Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4e9e3435 by security tracker role at 2025-08-04T08:12:09+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,19 @@
+CVE-2025-54962 (/edit-user in webserver in OpenPLC Runtime 3 through 9cd8f1b
allows au ...)
+ TODO: check
+CVE-2025-48499 (Out-of-bounds write vulnerability exists in FUJIFILM Business
Innovati ...)
+ TODO: check
+CVE-2025-20702 (In the Airoha Bluetooth audio SDK, there is a possible
unauthorized ac ...)
+ TODO: check
+CVE-2025-20701 (In the Airoha Bluetooth audio SDK, there is a possible way to
pair Blu ...)
+ TODO: check
+CVE-2025-20700 (In the Airoha Bluetooth audio SDK, there is a possible
permission bypa ...)
+ TODO: check
+CVE-2025-20698 (In Power HAL, there is a possible out of bounds write due to a
missing ...)
+ TODO: check
+CVE-2025-20697 (In Power HAL, there is a possible out of bounds write due to a
missing ...)
+ TODO: check
+CVE-2025-20696 (In DA, there is a possible out of bounds write due to a
missing bounds ...)
+ TODO: check
CVE-2025-8513 (A vulnerability, which was classified as problematic, was found
in Cai ...)
NOT-FOR-US: Caixin News App
CVE-2025-8512 (A vulnerability, which was classified as problematic, has been
found i ...)
@@ -309,7 +325,7 @@ CVE-2025-46018 (CSC Pay Mobile App 2.19.4 (fixed in version
2.20.0) contains a v
NOT-FOR-US: CSC Pay Mobile App
CVE-2025-45778 (A stored cross-site scripting (XSS) vulnerability in The
Language Slot ...)
NOT-FOR-US: Language Sloth Web Application
-CVE-2025-45767 (jose v6.0.10 was discovered to contain weak encryption.)
+CVE-2025-45767 (jose v6.0.10 was discovered to contain weak encryption. NOTE:
this is ...)
- node-jose <unfixed>
NOTE:
https://github.com/panva/jose/security/advisories/GHSA-mwmr-4mj7-4hv
CVE-2025-45150 (Insecure permissions in LangChain-ChatGLM-Webui commit ef829
allows at ...)
@@ -44778,6 +44794,7 @@ CVE-2025-27788 (JSON is a JSON implementation for Ruby.
Starting in version 2.10
NOTE: Introduced by:
https://github.com/ruby/json/commit/5e6cfcf7242a83e79fbc83cb30b3b89373e98b19
(v2.10.0)
NOTE: Fixed by:
https://github.com/ruby/json/commit/cf242d89a0523bacd5238a59c77b33411b8c3208
(v2.10.2)
CVE-2025-27407 (graphql-ruby is a Ruby implementation of GraphQL. Starting in
version ...)
+ {DLA-4263-1}
- ruby-graphql 2.2.17-1 (bug #1100442)
NOTE:
https://github.com/rmosolgo/graphql-ruby/security/advisories/GHSA-q92j-grw3-h492
NOTE:
https://github.com/rmosolgo/graphql-ruby/commit/2d2f4ed1f79472f8eed29c864b039649e1de238f
(v1.11.11)
@@ -328050,29 +328067,29 @@ CVE-2021-42534 (The affected product\u2019s web
application does not properly ne
CVE-2021-42533 (Adobe Bridge version 11.1.1 (and earlier) is affected by a
double free ...)
NOT-FOR-US: Adobe
CVE-2021-42532 (XMP Toolkit SDK version 2021.07 (and earlier) is affected by a
stack-b ...)
- {DLA-3585-1}
+ {DLA-4264-1 DLA-3585-1}
- exempi 2.6.0-1
NOTE: https://helpx.adobe.com/security/products/xmpcore/apsb21-108.html
NOTE:
https://cgit.freedesktop.org/exempi/commit/?h=2.6.0&id=77a3fe7096f8ebf301e2bfe1e6dc023b4ff6dc48
NOTE: https://gitlab.freedesktop.org/libopenraw/exempi/-/releases
CVE-2021-42531 (XMP Toolkit SDK version 2021.07 (and earlier) is affected by a
stack-b ...)
