Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4c5f9f36 by security tracker role at 2025-04-07T20:12:41+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,196 @@
-CVE-2025-30195
+CVE-2025-3426 (We observed that Intellispace Portal binaries doesn\u2019t have
any pr ...)
+ TODO: check
+CVE-2025-3425 (The IntelliSpace portal application utilizes .NET Remoting for
its fun ...)
+ TODO: check
+CVE-2025-3424 (The IntelliSpace portal application utilizes .NET Remoting for
its fun ...)
+ TODO: check
+CVE-2025-3382 (A vulnerability has been found in joey-zhou
xiaozhi-esp32-server-java ...)
+ TODO: check
+CVE-2025-3381 (A vulnerability, which was classified as critical, was found in
zhangy ...)
+ TODO: check
+CVE-2025-3380 (A vulnerability, which was classified as critical, has been
found in P ...)
+ TODO: check
+CVE-2025-3379 (A vulnerability classified as critical was found in PCMan FTP
Server 2 ...)
+ TODO: check
+CVE-2025-3378 (A vulnerability classified as critical has been found in PCMan
FTP Ser ...)
+ TODO: check
+CVE-2025-3377 (A vulnerability was found in PCMan FTP Server 2.0.7. It has
been rated ...)
+ TODO: check
+CVE-2025-3376 (A vulnerability was found in PCMan FTP Server 2.0.7. It has
been decla ...)
+ TODO: check
+CVE-2025-3375 (A vulnerability was found in PCMan FTP Server 2.0.7. It has
been class ...)
+ TODO: check
+CVE-2025-3374 (A vulnerability was found in PCMan FTP Server 2.0.7 and
classified as ...)
+ TODO: check
+CVE-2025-3373 (A vulnerability has been found in PCMan FTP Server 2.0.7 and
classifie ...)
+ TODO: check
+CVE-2025-3372 (A vulnerability, which was classified as critical, was found in
PCMan ...)
+ TODO: check
+CVE-2025-3371 (A vulnerability, which was classified as critical, has been
found in P ...)
+ TODO: check
+CVE-2025-3370 (A vulnerability classified as critical has been found in
PHPGurukul Me ...)
+ TODO: check
+CVE-2025-3369 (A vulnerability was found in xxyopen Novel-Plus 5.1.0. It has
been rat ...)
+ TODO: check
+CVE-2025-3360 (A flaw was found in GLib. An integer overflow and buffer
under-read oc ...)
+ TODO: check
+CVE-2025-3359 (A flaw was found in GNUPlot. A segmentation fault via
IO_str_init_stat ...)
+ TODO: check
+CVE-2025-3353 (A vulnerability was found in PHPGurukul Men Salon Management
System 1. ...)
+ TODO: check
+CVE-2025-3352 (A vulnerability was found in PHPGurukul Old Age Home Management
System ...)
+ TODO: check
+CVE-2025-3351 (A vulnerability has been found in PHPGurukul Old Age Home
Management S ...)
+ TODO: check
+CVE-2025-3350 (A vulnerability, which was classified as critical, was found in
PHPGur ...)
+ TODO: check
+CVE-2025-3349 (A vulnerability, which was classified as critical, has been
found in P ...)
+ TODO: check
+CVE-2025-3348 (A vulnerability classified as critical was found in
code-projects Pati ...)
+ TODO: check
+CVE-2025-3347 (A vulnerability classified as critical has been found in
code-projects ...)
+ TODO: check
+CVE-2025-3346 (A vulnerability was found in Tenda AC7 15.03.06.44. It has been
rated ...)
+ TODO: check
+CVE-2025-3345 (A vulnerability was found in codeprojects Online Restaurant
Management ...)
+ TODO: check
+CVE-2025-3344 (A vulnerability was found in codeprojects Online Restaurant
Management ...)
+ TODO: check
+CVE-2025-3248 (Langflow versions prior to 1.3.0 are susceptible to code
injection in ...)
+ TODO: check
+CVE-2025-32014 (estree-util-value-to-estree converts a JavaScript value to an
ESTree e ...)
+ TODO: check
+CVE-2025-31476 (tarteaucitron.js is a compliant and accessible cookie banner.
A vulner ...)
+ TODO: check
+CVE-2025-31475 (tarteaucitron.js is a compliant and accessible cookie banner.
A vulner ...)
+ TODO: check
+CVE-2025-31138 (tarteaucitron.js is a compliant and accessible cookie banner.
A vulner ...)
+ TODO: check
+CVE-2025-30373 (Graylog is a free and open log management platform. Starting
with 6.1, ...)
+ TODO: check
+CVE-2025-2251 (A security flaw exists in WildFly and JBoss Enterprise
Application Pla ...)
