[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Tue, 22 Apr 2025 01:12:17 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
1cb383b9 by security tracker role at 2025-04-22T08:12:00+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,4 +1,52 @@
-CVE-2024-58250
+CVE-2025-3856 (A vulnerability was found in xxyopen Novel-Plus 5.1.0. It has 
been cla ...)
+       TODO: check
+CVE-2025-3855 (A vulnerability was found in CodeCanyon RISE Ultimate Project 
Manager  ...)
+       TODO: check
+CVE-2025-3854 (A vulnerability, which was classified as critical, was found in 
H3C GR ...)
+       TODO: check
+CVE-2025-3850 (A vulnerability, which was classified as problematic, has been 
found i ...)
+       TODO: check
+CVE-2025-3849 (A vulnerability classified as problematic was found in YXJ2018 
SpringB ...)
+       TODO: check
+CVE-2025-3847 (A vulnerability classified as critical has been found in 
markparticle  ...)
+       TODO: check
+CVE-2025-3846 (A vulnerability was found in markparticle WebServer up to 1.0. 
It has  ...)
+       TODO: check
+CVE-2025-3845 (A vulnerability was found in markparticle WebServer up to 1.0. 
It has  ...)
+       TODO: check
+CVE-2025-3843 (A vulnerability was found in panhainan DS-Java 1.0. It has been 
classi ...)
+       TODO: check
+CVE-2025-3842 (A vulnerability was found in panhainan DS-Java 1.0 and 
classified as c ...)
+       TODO: check
+CVE-2025-3814 (The Tax Switch for WooCommerce plugin for WordPress is 
vulnerable to S ...)
+       TODO: check
+CVE-2025-3616 (The Greenshift \u2013 animation and page builder blocks plugin 
for Wor ...)
+       TODO: check
+CVE-2025-3577 (**UNSUPPORTED WHEN ASSIGNED** A path traversal vulnerability in 
the we ...)
+       TODO: check
+CVE-2025-32958 (Adept is a language for general purpose programming. Prior to 
commit a ...)
+       TODO: check
+CVE-2025-32956 (ManageWiki is a MediaWiki extension allowing users to manage 
wikis. Ve ...)
+       TODO: check
+CVE-2025-32955 (Harden-Runner is a CI/CD security agent that works like an EDR 
for Git ...)
+       TODO: check
+CVE-2025-2987 (IBM Maximo Asset Management 7.6.1.3 is vulnerable to 
server-side reque ...)
+       TODO: check
+CVE-2025-2839 (The WP Import Export Lite plugin for WordPress is vulnerable to 
Stored ...)
+       TODO: check
+CVE-2025-2594 (The User Registration & Membership  WordPress plugin before 
4.1.3 does ...)
+       TODO: check
+CVE-2025-2300 (Hitachi Ops Center Common Services within Hitachi Ops Center 
OVA conta ...)
+       TODO: check
+CVE-2025-1732 (An improper privilege management vulnerability in the recovery 
functio ...)
+       TODO: check
+CVE-2025-1731 (An incorrect permission assignment vulnerability in the 
PostgreSQL com ...)
+       TODO: check
+CVE-2024-46899 (Hitachi Ops Center Common Services within Hitachi Ops Center 
Analyzer  ...)
+       TODO: check
+CVE-2024-13569 (The Front End Users WordPress plugin through 3.2.32 does not 
sanitise  ...)
+       TODO: check
+CVE-2024-58250 (The passprompt plugin in pppd in ppp before 2.5.2 mishandles 
privilege ...)
        - ppp 2.5.2-1+1
        NOTE: Fixed by: 
https://github.com/ppp-project/ppp/commit/0a66ad22e54c72690ec2a29a019767c55c5281fc
 (v2.5.2)
 CVE-2025-3839 [Require user interaction before opening URL in external 
application]
@@ -1864,7 +1912,7 @@ CVE-2025-22078 (In the Linux kernel, the following 
vulnerability has been resolv
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/3db89bc6d973e2bcaa852f6409c98c228f39a926 (6.15-rc1)
-CVE-2025-22077 [Revert "smb: client: fix TCP timers deadlock after rmmod"]
+CVE-2025-22077 (In the Linux kernel, the following vulnerability has been 
resolved:  R ...)
        - linux <unfixed>
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
@@ -11030,7 +11078,7 @@ CVE-2025-2643 (A vulnerability has been found in 
PHPGurukul Art Gallery Manageme
        NOT-FOR-US: PHPGurukul
 CVE-2025-2642 (A vulnerability, which was classified as critical, was found in 
PHPGur ...)
        NOT-FOR-US: PHPGurukul
-CVE-2025-26413
+CVE-2025-26413 (Improper Input Validation vulnerability in Apache Kvrocks.  
The SETRAN ...)
        NOT-FOR-US: Apache Kvrocks
 CVE-2025-2641 (A vulnerability, which was classified as critical, has been 
found in P ...)
        NOT-FOR-US: PHPGurukul



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1cb383b95575fcd709eef64b706eefef964b56c3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1cb383b95575fcd709eef64b706eefef964b56c3
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to