[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Fri, 04 Apr 2025 03:38:16 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
6223d6b4 by security tracker role at 2025-04-04T08:12:06+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,145 @@
+CVE-2025-3220 (A vulnerability was found in PHPGurukul e-Diary Management 
System 1.0. ...)
+       TODO: check
+CVE-2025-3219 (A vulnerability was found in CodeCanyon Perfex CRM 3.2.1. It 
has been  ...)
+       TODO: check
+CVE-2025-3217 (A vulnerability was found in PHPGurukul e-Diary Management 
System 1.0. ...)
+       TODO: check
+CVE-2025-3216 (A vulnerability was found in PHPGurukul e-Diary Management 
System 1.0. ...)
+       TODO: check
+CVE-2025-3215 (A vulnerability was found in PHPGurukul Restaurant Table 
Booking Syste ...)
+       TODO: check
+CVE-2025-3214 (A vulnerability has been found in JFinal CMS up to 5.2.4 and 
classifie ...)
+       TODO: check
+CVE-2025-3213 (A vulnerability classified as critical was found in PHPGurukul 
e-Diary ...)
+       TODO: check
+CVE-2025-3211 (A vulnerability classified as critical has been found in 
code-projects ...)
+       TODO: check
+CVE-2025-3210 (A vulnerability was found in code-projects Patient Record 
Management S ...)
+       TODO: check
+CVE-2025-3209 (A vulnerability was found in code-projects Patient Record 
Management S ...)
+       TODO: check
+CVE-2025-3208 (A vulnerability was found in code-projects Patient Record 
Management S ...)
+       TODO: check
+CVE-2025-3207 (A vulnerability was found in code-projects Patient Record 
Management S ...)
+       TODO: check
+CVE-2025-3206 (A vulnerability has been found in code-projects Hospital 
Management Sy ...)
+       TODO: check
+CVE-2025-3205 (A vulnerability, which was classified as critical, was found in 
CodeAs ...)
+       TODO: check
+CVE-2025-3204 (A vulnerability, which was classified as critical, has been 
found in C ...)
+       TODO: check
+CVE-2025-3203 (A vulnerability classified as problematic was found in Tenda 
W18E 16.0 ...)
+       TODO: check
+CVE-2025-3202 (A vulnerability classified as critical has been found in 
ageerle ruoyi ...)
+       TODO: check
+CVE-2025-3199 (A vulnerability was found in ageerle ruoyi-ai up to 2.0.1 and 
classifi ...)
+       TODO: check
+CVE-2025-3198 (A vulnerability has been found in GNU Binutils 2.43/2.44 and 
classifie ...)
+       TODO: check
+CVE-2025-3197 (Versions of the package expand-object from 0.0.0 are vulnerable 
to Pro ...)
+       TODO: check
+CVE-2025-3196 (A vulnerability, which was classified as critical, was found in 
Open A ...)
+       TODO: check
+CVE-2025-3195 (A vulnerability, which was classified as critical, has been 
found in i ...)
+       TODO: check
+CVE-2025-3194 (Versions of the package bigint-buffer from 0.0.0 are vulnerable 
to Buf ...)
+       TODO: check
+CVE-2025-3192 (Versions of the package spatie/browsershot from 0.0.0 are 
vulnerable t ...)
+       TODO: check
+CVE-2025-3191 (All versions of the package react-draft-wysiwyg are vulnerable 
to Cros ...)
+       TODO: check
+CVE-2025-3188 (A vulnerability classified as critical has been found in 
PHPGurukul e- ...)
+       TODO: check
+CVE-2025-3187 (A vulnerability was found in PHPGurukul e-Diary Management 
System 1.0. ...)
+       TODO: check
+CVE-2025-3186 (A vulnerability was found in projectworlds Online Doctor 
Appointment B ...)
+       TODO: check
+CVE-2025-3185 (A vulnerability was found in projectworlds Online Doctor 
Appointment B ...)
+       TODO: check
+CVE-2025-3184 (A vulnerability was found in projectworlds Online Doctor 
Appointment B ...)
+       TODO: check
+CVE-2025-3183 (A vulnerability has been found in projectworlds Online Doctor 
Appointm ...)
+       TODO: check
+CVE-2025-3182 (A vulnerability, which was classified as critical, was found in 
projec ...)
+       TODO: check
+CVE-2025-3181 (A vulnerability, which was classified as critical, has been 
found in p ...)