+ TODO: check
+CVE-2025-29769 (libvips is a demand-driven, horizontally threaded image
processing lib ...)
+ TODO: check
+CVE-2025-29594 (A vulnerability exists in the errorpage.php file of the
CS2-WeaponPain ...)
+ TODO: check
+CVE-2025-29482 (Buffer Overflow vulnerability in libheif 1.19.7 allows a local
attacke ...)
+ TODO: check
+CVE-2025-29481 (Buffer Overflow vulnerability in libbpf 1.5.0 allows a local
attacker ...)
+ TODO: check
+CVE-2025-29480 (Buffer Overflow vulnerability in gdal 3.10.2 allows a local
attacker t ...)
+ TODO: check
+CVE-2025-29479 (Buffer Overflow in hiredis 1.2.0 allows a local attacker to
cause a de ...)
+ TODO: check
+CVE-2025-29478 (An issue in fluent-bit v.3.7.2 allows a local attacker to
cause a deni ...)
+ TODO: check
+CVE-2025-29087 (Sqlite 3.49.0 is susceptible to integer overflow through the
concat fu ...)
+ TODO: check
+CVE-2025-28413 (An issue in RUoYi v.4.8.0 allows a remote attacker to escalate
privile ...)
+ TODO: check
+CVE-2025-28412 (An issue in RUoYi v.4.8.0 allows a remote attacker to escalate
privile ...)
+ TODO: check
+CVE-2025-28411 (An issue in RUoYi v.4.8.0 allows a remote attacker to escalate
privile ...)
+ TODO: check
+CVE-2025-28410 (An issue in RUoYi v.4.8.0 allows a remote attacker to escalate
privile ...)
+ TODO: check
+CVE-2025-28409 (An issue in RUoYi v.4.8.0 allows a remote attacker to escalate
privile ...)
+ TODO: check
+CVE-2025-28408 (An issue in RUoYi v.4.8.0 allows a remote attacker to escalate
privile ...)
+ TODO: check
+CVE-2025-28407 (An issue in RUoYi v.4.8.0 allows a remote attacker to escalate
privile ...)
+ TODO: check
+CVE-2025-28406 (An issue in RUoYi v.4.8.0 allows a remote attacker to escalate
privile ...)
+ TODO: check
+CVE-2025-28405 (An issue in RUoYi v.4.8.0 allows a remote attacker to escalate
privile ...)
+ TODO: check
+CVE-2025-28403 (An issue in RUoYi v.4.8.0 allows a remote attacker to escalate
privile ...)
+ TODO: check
+CVE-2025-28402 (An issue in RUoYi v.4.8.0 allows a remote attacker to escalate
privile ...)
+ TODO: check
+CVE-2025-28401 (An issue in RUoYi v.4.8.0 allows a remote attacker to escalate
privile ...)
+ TODO: check
+CVE-2025-28400 (An issue in RUoYi v.4.8.0 allows a remote attacker to escalate
privile ...)
+ TODO: check
+CVE-2025-27686 (Dell Unisphere for PowerMax, version(s) prior to 10.2.0.9 and
PowerMax ...)
+ TODO: check
+CVE-2025-21448 (Transient DOS may occur while parsing SSID in action frames.)
+ TODO: check
+CVE-2025-21447 (Memory corruption may occur while processing device IO control
call fo ...)
+ TODO: check
+CVE-2025-21443 (Memory corruption while processing message content in eAVB.)
+ TODO: check
+CVE-2025-21442 (Memory corruption while transmitting packet mapping
information with i ...)
+ TODO: check
+CVE-2025-21441 (Memory corruption when IOCTL call is invoked from user-space
to write ...)
+ TODO: check
+CVE-2025-21440 (Memory corruption when IOCTL call is invoked from user-space
to write ...)
+ TODO: check
+CVE-2025-21439 (Memory corruption may occur while reading board data via IOCTL
call wh ...)
+ TODO: check
+CVE-2025-21438 (Memory corruption while IOCTL call is invoked from user-space
to read ...)
+ TODO: check
+CVE-2025-21437 (Memory corruption while processing memory map or unmap IOCTL
operation ...)
+ TODO: check
+CVE-2025-21436 (Memory corruption may occur while initiating two IOCTL calls
simultane ...)
+ TODO: check
+CVE-2025-21435 (Transient DOS may occur while parsing extended IE in beacon.)
+ TODO: check
+CVE-2025-21434 (Transient DOS may occur while parsing EHT operation IE or EHT
capabili ...)
+ TODO: check
+CVE-2025-21431 (Information disclosure may be there when a guest VM is
connected.)
+ TODO: check
+CVE-2025-21430 (Transient DOS while connecting STA to AP and initiating ADD TS
request ...)
