[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Fri, 04 Apr 2025 11:30:21 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
ee610984 by security tracker role at 2025-03-21T08:12:09+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,55 @@
+CVE-2025-30348 (encodeText in QDom in Qt before 6.8.0 has a complex algorithm 
involvin ...)
+       TODO: check
+CVE-2025-30347 (Varnish Enterprise before 6.0.13r13 allows remote attackers to 
obtain  ...)
+       TODO: check
+CVE-2025-30346 (Varnish Cache before 7.6.2 and Varnish Enterprise before 
6.0.13r10 all ...)
+       TODO: check
+CVE-2025-30345 (An issue was discovered in OpenSlides before 4.2.5. When 
creating new  ...)
+       TODO: check
+CVE-2025-30344 (An issue was discovered in OpenSlides before 4.2.5. During 
login at th ...)
+       TODO: check
+CVE-2025-30343 (A directory traversal issue was discovered in OpenSlides 
before 4.2.5. ...)
+       TODO: check
+CVE-2025-30342 (An XSS issue was discovered in OpenSlides before 4.2.5. When 
submittin ...)
+       TODO: check
+CVE-2025-30334 (In OpenBSD 7.6 before errata 006 and OpenBSD 7.5 before errata 
015, tr ...)
+       TODO: check
+CVE-2025-2585 (EBM Maintenance Center From EBM Technologies has a SQL 
Injection vulne ...)
+       TODO: check
+CVE-2025-2584 (A vulnerability was found in WebAssembly wabt 1.0.36. It has 
been decl ...)
+       TODO: check
+CVE-2025-2583 (A vulnerability was found in SimpleMachines SMF 2.1.4. It has 
been cla ...)
+       TODO: check
+CVE-2025-2582 (A vulnerability was found in SimpleMachines SMF 2.1.4 and 
classified a ...)
+       TODO: check
+CVE-2025-2581 (A vulnerability has been found in xmedcon 0.25.0 and classified 
as pro ...)
+       TODO: check
+CVE-2025-2574 (Out-of-bounds array write in Xpdf 4.05 and earlier, due to 
incorrect i ...)
+       TODO: check
+CVE-2025-2538 (A specific type of ArcGIS Enterprise deployment, is vulnerable 
to a Pa ...)
+       TODO: check
+CVE-2025-2198
+       REJECTED
+CVE-2025-29814 (Improper authorization in Microsoft Partner Center allows an 
authorize ...)
+       TODO: check
+CVE-2025-29807 (Deserialization of untrusted data in Microsoft Dataverse 
allows an aut ...)
+       TODO: check
+CVE-2025-26336 (Dell Chassis Management Controller Firmware for Dell PowerEdge 
FX2, ve ...)
+       TODO: check
+CVE-2025-25758 (An issue in KukuFM Android v1.12.7 (11207) allows attackers to 
access  ...)
+       TODO: check
+CVE-2024-54564 (This issue was addressed through improved state management. 
This issue ...)
+       TODO: check
+CVE-2024-54551 (The issue was addressed with improved memory handling. This 
issue is f ...)
+       TODO: check
+CVE-2024-50053 (Zohocorp ManageEngine ServiceDesk Plus versionsbelow14920, 
ServiceDesk ...)
+       TODO: check
+CVE-2024-44305 (This issue was addressed by removing the vulnerable code. This 
issue i ...)
+       TODO: check
+CVE-2024-44199 (An out-of-bounds read was addressed with improved input 
validation. Th ...)
+       TODO: check
+CVE-2024-13903 (A vulnerability was found in quickjs-ng QuickJS up to 0.8.0. 
It has be ...)
+       TODO: check
 CVE-2025-30160 (Redlib is an alternative private front-end to Reddit. A 
vulnerability  ...)
        NOT-FOR-US: Redlib
 CVE-2025-2565 (The data exposure vulnerability in Liferay Portal 7.4.0 through 
7.4.3. ...)
@@ -852,6 +904,7 @@ CVE-2025-2512 (The File Away plugin for WordPress is 
vulnerable to arbitrary fil
 CVE-2025-2511 (The AHAthat Plugin plugin for WordPress is vulnerable to 
time-based SQ ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-2476 (Use after free in Lens in Google Chrome prior to 134.0.6998.117 
allowe ...)
+       {DSA-5882-1}
        - chromium 134.0.6998.117-1
        [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2025-2324 (Improper Privilege Management vulnerability for users 
configured as Sh ...)
@@ -171871,8 +171924,8 @@ CVE-2023-28209 (A buffer overflow issue was addressed 
with improved memory handl
        NOT-FOR-US: Apple
 CVE-2023-28208 (A logic issue was addressed with improved state management. 
This issue ...)
        NOT-FOR-US: Apple
-CVE-2023-28207
-       RESERVED
+CVE-2023-28207 (The issue was addressed with improved checks. This issue is 
fixed in m ...)
+       TODO: check
 CVE-2023-28206 (An out-of-bounds write issue was addressed with improved input 
validat ...)
        NOT-FOR-US: Apple
 CVE-2023-28205 (A use after free issue was addressed with improved memory 
management.  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ee610984ff605693043abfe89cb898122fda4c88

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ee610984ff605693043abfe89cb898122fda4c88
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to