Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5908446f by security tracker role at 2025-03-31T08:11:54+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,95 @@
+CVE-2025-3019 (KNIME Business Hub is affected by several cross-site scripting
vulnera ...)
+ TODO: check
+CVE-2025-3014 (Insecure Direct Object References (IDOR) in access control in
Tracking ...)
+ TODO: check
+CVE-2025-3013 (Insecure Direct Object References (IDOR) in access control in
Customer ...)
+ TODO: check
+CVE-2025-3011 (SOOP-CLM from PiExtract has a SQL Injection vulnerability,
allowing un ...)
+ TODO: check
+CVE-2025-31417 (Missing Authorization vulnerability in Fahad Mahmood WP Docs
allows Ex ...)
+ TODO: check
+CVE-2025-31414 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-31412 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-31387 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
+ TODO: check
+CVE-2025-31103 (Untrusted data deserialization vulnerability exists in a-blog
cms. Pro ...)
+ TODO: check
+CVE-2025-31043 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-31016 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
+ TODO: check
+CVE-2025-30987 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-30855 (Missing Authorization vulnerability in Ads by WPQuads Ads by
WPQuads a ...)
+ TODO: check
+CVE-2025-30835 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
+ TODO: check
+CVE-2025-2983 (A vulnerability has been found in Legrand SMS PowerView 1.x and
classi ...)
+ TODO: check
+CVE-2025-2982 (A vulnerability, which was classified as critical, was found in
Legran ...)
+ TODO: check
+CVE-2025-2981 (A vulnerability, which was classified as problematic, has been
found i ...)
+ TODO: check
+CVE-2025-2980 (A vulnerability classified as problematic was found in Legrand
SMS Pow ...)
+ TODO: check
+CVE-2025-2979 (A vulnerability classified as problematic has been found in
WCMS 11. T ...)
+ TODO: check
+CVE-2025-2978 (A vulnerability was found in WCMS 11. It has been rated as
critical. A ...)
+ TODO: check
+CVE-2025-2977 (A vulnerability was found in GFI KerioConnect 10.0.6. It has
been decl ...)
+ TODO: check
+CVE-2025-2976 (A vulnerability was found in GFI KerioConnect 10.0.6. It has
been clas ...)
+ TODO: check
+CVE-2025-2975 (A vulnerability was found in GFI KerioConnect 10.0.6 and
classified as ...)
+ TODO: check
+CVE-2025-2974 (A vulnerability has been found in CodeCanyon Perfex CRM up to
3.2.1 an ...)
+ TODO: check
+CVE-2025-2973 (A vulnerability, which was classified as critical, was found in
code-p ...)
+ TODO: check
+CVE-2025-2972 (A vulnerability, which was classified as problematic, has been
found i ...)
+ TODO: check
+CVE-2025-2971 (A vulnerability classified as problematic was found in
ConcreteCMS up ...)
+ TODO: check
+CVE-2025-2970 (A vulnerability classified as problematic has been found in
ConcreteCM ...)
+ TODO: check
+CVE-2025-2969 (A vulnerability was found in ConcreteCMS up to 9.3.9. It has
been rate ...)
+ TODO: check
+CVE-2025-2968 (A vulnerability was found in ConcreteCMS up to 9.3.9. It has
been decl ...)
+ TODO: check
+CVE-2025-2967 (A vulnerability was found in ConcreteCMS up to 9.3.9. It has
been clas ...)
+ TODO: check
+CVE-2025-2966 (A vulnerability was found in ConcreteCMS up to 9.3.9 and
classified as ...)
+ TODO: check
+CVE-2025-2965 (A vulnerability has been found in ConcreteCMS up to 9.3.9 and
classifi ...)
+ TODO: check
+CVE-2025-2964 (A vulnerability, which was classified as problematic, was found
in Con ...)
+ TODO: check
+CVE-2025-2963 (A vulnerability, which was classified as problematic, has been
found i ...)
+ TODO: check
+CVE-2025-2961 (A vulnerability classified as problematic was found in
opensolon up to ...)
+ TODO: check
+CVE-2025-2960 (A vulnerability classified as problematic has been found in
TRENDnet T ...)
+ TODO: check
+CVE-2025-2959 (A vulnerability was found in TRENDnet TEW-410APB 1.3.06b. It
has been ...)
+ TODO: check
+CVE-2025-2402 (A hard-coded, non-random password for the object store (minio)
of KNIM ...)
+ TODO: check
+CVE-2025-26689 (Direct request ('Forced Browsing') issue exists in CHOCO TEI
WATCHER m ...)
+ TODO: check
+CVE-2025-25211 (Weak password requirements issue exists in CHOCO TEI WATCHER
mini (IB- ...)
+ TODO: check
+CVE-2025-24852 (Storing passwords in a recoverable format issue exists in
CHOCO TEI WA ...)
+ TODO: check
+CVE-2025-24517 (Use of client-side authentication issue exists in CHOCO TEI
WATCHER mi ...)
+ TODO: check
+CVE-2025-1268 (Out-of-bounds vulnerability in EMF Recode processing of Generic
Plus P ...)
+ TODO: check
+CVE-2025-0613 (The Photo Gallery by 10Web WordPress plugin before 1.8.34 does
not sa ...)
+ TODO: check
+CVE-2024-13804 (Vulnerability in Hewlett Packard Enterprise HPE Insight
Cluster Manage ...)
+ TODO: check
CVE-2025-2958 (A vulnerability was found in TRENDnet TEW-818DRU 1.0.14.6. It
has been ...)
NOT-FOR-US: TRENDnet
CVE-2025-2957 (A vulnerability was found in TRENDnet TEW-411BRP+ 2.07. It has
been cl ...)
@@ -18356,6 +18448,7 @@ CVE-2024-56946 (Denial of service in DNS-over-QUIC in
Technitium DNS Server <= v
CVE-2024-56921 (An issue was discovered in Open5gs v2.7.2. InitialUEMessage,
Registrat ...)
- open5gs <itp> (bug #1094791)
CVE-2024-56161 (Improper signature verification in AMD CPU ROM microcode patch
loader ...)
+ {DLA-4098-1}
- amd64-microcode 3.20250311.1 (bug #1095470)
[bookworm] - amd64-microcode <no-dsa> (Minor issue in Debian context;
AMD-SEV not supported)
NOTE: https://www.openwall.com/lists/oss-security/2025/01/22/1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5908446f0bed4de4cf91aa19a231f2cfb1640d43
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5908446f0bed4de4cf91aa19a231f2cfb1640d43
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
