Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
679e92dd by security tracker role at 2025-06-24T08:12:42+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,134 @@
-CVE-2025-2828
+CVE-2025-6560 (Multiple wireless router models from Sapido have an Exposure of
Sensit ...)
+ TODO: check
+CVE-2025-6559 (Multiple wireless router models from Sapido have an OS Command
Injecti ...)
+ TODO: check
+CVE-2025-6552 (A vulnerability was found in java-aodeng Hope-Boot 1.0.0. It
has been ...)
+ TODO: check
+CVE-2025-6551 (A vulnerability was found in java-aodeng Hope-Boot 1.0.0 and
classifie ...)
+ TODO: check
+CVE-2025-6536 (A vulnerability has been found in Tarantool up to 3.3.1 and
classified ...)
+ TODO: check
+CVE-2025-6535 (A vulnerability has been found in xxyopen/201206030 novel-plus
up to 5 ...)
+ TODO: check
+CVE-2025-6534 (A vulnerability, which was classified as problematic, was found
in xxy ...)
+ TODO: check
+CVE-2025-6533 (A vulnerability, which was classified as critical, has been
found in x ...)
+ TODO: check
+CVE-2025-6532 (A vulnerability classified as problematic was found in
NOYAFA/Xiami LF ...)
+ TODO: check
+CVE-2025-6531 (A vulnerability was found in SIFUSM/MZZYG BD S1 up to 20250611.
It has ...)
+ TODO: check
+CVE-2025-6530 (A vulnerability was found in 70mai M300 up to 20250611. It has
been cl ...)
+ TODO: check
+CVE-2025-6529 (A vulnerability was found in 70mai M300 up to 20250611 and
classified ...)
+ TODO: check
+CVE-2025-6528 (A vulnerability has been found in 70mai M300 up to 20250611 and
classi ...)
+ TODO: check
+CVE-2025-6527 (A vulnerability, which was classified as problematic, was found
in 70m ...)
+ TODO: check
+CVE-2025-6526 (A vulnerability, which was classified as problematic, has been
found i ...)
+ TODO: check
+CVE-2025-6525 (A vulnerability classified as problematic was found in 70mai 1S
up to ...)
+ TODO: check
+CVE-2025-6524 (A vulnerability classified as problematic has been found in
70mai 1S u ...)
+ TODO: check
+CVE-2025-5258 (The Conference Scheduler plugin for WordPress is vulnerable to
Stored ...)
+ TODO: check
+CVE-2025-52979
+ REJECTED
+CVE-2025-52978
+ REJECTED
+CVE-2025-52977
+ REJECTED
+CVE-2025-52976
+ REJECTED
+CVE-2025-52975
+ REJECTED
+CVE-2025-52974
+ REJECTED
+CVE-2025-52973
+ REJECTED
+CVE-2025-52972
+ REJECTED
+CVE-2025-52971
+ REJECTED
+CVE-2025-52574 (SysmonElixir is a system monitor HTTP service in Elixir. Prior
to vers ...)
+ TODO: check
+CVE-2025-52570 (Letmein is an authenticating port knocker. Prior to version
10.2.1, Th ...)
+ TODO: check
+CVE-2025-52568 (NeKernal is a free and open-source operating system stack.
Prior to ve ...)
+ TODO: check
+CVE-2025-52566 (llama.cpp is an inference of several LLM models in C/C++.
Prior to ver ...)
+ TODO: check
+CVE-2025-52562 (Convoy is a KVM server management panel for hosting
businesses. In ver ...)
+ TODO: check
+CVE-2025-52561 (HTMLSanitizer.jl is a Whitelist-based HTML sanitizer. Prior to
version ...)
+ TODO: check
+CVE-2025-52560 (Kanboard is project management software that focuses on the
Kanban met ...)
+ TODO: check
+CVE-2025-52558 (changedetection.io is a free open source web page change
detection, we ...)
+ TODO: check
+CVE-2025-50213 (Failure to Sanitize Special Elements into a Different Plane
(Special E ...)
+ TODO: check
+CVE-2025-48890 (WRH-733GBK and WRH-733GWH contain an improper neutralization
of specia ...)
+ TODO: check
+CVE-2025-48470 (Successful exploitation of the stored cross-site scripting
vulnerabili ...)
+ TODO: check
+CVE-2025-48469 (Successful exploitation of the vulnerability could allow an
unauthenti ...)
+ TODO: check
+CVE-2025-48468 (Successful exploitation of the vulnerability could allow an
attacker t ...)