- {DLA-3585-1}
+ {DLA-4264-1 DLA-3585-1}
- exempi 2.6.0-1
NOTE: https://helpx.adobe.com/security/products/xmpcore/apsb21-108.html
NOTE:
https://cgit.freedesktop.org/exempi/commit/?h=2.6.0&id=77a3fe7096f8ebf301e2bfe1e6dc023b4ff6dc48
CVE-2021-42530 (XMP Toolkit SDK version 2021.07 (and earlier) is affected by a
stack-b ...)
- {DLA-3585-1}
+ {DLA-4264-1 DLA-3585-1}
- exempi 2.6.0-1
NOTE: https://helpx.adobe.com/security/products/xmpcore/apsb21-108.html
NOTE:
https://cgit.freedesktop.org/exempi/commit/?h=2.6.0&id=77a3fe7096f8ebf301e2bfe1e6dc023b4ff6dc48
CVE-2021-42529 (XMP Toolkit SDK version 2021.07 (and earlier) is affected by a
stack-b ...)
- {DLA-3585-1}
+ {DLA-4264-1 DLA-3585-1}
- exempi 2.6.0-1
NOTE: https://helpx.adobe.com/security/products/xmpcore/apsb21-108.html
NOTE:
https://cgit.freedesktop.org/exempi/commit/?h=2.6.0&id=77a3fe7096f8ebf301e2bfe1e6dc023b4ff6dc48
NOTE:
https://github.com/adobe/XMP-Toolkit-SDK/compare/v2021.07...v2021.08
CVE-2021-42528 (XMP Toolkit 2021.07 (and earlier) is affected by a Null
pointer derefe ...)
- {DLA-3585-1}
+ {DLA-4264-1 DLA-3585-1}
- exempi 2.6.0-1
NOTE: https://helpx.adobe.com/security/products/xmpcore/apsb21-108.html
NOTE:
https://github.com/adobe/XMP-Toolkit-SDK/commit/16e53564ae6c2689387479c04770f492075d5b7b
(v2021.08)
@@ -333948,7 +333965,7 @@ CVE-2021-40734 (Adobe Audition version 14.4 (and
earlier) is affected by a memor
CVE-2021-40733 (Adobe Animate version 21.0.9 (and earlier) is affected by a
memory cor ...)
NOT-FOR-US: Adobe
CVE-2021-40732 (XMP Toolkit version 2020.1 (and earlier) is affected by a null
pointer ...)
- {DLA-3585-1}
+ {DLA-4264-1 DLA-3585-1}
- exempi 2.6.0-1
NOTE: https://helpx.adobe.com/security/products/xmpcore/apsb21-85.html
NOTE:
https://cgit.freedesktop.org/exempi/commit/?h=2.6.0&id=77a3fe7096f8ebf301e2bfe1e6dc023b4ff6dc48
@@ -333984,7 +334001,7 @@ CVE-2021-40718
CVE-2021-40717
RESERVED
CVE-2021-40716 (XMP Toolkit SDK versions 2021.07 (and earlier) are affected by
an out- ...)
- {DLA-3585-1}
+ {DLA-4264-1 DLA-3585-1}
- exempi 2.6.0-1
NOTE: https://helpx.adobe.com/security/products/xmpcore/apsb21-85.html
NOTE:
https://cgit.freedesktop.org/exempi/commit/?h=2.6.0&id=77a3fe7096f8ebf301e2bfe1e6dc023b4ff6dc48
@@ -336283,7 +336300,7 @@ CVE-2021-39849 (Acrobat Reader DC versions
2021.005.20060 (and earlier), 2020.00
CVE-2021-39848
RESERVED
CVE-2021-39847 (XMP Toolkit SDK version 2020.1 (and earlier) is affected by a
stack-ba ...)
- {DLA-3585-1}
+ {DLA-4264-1 DLA-3585-1}
- exempi 2.6.0-1
NOTE: https://helpx.adobe.com/security/products/xmpcore/apsb21-65.html
NOTE:
https://cgit.freedesktop.org/exempi/commit/?h=2.6.0&id=77a3fe7096f8ebf301e2bfe1e6dc023b4ff6dc48
@@ -345948,7 +345965,7 @@ CVE-2021-36066 (Adobe Photoshop versions 21.2.10 (and
earlier) and 22.4.3 (and e
CVE-2021-36065 (Adobe Photoshop versions 21.2.10 (and earlier) and 22.4.3 (and
earlier ...)
NOT-FOR-US: Adobe
CVE-2021-36064 (XMP Toolkit version 2020.1 (and earlier) is affected by a
Buffer Under ...)
