Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6548ecac by security tracker role at 2025-08-14T08:12:07+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,107 @@
+CVE-2025-8950 (A vulnerability was identified in Campcodes Online Recruitment
Managem ...)
+ TODO: check
+CVE-2025-8949 (A vulnerability was identified in D-Link DIR-825 2.10. Affected
by thi ...)
+ TODO: check
+CVE-2025-8948 (A vulnerability was determined in projectworlds Visitor
Management Sys ...)
+ TODO: check
+CVE-2025-8947 (A vulnerability was found in projectworlds Visitor Management
System 1 ...)
+ TODO: check
+CVE-2025-8946 (A vulnerability has been found in projectworlds Online Notes
Sharing P ...)
+ TODO: check
+CVE-2025-8940 (A vulnerability was identified in Tenda AC20 up to 16.03.08.12.
Affect ...)
+ TODO: check
+CVE-2025-8939 (A vulnerability was determined in Tenda AC20 up to 16.03.08.12.
Affect ...)
+ TODO: check
+CVE-2025-8938 (A vulnerability was found in TOTOLINK N350R 1.2.3-B20130826.
This issu ...)
+ TODO: check
+CVE-2025-8937 (A vulnerability has been found in TOTOLINK N350R
1.2.3-B20130826. This ...)
+ TODO: check
+CVE-2025-8936 (A vulnerability was determined in 1000 Projects Sales
Management Syste ...)
+ TODO: check
+CVE-2025-8935 (A vulnerability was found in 1000 Projects Sales Management
System 1.0 ...)
+ TODO: check
+CVE-2025-8934 (A vulnerability has been found in 1000 Projects Sales
Management Syste ...)
+ TODO: check
+CVE-2025-8933 (A vulnerability was identified in 1000 Projects Sales
Management Syste ...)
+ TODO: check
+CVE-2025-8932 (A vulnerability was determined in 1000 Projects Sales
Management Syste ...)
+ TODO: check
+CVE-2025-8931 (A vulnerability was determined in code-projects Medical Store
Manageme ...)
+ TODO: check
+CVE-2025-8930 (A vulnerability was found in code-projects Medical Store
Management Sy ...)
+ TODO: check
+CVE-2025-8929 (A vulnerability has been found in code-projects Medical Store
Manageme ...)
+ TODO: check
+CVE-2025-8928 (A vulnerability was identified in code-projects Medical Store
Manageme ...)
+ TODO: check
+CVE-2025-8046 (The Injection Guard WordPress plugin before 1.2.8 does not
escape the ...)
+ TODO: check
+CVE-2025-7808 (The WP Shopify WordPress plugin before 1.5.4 does not sanitise
and esc ...)
+ TODO: check
+CVE-2025-6790 (The Quiz and Survey Master (QSM) WordPress plugin before
10.2.3 does ...)
+ TODO: check
+CVE-2025-5942 (Netskope was notified about a potential gap in its agent (NS
Client) o ...)
+ TODO: check
+CVE-2025-5941 (Netskope is notified about a potential gap in its agent (NS
Client) in ...)
+ TODO: check
+CVE-2025-55199 (Helm is a package manager for Charts for Kubernetes. Prior to
version ...)
+ TODO: check
+CVE-2025-55198 (Helm is a package manager for Charts for Kubernetes. Prior to
version ...)
+ TODO: check
+CVE-2025-55197 (pypdf is a free and open-source pure-python PDF library. Prior
to vers ...)
+ TODO: check
+CVE-2025-55196 (External Secrets Operator is a Kubernetes operator that
integrates ext ...)
+ TODO: check
+CVE-2025-55194 (Part-DB is an open source inventory management system for
electronic c ...)
+ TODO: check
+CVE-2025-55193 (Active Record connects classes to relational database tables.
Prior to ...)
+ TODO: check
+CVE-2025-3414 (The Structured Content (JSON-LD) #wpsc WordPress plugin before
1.7.0 d ...)
+ TODO: check
+CVE-2025-34154 (UnForm Server Manager versions prior to 10.1.12 expose an
unauthentica ...)
+ TODO: check
+CVE-2025-27388 (Loading arbitrary external URLs through WebView components
introduces ...)
+ TODO: check
+CVE-2025-0309 (An insufficient validation on the server connection endpoint in
Netsko ...)
