[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Sat, 03 May 2025 01:12:52 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
fdf2d51d by security tracker role at 2025-05-03T08:12:29+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,41 @@
+CVE-2025-4222 (The Database Toolset plugin for WordPress is vulnerable to 
Sensitive I ...)
+       TODO: check
+CVE-2025-4218 (A vulnerability was found in handrew browserpilot up to 0.2.51. 
It has ...)
+       TODO: check
+CVE-2025-4215 (A vulnerability was found in gorhill uBlock Origin up to 
1.63.3b16. It ...)
+       TODO: check
+CVE-2025-4199 (The Abundatrade Plugin plugin for WordPress is vulnerable to 
Cross-Sit ...)
+       TODO: check
+CVE-2025-4198 (The Alink Tap plugin for WordPress is vulnerable to Cross-Site 
Request ...)
+       TODO: check
+CVE-2025-4188 (The Advanced Reorder Image Text Slider plugin for WordPress is 
vulnera ...)
+       TODO: check
+CVE-2025-4172 (The VerticalResponse Newsletter Widget plugin for WordPress is 
vulnera ...)
+       TODO: check
+CVE-2025-4170 (The Xavin&#039;s Review Ratings plugin for WordPress is 
vulnerable to  ...)
+       TODO: check
+CVE-2025-4168 (The Subpage List plugin for WordPress is vulnerable to Stored 
Cross-Si ...)
+       TODO: check
+CVE-2025-47229 (libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to 
cause a d ...)
+       TODO: check
+CVE-2025-47226 (Grokability Snipe-IT before 8.1.0 has incorrect authorization 
for acce ...)
+       TODO: check
+CVE-2025-46723 (OpenVM is a performant and modular zkVM framework built for 
customizat ...)
+       TODO: check
+CVE-2025-3918 (The Job Listings plugin for WordPress is vulnerable to 
Privilege Escal ...)
+       TODO: check
+CVE-2025-3815 (The SurveyJS plugin for WordPress is vulnerable to Stored 
Cross-Site S ...)
+       TODO: check
+CVE-2025-3779 (The Personizely plugin for WordPress is vulnerable to Stored 
Cross-Sit ...)
+       TODO: check
+CVE-2025-21572 (OpenGrok 1.13.25 has a reflected Cross-Site Scripting (XSS) 
issue when ...)
+       TODO: check
+CVE-2025-0782 (A vulnerability in the S3 bucket configuration for h2oai/h2o-3 
allows  ...)
+       TODO: check
+CVE-2024-55069 (ffmpeg 7.1 is vulnerable to Null Pointer Dereference in 
function iamf_ ...)
+       TODO: check
+CVE-2024-13738 (The The Motors - Car Dealer, Rental & Listing WordPress theme 
theme fo ...)
+       TODO: check
 CVE-2025-4214 (A vulnerability was found in PHPGuruku Online DJ Booking 
Management Sy ...)
        NOT-FOR-US: PHPGuruku Online DJ Booking Management System
 CVE-2025-4213 (A vulnerability has been found in PHPGurukul Online Birth 
Certificate  ...)
@@ -8710,7 +8748,7 @@ CVE-2025-30373 (Graylog is a free and open log management 
platform. Starting wit
 CVE-2025-2251 (A security flaw exists in WildFly and JBoss Enterprise 
Application Pla ...)
        NOT-FOR-US: Red Hat WildFly and JBoss Enterprise Application Platform 
(EAP)
 CVE-2025-29769 (libvips is a demand-driven, horizontally threaded image 
processing lib ...)
-       {DLA-4148-1}
+       {DSA-5915-1 DLA-4148-1}
        - vips 8.16.1-1
        NOTE: 
https://github.com/libvips/libvips/security/advisories/GHSA-f8r8-43hh-rghm
        NOTE: https://github.com/libvips/libvips/pull/4392
@@ -295328,8 +295366,8 @@ CVE-2022-21548 (Vulnerability in the Oracle WebLogic 
Server product of Oracle Fu
        NOT-FOR-US: Oracle
 CVE-2022-21547 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
        - mysql-8.0 8.0.30-1 (bug #1015789)
-CVE-2022-21546
-       RESERVED
+CVE-2022-21546 (In newer version of the SBC specs, we have a NDOB bit that 
indicates t ...)
+       TODO: check
 CVE-2022-21545 (Vulnerability in the Oracle iRecruitment product of Oracle 
E-Business  ...)
        NOT-FOR-US: Oracle
 CVE-2022-21544 (Vulnerability in the Oracle FLEXCUBE Universal Banking product 
of Orac ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fdf2d51d782387d645e789108945a49d9456e2f5

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fdf2d51d782387d645e789108945a49d9456e2f5
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to