[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Fri, 11 Apr 2025 13:12:20 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
c4a755e5 by security tracker role at 2025-04-11T20:12:03+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,221 @@
+CVE-2025-3439 (The Everest Forms \u2013 Contact Form, Quiz, Survey, Newsletter 
& Paym ...)
+       TODO: check
+CVE-2025-3434 (The SMTP for Amazon SES \u2013 YaySMTP plugin for WordPress is 
vulnera ...)
+       TODO: check
+CVE-2025-3422 (The The Everest Forms \u2013 Contact Form, Quiz, Survey, 
Newsletter &  ...)
+       TODO: check
+CVE-2025-3421 (The Everest Forms \u2013 Contact Form, Quiz, Survey, Newsletter 
& Paym ...)
+       TODO: check
+CVE-2025-32681 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
+       TODO: check
+CVE-2025-32672 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
+       TODO: check
+CVE-2025-32671 (Improper Limitation of a Pathname to a Restricted Directory 
('Path Tra ...)
+       TODO: check
+CVE-2025-32663 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
+       TODO: check
+CVE-2025-32656 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
+       TODO: check
+CVE-2025-32654 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
+       TODO: check
+CVE-2025-32650 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
+       TODO: check
+CVE-2025-32633 (Improper Limitation of a Pathname to a Restricted Directory 
('Path Tra ...)
+       TODO: check
+CVE-2025-32632 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
+       TODO: check
+CVE-2025-32631 (Improper Limitation of a Pathname to a Restricted Directory 
('Path Tra ...)
+       TODO: check
+CVE-2025-32629 (Improper Limitation of a Pathname to a Restricted Directory 
('Path Tra ...)
+       TODO: check
+CVE-2025-32627 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
+       TODO: check
+CVE-2025-32618 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
+       TODO: check
+CVE-2025-32614 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
+       TODO: check
+CVE-2025-32607 (Deserialization of Untrusted Data vulnerability in 
magepeopleteam WpBo ...)
+       TODO: check
+CVE-2025-32603 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
+       TODO: check
+CVE-2025-32601 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
+       TODO: check
+CVE-2025-32600 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
+       TODO: check
+CVE-2025-32599 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
+       TODO: check
+CVE-2025-32598 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
+       TODO: check
+CVE-2025-32589 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
+       TODO: check
+CVE-2025-32587 (Improper Limitation of a Pathname to a Restricted Directory 
('Path Tra ...)
+       TODO: check
+CVE-2025-32586 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
+       TODO: check
+CVE-2025-32585 (Path Traversal vulnerability in Trusty Plugins Shop Products 
Filter al ...)
+       TODO: check
+CVE-2025-32579 (Unrestricted Upload of File with Dangerous Type vulnerability 
in SoftC ...)
+       TODO: check
+CVE-2025-32577 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
+       TODO: check
+CVE-2025-32569 (Deserialization of Untrusted Data vulnerability in RealMag777 
TableOn  ...)
+       TODO: check
+CVE-2025-32568 (Deserialization of Untrusted Data vulnerability in empik 
EmpikPlace fo ...)
+       TODO: check
+CVE-2025-32567 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
+       TODO: check
+CVE-2025-32565 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
+       TODO: check
+CVE-2025-32558 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
+       TODO: check
+CVE-2025-32553 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
+       TODO: check
+CVE-2025-32551 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
+       TODO: check
+CVE-2025-32542 (Missing Authorization vulnerability in EazyPlugins Eazy Plugin 
Manager ...)
+       TODO: check
+CVE-2025-32541 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
+       TODO: check
+CVE-2025-32539 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
+       TODO: check
+CVE-2025-32538 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
+       TODO: check
+CVE-2025-32537 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
+       TODO: check
+CVE-2025-32536 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
+       TODO: check
+CVE-2025-32534 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
+       TODO: check
+CVE-2025-32525 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
+       TODO: check
+CVE-2025-32524 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
+       TODO: check
+CVE-2025-32523 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
+       TODO: check
+CVE-2025-32519 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
+       TODO: check
+CVE-2025-32517 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
+       TODO: check
+CVE-2025-32509 (Improper Limitation of a Pathname to a Restricted Directory 
('Path Tra ...)
