Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e47936b0 by security tracker role at 2025-03-27T08:12:05+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,12 +1,88 @@
+CVE-2025-31165 (Cross-Site Scripting (XSS) vulnerability in the Logbug module
of Night ...)
+ TODO: check
+CVE-2025-31113
+ REJECTED
+CVE-2025-31112
+ REJECTED
+CVE-2025-31111
+ REJECTED
+CVE-2025-31110
+ REJECTED
+CVE-2025-31109
+ REJECTED
+CVE-2025-31108
+ REJECTED
+CVE-2025-31107
+ REJECTED
+CVE-2025-31106
+ REJECTED
+CVE-2025-31105
+ REJECTED
+CVE-2025-30407 (Local privilege escalation due to a binary hijacking
vulnerability. Th ...)
+ TODO: check
+CVE-2025-2838 (Silicon Labs Gecko OS DNS Response Processing Infinite Loop
Denial-of- ...)
+ TODO: check
+CVE-2025-2837 (Silicon Labs Gecko OS HTTP Request Handling Stack-based Buffer
Overflo ...)
+ TODO: check
+CVE-2025-2835 (A vulnerability was found in zhangyd-c OneBlog up to 2.3.9. It
has bee ...)
+ TODO: check
+CVE-2025-2833 (A vulnerability was found in zhangyd-c OneBlog up to 2.3.9. It
has bee ...)
+ TODO: check
+CVE-2025-2832 (A vulnerability was found in mingyuefusu
\u660e\u6708\u590d\u82cf tush ...)
+ TODO: check
+CVE-2025-2831 (A vulnerability has been found in mingyuefusu
\u660e\u6708\u590d\u82cf ...)
+ TODO: check
+CVE-2025-2787 (KNIME Business Hub is affected by the Ingress-nginx
CVE-2025-1974 ( a. ...)
+ TODO: check
+CVE-2025-2685 (The TablePress \u2013 Tables in WordPress made easy plugin for
WordPre ...)
+ TODO: check
+CVE-2025-2496
+ REJECTED
+CVE-2025-2481 (The MediaView plugin for WordPress is vulnerable to Reflected
Cross-Si ...)
+ TODO: check
+CVE-2025-2332 (The Export All Posts, Products, Orders, Refunds & Users plugin
for Wor ...)
+ TODO: check
+CVE-2025-20233 (In the Splunk App for Lookup File Editing versions below
4.0.5, a scri ...)
+ TODO: check
+CVE-2025-20232 (In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8
and Splunk ...)
+ TODO: check
+CVE-2025-20231 (In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and
9.1.8, an ...)
+ TODO: check
+CVE-2025-20230 (In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and
9.1.8, an ...)
+ TODO: check
+CVE-2025-20229 (In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8,
and Splu ...)
+ TODO: check
+CVE-2025-20228 (In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8
and Splunk ...)
+ TODO: check
+CVE-2025-20227 (In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and
9.1.8, an ...)
+ TODO: check
+CVE-2025-20226 (In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and
9.1.8 and ...)
+ TODO: check
+CVE-2025-0273 (HCL DevOps Deploy / HCL Launch stores potentially sensitive
authentica ...)
+ TODO: check
+CVE-2024-55965 (An issue was discovered in Appsmith before 1.51. Users invited
as "App ...)
+ TODO: check
+CVE-2024-45361 (A protocol flaw vulnerability exists in the Xiaomi Mi Connect
Service ...)
+ TODO: check
+CVE-2024-45356 (A unauthorized access vulnerability exists in the Xiaomi phone
framewo ...)
+ TODO: check
+CVE-2024-45355 (A unauthorized access vulnerability exists in the Xiaomi phone
framewo ...)
+ TODO: check
+CVE-2024-45354 (A code execution vulnerability exists in the Xiaomi shop
applicationpr ...)
+ TODO: check
+CVE-2024-45353 (An intent redriction vulnerability exists in the Xiaomi quick
App fram ...)
+ TODO: check
+CVE-2024-45352 (An code execution vulnerability exists in the Xiaomi smarthome
applica ...)
+ TODO: check
CVE-2024-48944
NOT-FOR-US: Apache Kylin (different from Kylin desktop environment)
CVE-2025-30067
NOT-FOR-US: Apache Kylin (different from Kylin desktop environment)
-CVE-2025-30355
+CVE-2025-30355 (Synapse is an open source Matrix homeserver implementation. A
maliciou ...)
- matrix-synapse 1.121.0-6
NOTE:
https://github.com/element-hq/synapse/security/advisories/GHSA-v56r-hwv5-mxg6
NOTE:
https://github.com/element-hq/synapse/commit/2277df2a1eb685f85040ef98fa21d41aa4cdd389
(v1.127.1)
-CVE-2025-31160
+CVE-2025-31160 (atop through 2.11.0 allows local users to cause a denial of
service (e ...)
- atop <unfixed>
NOTE: https://rachelbythebay.com/w/2025/03/26/atop/
NOTE: https://www.openwall.com/lists/oss-security/2025/03/26/2
@@ -530,7 +606,8 @@ CVE-2025-2722 (A vulnerability was found in GNOME libgsf up
to 1.14.53. It has b
CVE-2025-2721 (A vulnerability was found in GNOME libgsf up to 1.14.53. It has
been c ...)
- libgsf <undetermined>
NOTE: https://vuldb.com/?submit.520181
-CVE-2025-2720 (A vulnerability was found in GNOME libgsf up to 1.14.53 and
classified ...)
+CVE-2025-2720
+ REJECTED
- libgsf <undetermined>
NOTE: https://gitlab.gnome.org/GNOME/libgsf/-/issues/38
CVE-2025-2717 (A vulnerability, which was classified as critical, has been
found in D ...)
@@ -60444,7 +60521,7 @@ CVE-2024-4555 (Improper Privilege Management
vulnerability in OpenText NetIQ Acc
NOT-FOR-US: (OpenText) NetIQ Access Manager
CVE-2024-4554 (Improper Input Validation vulnerability in OpenText NetIQ
Access Manag ...)
NOT-FOR-US: (OpenText) NetIQ Access Manager
-CVE-2024-45346 (A code execution vulnerability exists in the XiaomiGetApps
application ...)
+CVE-2024-45346 (The Xiaomi Security Center expresses heartfelt thanks to Ken
Gannon an ...)
NOT-FOR-US: XiaomiGetApps application
CVE-2024-45049 (Hydra is a Continuous Integration service for Nix based
projects. It i ...)
NOT-FOR-US: Hydra
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e47936b00e3236d2b4c0dd60d51da562fd9fe0ff
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e47936b00e3236d2b4c0dd60d51da562fd9fe0ff
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
