[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Tue, 15 Jul 2025 01:12:53 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
6a80be05 by security tracker role at 2025-07-15T08:12:15+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,4 +1,62 @@
-CVE-2025-53643
+CVE-2025-7672 (The improper default setting in JiranSoft CrossEditor4 on 
Windows, Lin ...)
+       TODO: check
+CVE-2025-7367 (The Strong Testimonials plugin for WordPress is vulnerable to 
Stored C ...)
+       TODO: check
+CVE-2025-7360 (The HT Contact Form Widget For Elementor Page Builder & 
Gutenberg Bloc ...)
+       TODO: check
+CVE-2025-7341 (The HT Contact Form Widget For Elementor Page Builder & 
Gutenberg Bloc ...)
+       TODO: check
+CVE-2025-7340 (The HT Contact Form Widget For Elementor Page Builder & 
Gutenberg Bloc ...)
+       TODO: check
+CVE-2025-6265 (A path traversal vulnerability in the file_upload-cgi CGI 
program of Z ...)
+       TODO: check
+CVE-2025-5394 (The Alone \u2013 Charity Multipurpose Non-profit WordPress 
Theme theme ...)
+       TODO: check
+CVE-2025-5393 (The Alone \u2013 Charity Multipurpose Non-profit WordPress 
Theme theme ...)
+       TODO: check
+CVE-2025-53891 (The timelineofficial/Time-Line- repository contains the source 
code fo ...)
+       TODO: check
+CVE-2025-53890 (pyload is an open-source Download Manager written in pure 
Python. An u ...)
+       TODO: check
+CVE-2025-53889 (Directus is a real-time API and App dashboard for managing SQL 
databas ...)
+       TODO: check
+CVE-2025-53887 (Directus is a real-time API and App dashboard for managing SQL 
databas ...)
+       TODO: check
+CVE-2025-53886 (Directus is a real-time API and App dashboard for managing SQL 
databas ...)
+       TODO: check
+CVE-2025-53885 (Directus is a real-time API and App dashboard for managing SQL 
databas ...)
+       TODO: check
+CVE-2025-53839 (DRACOON is a file sharing service, and the DRACOON Branding 
Service al ...)
+       TODO: check
+CVE-2025-53836 (XWiki Rendering is a generic rendering system that converts 
textual in ...)
+       TODO: check
+CVE-2025-53835 (XWiki Rendering is a generic rendering system that converts 
textual in ...)
+       TODO: check
+CVE-2025-53834 (Caido is a web security auditing toolkit. A reflected 
cross-site scrip ...)
+       TODO: check
+CVE-2025-53833 (LaRecipe is an application that allows users to create 
documentation w ...)
+       TODO: check
+CVE-2025-53825 (Dokploy is a free, self-hostable Platform as a Service (PaaS). 
Prior t ...)
+       TODO: check
+CVE-2025-53824 (WeGIA is an open source web manager with a focus on the 
Portuguese lan ...)
+       TODO: check
+CVE-2025-53823 (WeGIA is an open source web manager with a focus on the 
Portuguese lan ...)
+       TODO: check
+CVE-2025-53822 (WeGIA is an open source web manager with a focus on the 
Portuguese lan ...)
+       TODO: check
+CVE-2025-53821 (WeGIA is an open source web manager with a focus on the 
Portuguese lan ...)
+       TODO: check
+CVE-2025-53820 (WeGIA is an open source web manager with a focus on the 
Portuguese lan ...)
+       TODO: check
+CVE-2025-53819 (Nix is a package manager for Linux and other Unix systems. 
Builds with ...)
+       TODO: check
+CVE-2025-53818 (GitHub Kanban MCP Server is a Model Context Protocol (MCP) 
server for  ...)
+       TODO: check
+CVE-2025-53640 (Indico is an event management system that uses 
Flask-Multipass, a mult ...)
+       TODO: check
+CVE-2025-3621 (Vulnerabilities* in ActADUR local server product, developed and 
mainta ...)
+       TODO: check
+CVE-2025-53643 (AIOHTTP is an asynchronous HTTP client/server framework for 
asyncio an ...)
        - python-aiohttp <unfixed>
        NOTE: 
https://github.com/aio-libs/aiohttp/security/advisories/GHSA-9548-qrrj-x5pj
        NOTE: 
https://github.com/aio-libs/aiohttp/commit/e8d774f635dc6d1cd3174d0e38891da5de0e2b6a
 (v3.12.14)
@@ -4574,8 +4632,8 @@ CVE-2025-6081 (Insufficiently Protected Credentials in 
LDAP in Konica Minoltabiz
        NOT-FOR-US: Konica
 CVE-2025-5967 (A stored cross-site scripting vulnerability in ENS HX 10.0.4 
allows a  ...)
        NOT-FOR-US: Trellix
-CVE-2025-53416
-       REJECTED
+CVE-2025-53416 (Delta Electronics DTN SoftProject File Parsing Deserialization 
of Untr ...)
+       TODO: check
 CVE-2025-53415 (Delta Electronics DTM SoftProject File Parsing Deserialization 
of Untr ...)
        NOT-FOR-US: Delta Electronics
 CVE-2025-53096 (Sunshine is a self-hosted game stream host for Moonlight. 
Prior to ver ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a80be05558cd5f3f3e8a724dedcd029e29e45ae

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a80be05558cd5f3f3e8a724dedcd029e29e45ae
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to