- {DLA-3585-1}
+ {DLA-4264-1 DLA-3585-1}
- exempi 2.6.0-1
NOTE: https://helpx.adobe.com/security/products/xmpcore/apsb21-65.html
NOTE:
https://cgit.freedesktop.org/exempi/commit/?h=2.6.0&id=77a3fe7096f8ebf301e2bfe1e6dc023b4ff6dc48
@@ -345964,55 +345981,55 @@ CVE-2021-36060 (Adobe Media Encoder version 15.2
(and earlier) is affected by an
CVE-2021-36059 (Adobe Bridge version 11.1 (and earlier) is affected by a
memory corrup ...)
NOT-FOR-US: Adobe
CVE-2021-36058 (XMP Toolkit SDK version 2020.1 (and earlier) is affected by an
Integer ...)
- {DLA-3585-1}
+ {DLA-4264-1 DLA-3585-1}
- exempi 2.6.0-1
NOTE: https://helpx.adobe.com/security/products/xmpcore/apsb21-65.html
NOTE:
https://cgit.freedesktop.org/exempi/commit/?h=2.6.0&id=77a3fe7096f8ebf301e2bfe1e6dc023b4ff6dc48
NOTE: https://gitlab.freedesktop.org/libopenraw/exempi/-/releases
CVE-2021-36057 (XMP Toolkit SDK version 2020.1 (and earlier) is affected by a
write-wh ...)
- {DLA-3585-1}
+ {DLA-4264-1 DLA-3585-1}
- exempi 2.6.0-1
NOTE: https://helpx.adobe.com/security/products/xmpcore/apsb21-65.html
NOTE:
https://cgit.freedesktop.org/exempi/commit/?h=2.6.0&id=77a3fe7096f8ebf301e2bfe1e6dc023b4ff6dc48
NOTE: https://gitlab.freedesktop.org/libopenraw/exempi/-/releases
CVE-2021-36056 (XMP Toolkit SDK version 2020.1 (and earlier) is affected by a
buffer o ...)
- {DLA-3585-1}
+ {DLA-4264-1 DLA-3585-1}
- exempi 2.6.0-1
NOTE: https://helpx.adobe.com/security/products/xmpcore/apsb21-65.html
NOTE:
https://cgit.freedesktop.org/exempi/commit/?h=2.6.0&id=77a3fe7096f8ebf301e2bfe1e6dc023b4ff6dc48
NOTE: https://gitlab.freedesktop.org/libopenraw/exempi/-/releases
CVE-2021-36055 (XMP Toolkit SDK versions 2020.1 (and earlier) are affected by
a use-af ...)
- {DLA-3585-1}
+ {DLA-4264-1 DLA-3585-1}
- exempi 2.6.0-1
NOTE: https://helpx.adobe.com/security/products/xmpcore/apsb21-65.html
NOTE:
https://cgit.freedesktop.org/exempi/commit/?h=2.6.0&id=77a3fe7096f8ebf301e2bfe1e6dc023b4ff6dc48
NOTE: https://gitlab.freedesktop.org/libopenraw/exempi/-/releases
CVE-2021-36054 (XMP Toolkit SDK version 2020.1 (and earlier) is affected by a
buffer o ...)
- {DLA-3585-1}
+ {DLA-4264-1 DLA-3585-1}
- exempi 2.6.0-1
NOTE: https://helpx.adobe.com/security/products/xmpcore/apsb21-65.html
NOTE:
https://cgit.freedesktop.org/exempi/commit/?h=2.6.0&id=77a3fe7096f8ebf301e2bfe1e6dc023b4ff6dc48
NOTE: https://gitlab.freedesktop.org/libopenraw/exempi/-/releases
CVE-2021-36053 (XMP Toolkit SDK versions 2020.1 (and earlier) are affected by
an out-o ...)
- {DLA-3585-1}
+ {DLA-4264-1 DLA-3585-1}
- exempi 2.6.0-1
NOTE: https://helpx.adobe.com/security/products/xmpcore/apsb21-65.html
NOTE:
https://cgit.freedesktop.org/exempi/commit/?h=2.6.0&id=77a3fe7096f8ebf301e2bfe1e6dc023b4ff6dc48
NOTE: https://gitlab.freedesktop.org/libopenraw/exempi/-/releases
CVE-2021-36052 (XMP Toolkit version 2020.1 (and earlier) is affected by a
memory corru ...)
