[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Thu, 19 Jun 2025 01:12:23 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
e5f8eeb2 by security tracker role at 2025-06-19T08:12:02+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,59 @@
+CVE-2025-6201 (The Pixel Manager for WooCommerce \u2013 Track Conversions and 
Analyti ...)
+       TODO: check
+CVE-2025-5524 (The OceanWP theme for WordPress is vulnerable to Stored 
Cross-Site Scr ...)
+       TODO: check
+CVE-2025-5490 (The Football Pool plugin for WordPress is vulnerable to Stored 
Cross-S ...)
+       TODO: check
+CVE-2025-52474 (WeGIA is a web manager for charitable institutions. Prior to 
version 3 ...)
+       TODO: check
+CVE-2025-52467 (pgai is a Python library that transforms PostgreSQL into a 
retrieval e ...)
+       TODO: check
+CVE-2025-50201 (WeGIA is a web manager for charitable institutions. Prior to 
version 3 ...)
+       TODO: check
+CVE-2025-50183 (OpenList Frontend is a UI component for OpenList. Prior to 
version 4.0 ...)
+       TODO: check
+CVE-2025-50182 (urllib3 is a user-friendly HTTP client library for Python. 
Prior to 2. ...)
+       TODO: check
+CVE-2025-50181 (urllib3 is a user-friendly HTTP client library for Python. 
Prior to 2. ...)
+       TODO: check
+CVE-2025-4965 (The WPBakery Page Builder for WordPress plugin for WordPress is 
vulner ...)
+       TODO: check
+CVE-2025-4661 (A path transversal vulnerability in  Brocade Fabric OS 9.1.0 
through 9 ...)
+       TODO: check
+CVE-2025-4571 (The GiveWP \u2013 Donation Plugin and Fundraising Platform 
plugin for  ...)
+       TODO: check
+CVE-2025-4479 (The ElementsKit Elementor Addons and Templates plugin for 
WordPress is ...)
+       TODO: check
+CVE-2025-4367 (The Download Manager plugin for WordPress is vulnerable to 
Stored Cros ...)
+       TODO: check
+CVE-2025-49591 (CryptPad is a collaboration suite. Prior to version 2025.3.0, 
enforcem ...)
+       TODO: check
+CVE-2025-49590 (CryptPad is a collaboration suite. Prior to version 2025.3.0, 
the "Lin ...)
+       TODO: check
+CVE-2025-24291 (The Versa Director SD-WAN orchestration platform provides 
functionalit ...)
+       TODO: check
+CVE-2025-24288 (The Versa Director software exposes a number of services by 
default an ...)
+       TODO: check
+CVE-2025-24287 (A vulnerability allowing local system users to modify 
directory conten ...)
+       TODO: check
+CVE-2025-24286 (A vulnerability allowing an authenticated user with the Backup 
Operato ...)
+       TODO: check
+CVE-2025-23173 (The Versa Director SD-WAN orchestration platform provides 
direct web-b ...)
+       TODO: check
+CVE-2025-23172 (The Versa Director SD-WAN orchestration platform includes a 
Webhook fe ...)
+       TODO: check
+CVE-2025-23171 (The Versa Director SD-WAN orchestration platform provides an 
option to ...)
+       TODO: check
+CVE-2025-23170 (The Versa Director SD-WAN orchestration platform includes 
functionalit ...)
+       TODO: check
+CVE-2025-23169 (The Versa Director SD-WAN orchestration platform allows 
customization  ...)
+       TODO: check
+CVE-2025-23168 (The Versa Director SD-WAN orchestration platform implements 
Two-Factor ...)
+       TODO: check
+CVE-2025-23121 (A vulnerability allowing remote code execution (RCE) on the 
Backup Ser ...)
+       TODO: check
+CVE-2024-45208 (The Versa Director SD-WAN orchestration platform which makes 
use of Ci ...)
+       TODO: check
 CVE-2025-6240 (Improper Input Validation vulnerability in Profisee on Windows 
(filesy ...)
        NOT-FOR-US: Profisee
 CVE-2025-6220 (The Ultra Addons for Contact Form 7 plugin for WordPress is 
vulnerable ...)
@@ -1806,9 +1862,11 @@ CVE-2025-6018 [LPE from unprivileged to allow_active in 
SUSE 15's PAM]
        NOTE: https://www.openwall.com/lists/oss-security/2025/06/17/4
        NOTE: https://www.qualys.com/2025/06/17/suse15-pam-udisks-lpe.txt
 CVE-2025-6192 (Use after free in Metrics in Google Chrome prior to 
137.0.7151.119 all ...)
+       {DSA-5944-1}
        - chromium 137.0.7151.119-1
        [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2025-6191 (Integer overflow in V8 in Google Chrome prior to 137.0.7151.119 
allowe ...)
+       {DSA-5944-1}
        - chromium 137.0.7151.119-1
        [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2025-49180 (A flaw was found in the RandR extension, where the 
RRChangeProviderPro ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e5f8eeb2b0dcc209075493287a4bcd778ba79357

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e5f8eeb2b0dcc209075493287a4bcd778ba79357
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to