Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
036ed05b by security tracker role at 2025-08-15T20:12:13+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,107 @@
+CVE-2025-9060 (A vulnerability has been found in the MSoft MFlash
application that ...)
+ TODO: check
+CVE-2025-9053 (A vulnerability has been found in projectworlds Travel
Management Syst ...)
+ TODO: check
+CVE-2025-9052 (A vulnerability was identified in projectworlds Travel
Management Syst ...)
+ TODO: check
+CVE-2025-9051 (A vulnerability was determined in projectworlds Travel
Management Syst ...)
+ TODO: check
+CVE-2025-9050 (A vulnerability was found in projectworlds Travel Management
System 1. ...)
+ TODO: check
+CVE-2025-9047 (A vulnerability has been found in projectworlds Visitor
Management Sys ...)
+ TODO: check
+CVE-2025-9046 (A vulnerability was identified in Tenda AC20 16.03.08.12. This
issue a ...)
+ TODO: check
+CVE-2025-9028 (A vulnerability was found in code-projects Online Medicine
Guide 1.0. ...)
+ TODO: check
+CVE-2025-9027 (A vulnerability has been found in code-projects Online Medicine
Guide ...)
+ TODO: check
+CVE-2025-9026 (A vulnerability was identified in D-Link DIR-860L 2.04.B04.
This affec ...)
+ TODO: check
+CVE-2025-9025 (A vulnerability was determined in code-projects Simple Cafe
Ordering S ...)
+ TODO: check
+CVE-2025-9024 (A vulnerability was found in PHPGurukul Beauty Parlour
Management Syst ...)
+ TODO: check
+CVE-2025-9023 (A vulnerability has been found in Tenda AC7 and AC18
15.03.05.19/15.03 ...)
+ TODO: check
+CVE-2025-8996 (Missing Authorization vulnerability in Drupal Layout Builder
Advanced ...)
+ TODO: check
+CVE-2025-8995 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
+ TODO: check
+CVE-2025-8905 (The Inpersttion For Theme plugin for WordPress is vulnerable to
Remote ...)
+ TODO: check
+CVE-2025-8720 (The Plugin README Parser plugin for WordPress is vulnerable to
Stored ...)
+ TODO: check
+CVE-2025-8675 (Server-Side Request Forgery (SSRF) vulnerability in Drupal AI
SEO Link ...)
+ TODO: check
+CVE-2025-8362 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-8361 (Missing Authorization vulnerability in Drupal Config Pages
allows Forc ...)
+ TODO: check
+CVE-2025-8092 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-8091 (The EventON Lite plugin for WordPress is vulnerable to
Information Exp ...)
+ TODO: check
+CVE-2025-8080 (The Alobaidi Captcha plugin for WordPress is vulnerable to
Stored Cros ...)
+ TODO: check
+CVE-2025-8066 (URL Redirection to Untrusted Site ('Open Redirect')
vulnerability in B ...)
+ TODO: check
+CVE-2025-7961 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
+ TODO: check
+CVE-2025-7778 (The Icons Factory plugin for WordPress is vulnerable to
Arbitrary File ...)
+ TODO: check
+CVE-2025-7688 (The Add User Meta plugin for WordPress is vulnerable to
Cross-Site Req ...)
+ TODO: check
+CVE-2025-7662 (The Gestion de tarifs plugin for WordPress is vulnerable to SQL
Inject ...)
+ TODO: check
+CVE-2025-7650 (The BizCalendar Web plugin for WordPress is vulnerable to Local
File I ...)
+ TODO: check
+CVE-2025-7641 (The Assistant for NextGEN Gallery plugin for WordPress is
vulnerable t ...)
+ TODO: check
+CVE-2025-7507 (The elink \u2013 Embed Content plugin for WordPress is
vulnerable to M ...)
+ TODO: check
+CVE-2025-5844 (The Radius Blocks plugin for WordPress is vulnerable to Stored
Cross-S ...)
+ TODO: check
+CVE-2025-5048 (A maliciously crafted DGN file, when linked or imported into
Autodesk ...)
+ TODO: check
+CVE-2025-5047 (A maliciously crafted DGN file, when parsed through Autodesk
AutoCAD, ...)
+ TODO: check
+CVE-2025-5046 (A maliciously crafted DGN file, when linked or imported into
Autodesk ...)
+ TODO: check
+CVE-2025-55285 (@backstage/plugin-scaffolder-backend is the backend for the
default Ba ...)
+ TODO: check
+CVE-2025-55207 (Astro is a web framework for content-driven websites.
Following CVE-20 ...)
+ TODO: check
+CVE-2025-55203 (Plane is open-source project management software. Prior to
version 0.2 ...)
+ TODO: check
+CVE-2025-54989 (Firebird is a relational database. Prior to versions 3.0.13,
4.0.6, an ...)
