-26886 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
+       TODO: check
+CVE-2025-26875 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
+       TODO: check
+CVE-2025-26556 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
+       TODO: check
+CVE-2025-26555 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
+       TODO: check
+CVE-2025-26554 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
+       TODO: check
+CVE-2025-26553 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
+       TODO: check
+CVE-2025-26548 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
+       TODO: check
+CVE-2025-24856 (An issue was discovered in the oidc (aka OpenID Connect 
Authentication ...)
+       TODO: check
+CVE-2025-23744 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
+       TODO: check
+CVE-2025-1624 (The GDPR Cookie Compliance  WordPress plugin before 4.15.9 does 
not sa ...)
+       TODO: check
+CVE-2025-1623 (The GDPR Cookie Compliance  WordPress plugin before 4.15.9 does 
not sa ...)
+       TODO: check
+CVE-2025-1622 (The GDPR Cookie Compliance  WordPress plugin before 4.15.7 does 
not sa ...)
+       TODO: check
+CVE-2025-1621 (The GDPR Cookie Compliance  WordPress plugin before 4.15.7 does 
not sa ...)
+       TODO: check
+CVE-2025-1620 (The GDPR Cookie Compliance  WordPress plugin before 4.15.7 does 
not sa ...)
+       TODO: check
+CVE-2025-1619 (The GDPR Cookie Compliance  WordPress plugin before 4.15.7 does 
not sa ...)
+       TODO: check
+CVE-2025-0524
+       REJECTED
+CVE-2024-58103 (Square Wire before 5.2.0 does not enforce a recursion limit on 
nested  ...)
+       TODO: check
+CVE-2024-13602 (The Poll Maker  WordPress plugin before 5.5.4 does not 
sanitise and es ...)
+       TODO: check
+CVE-2024-13126 (The Download Manager WordPress plugin before 3.3.07 doesn't 
prevent di ...)
+       TODO: check
+CVE-2022-49737 (In X.Org X server 20.11 through 21.1.16, when a client 
application use ...)
+       TODO: check
 CVE-2025-2333
        REJECTED
 CVE-2025-2323 (A vulnerability was found in 274056675 
springboot-openai-chatgpt e84f6 ...)
@@ -12,7 +84,7 @@ CVE-2025-25225 (A privilege escalation vulnerability in the 
Hikashop component v
        NOT-FOR-US: Joomla
 CVE-2025-1530 (The Tripetto plugin for WordPress is vulnerable to Cross-Site 
Request  ...)
        NOT-FOR-US: WordPress plugin
-CVE-2025-30066 (tj-actions changed-files through 45.0.7 allows remote 
attackers to dis ...)
+CVE-2025-30066 (tj-actions changed-files before 46 allows remote attackers to 
discover ...)
        NOT-FOR-US: tj-actions changed-files
 CVE-2025-2325 (The WP Test Email plugin for WordPress is vulnerable to Stored 
Cross-S ...)
        NOT-FOR-US: WordPress plugin



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d210c0f3645a8735df2e417a16643652857e9f56

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d210c0f3645a8735df2e417a16643652857e9f56
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to