Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bfacf45b by security tracker role at 2025-06-17T08:12:01+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,122 @@
-CVE-2025-6140
+CVE-2025-6173 (A vulnerability classified as critical was found in Webkul
QloApps 1.6 ...)
+ TODO: check
+CVE-2025-6167 (A vulnerability classified as critical has been found in
themanojdesai ...)
+ TODO: check
+CVE-2025-6166 (A vulnerability was found in frdel Agent-Zero up to 0.8.4. It
has been ...)
+ TODO: check
+CVE-2025-6165 (A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105.
It has ...)
+ TODO: check
+CVE-2025-6164 (A vulnerability was found in TOTOLINK A3002R
4.0.0-B20230531.1404. It ...)
+ TODO: check
+CVE-2025-6163 (A vulnerability was found in TOTOLINK A3002RU
3.0.0-B20230809.1615 and ...)
+ TODO: check
+CVE-2025-6162 (A vulnerability has been found in TOTOLINK EX1200T
4.1.2cu.5232_B20210 ...)
+ TODO: check
+CVE-2025-6161 (A vulnerability, which was classified as critical, was found in
Source ...)
+ TODO: check
+CVE-2025-6160 (A vulnerability, which was classified as critical, has been
found in S ...)
+ TODO: check
+CVE-2025-6159 (A vulnerability classified as critical was found in
code-projects Host ...)
+ TODO: check
+CVE-2025-6158 (A vulnerability classified as critical has been found in D-Link
DIR-66 ...)
+ TODO: check
+CVE-2025-6157 (A vulnerability was found in PHPGurukul Nipah Virus Testing
Management ...)
+ TODO: check
+CVE-2025-6156 (A vulnerability was found in PHPGurukul Nipah Virus Testing
Management ...)
+ TODO: check
+CVE-2025-6155 (A vulnerability was found in PHPGurukul Hostel Management
System 1.0. ...)
+ TODO: check
+CVE-2025-6154 (A vulnerability was found in PHPGurukul Hostel Management
System 1.0 a ...)
+ TODO: check
+CVE-2025-6153 (A vulnerability has been found in PHPGurukul Hostel Management
System ...)
+ TODO: check
+CVE-2025-6152 (A vulnerability, which was classified as critical, was found in
Steel ...)
+ TODO: check
+CVE-2025-6151 (A vulnerability, which was classified as critical, has been
found in T ...)
+ TODO: check
+CVE-2025-6150 (A vulnerability classified as critical was found in TOTOLINK
X15 1.0.0 ...)
+ TODO: check
+CVE-2025-6149 (A vulnerability classified as critical has been found in
TOTOLINK A300 ...)
+ TODO: check
+CVE-2025-6148 (A vulnerability was found in TOTOLINK A3002RU
3.0.0-B20230809.1615. It ...)
+ TODO: check
+CVE-2025-6147 (A vulnerability was found in TOTOLINK A702R
4.0.0-B20230721.1521. It h ...)
+ TODO: check
+CVE-2025-6146 (A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105.
It has ...)
+ TODO: check
+CVE-2025-6145 (A vulnerability was found in TOTOLINK EX1200T
4.1.2cu.5232_B20210713 a ...)
+ TODO: check
+CVE-2025-6144 (A vulnerability has been found in TOTOLINK EX1200T
4.1.2cu.5232_B20210 ...)
+ TODO: check
+CVE-2025-6143 (A vulnerability, which was classified as critical, was found in
TOTOLI ...)
+ TODO: check
+CVE-2025-6142 (A vulnerability was found in Intera InHire up to 20250530. It
has been ...)
+ TODO: check
+CVE-2025-6141 (A vulnerability has been found in GNU ncurses up to
6.5-20250322 and c ...)
+ TODO: check
+CVE-2025-6139 (A vulnerability, which was classified as problematic, has been
found i ...)
+ TODO: check
+CVE-2025-6138 (A vulnerability classified as critical was found in TOTOLINK
T10 4.1.8 ...)
+ TODO: check
+CVE-2025-5673 (The Blog2Social: Social Media Auto Post & Scheduler plugin for
WordPre ...)
+ TODO: check
+CVE-2025-5209 (The Ivory Search WordPress plugin before 5.5.10 does not
sanitise and ...)
+ TODO: check
+CVE-2025-52445
+ REJECTED
+CVE-2025-52444
+ REJECTED
+CVE-2025-52443
+ REJECTED
+CVE-2025-52442
+ REJECTED
+CVE-2025-52441
+ REJECTED
+CVE-2025-52440
+ REJECTED
+CVE-2025-52439
+ REJECTED
+CVE-2025-52438
+ REJECTED
+CVE-2025-52437
+ REJECTED
+CVE-2025-4775 (The WordPress Infinite Scroll \u2013 Ajax Load More plugin for
WordPre ...)
+ TODO: check
+CVE-2025-49823 ((conda) Constructor is a tool which allows constructing an
installer f ...)
+ TODO: check
+CVE-2025-49134 (Weblate is a web based localization tool. Prior to version
5.12, the a ...)
