Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
24a43bb6 by security tracker role at 2025-07-15T20:12:42+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,265 @@
+CVE-2025-7667 (The Restrict File Access plugin for WordPress is vulnerable to
Cross-S ...)
+ TODO: check
+CVE-2025-7657 (Use after free in WebRTC in Google Chrome prior to
138.0.7204.157 allo ...)
+ TODO: check
+CVE-2025-7656 (Integer overflow in V8 in Google Chrome prior to 138.0.7204.157
allowe ...)
+ TODO: check
+CVE-2025-7042 (Use After Free vulnerability exists in the IPT file reading
procedure ...)
+ TODO: check
+CVE-2025-6974 (Use of Uninitialized Variable vulnerability exists in the JT
file read ...)
+ TODO: check
+CVE-2025-6973 (Use After Free vulnerability exists in the JT file reading
procedure i ...)
+ TODO: check
+CVE-2025-6972 (Use After Free vulnerability exists in the CATPRODUCT file
reading pro ...)
+ TODO: check
+CVE-2025-6971 (Use After Free vulnerability exists in the CATPRODUCT file
reading pro ...)
+ TODO: check
+CVE-2025-6965 (There exists a vulnerability in SQLite versions before 3.50.2
where th ...)
+ TODO: check
+CVE-2025-6558 (Insufficient validation of untrusted input in ANGLE and GPU in
Google ...)
+ TODO: check
+CVE-2025-53959 (In JetBrains YouTrack before 2025.2.86069, 2024.3.85077,
2025.1.8619 ...)
+ TODO: check
+CVE-2025-53903 (The Scratch Channel is a news website that is under
development as of ...)
+ TODO: check
+CVE-2025-53895 (ZITADEL is an open source identity management system. Starting
in vers ...)
+ TODO: check
+CVE-2025-53893 (File Browser provides a file managing interface within a
specified dir ...)
+ TODO: check
+CVE-2025-53826 (File Browser provides a file managing interface within a
specified dir ...)
+ TODO: check
+CVE-2025-53622 (DSpace open source software is a repository application which
provides ...)
+ TODO: check
+CVE-2025-53621 (DSpace open source software is a repository application which
provides ...)
+ TODO: check
+CVE-2025-53032 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2025-53031 (Vulnerability in the Oracle Financial Services Analytical
Applications ...)
+ TODO: check
+CVE-2025-53030 (Vulnerability in the Oracle VM VirtualBox product of Oracle
Virtualiza ...)
+ TODO: check
+CVE-2025-53029 (Vulnerability in the Oracle VM VirtualBox product of Oracle
Virtualiza ...)
+ TODO: check
+CVE-2025-53028 (Vulnerability in the Oracle VM VirtualBox product of Oracle
Virtualiza ...)
+ TODO: check
+CVE-2025-53027 (Vulnerability in the Oracle VM VirtualBox product of Oracle
Virtualiza ...)
+ TODO: check
+CVE-2025-53026 (Vulnerability in the Oracle VM VirtualBox product of Oracle
Virtualiza ...)
+ TODO: check
+CVE-2025-53025 (Vulnerability in the Oracle VM VirtualBox product of Oracle
Virtualiza ...)
+ TODO: check
+CVE-2025-53024 (Vulnerability in the Oracle VM VirtualBox product of Oracle
Virtualiza ...)
+ TODO: check
+CVE-2025-53023 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2025-52379 (Nexxt Solutions NCM-X1800 Mesh Router firmware UV1.2.7 and
below conta ...)
+ TODO: check
+CVE-2025-52378 (Cross-Site Scripting (XSS) vulnerability in Nexxt Solutions
NCM-X1800 ...)
+ TODO: check
+CVE-2025-52377 (Command injection vulnerability in Nexxt Solutions NCM-X1800
Mesh Rout ...)
+ TODO: check
+CVE-2025-52376 (An authentication bypass vulnerability in the
/web/um_open_telnet.cgi ...)
+ TODO: check
+CVE-2025-52082 (In Netgear XR300 V1.0.3.38_10.3.30, a stack-based buffer
overflow exis ...)