+ TODO: check
+CVE-2025-54475 (A SQL injection vulnerability in the JS Jobs plugin versions
1.3.2-1.4 ...)
+ TODO: check
+CVE-2025-54474 (A SQLi vulnerability in DJ-Classifieds component 3.9.2-3.10.1
for Joom ...)
+ TODO: check
+CVE-2025-54473 (An authenticated RCE vulnerability in Phoca Commander
component 1.0.0- ...)
+ TODO: check
+CVE-2025-54466 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
+ TODO: check
+CVE-2025-49898 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-49897 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2025-49432 (Missing Authorization vulnerability in FWDesign Ultimate Video
Player ...)
+ TODO: check
+CVE-2025-43490 (A potential security vulnerability has been identified in the
HPAudioA ...)
+ TODO: check
+CVE-2025-36088 (IBM TS4500 1.11.0.0-D00, 1.11.0.1-C00, 1.11.0.2-C00, and
1.10.00-F00 w ...)
+ TODO: check
+CVE-2025-26709 (There is an unauthorized access vulnerability in ZTE F50. Due
to impro ...)
+ TODO: check
+CVE-2025-24975 (Firebird is a relational database. Prior to snapshot versions
4.0.6.31 ...)
+ TODO: check
+CVE-2025-1929 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2024-12573
+ REJECTED
CVE-2025-9022 (A vulnerability was identified in SourceCodester Online Bank
Managemen ...)
NOT-FOR-US: SourceCodester
CVE-2025-9021 (A vulnerability was determined in SourceCodester Online Bank
Managemen ...)
@@ -640,8 +744,8 @@ CVE-2024-53945 (The KuWFi 4G AC900 LTE router 1.0.13 is
vulnerable to command in
NOT-FOR-US: KuWFi router
CVE-2024-37945 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2023-5342
- REJECTED
+CVE-2023-5342 (The Fedora Secure Boot CA certificate shipped with shim in
Fedora was ...)
+ TODO: check
CVE-2023-43694 (An issue was discovered in Malwarebytes 4.6.14.326 and before
and 5.1. ...)
NOT-FOR-US: Malwarebytes
CVE-2023-43692 (An issue was discovered in Malwarebytes before 4.6.14.326 and
before 5 ...)
@@ -2105,19 +2209,19 @@ CVE-2025-8807 (A vulnerability was found in xujeff
tianti \u5929\u68af up to 2.3
NOT-FOR-US: xujeff tianti
CVE-2025-8806 (A vulnerability was found in zhilink
\u667a\u4e92\u8054(\u6df1\u5733)\ ...)
NOT-FOR-US: zhilink
-CVE-2025-8805 (A vulnerability was found in Open5GS up to 2.7.5 and classified
as pro ...)
+CVE-2025-8805 (A vulnerability was determined in Open5GS up to 2.7.5. Affected
by thi ...)
- open5gs <itp> (bug #1094791)
-CVE-2025-8804 (A vulnerability has been found in Open5GS up to 2.7.5 and
classified a ...)
+CVE-2025-8804 (A vulnerability was found in Open5GS up to 2.7.5. Affected by
this vul ...)
- open5gs <itp> (bug #1094791)
-CVE-2025-8803 (A vulnerability, which was classified as problematic, was found
in Ope ...)
+CVE-2025-8803 (A vulnerability has been found in Open5GS up to 2.7.5. Affected
is the ...)
- open5gs <itp> (bug #1094791)
-CVE-2025-8802 (A vulnerability classified as problematic was found in Open5GS
up to 2 ...)
+CVE-2025-8802 (A vulnerability was determined in Open5GS up to 2.7.5. This
vulnerabil ...)
- open5gs <itp> (bug #1094791)
-CVE-2025-8801 (A vulnerability classified as problematic has been found in
Open5GS up ...)
+CVE-2025-8801 (A vulnerability was found in Open5GS up to 2.7.5. This affects
the fun ...)
- open5gs <itp> (bug #1094791)
-CVE-2025-8800 (A vulnerability was found in Open5GS up to 2.7.5. It has been
rated as ...)
+CVE-2025-8800 (A vulnerability has been found in Open5GS up to 2.7.5. Affected
by thi ...)
- open5gs <itp> (bug #1094791)
-CVE-2025-8799 (A vulnerability was found in Open5GS up to 2.7.5. It has been
declared ...)
+CVE-2025-8799 (A vulnerability was identified in Open5GS up to 2.7.5. Affected
by thi ...)
- open5gs <itp> (bug #1094791)
CVE-2025-8798 (A vulnerability was found in oitcode samarium up to 0.9.6. It
has been ...)
NOT-FOR-US: Oitcode Samarium
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/036ed05b082ca41d8d39be0ac7c01f75c7a008a8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/036ed05b082ca41d8d39be0ac7c01f75c7a008a8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