+       TODO: check
+CVE-2025-3180 (A vulnerability classified as critical was found in 
projectworlds Onli ...)
+       TODO: check
+CVE-2025-3179 (A vulnerability classified as critical has been found in 
projectworlds ...)
+       TODO: check
+CVE-2025-3178 (A vulnerability was found in projectworlds Online Doctor 
Appointment B ...)
+       TODO: check
+CVE-2025-3105 (The Vehica Core plugin for WordPress, used by the Vehica - Car 
Dealer  ...)
+       TODO: check
+CVE-2025-3087 (Stored XSS in M-Files Web versions from 25.1.14445.5 to 
25.2.14524.4 a ...)
+       TODO: check
+CVE-2025-3086 (Improper isolation of users in M-Files Server version before 
25.3.1454 ...)
+       TODO: check
+CVE-2025-32111 (The Docker image from acme.sh before 40b6db6 is based on a 
.github/wor ...)
+       TODO: check
+CVE-2025-30370 (jupyterlab-git is a JupyterLab extension for version control 
using Git ...)
+       TODO: check
+CVE-2025-2836 (The RegistrationMagic \u2013 Custom Registration Forms, User 
Registrat ...)
+       TODO: check
+CVE-2025-2797 (The Woffice Core plugin for WordPress is vulnerable to 
Cross-Site Requ ...)
+       TODO: check
+CVE-2025-2780 (The Woffice Core plugin for WordPress, used by the Woffice 
Theme, is v ...)
+       TODO: check
+CVE-2025-2317 (The Product Filter by WBW plugin for WordPress is vulnerable to 
time-b ...)
+       TODO: check
+CVE-2025-2279 (The Maps  WordPress plugin through 1.0.6 does not validate and 
escape  ...)
+       TODO: check
+CVE-2025-2270 (The Countdown, Coming Soon, Maintenance \u2013 Countdown & 
Clock plugi ...)
+       TODO: check
+CVE-2025-2159 (Stored XSS in Desktop UI in M-Files Server Admin tool before 
version 2 ...)
+       TODO: check
+CVE-2025-2075 (The Uncanny Automator \u2013 Easy Automation, Integration, 
Webhooks &  ...)
+       TODO: check
+CVE-2025-29815 (Use after free in Microsoft Edge (Chromium-based) allows an 
authorized ...)
+       TODO: check
+CVE-2025-29796 (User interface (ui) misrepresentation of critical information 
in Micro ...)
+       TODO: check
+CVE-2025-26401 (Weak encoding for password vulnerability exists in HMI ViewJet 
C-more  ...)
+       TODO: check
+CVE-2025-25061 (Unintended proxy or intermediary ('Confused Deputy') issue 
exists in H ...)
+       TODO: check
+CVE-2025-25001 (Improper neutralization of input during web page generation 
('cross-si ...)
+       TODO: check
+CVE-2025-25000 (Access of resource using incompatible type ('type confusion') 
in Micro ...)
+       TODO: check
+CVE-2025-24317 (Allocation of resources without limits or throttling issue 
exists in H ...)
+       TODO: check
+CVE-2025-24310 (Improper restriction of rendered UI layers or frames issue 
exists in H ...)
+       TODO: check
+CVE-2025-0279 (HCL Traveler generates some error messages that provide 
detailed infor ...)
+       TODO: check
+CVE-2025-0278 (HCL Traveler is affected by an internal path disclosure in a 
Windows a ...)
+       TODO: check
+CVE-2024-56528 (This vulnerability affects Snowplow Collector 3.x before 3.3.0 
(unless ...)
+       TODO: check
+CVE-2024-47217 (An issue was discovered in Iglu Server 0.13.0 and below. It is 
similar ...)
+       TODO: check
+CVE-2024-47215 (An issue was discovered in Snowbridge setups sending data to 
Google Ta ...)
+       TODO: check
+CVE-2024-47214 (An issue was discovered in Iglu Server 0.13.0 and below. It is 
similar ...)
+       TODO: check
+CVE-2024-47213 (An issue was discovered affecting Enrich 5.1.0 and below. It 
involves  ...)
+       TODO: check
+CVE-2024-47212 (An issue was discovered in Iglu Server 0.13.0 and below. It 
involves s ...)
+       TODO: check
+CVE-2024-45199 (insightsoftware Hive JDBC through 2.6.13 has a remote code 
execution v ...)
