Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
433a67bd by security tracker role at 2025-04-19T08:12:02+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,56 @@
-CVE-2025-43903 [Properly verify adbe.pkcs7.sha1 signatures]
+CVE-2025-43901
+ REJECTED
+CVE-2025-43900
+ REJECTED
+CVE-2025-43899
+ REJECTED
+CVE-2025-43898
+ REJECTED
+CVE-2025-43897
+ REJECTED
+CVE-2025-43896
+ REJECTED
+CVE-2025-43895
+ REJECTED
+CVE-2025-43894
+ REJECTED
+CVE-2025-43893
+ REJECTED
+CVE-2025-3809 (The Debug Log Manager plugin for WordPress is vulnerable to
Stored Cro ...)
+ TODO: check
+CVE-2025-3797 (A vulnerability classified as critical was found in SeaCMS up
to 13.3. ...)
+ TODO: check
+CVE-2025-3796 (A vulnerability classified as critical has been found in
PHPGurukul Me ...)
+ TODO: check
+CVE-2025-3404 (The Download Manager plugin for WordPress is vulnerable to
arbitrary f ...)
+ TODO: check
+CVE-2025-3284 (The User Registration & Membership \u2013 Custom Registration
Form, Lo ...)
+ TODO: check
+CVE-2025-3278 (The UrbanGo Membership plugin for WordPress is vulnerable to
privilege ...)
+ TODO: check
+CVE-2025-3275 (The Themesflat Addons For Elementor plugin for WordPress is
vulnerable ...)
+ TODO: check
+CVE-2025-3103 (The CLEVER - HTML5 Radio Player With History - Shoutcast and
Icecast - ...)
+ TODO: check
+CVE-2025-32953 (z80pack is a mature emulator of multiple platforms with 8080
and Z80 C ...)
+ TODO: check
+CVE-2025-2111 (The Insert Headers And Footers plugin for WordPress is
vulnerable to C ...)
+ TODO: check
+CVE-2025-2010 (The JobWP \u2013 Job Board, Job Listing, Career Page and
Recruitment P ...)
+ TODO: check
+CVE-2025-29058 (An issue in Qimou CMS v.3.34.0 allows a remote attacker to
execute arb ...)
+ TODO: check
+CVE-2025-1457 (The Element Pack Addons for Elementor \u2013 Free Templates and
Widget ...)
+ TODO: check
+CVE-2025-1093 (The AIHub theme for WordPress is vulnerable to arbitrary file
uploads ...)
+ TODO: check
+CVE-2024-53591 (An issue in the login page of Seclore v3.27.5.0 allows
attackers to by ...)
+ TODO: check
+CVE-2024-13926 (The WP-Syntax WordPress plugin through 1.2 does not properly
handle in ...)
+ TODO: check
+CVE-2021-4455 (The Wordpress Plugin Smart Product Review plugin for WordPress
is vuln ...)
+ TODO: check
+CVE-2025-43903 (NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not
verify the ...)
- poppler 25.03.0-4 (bug #1103545)
[bookworm] - poppler <no-dsa> (Minor issue)
NOTE: Introduced with:
https://gitlab.freedesktop.org/poppler/poppler/-/commit/c7c0207b1cfe49a4353d6cda93dbebef4508138f
(poppler-0.42.0)
@@ -262,7 +314,7 @@ CVE-2025-29450 (An issue in twonav v.2.1.18-20241105 allows
a remote attacker to
NOT-FOR-US: twonav
CVE-2025-29449 (An issue in twonav v.2.1.18-20241105 allows a remote attacker
to obtai ...)
NOT-FOR-US: twonav
-CVE-2025-25427 (A Stored cross-site scripting (XSS) vulnerability in upnp page
of the ...)
+CVE-2025-25427 (A stored cross-site scripting (XSS) vulnerability in the
upnp.htm page ...)
NOT-FOR-US: TP-Link
CVE-2025-1863 (Insecure default settings have been found in recorder products
provide ...)
NOT-FOR-US: Yokogawa
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/433a67bd40658cb1821f9abeb1d06cc32e054ec1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/433a67bd40658cb1821f9abeb1d06cc32e054ec1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