+ TODO: check
+CVE-2025-48993 (Group-Office is an enterprise customer relationship management
and gro ...)
+ TODO: check
+CVE-2025-48992 (Group-Office is an enterprise customer relationship management
and gro ...)
+ TODO: check
+CVE-2025-47951 (Weblate is a web based localization tool. Prior to version
5.12, the v ...)
+ TODO: check
+CVE-2025-43200 (This issue was addressed with improved checks. This issue is
fixed in ...)
+ TODO: check
+CVE-2025-3774 (The Wise Chat plugin for WordPress is vulnerable to Stored
Cross-Site ...)
+ TODO: check
+CVE-2025-3494
+ REJECTED
+CVE-2025-3493
+ REJECTED
+CVE-2025-32800 (Conda-build contains commands and tools to build conda
packages. Prior ...)
+ TODO: check
+CVE-2025-32799 (Conda-build contains commands and tools to build conda
packages. Prior ...)
+ TODO: check
+CVE-2025-27587 (OpenSSL 3.0.0 through 3.3.2 on the PowerPC architecture is
vulnerable ...)
+ TODO: check
+CVE-2024-45380
+ REJECTED
+CVE-2024-45069
+ REJECTED
+CVE-2024-45065
+ REJECTED
+CVE-2024-43422
+ REJECTED
+CVE-2024-21856
+ REJECTED
+CVE-2025-6140 (A vulnerability, which was classified as problematic, was found
in spd ...)
- spdlog 1:1.15.2+ds-1
NOTE: https://github.com/gabime/spdlog/issues/3360
NOTE: Fixed by:
https://github.com/gabime/spdlog/commit/10320184df1eb4638e253a34b1eb44ce78954094
(v1.15.2)
@@ -17590,11 +17708,14 @@ CVE-2025-29709 (SourceCodester Company Website CMS
1.0 has a File upload vulnera
NOT-FOR-US: SourceCodester
CVE-2025-29708 (SourceCodester Company Website CMS 1.0 contains a file upload
vulnerab ...)
NOT-FOR-US: SourceCodester
-CVE-2025-29653 (SQL Injection vulnerability exists in the TP-Link M7450 4G LTE
Mobile ...)
+CVE-2025-29653
+ REJECTED
NOT-FOR-US: TP-Link
-CVE-2025-29652 (SQL Injection vulnerability exists in the TP-Link M7000 4G LTE
Mobile ...)
+CVE-2025-29652
+ REJECTED
NOT-FOR-US: TP-Link
-CVE-2025-29651 (SQL Injection vulnerability exists in the TP-Link M7650 4G LTE
Mobile ...)
+CVE-2025-29651
+ REJECTED
NOT-FOR-US: TP-Link
CVE-2025-28072 (PHPGurukul Pre-School Enrollment System is vulnerable to
Directory Tra ...)
NOT-FOR-US: PHPGurukul
@@ -17975,11 +18096,14 @@ CVE-2025-2291 (Password can be used past expiry in
PgBouncer due to auth_query n
NOTE: Fixed by:
https://github.com/pgbouncer/pgbouncer/commit/9912ee7f1af2e1b81d4d624a0da1cb49075ee78a
(pgbouncer_1_24_1)
CVE-2025-29905 (A vulnerability has been identified in TeleControl Server
Basic (All v ...)
NOT-FOR-US: Siemens
-CVE-2025-29650 (SQL Injection vulnerability exists in the TP-Link M7200 4G LTE
Mobile ...)
+CVE-2025-29650
+ REJECTED
NOT-FOR-US: TP-Link
-CVE-2025-29649 (SQL Injection vulnerability exists in the TP-Link TL-WR840N
router s l ...)
+CVE-2025-29649
+ REJECTED
NOT-FOR-US: TP-Link
-CVE-2025-29648 (SQL Injection vulnerability exists in the TP-Link EAP120
router s logi ...)
+CVE-2025-29648
+ REJECTED
NOT-FOR-US: TP-Link
CVE-2025-27936 (Mattermost Plugin MSTeams versions <2.1.0 and Mattermost
Serverversion ...)
NOT-FOR-US: Mattermost Plugin MSTeams
@@ -39509,7 +39633,8 @@ CVE-2024-57056 (Incorrect cookie session handling in
WombatDialer before 25.02 r
NOT-FOR-US: WombatDialer
CVE-2024-57055 (Server-Side Access Control Bypass vulnerability in
WombatDialer before ...)
NOT-FOR-US: WombatDialer
-CVE-2024-57050 (A vulnerability in the TP-Link WR840N v6 router with firmware
version ...)
+CVE-2024-57050
+ REJECTED
NOT-FOR-US: TP-Link
CVE-2024-57049 (A vulnerability in the TP-Link Archer c20 router with firmware
version ...)
NOT-FOR-US: TP-Link
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bfacf45b6d14dc0504118cf3312e3c502301f91e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bfacf45b6d14dc0504118cf3312e3c502301f91e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