+ TODO: check
+CVE-2025-21429 (Memory corruption occurs while connecting a STA to an AP and
initiatin ...)
+ TODO: check
+CVE-2025-21428 (Memory corruption occurs while connecting a STA to an AP and
initiatin ...)
+ TODO: check
+CVE-2025-21425 (Memory corruption may occur due top improper access control in
HAB pro ...)
+ TODO: check
+CVE-2025-21423 (Memory corruption occurs when handling client calls to
EnableTestMode ...)
+ TODO: check
+CVE-2025-21421 (Memory corruption while processing escape code in API.)
+ TODO: check
+CVE-2025-0050 (Improper Restriction of Operations within the Bounds of a
Memory Buffe ...)
+ TODO: check
+CVE-2024-49848 (Memory corruption while processing multiple IOCTL calls from
HLOS to D ...)
+ TODO: check
+CVE-2024-46494 (A cross-site scripting (XSS) vulnerability in Typecho v1.2.1
allows at ...)
+ TODO: check
+CVE-2024-45557 (Memory corruption can occur when TME processes addresses from
TZ and M ...)
+ TODO: check
+CVE-2024-45556 (Cryptographic issue may arise because the access control
configuration ...)
+ TODO: check
+CVE-2024-45552 (Information disclosure may occur during a video call if a
device reset ...)
+ TODO: check
+CVE-2024-45551 (Cryptographic issue occurs during PIN/password verification
using Gate ...)
+ TODO: check
+CVE-2024-45549 (Information disclosure while creating MQ channels.)
+ TODO: check
+CVE-2024-45544 (Memory corruption while processing IOCTL calls to add route
entry in t ...)
+ TODO: check
+CVE-2024-45543 (Memory corruption while accessing MSM channel map and mixer
functions.)
+ TODO: check
+CVE-2024-45540 (Memory corruption while invoking IOCTL map buffer request from
userspa ...)
+ TODO: check
+CVE-2024-43067 (Memory corruption occurs during the copying of read data from
the EEPR ...)
+ TODO: check
+CVE-2024-43066 (Memory corruption while handling file descriptor during
listener regis ...)
+ TODO: check
+CVE-2024-43065 (Cryptographic issues while generating an asymmetric key pair
for RKP u ...)
+ TODO: check
+CVE-2024-43058 (Memory corruption while processing IOCTL calls.)
+ TODO: check
+CVE-2024-43046 (There may be information disclosure during memory
re-allocation in TZ ...)
+ TODO: check
+CVE-2024-38797 (EDK2 contains a vulnerability in the HashPeImageByType(). A
user may c ...)
+ TODO: check
+CVE-2024-33058 (Memory corruption while assigning memory from the source DDR
memory(HL ...)
+ TODO: check
+CVE-2024-11859 (DLL Search Order Hijacking vulnerability potentially allowed
an attack ...)
+ TODO: check
+CVE-2025-30195 (An attacker can publish a zone containing specific Resource
Record Set ...)
- pdns-recursor 5.2.1-1
[bookworm] - pdns-recursor <not-affected> (Vulnerable code not present)
[bullseye] - pdns-recursor <not-affected> (Vulnerable code not present)
@@ -224,7 +416,7 @@ CVE-2024-58036 (Net::Dropbox::API 1.9 and earlier for Perl
uses the rand() funct
CVE-2024-57868 (Web::API 2.8 and earlier for Perl uses the rand() function as
the defa ...)
- libweb-api-perl <unfixed> (bug #1102148)
NOTE: https://lists.security.metacpan.org/cve-announce/msg/28503730/
-CVE-2025-30473
+CVE-2025-30473 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: Apache Airflow SQL provider
CVE-2025-XXXX [RUSTSEC-2025-0022]
- rust-openssl <unfixed> (bug #1102137)
@@ -3757,7 +3949,8 @@ CVE-2025-2074 (The Advanced Google reCAPTCHA plugin for
WordPress is vulnerable
NOT-FOR-US: WordPress plugin
CVE-2025-2027 (A double free vulnerability has been identified in the ASUS
System Ana ...)
NOT-FOR-US: ASUS
-CVE-2025-28253 (Cross-Site Scripting (XSS) vulnerability in MainWP MainWP
Dashboard v5 ...)
+CVE-2025-28253
+ REJECTED
NOT-FOR-US: WordPress plugin or theme
CVE-2025-26956 (Missing Authorization vulnerability in Shinetheme
Traveler.This issue ...)
NOT-FOR-US: WordPress plugin or theme
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4c5f9f36e97bff2ff54b4216bd34866515b10d5a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4c5f9f36e97bff2ff54b4216bd34866515b10d5a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