+ TODO: check
+CVE-2025-48467 (Successful exploitation of the vulnerability could allow an
attacker t ...)
+ TODO: check
+CVE-2025-48466 (Successful exploitation of the vulnerability could allow an
unauthenti ...)
+ TODO: check
+CVE-2025-48463 (Successful exploitation of the vulnerability could allow an
attacker t ...)
+ TODO: check
+CVE-2025-48462 (Successful exploitation of the vulnerability could allow an
attacker t ...)
+ TODO: check
+CVE-2025-48461 (Successful exploitation of the vulnerability could allow an
unauthenti ...)
+ TODO: check
+CVE-2025-47943 (Gogs is an open source self-hosted Git service. In application
version ...)
+ TODO: check
+CVE-2025-43879 (WRH-733GBK and WRH-733GWH contain an improper neutralization
of specia ...)
+ TODO: check
+CVE-2025-43877 (WRC-1167GHBK2-S contains a stored cross-site scripting
vulnerability i ...)
+ TODO: check
+CVE-2025-41427 (WRC-X3000GS, WRC-X3000GSA, and WRC-X3000GSN contain an
improper neutra ...)
+ TODO: check
+CVE-2025-3090 (An unauthenticated remote attacker can obtain limited sensitive
inform ...)
+ TODO: check
+CVE-2025-36519 (Unrestricted upload of file with dangerous type issue exists
in WRC-25 ...)
+ TODO: check
+CVE-2025-34041 (An OS command injection vulnerability exists in the Chinese
versions o ...)
+ TODO: check
+CVE-2025-34040 (An arbitrary file upload vulnerability exists in the Zhiyuan
OA platfo ...)
+ TODO: check
+CVE-2025-34039 (A code injection vulnerability exists in Yonyou UFIDA NC v6.5
and prio ...)
+ TODO: check
+CVE-2025-34038 (A SQL injection vulnerability exists in Fanwei e-cology 8.0
via the ge ...)
+ TODO: check
+CVE-2025-34037 (An OS command injection vulnerability exists in various models
of E-Se ...)
+ TODO: check
+CVE-2025-34036 (An OS command injection vulnerability exists in white-labeled
DVRs man ...)
+ TODO: check
+CVE-2025-34035 (An OS command injection vulnerability exists in EnGenius
EnShare Cloud ...)
+ TODO: check
+CVE-2025-34034 (A hardcoded credential vulnerability exists in the Blue Angel
Software ...)
+ TODO: check
+CVE-2025-34033 (An OS command injection vulnerability exists in the Blue Angel
Softwar ...)
+ TODO: check
+CVE-2025-34032 (A reflected cross-site scripting (XSS) vulnerability exists in
the Moo ...)
+ TODO: check
+CVE-2025-34031 (A path traversal vulnerability exists in the Moodle LMS Jmol
plugin ve ...)
+ TODO: check
+CVE-2025-2962 (A denial-of-service issue in the dns implemenation could cause
an infi ...)
+ TODO: check
+CVE-2025-23092 (Mitel OpenScape Accounting Management through V5 R1.1.0 could
allow an ...)
+ TODO: check
+CVE-2024-56731 (Gogs is an open source self-hosted Git service. Prior to
version 0.13. ...)
+ TODO: check
+CVE-2025-2828 (A Server-Side Request Forgery (SSRF) vulnerability exists in
the Reque ...)
NOT-FOR-US: langchain-community
CVE-2025-6547 (Improper Input Validation vulnerability in pbkdf2 allows
Signature Spo ...)
- node-pbkdf2 <unfixed>
@@ -2506,7 +2636,7 @@ CVE-2025-6069 (The html.parser.HTMLParser class had
worse-case quadratic complex
NOTE:
https://github.com/python/cpython/commit/4455cbabf991e202185a25a631af206f60bbc949
(3.13-branch)
CVE-2025-6050 (Mezzanine CMS, in versions prior to 6.1.1, contains a Stored
Cross-Sit ...)
NOT-FOR-US: Mezzanine CMS
-CVE-2025-5777 (Insufficient input validation leading to memory overreadon the
NetScal ...)
+CVE-2025-5777 (Insufficient input validation leading to memory overread when
theNetSc ...)
NOT-FOR-US: Citrix
CVE-2025-5700 (The Simple Logo Carousel plugin for WordPress is vulnerable to
Stored ...)
NOT-FOR-US: WordPress plugin
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/679e92dd86609ca373b9dd2c94e429ec74587edf
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/679e92dd86609ca373b9dd2c94e429ec74587edf
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
