[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Thu, 07 Aug 2025 13:12:40 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
49ec4109 by security tracker role at 2025-08-07T20:12:11+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,4 +1,112 @@
-CVE-2025-47907
+CVE-2025-8697 (A vulnerability was found in agentUniverse up to 0.0.18 and 
classified ...)
+       TODO: check
+CVE-2025-8533 (A vulnerability was identified in the XPC services of 
Fantastical. The ...)
+       TODO: check
+CVE-2025-7195 (Early versions of Operator-SDK provided an insecure method to 
allow op ...)
+       TODO: check
+CVE-2025-7054 (Cloudflare quiche was discovered to be vulnerable to an 
infinite loop  ...)
+       TODO: check
+CVE-2025-55138 (LinkJoin through 882f196 mishandles token ownership in 
password reset.)
+       TODO: check
+CVE-2025-55137 (LinkJoin through 882f196 mishandles lacks type checking in 
password re ...)
+       TODO: check
+CVE-2025-55136 (ERC (aka Emotion Recognition in Conversation) through 0.3 has 
insecure ...)
+       TODO: check
+CVE-2025-55135 (In Agora Foundation Agora fall23-Alpha1 before 690ce56, there 
is XSS v ...)
+       TODO: check
+CVE-2025-55134 (In Agora Foundation Agora fall23-Alpha1 before b087490, there 
is XSS v ...)
+       TODO: check
+CVE-2025-55133 (In Agora Foundation Agora fall23-Alpha1 before b087490, there 
is XSS v ...)
+       TODO: check
+CVE-2025-55077 (Tyler Technologies ERP Pro 9 SaaS allows an authenticated user 
to esca ...)
+       TODO: check
+CVE-2025-54397 (Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 
before 1 ...)
+       TODO: check
+CVE-2025-54396 (Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 
before 1 ...)
+       TODO: check
+CVE-2025-54395 (Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 
before 1 ...)
+       TODO: check
+CVE-2025-54394 (Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 
before 1 ...)
+       TODO: check
+CVE-2025-54393 (Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 
before 1 ...)
+       TODO: check
+CVE-2025-54392 (Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 
before 1 ...)
+       TODO: check
+CVE-2025-51629 (A cross-site scripting (XSS) vulnerability in the PdfViewer 
component  ...)
+       TODO: check
+CVE-2025-51533 (An Insecure Direct Object Reference (IDOR) in Sage DPW 
v2024_12_004 an ...)
+       TODO: check
+CVE-2025-50952 (openjpeg v 2.5.0 was discovered to contain a NULL pointer 
dereference  ...)
+       TODO: check
+CVE-2025-50692 (FoxCMS <=v1.2.5 is vulnerable to Code Execution in 
admin/template_file ...)
+       TODO: check
+CVE-2025-50675 (GPMAW 14, a bioinformatics software, has a critical 
vulnerability rela ...)
+       TODO: check
+CVE-2025-47808 (In GStreamer through 1.26.1, the subparse plugin's 
tmplayer_parse_line ...)
+       TODO: check
+CVE-2025-47807 (In GStreamer through 1.26.1, the subparse plugin's 
subrip_unescape_for ...)
+       TODO: check
+CVE-2025-47806 (In GStreamer through 1.26.1, the subparse plugin's 
parse_subrip_time f ...)
+       TODO: check
+CVE-2025-47219 (In GStreamer through 1.26.1, the isomp4 plugin's 
qtdemux_parse_trak fu ...)
+       TODO: check
+CVE-2025-47188 (A vulnerability in the Mitel 6800 Series, 6900 Series, and 
6900w Serie ...)
+       TODO: check
+CVE-2025-47183 (In GStreamer through 1.26.1, the isomp4 plugin's 
qtdemux_parse_tree fu ...)
+       TODO: check
+CVE-2025-44779 (An issue in Ollama v0.1.33 allows attackers to delete 
arbitrary files  ...)
+       TODO: check
+CVE-2025-34152 (An unauthenticated OS command injection vulnerability exists 
in the Sh ...)
+       TODO: check
+CVE-2025-34151 (A command injection vulnerability exists in the 'passwd' 
parameter of  ...)
+       TODO: check
+CVE-2025-34150 (The PPPoE configuration interface of the Shenzhen Aitemi M300 
Wi-Fi Re ...)
+       TODO: check
+CVE-2025-34149 (A command injection vulnerability affects the Shenzhen Aitemi 
M300 Wi- ...)
+       TODO: check
+CVE-2025-34148 (An unauthenticated OS command injection vulnerability exists 
in the Sh ...)
+       TODO: check
+CVE-2025-24000 (Authentication Bypass Using an Alternate Path or Channel 
vulnerability ...)
+       TODO: check
+CVE-2024-56339 (IBM WebSphere Application Server 9.0 and WebSphere Application 
Server  ...)
+       TODO: check
+CVE-2024-55401 (An issue in 4C Strategies Exonaut before v22.4 allows 
attackers to exe ...)
+       TODO: check
+CVE-2024-52680 (EyouCMS 1.6.7 is vulnerable to Cross Site Scripting (XSS) in 
/login.ph ...)
+       TODO: check
+CVE-2024-42048 (OpenOrange Business Framework 1.15.5 provides unprivileged 
users with  ...)
+       TODO: check
+CVE-2023-41532 (Hospital Management System v4 was discovered to contain a SQL 
injectio ...)
+       TODO: check
+CVE-2023-41531 (Hospital Management System v4 was discovered to contain 
multiple SQL i ...)
+       TODO: check
+CVE-2023-41530 (Hospital Management System v4 was discovered to contain a SQL 
injectio ...)
+       TODO: check
+CVE-2023-41529 (Hospital Management System v4 was discovered to contain 
multiple cross ...)
+       TODO: check
+CVE-2023-41528 (Hospital Management System v4 was discovered to contain 
multiple SQL i ...)
+       TODO: check
+CVE-2023-41527 (Hospital Management System v4 was discovered to contain a SQL 
injectio ...)
+       TODO: check
+CVE-2023-41526 (Hospital Management System v4 was discovered to contain 
multiple SQL i ...)
+       TODO: check
+CVE-2023-41525 (Hospital Management System v4 was discovered to contain a SQL 
injectio ...)
+       TODO: check
+CVE-2023-41524 (Student Attendance Management System v1 was discovered to 
contain a SQ ...)
+       TODO: check
+CVE-2023-41523 (Student Attendance Management System v1 was discovered to 
contain a SQ ...)
+       TODO: check
+CVE-2023-41522 (Student Attendance Management System v1 was discovered to 
contain mult ...)
+       TODO: check
+CVE-2023-41521 (Student Attendance Management System v1 was discovered to 
contain mult ...)
+       TODO: check
+CVE-2023-41520 (Student Attendance Management System v1 was discovered to 
contain mult ...)
+       TODO: check
+CVE-2023-41519 (Student Attendance Management System v1 was discovered to 
contain a cr ...)
+       TODO: check
+CVE-2023-40992 (Hospital Management System 4 is vulnerable to a SQL injection 
in /Hosp ...)
+       TODO: check
+CVE-2025-47907 (Cancelling a query (e.g. by cancelling the context passed to 
one of th ...)
        - golang-1.24 <unfixed>
        - golang-1.23 <unfixed>
        - golang-1.19 <removed>



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/49ec4109c0ddbfd153bb674f1bd315fc9dde07fa

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/49ec4109c0ddbfd153bb674f1bd315fc9dde07fa
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to