Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
08022d74 by Salvatore Bonaccorso at 2025-04-10T22:33:15+02:00
Process more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,17 +5,17 @@ CVE-2025-32754 (In jenkins/ssh-agent Docker images 6.11.1 and
earlier, SSH host
CVE-2025-32743 (In ConnMan through 1.44, the lookup string in ns_resolv in
dnsproxy.c ...)
TODO: check
CVE-2025-32687 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-32668 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-32395 (Vite is a frontend tooling framework for javascript. Prior to
6.2.6, 6 ...)
TODO: check
CVE-2025-32391 (HedgeDoc is an open source, real-time, collaborative, markdown
notes a ...)
- TODO: check
+ NOT-FOR-US: HedgeDoc
CVE-2025-32383 (MaxKB (Max Knowledge Base) is an open source knowledge base
question-a ...)
- TODO: check
+ NOT-FOR-US: MaxKB (Max Knowledge Base)
CVE-2025-32382 (Metabase is an open source Business Intelligence and Embedded
Analytic ...)
- TODO: check
+ NOT-FOR-US: Metabase
CVE-2025-32282 (Cross-Site Request Forgery (CSRF) vulnerability in ShareThis
ShareThis ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-32275 (Authentication Bypass by Spoofing vulnerability in Ays Pro
Survey Make ...)
@@ -31,7 +31,7 @@ CVE-2025-32243 (Missing Authorization vulnerability in Toast
Plugins Internal Li
CVE-2025-32242 (Missing Authorization vulnerability in Hive Support Hive
Support allow ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-32240 (Missing Authorization vulnerability in NotFound Site Notify
allows Exp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-32236 (Missing Authorization vulnerability in Vagonic Woocommerce
Products Re ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-32230 (Improper Neutralization of Script-Related HTML Tags in a Web
Page (Bas ...)
@@ -95,25 +95,25 @@ CVE-2025-31524 (Incorrect Privilege Assignment
vulnerability in NotFound WP User
CVE-2025-31411 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-30582 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: aytechnet DyaPress ERP/CRM
CVE-2025-30148 (Silverstripe Framework is a PHP framework which powers the
Silverstrip ...)
- TODO: check
+ NOT-FOR-US: Silverstripe Framework
CVE-2025-29150 (BlueCMS 1.6 suffers from Arbitrary File Deletion via the id
parameter ...)
- TODO: check
+ NOT-FOR-US: BlueCMS
CVE-2025-29088 (An issue in sqlite v.3.49.0 allows an attacker to cause a
denial of se ...)
TODO: check
CVE-2025-29017 (A Remote Code Execution (RCE) vulnerability exists in Code
Astro Inter ...)
NOT-FOR-US: CodeAstro
CVE-2025-27813 (MSI Center before 2.0.52.0 has Missing PE Signature
Validation.)
- TODO: check
+ NOT-FOR-US: MSI Center
CVE-2025-27812 (MSI Center before 2.0.52.0 allows TOCTOU Local Privilege
Escalation.)
- TODO: check
+ NOT-FOR-US: MSI Center
CVE-2025-27350 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-27081 (A potential security vulnerability in HPE NonStop OSM Service
Connecti ...)
NOT-FOR-US: HPE
CVE-2025-25197 (Silverstripe Elemental extends a page type to swap the content
area fo ...)
- TODO: check
+ NOT-FOR-US: Silverstripe Elemental
CVE-2025-24866 (Mattermost versions 9.11.x <= 9.11.8 fail to enforce proper
access con ...)
TODO: check
CVE-2025-23386 (A Incorrect Default Permissions vulnerability in the openSUSE
Tumblewe ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/08022d749cf3979c11dcfff444062f4d658d8f8f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/08022d749cf3979c11dcfff444062f4d658d8f8f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