+ TODO: check
+CVE-2025-52081 (In Netgear XR300 V1.0.3.38_10.3.30, a stack-based buffer
overflow vuln ...)
+ TODO: check
+CVE-2025-52080 (In Netgear XR300 V1.0.3.38_10.3.30, a stack-based buffer
overflow vuln ...)
+ TODO: check
+CVE-2025-50819 (Directory traversal vulnerability in beiyuouo arxiv-daily thru
2025-05 ...)
+ TODO: check
+CVE-2025-50108 (Vulnerability in the Oracle Hyperion Financial Reporting
product of Or ...)
+ TODO: check
+CVE-2025-50107 (Vulnerability in the Oracle Universal Work Queue product of
Oracle E-B ...)
+ TODO: check
+CVE-2025-50106 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK,
Oracle Gr ...)
+ TODO: check
+CVE-2025-50105 (Vulnerability in the Oracle Universal Work Queue product of
Oracle E-B ...)
+ TODO: check
+CVE-2025-50104 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2025-50103 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2025-50102 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2025-50101 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2025-50100 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2025-50099 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2025-50098 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2025-50097 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2025-50096 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2025-50095 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2025-50094 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2025-50093 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2025-50092 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2025-50091 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2025-50090 (Vulnerability in the Oracle Applications Framework product of
Oracle E ...)
+ TODO: check
+CVE-2025-50089 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2025-50088 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2025-50087 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2025-50086 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2025-50085 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2025-50084 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2025-50083 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2025-50082 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2025-50081 (Vulnerability in the MySQL Client product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2025-50080 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2025-50079 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2025-50078 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2025-50077 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2025-50076 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2025-50073 (Vulnerability in the Oracle WebLogic Server product of Oracle
Fusion M ...)
+ TODO: check
+CVE-2025-50072 (Vulnerability in the Oracle WebLogic Server product of Oracle
Fusion M ...)
+ TODO: check
+CVE-2025-50071 (Vulnerability in the Oracle Applications Framework product of
Oracle E ...)
+ TODO: check
+CVE-2025-50070 (Vulnerability in the JDBC component of Oracle Database Server.
Suppor ...)
+ TODO: check
+CVE-2025-50069 (Vulnerability in the Java VM component of Oracle Database
Server. Sup ...)
+ TODO: check
+CVE-2025-50068 (Vulnerability in the MySQL Cluster product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2025-50067 (Vulnerability in Oracle Application Express (component:
Strategic Plan ...)
+ TODO: check
+CVE-2025-50066 (Vulnerability in the Oracle Database Materialized View
component of Or ...)
+ TODO: check
+CVE-2025-50065 (Vulnerability in the Oracle GraalVM for JDK product of Oracle
Java SE ...)
+ TODO: check
+CVE-2025-50064 (Vulnerability in the Oracle WebLogic Server product of Oracle
Fusion M ...)
+ TODO: check
+CVE-2025-50063 (Vulnerability in Oracle Java SE (component: Install).
Supported versi ...)
+ TODO: check
+CVE-2025-50062 (Vulnerability in the PeopleSoft Enterprise HCM Global Payroll
Core pro ...)
+ TODO: check
+CVE-2025-50061 (Vulnerability in the Primavera P6 Enterprise Project Portfolio
Managem ...)
+ TODO: check
+CVE-2025-50060 (Vulnerability in the Oracle BI Publisher product of Oracle
Analytics ( ...)
+ TODO: check
+CVE-2025-50059 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK,
Oracle Gr ...)
+ TODO: check
+CVE-2025-4369 (The Companion Auto Update plugin for WordPress is vulnerable to
Stored ...)
+ TODO: check
+CVE-2025-49830 (Conjur provides secrets management and application identity
for infras ...)
+ TODO: check
+CVE-2025-49829 (Conjur provides secrets management and application identity
for infras ...)
+ TODO: check
+CVE-2025-49828 (Conjur provides secrets management and application identity
for infras ...)
+ TODO: check
+CVE-2025-49827 (Conjur provides secrets management and application identity
for infras ...)
+ TODO: check
+CVE-2025-48795 (Apache CXF stores large stream based messages as temporary
files on th ...)
