Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a84f8edf by security tracker role at 2025-06-07T20:12:36+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,27 @@
+CVE-2025-5840 (A vulnerability, which was classified as critical, was found in
Source ...)
+ TODO: check
+CVE-2025-5839 (A vulnerability, which was classified as critical, has been
found in T ...)
+ TODO: check
+CVE-2025-5838 (A vulnerability classified as critical was found in PHPGurukul
Employe ...)
+ TODO: check
+CVE-2025-5837 (A vulnerability classified as critical has been found in
PHPGurukul Em ...)
+ TODO: check
+CVE-2025-5836 (A vulnerability was found in Tenda AC9 15.03.02.13. It has been
rated ...)
+ TODO: check
+CVE-2025-5568 (The WpEvently plugin for WordPress is vulnerable to Stored
Cross-Site ...)
+ TODO: check
+CVE-2025-5528 (The Social Sharing Plugin \u2013 Sassy Social Share plugin for
WordPre ...)
+ TODO: check
+CVE-2025-5303 (The LTL Freight Quotes \u2013 Freightview Edition, LTL Freight
Quotes ...)
+ TODO: check
+CVE-2025-49619 (Skyvern through 0.1.85 has a Jinja runtime leak in
sdk/workflow/models ...)
+ TODO: check
+CVE-2024-9994 (The Essential Addons for Elementor \u2013 Best Elementor Addon,
Templa ...)
+ TODO: check
+CVE-2024-9993 (The Essential Addons for Elementor \u2013 Best Elementor Addon,
Templa ...)
+ TODO: check
+CVE-2024-55585 (In the moPS App through 1.8.618, all users can access
administrative A ...)
+ TODO: check
CVE-2025-5814 (The Profiler \u2013 What Slowing Down Your WP plugin for
WordPress is ...)
NOT-FOR-US: WordPress plugin
CVE-2025-49128 (Jackson-core contains core low-level incremental ("streaming")
parser ...)
@@ -8228,7 +8252,7 @@ CVE-2025-28201 (An issue in Victure RX1800
EN_V1.0.0_r12_110933 allows physicall
NOT-FOR-US: Victure RX1800
CVE-2025-28200 (Victure RX1800 EN_V1.0.0_r12_110933 was discovered to utilize
a weak d ...)
NOT-FOR-US: Victure RX1800
-CVE-2025-28074 (phpList prior to 3.6.3 is vulnerable to Cross-Site Scripting
(XSS) due ...)
+CVE-2025-28074 (phpList before 3.6.15 is vulnerable to Cross-Site Scripting
(XSS) due ...)
- phplist <itp> (bug #612288)
CVE-2025-27720 (The Pixmeo Osirix MD Web Portal sends credential information
without e ...)
NOT-FOR-US: Pixmeo Osirix MD
@@ -8608,7 +8632,7 @@ CVE-2025-30101 (Dell PowerScale OneFS, versions 9.8.0.0
through 9.10.1.0, contai
NOT-FOR-US: Dell / EMC
CVE-2025-2806 (The tagDiv Composer plugin for WordPress, used by the Newspaper
theme, ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-28073 (phpList 3.6.3 is vulnerable to Reflected Cross-Site Scripting
(XSS) vi ...)
+CVE-2025-28073 (phpList before 3.6.15 is vulnerable to Reflected Cross-Site
Scripting ...)
- phplist <itp> (bug #612288)
CVE-2025-27695 (Dell Wyse Management Suite, versions prior to WMS 5.1 contain
an Authe ...)
NOT-FOR-US: Dell / EMC
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a84f8edf87ba4aa268e96dda56c815288e72cedd
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a84f8edf87ba4aa268e96dda56c815288e72cedd
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
