Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
093454f9 by security tracker role at 2025-07-11T08:12:28+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,129 @@
+CVE-2025-7442 (The WPGYM - Wordpress Gym Management System plugin for
WordPress is vu ...)
+ TODO: check
+CVE-2025-7436 (A vulnerability was found in Campcodes Online Recruitment
Management S ...)
+ TODO: check
+CVE-2025-7435 (A vulnerability was found in LiveHelperChat lhc-php-resque
Extension u ...)
+ TODO: check
+CVE-2025-7434 (A vulnerability was found in Tenda FH451 up to 1.0.0.9 and
classified ...)
+ TODO: check
+CVE-2025-7423 (A vulnerability classified as critical was found in Tenda O3V2
1.0.0.1 ...)
+ TODO: check
+CVE-2025-7422 (A vulnerability classified as critical has been found in Tenda
O3V2 1. ...)
+ TODO: check
+CVE-2025-7421 (A vulnerability was found in Tenda O3V2 1.0.0.12(3880). It has
been ra ...)
+ TODO: check
+CVE-2025-7420 (A vulnerability was found in Tenda O3V2 1.0.0.12(3880). It has
been de ...)
+ TODO: check
+CVE-2025-7419 (A vulnerability was found in Tenda O3V2 1.0.0.12(3880). It has
been cl ...)
+ TODO: check
+CVE-2025-7418 (A vulnerability was found in Tenda O3V2 1.0.0.12(3880) and
classified ...)
+ TODO: check
+CVE-2025-7417 (A vulnerability has been found in Tenda O3V2 1.0.0.12(3880) and
classi ...)
+ TODO: check
+CVE-2025-7416 (A vulnerability, which was classified as critical, was found in
Tenda ...)
+ TODO: check
+CVE-2025-7415 (A vulnerability, which was classified as critical, has been
found in T ...)
+ TODO: check
+CVE-2025-7414 (A vulnerability classified as critical was found in Tenda O3V2
1.0.0.1 ...)
+ TODO: check
+CVE-2025-7401 (The Premium Age Verification / Restriction for WordPress plugin
for Wo ...)
+ TODO: check
+CVE-2025-6745 (The WoodMart plugin for WordPress is vulnerable to Information
Exposur ...)
+ TODO: check
+CVE-2025-6716 (The Photos, Files, YouTube, Twitter, Instagram, TikTok,
Ecommerce Cont ...)
+ TODO: check
+CVE-2025-6392 (Brocade SANnav before Brocade SANnav 2.4.0a could log database
passwor ...)
+ TODO: check
+CVE-2025-6390 (Brocade SANnav before SANnav 2.4.0a logs passwords and pbe keys
in the ...)
+ TODO: check
+CVE-2025-6200 (The GeoDirectory WordPress plugin before 2.8.120 does not
validate an ...)
+ TODO: check
+CVE-2025-6068 (The FooGallery \u2013 Responsive Photo Gallery, Image Viewer,
Justifie ...)
+ TODO: check
+CVE-2025-5992 (When passing values outside of the expected range to
QColorTransferGen ...)
+ TODO: check
+CVE-2025-5530 (The WPC Smart Compare for WooCommerce plugin for WordPress is
vulnerab ...)
+ TODO: check
+CVE-2025-5392 (The GB Forms DB plugin for WordPress is vulnerable to Remote
Code Exec ...)
+ TODO: check
+CVE-2025-5241 (Overly Restrictive Account Lockout Mechanism vulnerability in
Mitsubis ...)
+ TODO: check
+CVE-2025-5028 (Installation file of ESET security products on Windows allow
an atta ...)
+ TODO: check
+CVE-2025-53864 (Connect2id Nimbus JOSE + JWT before 10.0.2 allows a remote
attacker to ...)
+ TODO: check
+CVE-2025-53852
+ REJECTED
+CVE-2025-53851
+ REJECTED
+CVE-2025-53850
+ REJECTED
+CVE-2025-53849
+ REJECTED
+CVE-2025-53848
+ REJECTED
+CVE-2025-53637 (Meshtastic is an open source mesh networking solution. The
main_matrix ...)
+ TODO: check
+CVE-2025-53519 (A vulnerability exists in Advantech iView versions prior to
5.7.05 bui ...)
+ TODO: check
+CVE-2025-53515 (A vulnerability exists in Advantech iView that allows for SQL
injectio ...)
