Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
75da6fbb by security tracker role at 2025-04-18T08:12:36+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,106 @@
-CVE-2024-42178
+CVE-2025-42599 (Active! mail 6 BuildInfo: 6.60.05008561 and earlier contains a
stack-b ...)
+ TODO: check
+CVE-2025-40325 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
+ TODO: check
+CVE-2025-40114 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
+ TODO: check
+CVE-2025-40014 (In the Linux kernel, the following vulnerability has been
resolved: o ...)
+ TODO: check
+CVE-2025-3783 (A vulnerability classified as critical was found in
SourceCodester Web ...)
+ TODO: check
+CVE-2025-3598 (The Coupon Affiliates \u2013 Affiliate Plugin for WooCommerce
plugin f ...)
+ TODO: check
+CVE-2025-3520 (The Avatar plugin for WordPress is vulnerable to arbitrary file
deleti ...)
+ TODO: check
+CVE-2025-3509 (A Remote Code Execution (RCE) vulnerability was identified in
GitHub E ...)
+ TODO: check
+CVE-2025-3246 (An improper neutralization of input vulnerability was
identified in Gi ...)
+ TODO: check
+CVE-2025-3124 (A missing authorization vulnerability was identified in GitHub
Enterpr ...)
+ TODO: check
+CVE-2025-39989 (In the Linux kernel, the following vulnerability has been
resolved: x ...)
+ TODO: check
+CVE-2025-39930 (In the Linux kernel, the following vulnerability has been
resolved: A ...)
+ TODO: check
+CVE-2025-39778 (In the Linux kernel, the following vulnerability has been
resolved: o ...)
+ TODO: check
+CVE-2025-39755 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
+ TODO: check
+CVE-2025-39735 (In the Linux kernel, the following vulnerability has been
resolved: j ...)
+ TODO: check
+CVE-2025-39728 (In the Linux kernel, the following vulnerability has been
resolved: c ...)
+ TODO: check
+CVE-2025-39688 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
+ TODO: check
+CVE-2025-39471 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2025-39470 (Path Traversal: '.../...//' vulnerability in ThimPress Ivy
School allo ...)
+ TODO: check
+CVE-2025-39469 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-38637 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
+ TODO: check
+CVE-2025-38575 (In the Linux kernel, the following vulnerability has been
resolved: k ...)
+ TODO: check
+CVE-2025-38479 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
+ TODO: check
+CVE-2025-38240 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
+ TODO: check
+CVE-2025-38152 (In the Linux kernel, the following vulnerability has been
resolved: r ...)
+ TODO: check
+CVE-2025-38104 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
+ TODO: check
+CVE-2025-38049 (In the Linux kernel, the following vulnerability has been
resolved: x ...)
+ TODO: check
+CVE-2025-37925 (In the Linux kernel, the following vulnerability has been
resolved: j ...)
+ TODO: check
+CVE-2025-37893 (In the Linux kernel, the following vulnerability has been
resolved: L ...)
+ TODO: check
+CVE-2025-37860 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
+ TODO: check
+CVE-2025-37785 (In the Linux kernel, the following vulnerability has been
resolved: e ...)
+ TODO: check
+CVE-2025-2613 (The Login Manager \u2013 Design Login Page, View Login
Activity, Limit ...)
+ TODO: check
+CVE-2025-2162 (The MapPress Maps for WordPress plugin before 2.94.10 does not
sanitis ...)
+ TODO: check
+CVE-2025-29461 (An issue in a-blogcms 3.1.15 allows a remote attacker to
obtain sensit ...)
+ TODO: check
+CVE-2025-29460 (An issue in MyBB 1.8.38 allows a remote attacker to obtain
sensitive i ...)
+ TODO: check
+CVE-2025-29459 (An issue in MyBB 1.8.38 allows a remote attacker to obtain
sensitive i ...)
+ TODO: check
+CVE-2025-29458 (An issue in MyBB 1.8.38 allows a remote attacker to obtain
sensitive i ...)
