[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Mon, 04 Aug 2025 13:12:57 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
6224e40a by security tracker role at 2025-08-04T20:12:42+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,119 @@
+CVE-2025-8524 (A vulnerability was found in Boquan DotWallet App 2.15.2 on 
Android an ...)
+       TODO: check
+CVE-2025-8523 (A vulnerability has been found in RiderLike Fruit Crush-Brain 
App 1.0  ...)
+       TODO: check
+CVE-2025-8522 (A vulnerability, which was classified as critical, was found in 
givanz ...)
+       TODO: check
+CVE-2025-8521 (A vulnerability, which was classified as problematic, has been 
found i ...)
+       TODO: check
+CVE-2025-8520 (A vulnerability classified as critical was found in givanz 
Vvveb up to ...)
+       TODO: check
+CVE-2025-8519 (A vulnerability classified as problematic has been found in 
givanz Vvv ...)
+       TODO: check
+CVE-2025-8518 (A vulnerability was found in givanz Vvveb 1.0.5. It has been 
rated as  ...)
+       TODO: check
+CVE-2025-8517 (A vulnerability was found in givanz Vvveb 1.0.6.1. It has been 
declare ...)
+       TODO: check
+CVE-2025-8516 (A vulnerability was found in Kingdee Cloud-Starry-Sky 
Enterprise Editi ...)
+       TODO: check
+CVE-2025-8515 (A vulnerability was found in Intelbras InControl 2.21.60.9 and 
classif ...)
+       TODO: check
+CVE-2025-8341 (Grafana is an open-source platform for monitoring and 
observability. T ...)
+       TODO: check
+CVE-2025-8109 (Software installed and run as a non-privileged user may conduct 
ptrace ...)
+       TODO: check
+CVE-2025-6205 (A missing authorization vulnerability affecting DELMIA Apriso 
from Rel ...)
+       TODO: check
+CVE-2025-6204 (An Improper Control of Generation of Code (Code Injection) 
vulnerabili ...)
+       TODO: check
+CVE-2025-5988 (A flaw was found in the Ansible aap-gateway. Cross-site request 
forger ...)
+       TODO: check
+CVE-2025-55014 (The YouDao plugin for StarDict, as used in stardict 
3.0.7+git20220909+ ...)
+       TODO: check
+CVE-2025-53395 (Paramount Macrium Reflect through 2025-06-26 allows local 
attackers to ...)
+       TODO: check
+CVE-2025-53394 (Paramount Macrium Reflect through 2025-06-26 allows attackers 
to execu ...)
+       TODO: check
+CVE-2025-52239 (An arbitrary file upload vulnerability in ZKEACMS v4.1 allows 
attacker ...)
+       TODO: check
+CVE-2025-51536 (Austrian Archaeological Institute (AI) OpenAtlas v8.11.0 as 
discovered ...)
+       TODO: check
+CVE-2025-51535 (Austrian Archaeological Institute (AI) OpenAtlas v8.11.0 as 
discovered ...)
+       TODO: check
+CVE-2025-51534 (A cross-site scripting (XSS) vulnerability in Austrian 
Archaeological  ...)
+       TODO: check
+CVE-2025-51390 (TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to 
contain a com ...)
+       TODO: check
+CVE-2025-50422 (An issue was discovered in freedesktop poppler v25.04.0. The 
heap memo ...)
+       TODO: check
+CVE-2025-50420 (An issue in the pdfseparate utility of freedesktop poppler 
v25.04.0 al ...)
+       TODO: check
+CVE-2025-50340 (An Insecure Direct Object Reference (IDOR) vulnerability was 
discovere ...)
+       TODO: check
+CVE-2025-46206 (An issue in Artifex mupdf 1.25.6, 1.25.5 allows a remote 
attacker to c ...)
+       TODO: check
+CVE-2025-44963 (RUCKUS Network Director (RND) before 4.5 allows spoofing of an 
adminis ...)
+       TODO: check
+CVE-2025-44962 (RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows ../ 
director ...)
+       TODO: check
+CVE-2025-44961 (In RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build, OS 
command inje ...)
+       TODO: check
+CVE-2025-44960 (RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows OS 
command i ...)
+       TODO: check
+CVE-2025-44958 (RUCKUS Network Director (RND) before 4.5 stores passwords in a 
recover ...)
+       TODO: check
+CVE-2025-44957 (Ruckus SmartZone (SZ) before 6.1.2p3 Refresh Build allows 
authenticati ...)
+       TODO: check
+CVE-2025-44955 (RUCKUS Network Director (RND) before 4.5 allows jailed users 
to obtain ...)
+       TODO: check
+CVE-2025-44954 (RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build has a 
hardcoded SSH ...)
+       TODO: check
+CVE-2025-44643 (Certain Draytek products are affected by Insecure 
Configuration. This  ...)
+       TODO: check
+CVE-2025-41691 (An unauthenticated remote attacker may trigger a NULL pointer 
derefere ...)
+       TODO: check
+CVE-2025-41659 (A low-privileged attacker can remotely access the PKI folder 
of the CO ...)