+       TODO: check
+CVE-2025-32491 (Incorrect Privilege Assignment vulnerability in Rankology 
Rankology SE ...)
+       TODO: check
+CVE-2025-32427 (Formie is a Craft CMS plugin for creating forms. Prior to 
2.1.44, when ...)
+       TODO: check
+CVE-2025-32426 (Formie is a Craft CMS plugin for creating forms. Prior to 
version 2.1. ...)
+       TODO: check
+CVE-2025-32367 (The Oz Forensics face recognition application before 4.0.8 
late 2023 a ...)
+       TODO: check
+CVE-2025-32144 (Deserialization of Untrusted Data vulnerability in PickPlugins 
Job Boa ...)
+       TODO: check
+CVE-2025-32143 (Deserialization of Untrusted Data vulnerability in PickPlugins 
Accordi ...)
+       TODO: check
+CVE-2025-32107 (OS command injection vulnerability exists in Deco BE65 Pro 
firmware ve ...)
+       TODO: check
+CVE-2025-32080 (Exposure of Sensitive Information to an Unauthorized Actor 
vulnerabili ...)
+       TODO: check
+CVE-2025-32079 (Improper Input Validation vulnerability in The Wikimedia 
Foundation Me ...)
+       TODO: check
+CVE-2025-32078 (Improper Encoding or Escaping of Output vulnerability in The 
Wikimedia ...)
+       TODO: check
+CVE-2025-32077 (Improper Input Validation vulnerability in The Wikimedia 
Foundation Me ...)
+       TODO: check
+CVE-2025-32076 (Improper Input Validation vulnerability in The Wikimedia 
Foundation Me ...)
+       TODO: check
+CVE-2025-32075 (Improper Input Validation vulnerability in The Wikimedia 
Foundation Me ...)
+       TODO: check
+CVE-2025-32074 (Improper Encoding or Escaping of Output vulnerability in The 
Wikimedia ...)
+       TODO: check
+CVE-2025-32073 (Improper Input Validation vulnerability in The Wikimedia 
Foundation Me ...)
+       TODO: check
+CVE-2025-32072 (Improper Encoding or Escaping of Output vulnerability in The 
Wikimedia ...)
+       TODO: check
+CVE-2025-32071 (Improper Input Validation vulnerability in The Wikimedia 
Foundation Me ...)
+       TODO: check
+CVE-2025-32070 (Improper Input Validation vulnerability in The Wikimedia 
Foundation Me ...)
+       TODO: check
+CVE-2025-32069 (Improper Input Validation vulnerability in The Wikimedia 
Foundation Me ...)
+       TODO: check
+CVE-2025-32068 (Incorrect Authorization vulnerability in The Wikimedia 
Foundation Medi ...)
+       TODO: check
+CVE-2025-32067 (Improper Input Validation vulnerability in The Wikimedia 
Foundation Me ...)
+       TODO: check
+CVE-2025-31935 (Subnet Solutions   PowerSYSTEM Center is affected by a 
mishandling of  ...)
+       TODO: check
+CVE-2025-31932 (Deserialization of untrusted data issue exists in BizRobo! all 
version ...)
+       TODO: check
+CVE-2025-31599 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
+       TODO: check
+CVE-2025-31565 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
+       TODO: check
+CVE-2025-31379 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
+       TODO: check
+CVE-2025-31378 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
+       TODO: check
+CVE-2025-31362 (Use of hard-coded cryptographic key issue exists in BizRobo! 
all versi ...)
+       TODO: check
+CVE-2025-31354 (Subnet Solutions PowerSYSTEM Center's SMTPS notification 
service can b ...)
+       TODO: check
+CVE-2025-31041 (Missing Authorization vulnerability in NotFound AnyTrack 
Affiliate Lin ...)
+       TODO: check
+CVE-2025-31040 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
+       TODO: check
+CVE-2025-31028 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
+       TODO: check
+CVE-2025-31021 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
+       TODO: check
+CVE-2025-31015 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
+       TODO: check
+CVE-2025-31014 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
+       TODO: check
+CVE-2025-2575 (The Z Companion plugin for WordPress is vulnerable to Stored 
Cross-Sit ...)