+ TODO: check
+CVE-2025-29457 (An issue in MyBB 1.8.38 allows a remote attacker to obtain
sensitive i ...)
+ TODO: check
+CVE-2025-29456 (An issue in personal-management-system Personal Management
System 1.4. ...)
+ TODO: check
+CVE-2025-29455 (An issue in personal-management-system Personal Management
System 1.4. ...)
+ TODO: check
+CVE-2025-29454 (An issue in personal-management-system Personal Management
System 1.4. ...)
+ TODO: check
+CVE-2025-29453 (An issue in personal-management-system Personal Management
System 1.4. ...)
+ TODO: check
+CVE-2025-29452 (An issue in Seo Panel 4.11.0 allows a remote attacker to
obtain sensit ...)
+ TODO: check
+CVE-2025-29451 (An issue in Seo Panel 4.11.0 allows a remote attacker to
obtain sensit ...)
+ TODO: check
+CVE-2025-29450 (An issue in twonav v.2.1.18-20241105 allows a remote attacker
to obtai ...)
+ TODO: check
+CVE-2025-29449 (An issue in twonav v.2.1.18-20241105 allows a remote attacker
to obtai ...)
+ TODO: check
+CVE-2025-25427 (A Stored cross-site scripting (XSS) vulnerability in upnp page
of the ...)
+ TODO: check
+CVE-2025-1863 (Insecure default settings have been found in recorder products
provide ...)
+ TODO: check
+CVE-2025-0467 (Kernel software installed and running inside a Guest VM may
exploit me ...)
+ TODO: check
+CVE-2024-26014
+ REJECTED
+CVE-2024-13650 (The Piotnet Addons For Elementor plugin for WordPress is
vulnerable to ...)
+ TODO: check
+CVE-2024-42178 (HCL MyXalytics is affected by a failure to restrict URL access
vulnera ...)
NOT-FOR-US: HCL MyXalytics
CVE-2025-43015 (In JetBrains RubyMine before 2025.1 remote Interpreter
overwrote ports ...)
NOT-FOR-US: JetBrains
@@ -3945,6 +4047,7 @@ CVE-2024-26013 (A improper restriction of communication
channel to intended endp
CVE-2023-37930 (Multiple issues including the use of uninitialized ressources
[CWE-908 ...)
NOT-FOR-US: Fortinet
CVE-2025-32460 (GraphicsMagick before 8e56520 has a heap-based buffer
over-read in Rea ...)
+ {DSA-5905-1}
- graphicsmagick 1.4+really1.3.45+hg17696-1
[bullseye] - graphicsmagick <not-affected> (Vulnerable code only
introduced in 1.3.38)
NOTE:
https://foss.heptapod.net/graphicsmagick/graphicsmagick/-/commit/8e56520435df50f618a03f2721a39a70a515f1cb
@@ -14463,6 +14566,7 @@ CVE-2025-27796 (ReadWPGImage in WPG in GraphicsMagick
before 1.3.46 mishandles p
NOTE: Fixed by:
https://foss.heptapod.net/graphicsmagick/graphicsmagick/-/commit/883ebf8cae6dfa5873d975fe3476b1a188ef3f9f
NOTE: https://sourceforge.net/p/graphicsmagick/mailman/message/59169987/
CVE-2025-27795 (ReadJXLImage in JXL in GraphicsMagick before 1.3.46 lacks
image dimens ...)
+ {DSA-5905-1}
- graphicsmagick 1.4+really1.3.45+hg17689-1 (bug #1099955)
[bullseye] - graphicsmagick <not-affected> (Vulnerable code only
introduced in 1.3.38)
NOTE:
https://foss.heptapod.net/graphicsmagick/graphicsmagick/-/commit/9bbae7314e3c3b19b830591010ed90bb136b9c42
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/75da6fbb16657241e69b88384a1717ef83fdf95c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/75da6fbb16657241e69b88384a1717ef83fdf95c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