+ TODO: check
+CVE-2025-53509 (A vulnerability exists in Advantech iView that allows for
argument in ...)
+ TODO: check
+CVE-2025-53475 (A vulnerability exists in Advantech iView that could allow for
SQL in ...)
+ TODO: check
+CVE-2025-53471 (Emerson ValveLink products receive input or data, but it do
not valid ...)
+ TODO: check
+CVE-2025-53397 (A vulnerability exists in Advantech iView versions prior to
5.7.05 bui ...)
+ TODO: check
+CVE-2025-52579 (Emerson ValveLink Products store sensitive information in
cleartext in ...)
+ TODO: check
+CVE-2025-52577 (A vulnerability exists in Advantech iView that could allow SQL
injecti ...)
+ TODO: check
+CVE-2025-52459 (A vulnerability exists in Advantech iView that allows for
argument in ...)
+ TODO: check
+CVE-2025-50109 (Emerson ValveLink Products store sensitive information in
cleartext wi ...)
+ TODO: check
+CVE-2025-4662 (Brocade SANnav before SANnav 2.4.0a logs plaintext passphrases
in the ...)
+ TODO: check
+CVE-2025-4593 (The WP Register Profile With Shortcode plugin for WordPress is
vulnera ...)
+ TODO: check
+CVE-2025-48891 (A vulnerability exists in Advantech iView that could allow for
SQL in ...)
+ TODO: check
+CVE-2025-48496 (Emerson ValveLink products use a fixed or controlled search
path to f ...)
+ TODO: check
+CVE-2025-46704 (A vulnerability exists in Advantech iView in
NetworkServlet.processIm ...)
+ TODO: check
+CVE-2025-46358 (Emerson ValveLink products do not use or incorrectly uses a
protectio ...)
+ TODO: check
+CVE-2025-41442 (A vulnerability exists in Advantech iView versions prior to
5.7.05 bui ...)
+ TODO: check
+CVE-2025-3947 (The Honeywell Experion PKS contains an Integer Underflow
vulnerabili ...)
+ TODO: check
+CVE-2025-3946 (The Honeywell Experion PKS and OneWireless WDM contains a
Deploymen ...)
+ TODO: check
+CVE-2025-31267 (An authentication issue was addressed with improved state
management. ...)
+ TODO: check
+CVE-2025-30026 (The AXIS Camera Station Server had a flaw that allowed to
bypass authe ...)
+ TODO: check
+CVE-2025-30025 (The communication protocol used between the server process and
the ser ...)
+ TODO: check
+CVE-2025-30024 (The communication protocol used between client and server had
a flaw t ...)
+ TODO: check
+CVE-2025-30023 (The communication protocol used between client and server had
a flaw t ...)
+ TODO: check
+CVE-2025-2942 (The Order Delivery Date WordPress plugin before 12.6.0
discloses arbit ...)
+ TODO: check
+CVE-2025-2523 (The Honeywell Experion PKS and OneWireless WDM contains an
Intege ...)
+ TODO: check
+CVE-2025-2522 (The Honeywell Experion PKSand OneWireless WDM contains
Sensitive In ...)
+ TODO: check
+CVE-2025-2521 (The Honeywell Experion PKS and OneWireless WDM contains a
Memory Buffe ...)
+ TODO: check
+CVE-2025-24798 (Meshtastic is an open source mesh networking solution. From
1.2.1 unti ...)
+ TODO: check
+CVE-2025-1727 (The protocol used for remote linking over RF for End-of-Train
and Hea ...)
+ TODO: check
CVE-2025-53862
NOT-FOR-US: Ansible Automation Platform
CVE-2025-53861
@@ -3691,7 +3817,8 @@ CVE-2025-45083 (Incorrect access control in Ullu (Android
version v2.9.929 and I
NOT-FOR-US: Ullu
CVE-2025-45081 (Misconfigured settings in IITB SSO v1.1.0 allow attackers to
access se ...)
NOT-FOR-US: IITB SSO
-CVE-2025-45080 (YONO SBI: Banking & Lifestyle v1.23.36 was discovered to use
unencrypt ...)
+CVE-2025-45080
+ REJECTED
NOT-FOR-US: YONO SBI
CVE-2025-45006 (Improper mstatus.SUM bit retention (non-zero) in Open-Source
RISC-V Pr ...)
TODO: check
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/093454f95768c50b4c9c2d38b82e0ae0eb306bfd
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/093454f95768c50b4c9c2d38b82e0ae0eb306bfd
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
