[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Mon, 03 Mar 2025 00:13:12 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
4010056f by security tracker role at 2025-03-03T08:12:25+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,97 @@
+CVE-2025-27590 (In oxidized-web (aka Oxidized Web) before 0.15.0, the RANCID 
migration ...)
+       TODO: check
+CVE-2025-27585 (A stored cross-site scripting (XSS) vulnerability in Serosoft 
Solution ...)
+       TODO: check
+CVE-2025-27584 (A stored cross-site scripting (XSS) vulnerability in Serosoft 
Solution ...)
+       TODO: check
+CVE-2025-27583 (Incorrect access control in the component 
/rest/staffResource/findAllU ...)
+       TODO: check
+CVE-2025-27579 (In Bitaxe ESP-Miner before 2.5.0 with AxeOS, one can use an 
/api/syste ...)
+       TODO: check
+CVE-2025-25953 (Serosoft Solutions Pvt Ltd Academia Student Information System 
(SIS) E ...)
+       TODO: check
+CVE-2025-25952 (An Insecure Direct Object References (IDOR) in the component 
/getStude ...)
+       TODO: check
+CVE-2025-25951 (An information disclosure vulnerability in the component 
/rest/cb/exec ...)
+       TODO: check
+CVE-2025-25950 (Incorrect access control in the component 
/rest/staffResource/update o ...)
+       TODO: check
+CVE-2025-25949 (A stored cross-site scripting (XSS) vulnerability in Serosoft 
Solution ...)
+       TODO: check
+CVE-2025-25948 (Incorrect access control in the component 
/rest/staffResource/create o ...)
+       TODO: check
+CVE-2025-20653 (In da, there is a possible out of bounds read due to an 
integer overfl ...)
+       TODO: check
+CVE-2025-20652 (In V5 DA, there is a possible out of bounds read due to a 
missing boun ...)
+       TODO: check
+CVE-2025-20651 (In da, there is a possible out of bounds read due to a missing 
bounds  ...)
+       TODO: check
+CVE-2025-20650 (In da, there is a possible out of bounds write due to a 
missing bounds ...)
+       TODO: check
+CVE-2025-20649 (In Bluetooth Stack SW, there is a possible information 
disclosure due  ...)
+       TODO: check
+CVE-2025-20648 (In apu, there is a possible out of bounds read due to a 
missing bounds ...)
+       TODO: check
+CVE-2025-20647 (In Modem, there is a possible system crash due to a missing 
bounds che ...)
+       TODO: check
+CVE-2025-20646 (In wlan AP FW, there is a possible out of bounds write due to 
improper ...)
+       TODO: check
+CVE-2025-20645 (In KeyInstall, there is a possible out of bounds write due to 
a missin ...)
+       TODO: check
+CVE-2025-20644 (In Modem, there is a possible memory corruption due to 
incorrect error ...)
+       TODO: check
+CVE-2025-1857 (A vulnerability classified as critical has been found in 
PHPGurukul Ni ...)
+       TODO: check
+CVE-2025-1856 (A vulnerability was found in Codezips Gym Management System 
1.0. It ha ...)
+       TODO: check
+CVE-2025-1855 (A vulnerability was found in PHPGurukul Online Shopping Portal 
2.1. It ...)
+       TODO: check
+CVE-2025-1854 (A vulnerability was found in Codezips Gym Management System 
1.0. It ha ...)
+       TODO: check
+CVE-2025-1853 (A vulnerability was found in Tenda AC8 16.03.34.06 and 
classified as c ...)
+       TODO: check
+CVE-2025-1852 (A vulnerability has been found in Totolink EX1800T 
9.1.0cu.2112_B20220 ...)
+       TODO: check
+CVE-2025-1851 (A vulnerability, which was classified as critical, was found in 
Tenda  ...)
+       TODO: check
+CVE-2025-1850 (A vulnerability, which was classified as critical, has been 
found in C ...)
+       TODO: check
+CVE-2025-1849 (A vulnerability classified as critical was found in zj1983 zz 
up to 20 ...)
+       TODO: check
+CVE-2025-1848 (A vulnerability classified as critical has been found in zj1983 
zz up  ...)
+       TODO: check
+CVE-2025-1847 (A vulnerability was found in zj1983 zz up to 2024-8. It has 
been rated ...)
+       TODO: check
+CVE-2025-1846 (A vulnerability was found in zj1983 zz up to 2024-8. It has 
been decla ...)
+       TODO: check
+CVE-2025-1845 (A vulnerability has been found in ESAFENET DSM 3.1.2 and 
classified as ...)
+       TODO: check
+CVE-2025-1844 (A vulnerability, which was classified as critical, was found in 
ESAFEN ...)
+       TODO: check
+CVE-2025-1843 (A vulnerability, which was classified as critical, has been 
found in M ...)
+       TODO: check
+CVE-2025-1842 (A vulnerability classified as problematic was found in FITSTATS 
Techno ...)
+       TODO: check
+CVE-2025-1841 (A vulnerability classified as critical has been found in 
ESAFENET CDG  ...)
+       TODO: check
+CVE-2025-1840 (A vulnerability was found in ESAFENET CDG 5.6.3.154.205. It has 
been r ...)
+       TODO: check
+CVE-2025-1836 (A vulnerability was found in Incorta 2023.4.3. It has been 
classified  ...)
+       TODO: check
+CVE-2025-1835 (A vulnerability has been found in osuuu LightPicture 1.2.2 and 
classif ...)
+       TODO: check
+CVE-2025-1834 (A vulnerability, which was classified as critical, was found in 
zj1983 ...)
+       TODO: check
+CVE-2025-1833 (A vulnerability, which was classified as critical, has been 
found in z ...)
+       TODO: check
+CVE-2025-1832 (A vulnerability classified as critical was found in zj1983 zz 
up to 20 ...)
+       TODO: check
+CVE-2025-1723 (Zohocorp ManageEngine ADSelfService Plus versions 6510 and 
below are v ...)
+       TODO: check
+CVE-2024-53386 (Stage.js through 0.8.10 allows DOM Clobbering (with resultant 
XSS for  ...)
+       TODO: check
+CVE-2024-53382 (Prism (aka PrismJS) through 1.29.0 allows DOM Clobbering (with 
resulta ...)
+       TODO: check
 CVE-2025-1801
        NOT-FOR-US: RedHat Ansible Automation Platform Gateway
 CVE-2024-12225
@@ -4723,7 +4817,7 @@ CVE-2025-20051 (Mattermost versions 10.4.x <= 10.4.1, 
9.11.x <= 9.11.7, 10.3.x <
        - mattermost-server <itp> (bug #823556)
 CVE-2025-1629 (A vulnerability was found in Excitel Broadband Private my 
Excitel App  ...)
        NOT-FOR-US: Excitel Broadband Private my Excitel App
-CVE-2025-1618 (A vulnerability has been found in vTiger CRM 6.4.0 and 
classified as p ...)
+CVE-2025-1618 (A vulnerability has been found in vTiger CRM 6.4.0/6.5.0 and 
classifie ...)
        NOT-FOR-US: vTiger CRM
 CVE-2025-1617 (A vulnerability, which was classified as problematic, was found 
in Net ...)
        NOT-FOR-US: Netis WF2780



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4010056f93f25f808c6de543cebffc30f7b9d80c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4010056f93f25f808c6de543cebffc30f7b9d80c
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to