+       TODO: check
+CVE-2024-42208 (HCL Connections is vulnerable to an information disclosure 
vulnerabili ...)
+       TODO: check
+CVE-2024-13898 (The Simple Banner \u2013 Easily add multiple 
Banners/Bars/Notification ...)
+       TODO: check
+CVE-2024-13744 (The Booster for WooCommerce plugin for WordPress is vulnerable 
to arbi ...)
+       TODO: check
+CVE-2024-13708 (The Booster for WooCommerce plugin for WordPress is vulnerable 
to Stor ...)
+       TODO: check
+CVE-2024-13645 (The tagDiv Composer plugin for WordPress is vulnerable to PHP 
Object I ...)
+       TODO: check
 CVE-2025-3190
        REJECTED
 CVE-2025-3177 (A vulnerability was found in FastCMS 0.1.5. It has been 
declared as cr ...)
@@ -2504,25 +2646,34 @@ CVE-2025-2974 (A vulnerability has been found in 
CodeCanyon Perfex CRM up to 3.2
        NOT-FOR-US: CodeCanyon Perfex CRM
 CVE-2025-2973 (A vulnerability, which was classified as critical, was found in 
code-p ...)
        NOT-FOR-US: code-projects
-CVE-2025-2972 (A vulnerability, which was classified as problematic, has been 
found i ...)
+CVE-2025-2972
+       REJECTED
        NOT-FOR-US: ConcreteCMS
 CVE-2025-2971 (A vulnerability classified as problematic was found in 
ConcreteCMS up  ...)
        NOT-FOR-US: ConcreteCMS
-CVE-2025-2970 (A vulnerability classified as problematic has been found in 
ConcreteCM ...)
+CVE-2025-2970
+       REJECTED
        NOT-FOR-US: ConcreteCMS
-CVE-2025-2969 (A vulnerability was found in ConcreteCMS up to 9.3.9. It has 
been rate ...)
+CVE-2025-2969
+       REJECTED
        NOT-FOR-US: ConcreteCMS
-CVE-2025-2968 (A vulnerability was found in ConcreteCMS up to 9.3.9. It has 
been decl ...)
+CVE-2025-2968
+       REJECTED
        NOT-FOR-US: ConcreteCMS
-CVE-2025-2967 (A vulnerability was found in ConcreteCMS up to 9.3.9. It has 
been clas ...)
+CVE-2025-2967
+       REJECTED
        NOT-FOR-US: ConcreteCMS
-CVE-2025-2966 (A vulnerability was found in ConcreteCMS up to 9.3.9 and 
classified as ...)
+CVE-2025-2966
+       REJECTED
        NOT-FOR-US: ConcreteCMS
-CVE-2025-2965 (A vulnerability has been found in ConcreteCMS up to 9.3.9 and 
classifi ...)
+CVE-2025-2965
+       REJECTED
        NOT-FOR-US: ConcreteCMS
-CVE-2025-2964 (A vulnerability, which was classified as problematic, was found 
in Con ...)
+CVE-2025-2964
+       REJECTED
        NOT-FOR-US: ConcreteCMS
-CVE-2025-2963 (A vulnerability, which was classified as problematic, has been 
found i ...)
+CVE-2025-2963
+       REJECTED
        NOT-FOR-US: ConcreteCMS
 CVE-2025-2961 (A vulnerability classified as problematic was found in 
opensolon up to ...)
        NOT-FOR-US: opensolon
@@ -4061,6 +4212,7 @@ CVE-2025-30355 (Synapse is an open source Matrix 
homeserver implementation. A ma
        NOTE: 
https://github.com/element-hq/synapse/security/advisories/GHSA-v56r-hwv5-mxg6
        NOTE: 
https://github.com/element-hq/synapse/commit/2277df2a1eb685f85040ef98fa21d41aa4cdd389
 (v1.127.1)
 CVE-2025-31160 (atop through 2.11.0 allows local users to cause a denial of 
service (e ...)
+       {DSA-5892-1}
        - atop 2.11.1-1
        NOTE: https://www.openwall.com/lists/oss-security/2025/03/26/2
        NOTE: https://github.com/Atoptool/atop/issues/334



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6223d6b41db983a65bc1985489b39bf0174aa027

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6223d6b41db983a65bc1985489b39bf0174aa027
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to