+       TODO: check
+CVE-2025-2541 (The WP Project Manager plugin for WordPress is vulnerable to 
Stored Cr ...)
+       TODO: check
+CVE-2025-2128 (The Cost Calculator Builder plugin for WordPress is vulnerable 
to time ...)
+       TODO: check
+CVE-2025-23391 (A Incorrect Privilege Assignment vulnerability in SUSE rancher 
allows  ...)
+       TODO: check
+CVE-2025-23389 (A Improper Access Control vulnerability in SUSE rancher allows 
a local ...)
+       TODO: check
+CVE-2025-23388 (A Stack-based Buffer Overflow vulnerability in SUSE rancher 
allows for ...)
+       TODO: check
+CVE-2025-23387 (A Exposure of Sensitive Information to an Unauthorized Actor 
vulnerabi ...)
+       TODO: check
+CVE-2025-0123 (A vulnerability in the Palo Alto Networks PAN-OS\xae software 
enables  ...)
+       TODO: check
+CVE-2025-0119 (A command injection vulnerabilityin the Palo Alto Networks 
Cortex XDR\ ...)
+       TODO: check
+CVE-2024-52282 (A Exposure of Sensitive Information to an Unauthorized Actor 
vulnerabi ...)
+       TODO: check
+CVE-2024-52280 (A Exposure of Sensitive Information to an Unauthorized Actor 
vulnerabi ...)
+       TODO: check
+CVE-2024-13861 (A code injection vulnerability in the Debian package component 
of Taeg ...)
+       TODO: check
+CVE-2024-11679 (An input validation weakness was reported in the TpmSetup 
module for s ...)
+       TODO: check
+CVE-2023-42983 (Processing a file may lead to a denial-of-service or 
potentially discl ...)
+       TODO: check
+CVE-2023-42982 (Processing a file may lead to a denial-of-service or 
potentially discl ...)
+       TODO: check
+CVE-2023-42981 (Processing a file may lead to a denial-of-service or 
potentially discl ...)
+       TODO: check
+CVE-2023-42977 (A path handling issue was addressed with improved validation. 
This iss ...)
+       TODO: check
+CVE-2023-42973 (Private Browsing tabs may be accessed without authentication. 
This iss ...)
+       TODO: check
+CVE-2023-42970 (A use-after-free issue was addressed with improved memory 
management.  ...)
+       TODO: check
+CVE-2023-42969 (An app may be able to break out of its sandbox. This issue is 
fixed in ...)
+       TODO: check
+CVE-2023-42961 (A path handling issue was addressed with improved validation. 
This iss ...)
+       TODO: check
+CVE-2023-42875 (Processing web content may lead to arbitrary code execution. 
This issu ...)
+       TODO: check
+CVE-2023-41076 (An app may be able to elevate privileges. This issue is fixed 
in macOS ...)
+       TODO: check
+CVE-2023-38614 (A permissions issue was addressed with additional 
restrictions. This i ...)
+       TODO: check
 CVE-2025-3512 (There is a Heap-based Buffer Overflow vulnerability in 
QTextMarkdownIm ...)
        TODO: check
 CVE-2025-32816 (CodeLit CourseLit before 0.57.5 allows Parameter Tampering via 
a payme ...)
@@ -146703,7 +146921,7 @@ CVE-2023-41255 (The vulnerability allows an 
unprivileged user with access to the
        NOT-FOR-US: Bosch
 CVE-2023-41254 (A privacy issue was addressed with improved private data 
redaction for ...)
        NOT-FOR-US: Apple
-CVE-2023-41077 (The issue was addressed with improved checks. This issue is 
fixed in m ...)
+CVE-2023-41077 (An app may be able to access protected user data. This issue 
is fixed  ...)
        NOT-FOR-US: Apple
 CVE-2023-41072 (A privacy issue was addressed with improved private data 
redaction for ...)
        NOT-FOR-US: Apple



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c4a755e553f028e7de0d88104e5bc6be282d2530

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c4a755e553f028e7de0d88104e5bc6be282d2530
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to