[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Sun, 23 Mar 2025 16:49:30 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
473a3292 by security tracker role at 2025-03-23T20:12:39+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,49 @@
+CVE-2025-30474 (Exposure of Sensitive Information to an Unauthorized Actor 
vulnerabili ...)
+       TODO: check
+CVE-2025-2691 (Versions of the package nossrf before 1.0.4 are vulnerable to 
Server-S ...)
+       TODO: check
+CVE-2025-2662 (A vulnerability was found in Project Worlds Online Time Table 
Generato ...)
+       TODO: check
+CVE-2025-2661 (A vulnerability was found in Project Worlds Online Time Table 
Generato ...)
+       TODO: check
+CVE-2025-2660 (A vulnerability has been found in Project Worlds Online Time 
Table Gen ...)
+       TODO: check
+CVE-2025-2659 (A vulnerability, which was classified as critical, was found in 
Projec ...)
+       TODO: check
+CVE-2025-2658 (A vulnerability, which was classified as critical, has been 
found in P ...)
+       TODO: check
+CVE-2025-2657 (A vulnerability classified as critical was found in 
projectworlds Apar ...)
+       TODO: check
+CVE-2025-2656 (A vulnerability classified as critical has been found in 
PHPGurukul Zo ...)
+       TODO: check
+CVE-2025-2655 (A vulnerability was found in SourceCodester AC Repair and 
Services Sys ...)
+       TODO: check
+CVE-2025-2654 (A vulnerability was found in SourceCodester AC Repair and 
Services Sys ...)
+       TODO: check
+CVE-2025-2653 (A vulnerability was found in FoxCMS 1.25 and classified as 
problematic ...)
+       TODO: check
+CVE-2025-2652 (A vulnerability has been found in SourceCodester Employee and 
Visitor  ...)
+       TODO: check
+CVE-2025-2651 (A vulnerability, which was classified as problematic, was found 
in Sou ...)
+       TODO: check
+CVE-2025-2650 (A vulnerability, which was classified as problematic, has been 
found i ...)
+       TODO: check
+CVE-2025-2649 (A vulnerability classified as critical was found in PHPGurukul 
Doctor  ...)
+       TODO: check
+CVE-2025-2648 (A vulnerability classified as critical has been found in 
PHPGurukul Ar ...)
+       TODO: check
+CVE-2025-2647 (A vulnerability was found in PHPGurukul Art Gallery Management 
System  ...)
+       TODO: check
+CVE-2025-2646 (A vulnerability was found in PHPGurukul Art Gallery Management 
System  ...)
+       TODO: check
+CVE-2025-2645 (A vulnerability was found in PHPGurukul Art Gallery Management 
System  ...)
+       TODO: check
+CVE-2025-29806 (No cwe for this issue in Microsoft Edge (Chromium-based) 
allows an una ...)
+       TODO: check
+CVE-2025-29795 (Improper link resolution before file access ('link following') 
in Micr ...)
+       TODO: check
+CVE-2025-27553 (Relative Path Traversal vulnerability in Apache Commons VFS 
before 2.1 ...)
+       TODO: check
 CVE-2025-2644 (A vulnerability was found in PHPGurukul Art Gallery Management 
System  ...)
        NOT-FOR-US: PHPGurukul
 CVE-2025-2643 (A vulnerability has been found in PHPGurukul Art Gallery 
Management Sy ...)
@@ -2106,6 +2152,7 @@ CVE-2025-2056 (The WP Ghost (Hide My WP Ghost) \u2013 
Security & Firewall plugin
 CVE-2025-26163 (CM Soluces Informatica Ltda Auto Atendimento 1.x.x was 
discovered to c ...)
        NOT-FOR-US: CM Soluces Informatica Ltda Auto Atendimento
 CVE-2025-24855 (numbers.c in libxslt before 1.1.43 has a use-after-free 
because, in ne ...)
+       {DSA-5884-1}
        - libxslt 1.1.35-1.2 (bug #1100566)
        NOTE: https://gitlab.gnome.org/GNOME/libxslt/-/issues/128
        NOTE: Fixed by: 
https://gitlab.gnome.org/GNOME/libxslt/-/commit/c7c7f1f78dd202a053996fcefe57eb994aec8ef2
 (v1.1.43)
@@ -2124,6 +2171,7 @@ CVE-2025-0955 (The VidoRev Extensions plugin for 
WordPress is vulnerable to unau
 CVE-2025-0952 (The Eco Nature - Environment & Ecology WordPress Theme theme 
for WordP ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-55549 (xsltGetInheritedNsList in libxslt before 1.1.43 has a 
use-after-free i ...)
+       {DSA-5884-1}
        - libxslt 1.1.35-1.2 (bug #1100565)
        NOTE: https://gitlab.gnome.org/GNOME/libxslt/-/issues/127
        NOTE: Fixed by: 
https://gitlab.gnome.org/GNOME/libxslt/-/commit/46041b65f2fbddf5c284ee1a1332fa2c515c0515
 (v1.1.43)
@@ -7205,7 +7253,7 @@ CVE-2022-49732 (In the Linux kernel, the following 
vulnerability has been resolv
        - linux 5.18.14-1
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/e34a07c0ae3906f97eb18df50902e2a01c1015b6 (5.19-rc4)
-CVE-2025-0927 [hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key]
+CVE-2025-0927 (Attila Sz\xe1sz discovered that the HFS+ file system 
implementation in ...)
        - linux <unfixed>
        NOTE: 
https://lore.kernel.org/lkml/[email protected]/T/
        NOTE: 
https://ssd-disclosure.com/ssd-advisory-linux-kernel-hfsplus-slab-out-of-bounds-write/



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/473a329208f0c5ee848a978341e28aaa7c3a9ba5

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/473a329208f0c5ee848a978341e28aaa7c3a9ba5
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to