Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fd4b6146 by security tracker role at 2025-05-17T20:12:42+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,57 @@
+CVE-2025-4836 (A vulnerability was found in Projectworlds Life Insurance
Management S ...)
+ TODO: check
+CVE-2025-4835 (A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU
3.0.0- ...)
+ TODO: check
+CVE-2025-4834 (A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU
3.0.0- ...)
+ TODO: check
+CVE-2025-4833 (A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU
3.0.0- ...)
+ TODO: check
+CVE-2025-4832 (A vulnerability has been found in TOTOLINK A702R, A3002R and
A3002RU 3 ...)
+ TODO: check
+CVE-2025-4831 (A vulnerability, which was classified as critical, was found in
TOTOLI ...)
+ TODO: check
+CVE-2025-4830 (A vulnerability, which was classified as critical, has been
found in T ...)
+ TODO: check
+CVE-2025-4829 (A vulnerability classified as critical was found in TOTOLINK
A702R, A3 ...)
+ TODO: check
+CVE-2025-4827 (A vulnerability, which was classified as critical, was found in
TOTOLI ...)
+ TODO: check
+CVE-2025-4826 (A vulnerability, which was classified as critical, has been
found in T ...)
+ TODO: check
+CVE-2025-4825 (A vulnerability classified as critical was found in TOTOLINK
A702R, A3 ...)
+ TODO: check
+CVE-2025-4824 (A vulnerability classified as critical has been found in
TOTOLINK A702 ...)
+ TODO: check
+CVE-2025-4823 (A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU
3.0.0- ...)
+ TODO: check
+CVE-2025-4669 (The WP Booking Calendar plugin for WordPress is vulnerable to
Stored C ...)
+ TODO: check
+CVE-2025-4610 (The WP-Members Membership Plugin plugin for WordPress is
vulnerable to ...)
+ TODO: check
+CVE-2025-4101 (The MultiVendorX \u2013 WooCommerce Multivendor Marketplace
Solutions ...)
+ TODO: check
+CVE-2025-48187 (RAGFlow through 0.18.1 allows account takeover because it is
possible ...)
+ TODO: check
+CVE-2025-47948 (Cocotais Bot is a QQ official robot framework based on
qq-bot-sdk. Sta ...)
+ TODO: check
+CVE-2025-47945 (Donetick an open-source app for managing tasks and chores.
Prior to ve ...)
+ TODO: check
+CVE-2025-47931 (LibreNMS is PHP/MySQL/SNMP based network monitoring software.
LibreNMS ...)
+ TODO: check
+CVE-2025-47273 (setuptools is a package that allows users to download, build,
install, ...)
+ TODO: check
+CVE-2025-3888 (The Jupiter X Core plugin for WordPress is vulnerable to Stored
Cross- ...)
+ TODO: check
+CVE-2025-3527 (The EventON Pro plugin for WordPress is vulnerable to
unauthorized mod ...)
+ TODO: check
+CVE-2025-33103 (IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 product IBM TCP/IP
Connectivity Util ...)
+ TODO: check
+CVE-2024-13965
+ REJECTED
+CVE-2024-13964
+ REJECTED
+CVE-2024-13613 (The Wise Chat plugin for WordPress is vulnerable to Sensitive
Informat ...)
+ TODO: check
CVE-2025-4819 (A vulnerability classified as problematic has been found in
y_project ...)
NOT-FOR-US: RuoYi
CVE-2025-4818 (A vulnerability was found in SourceCodester Doctor's
Appointment Syste ...)
@@ -59539,7 +59593,7 @@ CVE-2023-4458 (A flaw was found within the parsing of
extended attributes in the
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/17d5b135bb720832364e8f55f6a887a3c7ec8fdb (6.6-rc1)
CVE-2024-10397 (A malicious server can crash the OpenAFS cache manager and
other clien ...)
- {DSA-5842-1}
+ {DSA-5842-1 DLA-4168-1}
- openafs 1.8.13-1 (bug #1087406; bug #1087407)
NOTE: http://openafs.org/pages/security/OPENAFS-SA-2024-003.txt
NOTE:
https://lists.openafs.org/pipermail/openafs-devel/2024-November/020961.html
@@ -59554,7 +59608,7 @@ CVE-2024-10397 (A malicious server can crash the
OpenAFS cache manager and other
NOTE:
http://git.openafs.org/?p=openafs.git;a=commit;h=4871f8ad2775e97bb85ff7efc33a4ad8d3f6d9d1
(openafs-stable-1_8_13)
NOTE:
http://git.openafs.org/?p=openafs.git;a=commit;h=37e585f0841803cdf3a1f99770034890ba162d7c
(openafs-stable-1_8_13)
CVE-2024-10396 (An authenticated user can provide a malformed ACL to the
fileserver's ...)
- {DSA-5842-1}
+ {DSA-5842-1 DLA-4168-1}
- openafs 1.8.13-1 (bug #1087406; bug #1087407)
NOTE: http://openafs.org/pages/security/OPENAFS-SA-2024-002.txt
NOTE:
https://lists.openafs.org/pipermail/openafs-devel/2024-November/020961.html
@@ -59571,7 +59625,7 @@ CVE-2024-10396 (An authenticated user can provide a
malformed ACL to the fileser
NOTE:
http://git.openafs.org/?p=openafs.git;a=commit;h=a9ede52673b8c8abbfc2577ac6987a8a5686206f
(openafs-stable-1_8_13)
NOTE:
http://git.openafs.org/?p=openafs.git;a=commit;h=21941c0ab2d28fa3a074f46e4d448d518a7c1b8a
(openafs-stable-1_8_13)
CVE-2024-10394 (A local user can bypass the OpenAFS PAG (Process
Authentication Group) ...)
- {DSA-5842-1}
+ {DSA-5842-1 DLA-4168-1}
- openafs 1.8.13-1 (bug #1087406; bug #1087407)
NOTE: http://openafs.org/pages/security/OPENAFS-SA-2024-001.txt
NOTE:
https://lists.openafs.org/pipermail/openafs-devel/2024-November/020961.html
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fd4b6146885d9cbaf008bd11100efc8de5e8d6d8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fd4b6146885d9cbaf008bd11100efc8de5e8d6d8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