+ TODO: check
+CVE-2025-41239 (VMware ESXi, Workstation, Fusion, and VMware Tools contains an
informa ...)
+ TODO: check
+CVE-2025-41238 (VMware ESXi, Workstation, and Fusion contain a heap-overflow
vulnerabi ...)
+ TODO: check
+CVE-2025-41237 (VMware ESXi,Workstation, and Fusioncontain an
integer-underflow in VMC ...)
+ TODO: check
+CVE-2025-41236 (VMware ESXi, Workstation, and Fusion contain an
integer-overflow vulne ...)
+ TODO: check
+CVE-2025-34116 (A remote command execution vulnerability exists in IPFire
before versi ...)
+ TODO: check
+CVE-2025-34115 (An authenticated command injection vulnerability exists in OP5
Monitor ...)
+ TODO: check
+CVE-2025-34113 (An authenticated command injection vulnerability exists in
Tiki Wiki C ...)
+ TODO: check
+CVE-2025-34112 (An authenticated multi-stage remote code execution
vulnerability exist ...)
+ TODO: check
+CVE-2025-34111 (An unauthenticated arbitrary file upload vulnerability exists
in Tiki ...)
+ TODO: check
+CVE-2025-34110 (A directory traversal vulnerability exists in ColoradoFTP
Server \u226 ...)
+ TODO: check
+CVE-2025-34109 (PSEvents.exe in multiple Panda Security products runs hourly
with SYST ...)
+ TODO: check
+CVE-2025-34108 (A stack-based buffer overflow vulnerability exists in the
login functi ...)
+ TODO: check
+CVE-2025-34107 (A buffer overflow vulnerability exists in the WinaXe FTP
Client versio ...)
+ TODO: check
+CVE-2025-34106 (A buffer overflow vulnerability exists in PDF Shaper versions
3.5 and ...)
+ TODO: check
+CVE-2025-34105 (A stack-based buffer overflow vulnerability exists in the
built-in web ...)
+ TODO: check
+CVE-2025-34104 (An authenticated remote code execution vulnerability exists in
Piwik ( ...)
+ TODO: check
+CVE-2025-34103 (An unauthenticated command injection vulnerability exists in
WePresent ...)
+ TODO: check
+CVE-2025-34068 (An unauthenticated remote command execution vulnerability
exists in Sa ...)
+ TODO: check
+CVE-2025-33097 (IBM QRadar SIEM 7.5 - 7.5.0 UP12 IF02 is vulnerable to stored
cross-si ...)
+ TODO: check
+CVE-2025-30762 (Vulnerability in the Oracle WebLogic Server product of Oracle
Fusion M ...)
+ TODO: check
+CVE-2025-30760 (Vulnerability in the JD Edwards EnterpriseOne Tools product of
Oracle ...)
+ TODO: check
+CVE-2025-30759 (Vulnerability in the Oracle Business Intelligence Enterprise
Edition p ...)
+ TODO: check
+CVE-2025-30758 (Vulnerability in the Siebel CRM End User product of Oracle
Siebel CRM ...)
+ TODO: check
+CVE-2025-30756 (Vulnerability in Oracle REST Data Services (component:
General). The ...)
+ TODO: check
+CVE-2025-30754 (Vulnerability in Oracle Java SE (component: JSSE). Supported
versions ...)
+ TODO: check
+CVE-2025-30753 (Vulnerability in the Oracle WebLogic Server product of Oracle
Fusion M ...)
+ TODO: check
+CVE-2025-30752 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK
product of ...)
+ TODO: check
+CVE-2025-30751 (Vulnerability in the Oracle Database component of Oracle
Database Serv ...)
+ TODO: check
+CVE-2025-30750 (Vulnerability in the Unified Audit component of Oracle
Database Server ...)
+ TODO: check
+CVE-2025-30749 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK,
Oracle Gr ...)
+ TODO: check
+CVE-2025-30748 (Vulnerability in the PeopleSoft Enterprise PeopleTools product
of Orac ...)
+ TODO: check
+CVE-2025-30747 (Vulnerability in the PeopleSoft Enterprise PeopleTools product
of Orac ...)