- {DLA-3585-1}
+ {DLA-4264-1 DLA-3585-1}
- exempi 2.6.0-1
NOTE: https://helpx.adobe.com/security/products/xmpcore/apsb21-65.html
NOTE:
https://cgit.freedesktop.org/exempi/commit/?h=2.6.0&id=77a3fe7096f8ebf301e2bfe1e6dc023b4ff6dc48
NOTE: https://gitlab.freedesktop.org/libopenraw/exempi/-/releases
CVE-2021-36051 (XMP Toolkit SDK version 2020.1 (and earlier) is affected by a
buffer o ...)
- {DLA-3585-1}
+ {DLA-4264-1 DLA-3585-1}
- exempi 2.6.0-1
NOTE: https://helpx.adobe.com/security/products/xmpcore/apsb21-65.html
NOTE:
https://cgit.freedesktop.org/exempi/commit/?h=2.6.0&id=77a3fe7096f8ebf301e2bfe1e6dc023b4ff6dc48
NOTE: https://gitlab.freedesktop.org/libopenraw/exempi/-/releases
CVE-2021-36050 (XMP Toolkit SDK version 2020.1 (and earlier) is affected by a
buffer o ...)
- {DLA-3585-1}
+ {DLA-4264-1 DLA-3585-1}
- exempi 2.6.0-1
NOTE: https://helpx.adobe.com/security/products/xmpcore/apsb21-65.html
NOTE:
https://cgit.freedesktop.org/exempi/commit/?h=2.6.0&id=77a3fe7096f8ebf301e2bfe1e6dc023b4ff6dc48
@@ -346020,25 +346037,25 @@ CVE-2021-36050 (XMP Toolkit SDK version 2020.1 (and
earlier) is affected by a bu
CVE-2021-36049 (Adobe Bridge version 11.1 (and earlier) is affected by a
memory corrup ...)
NOT-FOR-US: Adobe
CVE-2021-36048 (XMP Toolkit SDK version 2020.1 (and earlier) is affected by an
Imprope ...)
- {DLA-3585-1}
+ {DLA-4264-1 DLA-3585-1}
- exempi 2.6.0-1
NOTE: https://helpx.adobe.com/security/products/xmpcore/apsb21-65.html
NOTE:
https://cgit.freedesktop.org/exempi/commit/?h=2.6.0&id=77a3fe7096f8ebf301e2bfe1e6dc023b4ff6dc48
NOTE: https://gitlab.freedesktop.org/libopenraw/exempi/-/releases
CVE-2021-36047 (XMP Toolkit SDK version 2020.1 (and earlier) is affected by an
Imprope ...)
- {DLA-3585-1}
+ {DLA-4264-1 DLA-3585-1}
- exempi 2.6.0-1
NOTE: https://helpx.adobe.com/security/products/xmpcore/apsb21-65.html
NOTE:
https://cgit.freedesktop.org/exempi/commit/?h=2.6.0&id=77a3fe7096f8ebf301e2bfe1e6dc023b4ff6dc48
NOTE: https://gitlab.freedesktop.org/libopenraw/exempi/-/releases
CVE-2021-36046 (XMP Toolkit version 2020.1 (and earlier) is affected by a
memory corru ...)
- {DLA-3585-1}
+ {DLA-4264-1 DLA-3585-1}
- exempi 2.6.0-1
NOTE: https://helpx.adobe.com/security/products/xmpcore/apsb21-65.html
NOTE:
https://cgit.freedesktop.org/exempi/commit/?h=2.6.0&id=77a3fe7096f8ebf301e2bfe1e6dc023b4ff6dc48
NOTE: https://gitlab.freedesktop.org/libopenraw/exempi/-/releases
CVE-2021-36045 (XMP Toolkit SDK versions 2020.1 (and earlier) are affected by
an out-o ...)
- {DLA-3585-1}
+ {DLA-4264-1 DLA-3585-1}
- exempi 2.6.0-1
NOTE: https://helpx.adobe.com/security/products/xmpcore/apsb21-65.html
NOTE:
https://cgit.freedesktop.org/exempi/commit/?h=2.6.0&id=77a3fe7096f8ebf301e2bfe1e6dc023b4ff6dc48
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4e9e3435558a074b1ae0c76a8a0a70ef33a98210
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4e9e3435558a074b1ae0c76a8a0a70ef33a98210
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
