Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5e665831 by security tracker role at 2025-07-26T08:12:01+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,9 +1,75 @@
-CVE-2025-8177
+CVE-2025-8198 (The MinimogWP \u2013 The High Converting eCommerce WordPress
Theme the ...)
+ TODO: check
+CVE-2025-8181 (A vulnerability, which was classified as critical, was found in
TOTOLI ...)
+ TODO: check
+CVE-2025-8180 (A vulnerability, which was classified as critical, has been
found in T ...)
+ TODO: check
+CVE-2025-8179 (A vulnerability classified as critical was found in PHPGurukul
Local S ...)
+ TODO: check
+CVE-2025-8178 (A vulnerability classified as critical has been found in Tenda
AC10 16 ...)
+ TODO: check
+CVE-2025-8175 (A vulnerability was found in D-Link DI-8400 16.07.26A1. It has
been cl ...)
+ TODO: check
+CVE-2025-8174 (A vulnerability was found in code-projects Voting System 1.0
and class ...)
+ TODO: check
+CVE-2025-8173 (A vulnerability has been found in 1000 Projects ABC Courier
Management ...)
+ TODO: check
+CVE-2025-8172 (A vulnerability, which was classified as critical, was found in
itsour ...)
+ TODO: check
+CVE-2025-8171 (A vulnerability, which was classified as critical, has been
found in c ...)
+ TODO: check
+CVE-2025-8170 (A vulnerability classified as critical was found in TOTOLINK T6
4.1.5c ...)
+ TODO: check
+CVE-2025-8169 (A vulnerability classified as critical has been found in D-Link
DIR-51 ...)
+ TODO: check
+CVE-2025-8103 (The WPeMatico RSS Feed Fetcher plugin for WordPress is
vulnerable to C ...)
+ TODO: check
+CVE-2025-8101 (Improperly Controlled Modification of Object Prototype
Attributes ('Pr ...)
+ TODO: check
+CVE-2025-8097 (The WoodMart theme for WordPress is vulnerable to Improper
Input Valid ...)
+ TODO: check
+CVE-2025-7501 (The Wonder Slider Lite plugin for WordPress is vulnerable to
Stored Cr ...)
+ TODO: check
+CVE-2025-6991 (The kallyas theme for WordPress is vulnerable to Local File
Inclusion ...)
+ TODO: check
+CVE-2025-6989 (The Kallyas theme for WordPress is vulnerable to arbitrary
folder dele ...)
+ TODO: check
+CVE-2025-6987 (The Advanced iFrame plugin for WordPress is vulnerable to
Stored Cross ...)
+ TODO: check
+CVE-2025-6895 (The Melapress Login Security plugin for WordPress is vulnerable
to Aut ...)
+ TODO: check
+CVE-2025-5529 (The Educenter theme for WordPress is vulnerable to Stored
Cross-Site S ...)
+ TODO: check
+CVE-2025-54416 (tj-actions/branch-names is a Github actions repository that
contains w ...)
+ TODO: check
+CVE-2025-54415 (dag-factory is a library for Apache Airflow\xae to construct
DAGs decl ...)
+ TODO: check
+CVE-2025-54414 (Anubis is a Web AI Firewall Utility that weighs the soul of
users' con ...)
+ TODO: check
+CVE-2025-54413 (skops is a Python library which helps users share and ship
their sciki ...)
+ TODO: check
+CVE-2025-54412 (skops is a Python library which helps users share and ship
their sciki ...)
+ TODO: check
+CVE-2025-54385 (XWiki Platform is a generic wiki platform offering runtime
services fo ...)
+ TODO: check
+CVE-2025-54380 (Opencast is a free, open-source platform to support the
management of ...)
+ TODO: check
+CVE-2025-54378 (HAX CMS allows you to manage your microsite universe with PHP
or NodeJ ...)
+ TODO: check
+CVE-2025-54366 (FreeScout is a lightweight free open source help desk and
shared inbox ...)
+ TODO: check
+CVE-2025-50185 (DbGate is cross-platform database manager. In versions 6.6.0
and below ...)
+ TODO: check
+CVE-2025-50184 (DbGate is cross-platform database manager. In versions
6.4.3-premium-b ...)
+ TODO: check
+CVE-2024-13507 (The GeoDirectory \u2013 WP Business Directory Plugin and
Classified Li ...)
+ TODO: check
+CVE-2025-8177 (A vulnerability was found in LibTIFF up to 4.7.0. It has been
rated as ...)
- tiff <unfixed> (unimportant)
NOTE: https://gitlab.com/libtiff/libtiff/-/issues/715
NOTE: https://gitlab.com/libtiff/libtiff/-/merge_requests/737
NOTE: Crash in CLI tool, no security impact
-CVE-2025-8176
+CVE-2025-8176 (A vulnerability was found in LibTIFF up to 4.7.0. It has been
declared ...)
- tiff <unfixed> (unimportant)
NOTE: https://gitlab.com/libtiff/libtiff/-/issues/707
NOTE: https://gitlab.com/libtiff/libtiff/-/merge_requests/727
@@ -203713,7 +203779,7 @@ CVE-2023-2276 (The WCFM Membership \u2013 WooCommerce
Memberships for Multivendo
CVE-2023-2275 (The WooCommerce Multivendor Marketplace \u2013 REST API plugin
for Wor ...)
NOT-FOR-US: WooCommerce plugin
CVE-2023-2274
- RESERVED
+ REJECTED
CVE-2023-2273 (Rapid7 Insight Agent token handler versions 3.2.6 and below,
suffer fr ...)
NOT-FOR-US: Rapid7
CVE-2023-2272 (The Tiempo.com WordPress plugin through 0.1.2 does not sanitise
and es ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e66583141bf6c19434c652021d0883540011662
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e66583141bf6c19434c652021d0883540011662
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