+       TODO: check
+CVE-2025-41658 (CODESYS Runtime Toolkit-based products may expose sensitive 
files to l ...)
+       TODO: check
+CVE-2025-38741 (Dell Enterprise SONiC OS, version 4.5.0, contains a 
cryptographic key  ...)
+       TODO: check
+CVE-2025-38739 (Dell Digital Delivery, versions prior to 5.6.1.0, contains an 
Insuffic ...)
+       TODO: check
+CVE-2025-36607 (Dell Unity, version(s) 5.5 and prior, contain(s) an OS Command 
Injecti ...)
+       TODO: check
+CVE-2025-36606 (Dell Unity, version(s) 5.5 and prior, contain(s) an OS Command 
Injecti ...)
+       TODO: check
+CVE-2025-36605 (Dell Unity, version(s) 5.5 and prior, contain(s) an Improper 
Neutraliz ...)
+       TODO: check
+CVE-2025-36604 (Dell Unity, version(s) 5.5 and prior, contain(s) an Improper 
Neutraliz ...)
+       TODO: check
+CVE-2025-36594 (Dell PowerProtect Data Domain with Data Domain Operating 
System (DD OS ...)
+       TODO: check
+CVE-2025-34147 (An unauthenticated OS command injection vulnerability exists 
in the Sh ...)
+       TODO: check
+CVE-2025-30099 (Dell PowerProtect Data Domain with Data Domain Operating 
System (DD OS ...)
+       TODO: check
+CVE-2025-30098 (Dell PowerProtect Data Domain with Data Domain Operating 
System (DD OS ...)
+       TODO: check
+CVE-2025-30097 (Dell PowerProtect Data Domain with Data Domain Operating 
System (DD OS ...)
+       TODO: check
+CVE-2025-30096 (Dell PowerProtect Data Domain with Data Domain Operating 
System (DD OS ...)
+       TODO: check
+CVE-2025-26476 (Dell ECS versions prior to 3.8.1.5/ ObjectScale version 
4.0.0.0, conta ...)
+       TODO: check
+CVE-2025-26065 (A cross-site scripting (XSS) vulnerability in Intelbras RX1500 
v2.2.9  ...)
+       TODO: check
+CVE-2025-21120 (Dell Avamar, versions prior to 19.12 with patch 338905, 
excluding vers ...)
+       TODO: check
+CVE-2025-0932 (Use After Free vulnerability in Arm Ltd Bifrost GPU Userspace 
Driver,  ...)
+       TODO: check
+CVE-2024-45183 (An issue was discovered in Samsung Mobile Processor Exynos 
2100, 1280, ...)
+       TODO: check
+CVE-2013-10054 (An unauthenticated arbitrary file upload vulnerability exists 
in Libre ...)
+       TODO: check
+CVE-2013-10052 (ZPanel includes a helper binary named zsudo, intended to allow 
restric ...)
+       TODO: check
 CVE-2025-54962 (/edit-user in webserver in OpenPLC Runtime 3 through 9cd8f1b 
allows au ...)
        TODO: check
 CVE-2025-48499 (Out-of-bounds write vulnerability exists in FUJIFILM Business 
Innovati ...)
@@ -74499,7 +74615,7 @@ CVE-2024-53242 (A vulnerability has been identified in 
Teamcenter Visualization
        NOT-FOR-US: Siemens
 CVE-2024-53041 (A vulnerability has been identified in Teamcenter 
Visualization V14.2  ...)
        NOT-FOR-US: Siemens
-CVE-2024-52538 (Dell Avamar, version(s) 19.x, contain(s) an Improper 
Neutralization of ...)
+CVE-2024-52538 (Dell Avamar, versions prior to 19.12 with patch 338905, 
excluding 19.1 ...)
        NOT-FOR-US: Dell
 CVE-2024-52051 (A vulnerability has been identified in SIMATIC S7-PLCSIM V17 
(All vers ...)
        NOT-FOR-US: Siemens
@@ -74683,9 +74799,9 @@ CVE-2024-49059 (Microsoft Office Elevation of Privilege 
Vulnerability)
        NOT-FOR-US: Microsoft
 CVE-2024-49057 (Microsoft Defender for Endpoint on Android Spoofing 
Vulnerability)
        NOT-FOR-US: Microsoft
-CVE-2024-47977 (Dell Avamar, version(s) 19.x, contain(s) an Improper 
Neutralization of ...)
+CVE-2024-47977 (Dell Avamar, versions prior to 19.12 with patch 338905, 
excluding 19.1 ...)
        NOT-FOR-US: Dell
-CVE-2024-47484 (Dell Avamar, version(s) 19.x, contain(s) an Improper 
Neutralization of ...)
+CVE-2024-47484 (Dell Avamar, versions prior to 19.12 with patch 338905, 
excluding 19.1 ...)
        NOT-FOR-US: Dell
 CVE-2024-47117 (IBM Carbon Design System (Carbon Charts 0.4.0 through 1.13.16) 
is vuln ...)
        NOT-FOR-US: IBM



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6224e40a37300a41ee26e7e3a616b866d6178a94

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6224e40a37300a41ee26e7e3a616b866d6178a94
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to