+ TODO: check
+CVE-2025-30746 (Vulnerability in the Oracle iStore product of Oracle
E-Business Suite ...)
+ TODO: check
+CVE-2025-30745 (Vulnerability in the Oracle MES for Process Manufacturing
product of O ...)
+ TODO: check
+CVE-2025-30744 (Vulnerability in the Oracle Mobile Field Service product of
Oracle E-B ...)
+ TODO: check
+CVE-2025-30743 (Vulnerability in the Oracle Lease and Finance Management
product of Or ...)
+ TODO: check
+CVE-2025-30739 (Vulnerability in the Oracle CRM Technical Foundation product
of Oracle ...)
+ TODO: check
+CVE-2025-30483 (Dell ECS versions prior to 3.8.1.5/ ObjectScale version
4.0.0.0 contai ...)
+ TODO: check
+CVE-2025-26186 (SQL Injection vulnerability in openSIS v.9.1 allows a remote
attacker ...)
+ TODO: check
+CVE-2025-24477 (A heap-based buffer overflow in Fortinet FortiOS versions
7.6.0 throug ...)
+ TODO: check
+CVE-2025-0831 (Out-Of-Bounds Read vulnerability exists in the JT file reading
procedu ...)
+ TODO: check
+CVE-2024-42650 (NanoMQ 0.17.5 was discovered to contain a segmentation fault
via the c ...)
+ TODO: check
CVE-2025-7672 (The improper default setting in JiranSoft CrossEditor4 on
Windows, Lin ...)
NOT-FOR-US: JiranSoft CrossEditor4
CVE-2025-7367 (The Strong Testimonials plugin for WordPress is vulnerable to
Stored C ...)
@@ -9287,7 +9549,7 @@ CVE-2025-6153 (A vulnerability has been found in
PHPGurukul Hostel Management Sy
NOT-FOR-US: PHPGurukul
CVE-2025-6152 (A vulnerability, which was classified as critical, was found in
Steel ...)
NOT-FOR-US: Steel Browser
-CVE-2025-6151 (A vulnerability, which was classified as critical, has been
found in T ...)
+CVE-2025-6151 (A vulnerability has been found in TP-Link TL-WR940N V4 and
TL-WR841N ...)
NOT-FOR-US: TP-Link
CVE-2025-6150 (A vulnerability classified as critical was found in TOTOLINK
X15 1.0.0 ...)
NOT-FOR-US: TOTOLINK
@@ -35574,7 +35836,8 @@ CVE-2023-53003 (In the Linux kernel, the following
vulnerability has been resolv
CVE-2023-53002 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 6.1.11-1
NOTE:
https://git.kernel.org/linus/0220e4fe178c3390eb0291cdb34912d66972db8a (6.2-rc6)
-CVE-2023-53001 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
+CVE-2023-53001
+ REJECTED
- linux 6.1.11-1
NOTE:
https://git.kernel.org/linus/899d3a3c19ac0e5da013ce34833dccb97d19b5e4 (6.2-rc6)
CVE-2023-53000 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
@@ -196228,7 +196491,7 @@ CVE-2023-34475 (A heap use after free issue was
discovered in ImageMagick's Repl
CVE-2023-34474 (A heap-based buffer overflow issue was discovered in
ImageMagick's Rea ...)
- imagemagick <not-affected> (Vulnerable code not present)
NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick/commit/1061db7f80fdc9ef572ac60b55f408f7bab6e1b0
(7.1.1-10)
-CVE-2023-34488 (NanoMQ 0.17.5 is vulnerable to heap-buffer-overflow in the
conn_handle ...)
+CVE-2023-34488 (NanoMQ 0.17.5 has a one-byte heap-based buffer over-read in
the conn_h ...)
NOT-FOR-US: NanoMQ
CVE-2023-34468 (The DBCPConnectionPool and HikariCPConnectionPool Controller
Services ...)
NOT-FOR-US: Apache NiFi
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/24a43bb6d41804df0536ad4d49dca7a9d9e7bcac
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/24a43bb6d41804df0536ad4d49dca7a9d9e7bcac
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
