Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0a9ff21f by Salvatore Bonaccorso at 2025-02-18T21:18:56+01:00
Process new NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -51,9 +51,9 @@ CVE-2025-1023 (A vulnerability exists in ChurchCRM5.13.0 and
priorthat allows an
CVE-2025-0981 (A vulnerability exists in ChurchCRM5.13.0 and prior that allows
an att ...)
TODO: check
CVE-2025-0817 (The FormCraft plugin for WordPress is vulnerable to Stored
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-0521 (The Post SMTP plugin for WordPress is vulnerable to Stored
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-57056 (Incorrect cookie session handling in WombatDialer before 25.02
results ...)
TODO: check
CVE-2024-57055 (Server-Side Access Control Bypass vulnerability in
WombatDialer before ...)
@@ -89,29 +89,29 @@ CVE-2024-39328 (Insecure Permissions in Atos Eviden IDRA
and IDCA before 2.7.0.
CVE-2024-39327 (Incorrect Access Control vulnerability in Atos Eviden IDRA
before 2.6. ...)
TODO: check
CVE-2024-13797 (The PressMart - Modern Elementor WooCommerce WordPress Theme
theme for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13783 (The FormCraft plugin for WordPress is vulnerable to
unauthorized acces ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13718 (The Flexible Wishlist for WooCommerce \u2013 Ecommerce
Wishlist & Save ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13691 (The Uncode theme for WordPress is vulnerable to arbitrary file
read du ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13689 (The Uncode Core plugin for WordPress is vulnerable to
arbitrary shortc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13681 (The Uncode theme for WordPress is vulnerable to arbitrary file
read du ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13667 (The Uncode theme for WordPress is vulnerable to Stored
Cross-Site Scri ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13636 (The Brooklyn theme for WordPress is vulnerable to PHP Object
Injection ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13395 (The Threepress plugin for WordPress is vulnerable to Stored
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13369 (The Tour Master - Tour Booking, Travel, Hotel plugin for
WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13316 (The Scratch & Win \u2013 Giveaways and Contests. Boost
subscribers, tr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12860 (The CarSpot \u2013 Dealership Wordpress Classified Theme theme
for Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-1125 [fs/hfs: Interger overflow may lead to heap based out-of-bounds
write]
- grub2 <unfixed>
NOTE:
https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a9ff21fafca79ca28bc7b9252ca1b54a424d8e7
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a9ff21fafca79ca28bc7b9252ca1b54a424d8e7
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
