[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Tue, 12 Aug 2025 01:21:45 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
dd508590 by security tracker role at 2025-08-12T08:12:09+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,4 +1,102 @@
-CVE-2025-40920
+CVE-2025-8874 (The Master Addons \u2013 Elementor Addons with White Label, 
Free Widge ...)
+       TODO: check
+CVE-2025-8767 (The AnWP Football Leagues plugin for WordPress is vulnerable to 
CSV In ...)
+       TODO: check
+CVE-2025-8690 (The Simple Responsive Slider plugin for WordPress is vulnerable 
to Sto ...)
+       TODO: check
+CVE-2025-8688 (The Inline Stock Quotes plugin for WordPress is vulnerable to 
Stored C ...)
+       TODO: check
+CVE-2025-8685 (The Wp chart generator plugin for WordPress is vulnerable to 
Stored Cr ...)
+       TODO: check
+CVE-2025-8621 (The Mosaic Generator plugin for WordPress is vulnerable to 
Stored Cros ...)
+       TODO: check
+CVE-2025-8568 (The GMap Generator plugin for WordPress is vulnerable to Stored 
Cross- ...)
+       TODO: check
+CVE-2025-8482 (The Simple Local Avatars plugin for WordPress is vulnerable to 
unautho ...)
+       TODO: check
+CVE-2025-8462 (The RT Easy Builder \u2013 Advanced addons for Elementor plugin 
for Wo ...)
+       TODO: check
+CVE-2025-8418 (The B Slider- Gutenberg Slider Block for WP plugin for 
WordPress is vu ...)
+       TODO: check
+CVE-2025-8314 (The Software Issue Manager plugin for WordPress is vulnerable 
to Store ...)
+       TODO: check
+CVE-2025-8081 (The Elementor plugin for WordPress is vulnerable to Arbitrary 
File Rea ...)
+       TODO: check
+CVE-2025-8059 (The B Blocks plugin for WordPress is vulnerable to Privilege 
Escalatio ...)
+       TODO: check
+CVE-2025-7622 (During an internal security assessment, a Server-Side Request 
Forgery  ...)
+       TODO: check
+CVE-2025-6253 (The UiCore Elements \u2013 Free Elementor widgets and templates 
plugin ...)
+       TODO: check
+CVE-2025-5391 (The WooCommerce Purchase Orders plugin for WordPress is 
vulnerable to  ...)
+       TODO: check
+CVE-2025-55161 (Stirling-PDF is a locally hosted web application that performs 
various ...)
+       TODO: check
+CVE-2025-55159 (slab is a pre-allocated storage for a uniform data type. In 
version 0. ...)
+       TODO: check
+CVE-2025-55158 (Vim is an open source, command line text editor. In versions 
from 9.1. ...)
+       TODO: check
+CVE-2025-55157 (Vim is an open source, command line text editor. In versions 
from 9.1. ...)
+       TODO: check
+CVE-2025-55156 (pyLoad is the free and open-source Download Manager written in 
pure Py ...)
+       TODO: check
+CVE-2025-55151 (Stirling-PDF is a locally hosted web application that performs 
various ...)
+       TODO: check
+CVE-2025-55150 (Stirling-PDF is a locally hosted web application that performs 
various ...)
+       TODO: check
+CVE-2025-55012 (Zed is a multiplayer code editor. Prior to version 0.197.3, in 
the Zed ...)
+       TODO: check
+CVE-2025-54992 (OpenKilda is an open-source OpenFlow controller. Prior to 
version 1.16 ...)
+       TODO: check
+CVE-2025-54878 (CryptoLib provides a software-only solution using the CCSDS 
Space Data ...)
+       TODO: check
+CVE-2025-4390 (The WP Private Content Plus plugin for WordPress is vulnerable 
to Sens ...)
+       TODO: check
+CVE-2025-47444 (Insertion of Sensitive Information Into Sent Data 
vulnerability in Liq ...)
+       TODO: check
+CVE-2025-42976 (SAP NetWeaver Application Server ABAP (BIC Document) allows an 
authent ...)
+       TODO: check
+CVE-2025-42975 (SAP NetWeaver Application Server ABAP (BIC Document) allows an 
unauthe ...)
+       TODO: check
+CVE-2025-42957 (SAP S/4HANA allows an attacker with user privileges to exploit 
a vulne ...)
+       TODO: check
+CVE-2025-42955 (Due to a missing authorization check in SAP Cloud Connector, 
an attack ...)
+       TODO: check
+CVE-2025-42951 (Due to broken authorization, SAP Business One (SLD) allows an 
authenti ...)
+       TODO: check
+CVE-2025-42950 (SAP Landscape Transformation (SLT) allows an attacker with 
user privil ...)
+       TODO: check
+CVE-2025-42949 (Due to a missing authorization check in the ABAP Platform, an 
authenti ...)
+       TODO: check
+CVE-2025-42948 (Due to a Cross-Site Scripting (XSS) vulnerability in SAP 
NetWeaver ABA ...)
+       TODO: check
+CVE-2025-42946 (Due to directory traversal vulnerability in SAP S/4HANA (Bank 
Communic ...)
+       TODO: check
+CVE-2025-42945 (SAP NetWeaver Application Server ABAP has HTML injection 
vulnerability ...)
+       TODO: check
+CVE-2025-42943 (SAP GUI for Windows may allow the leak of NTML hashes when 
specific AB ...)
+       TODO: check
+CVE-2025-42942 (SAP NetWeaver Application Server for ABAP has cross-site 
scripting vul ...)
+       TODO: check
+CVE-2025-42941 (SAP Fiori (Launchpad) is vulnerable to Reverse Tabnabbing 
vulnerabilit ...)
+       TODO: check
+CVE-2025-42936 (The SAP NetWeaver Application Server for ABAP does not enable 
an admin ...)
+       TODO: check
+CVE-2025-42935 (The SAP NetWeaver Application Server ABAP and ABAP Platform 
Internet C ...)
+       TODO: check
+CVE-2025-42934 (SAP S/4HANA Supplier invoice is vulnerable to CRLF Injection. 
An attac ...)
+       TODO: check
+CVE-2025-41686 (A low-privileged local attacker can exploit improper 
permissions on ns ...)
+       TODO: check
+CVE-2025-3892 (ACAP applications can be executed with elevated privileges, 
potentiall ...)
+       TODO: check
+CVE-2025-30027 (An ACAP configuration file lacked sufficient input validation, 
which c ...)
+       TODO: check
+CVE-2025-25235 (Server-Side Request Forgery (SSRF) in Omnissa Secure Email 
Gateway (SE ...)
+       TODO: check
+CVE-2024-32640 (MASA CMS is an Enterprise Content Management platform based on 
open so ...)
+       TODO: check
+CVE-2025-40920 (Catalyst::Authentication::Credential::HTTP versions 1.018 and 
earlier  ...)
        - libcatalyst-authentication-credential-http-perl <unfixed> (bug 
#1110887)
        [trixie] - libcatalyst-authentication-credential-http-perl <no-dsa> 
(Minor issue)
        [bookworm] - libcatalyst-authentication-credential-http-perl <no-dsa> 
(Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd508590bac688a0db5d8734ca9fc783ed5c3e87

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd508590bac688a0db5d8734ca9fc783ed5c3e87
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to