+ TODO: check
+CVE-2024-7402 (Netskope has identified a potential gap in its agent (Netskope
Client) ...)
+ TODO: check
+CVE-2012-10060 (Sysax Multi Server versions prior to 5.55 contains a
stack-based buffe ...)
+ TODO: check
+CVE-2012-10059 (Dolibarr ERP/CRM versions <= 3.1.1 and <= 3.2.0 contain a
post-authent ...)
+ TODO: check
+CVE-2012-10058 (RabidHamster R4 v1.25 contains astack-based buffer overflow
vulnerabil ...)
+ TODO: check
+CVE-2012-10057 (Lattice Semiconductor ispVM System v18.0.2 contains a buffer
overflow ...)
+ TODO: check
+CVE-2012-10056 (PHP Volunteer Management System v1.0.2 contains an arbitrary
file uplo ...)
+ TODO: check
+CVE-2012-10055 (ComSndFTP FTP Server version 1.3.7 Beta contains a format
string vulne ...)
+ TODO: check
+CVE-2012-10054 (Umbraco CMS versions prior to 4.7.1 are vulnerable to
unauthenticated ...)
+ TODO: check
+CVE-2011-10019 (Spreecommerce versions prior to 0.60.2 contains a remote
command execu ...)
+ TODO: check
+CVE-2011-10018 (myBB version 1.6.4 was distributed with an unauthorized
backdoor embed ...)
+ TODO: check
+CVE-2011-10017 (Snort Report versions < 1.3.2 contains a remote command
execution vuln ...)
+ TODO: check
+CVE-2011-10016 (Real Networks Netzip Classic version 7.5.1.86 is vulnerable to
a stack ...)
+ TODO: check
+CVE-2011-10015 (Cytel Studio version 9.0 and earlier is vulnerable to a
stack-based bu ...)
+ TODO: check
+CVE-2011-10014 (GTA San Andreas Multiplayer (SA-MP) server version 0.3.1.1 is
vulnerab ...)
+ TODO: check
+CVE-2011-10013 (Traq versions 2.0 through 2.3 contain a remote code execution
vulnerab ...)
+ TODO: check
+CVE-2011-10012 (NetOp (now part of Impero Software) Remote Control Client v9.5
is vuln ...)
+ TODO: check
+CVE-2011-10011 (WeBid 1.0.2 contains a remote code injection vulnerability in
the conv ...)
+ TODO: check
+CVE-2011-10010 (QuickShare File Server 1.2.1 contains a path traversal
vulnerability i ...)
+ TODO: check
+CVE-2011-10009 (S40 CMS v0.4.2 contains a path traversal vulnerability in its
index.ph ...)
+ TODO: check
CVE-2025-8941 (A flaw was found in linux-pam. The pam_namespace module may
improperly ...)
- pam <undetermined>
TODO: check if RedHat specific incomplete fix for CVE-2025-6020
@@ -394,18 +498,23 @@ CVE-2025-8860
NOTE: Introduced with:
https://gitlab.com/qemu-project/qemu/-/commit/90ca4e03c27dc8ac821a2e1686e705ae9a93d301
(v10.0.0-rc0)
NOTE: Fixed by:
https://gitlab.com/qemu-project/qemu/-/commit/f757d9d90d19b914d4023663bfc4da73bbbf007e
CVE-2025-8882 (Use after free in Aura in Google Chrome prior to 139.0.7258.127
allowe ...)
+ {DSA-5976-1}
- chromium 139.0.7258.127-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-8881 (Inappropriate implementation in File Picker in Google Chrome
prior to ...)
+ {DSA-5976-1}
- chromium 139.0.7258.127-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-8901 (Out of bounds write in ANGLE in Google Chrome prior to
139.0.7258.127 ...)
+ {DSA-5976-1}
- chromium 139.0.7258.127-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-8880 (Race in V8 in Google Chrome prior to 139.0.7258.127 allowed a
remote a ...)
+ {DSA-5976-1}
- chromium 139.0.7258.127-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-8879 (Heap buffer overflow in libaom in Google Chrome prior to
139.0.7258.12 ...)
+ {DSA-5976-1}
- chromium 139.0.7258.127-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-8885 (Allocation of Resources Without Limits or Throttling
vulnerability in ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6548ecacd239ef2f2e3b21a38a717fa09ea190ea
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6548ecacd239ef2f2e3b21a38a717fa09ea190ea
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
