Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f4d6b4b4 by security tracker role at 2025-06-03T08:12:01+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,71 @@
-CVE-2025-5068
+CVE-2025-4797 (The Golo - City Travel Guide WordPress Theme theme for
WordPress is vu ...)
+ TODO: check
+CVE-2025-4567 (The Post Slider and Post Carousel with Post Vertical Scrolling
Widget ...)
+ TODO: check
+CVE-2025-4224 (The wpForo + wpForo Advanced Attachments plugin for WordPress
is vulne ...)
+ TODO: check
+CVE-2025-4047 (The Broken Link Checker plugin for WordPress is vulnerable to
unauthor ...)
+ TODO: check
+CVE-2025-49164 (Arris VIP1113 devices through 2025-05-30 with KreaTV SDK have
a firmwa ...)
+ TODO: check
+CVE-2025-49163 (Arris VIP1113 devices through 2025-05-30 with KreaTV SDK allow
booting ...)
+ TODO: check
+CVE-2025-49162 (Arris VIP1113 devices through 2025-05-30 with KreaTV SDK allow
file ov ...)
+ TODO: check
+CVE-2025-3919 (The WordPress Comments Import & Export plugin for WordPress is
vulnera ...)
+ TODO: check
+CVE-2025-3662 (The FancyBox for WordPress plugin before 3.3.6 does not escape
caption ...)
+ TODO: check
+CVE-2025-3584 (The Newsletter WordPress plugin before 8.8.2 does not sanitise
and es ...)
+ TODO: check
+CVE-2025-31712 (In cplog service, there is a possible out of bounds write due
to a mis ...)
+ TODO: check
+CVE-2025-31711 (In cplog service, there is a possible system crash due to null
pointer ...)
+ TODO: check
+CVE-2025-31710 (In engineermode service, there is a possible command injection
due to ...)
+ TODO: check
+CVE-2025-2939 (The Ninja Tables \u2013 Easy Data Table Builder plugin for
WordPress i ...)
+ TODO: check
+CVE-2025-27038 (Memory corruption while rendering graphics using Adreno GPU
drivers in ...)
+ TODO: check
+CVE-2025-27031 (memory corruption while processing IOCTL commands, when the
buffer in ...)
+ TODO: check
+CVE-2025-27029 (Transient DOS while processing the tone measurement response
buffer wh ...)
+ TODO: check
+CVE-2025-21486 (Memory corruption during dynamic process creation call when
client is ...)
+ TODO: check
+CVE-2025-21485 (Memory corruption while processing INIT and multimode invoke
IOCTL cal ...)
+ TODO: check
+CVE-2025-21480 (Memory corruption due to unauthorized command execution in GPU
microno ...)
+ TODO: check
+CVE-2025-21479 (Memory corruption due to unauthorized command execution in GPU
microno ...)
+ TODO: check
+CVE-2025-21463 (Transient DOS while processing the EHT operation IE in the
received be ...)
+ TODO: check
+CVE-2024-53026 (Information disclosure when an invalid RTCP packet is received
during ...)
+ TODO: check
+CVE-2024-53021 (Information disclosure may occur while processing goodbye RTCP
packet ...)
+ TODO: check
+CVE-2024-53020 (Information disclosure may occur while decoding the RTP packet
with in ...)
+ TODO: check
+CVE-2024-53019 (Information disclosure may occur while decoding the RTP packet
with im ...)
+ TODO: check
+CVE-2024-53018 (Memory corruption may occur while processing the OIS packet
parser.)
+ TODO: check
+CVE-2024-53017 (Memory corruption while handling test pattern generator IOCTL
command.)
+ TODO: check
+CVE-2024-53016 (Memory corruption while processing I2C settings in Camera
driver.)
+ TODO: check
+CVE-2024-53015 (Memory corruption while processing IOCTL command to handle
buffers ass ...)
+ TODO: check
+CVE-2024-53013 (Memory corruption may occur while processing voice call
registration w ...)
+ TODO: check
+CVE-2024-53010 (Memory corruption may occur while attaching VM when the HLOS
retains a ...)
+ TODO: check
+CVE-2025-5068 (Use after free in Blink in Google Chrome prior to 137.0.7151.68
allowe ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2025-5419
+CVE-2025-5419 (Out of bounds read and write in V8 in Google Chrome prior to
137.0.715 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-5455 (An issue was found in the private API function qDecodeDataUrl()
in QtC ...)
@@ -230,6 +294,7 @@ CVE-2025-5113 (The Diviotec professional series exposes a
web interface. One end
CVE-2025-4010 (The Netcom NTC 6200 and NWL 222 series expose a web interface
to be co ...)
NOT-FOR-US: Netcom NTC 6200 and NWL 222 series
CVE-2025-49113 (Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows
remote ...)
+ {DSA-5934-1}
- roundcube 1.6.11+dfsg-1 (bug #1107073)
NOTE:
https://roundcube.net/news/2025/06/01/security-updates-1.6.11-and-1.5.10
NOTE: https://github.com/roundcube/roundcubemail/pull/9865
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4d6b4b448516f8b1a73c24ed4c3692266f02b9d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4d6b4b448516f8b1a73c24ed4c3692266f02b9d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
