Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
790e8690 by security tracker role at 2025-09-01T20:12:07+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,79 @@
+CVE-2025-9810 (TOCTOU in linenoiseHistorySavein linenoiseallows local
attackers to ov ...)
+ TODO: check
+CVE-2025-9809 (Out-of-bounds write in cdfs_open_cue_track in libretro
libretro-common ...)
+ TODO: check
+CVE-2025-9793 (A vulnerability was detected in itsourcecode Apartment
Management Syst ...)
+ TODO: check
+CVE-2025-9792 (A security vulnerability has been detected in itsourcecode
Apartment M ...)
+ TODO: check
+CVE-2025-9791 (A weakness has been identified in Tenda AC20 16.03.08.05. This
vulnera ...)
+ TODO: check
+CVE-2025-9790 (A security flaw has been discovered in SourceCodester Hotel
Reservatio ...)
+ TODO: check
+CVE-2025-9789 (A vulnerability was identified in SourceCodester Online Hotel
Reservat ...)
+ TODO: check
+CVE-2025-9788 (A vulnerability was determined in SourceCodester/Campcodes
School Log ...)
+ TODO: check
+CVE-2025-9786 (A vulnerability was found in Campcodes Online Learning
Management Syst ...)
+ TODO: check
+CVE-2025-9783 (A vulnerability was determined in TOTOLINK A702R
4.0.0-B20211108.1423. ...)
+ TODO: check
+CVE-2025-9782 (A vulnerability was found in TOTOLINK A702R
4.0.0-B20211108.1423. This ...)
+ TODO: check
+CVE-2025-9781 (A vulnerability has been found in TOTOLINK A702R
4.0.0-B20211108.1423. ...)
+ TODO: check
+CVE-2025-9780 (A flaw has been found in TOTOLINK A702R 4.0.0-B20211108.1423.
Affected ...)
+ TODO: check
+CVE-2025-9779 (A vulnerability was detected in TOTOLINK A702R
4.0.0-B20211108.1423. A ...)
+ TODO: check
+CVE-2025-9778 (A security vulnerability has been detected in Tenda W12 up to
3.0.0.6( ...)
+ TODO: check
+CVE-2025-9775 (A vulnerability was found in RemoteClinic up to 2.0. Impacted
is an un ...)
+ TODO: check
+CVE-2025-9774 (A vulnerability has been found in RemoteClinic up to 2.0. This
issue a ...)
+ TODO: check
+CVE-2025-9773 (A flaw has been found in RemoteClinic up to 2.0. This
vulnerability af ...)
+ TODO: check
+CVE-2025-9772 (A vulnerability was detected in RemoteClinic up to 2.0. This
affects a ...)
+ TODO: check
+CVE-2025-9771 (A security vulnerability has been detected in SourceCodester
Eye Clini ...)
+ TODO: check
+CVE-2025-9770 (A weakness has been identified in Campcodes Hospital Management
System ...)
+ TODO: check
+CVE-2025-9769 (A security flaw has been discovered in D-Link DI-7400G+
19.12.25A1. Af ...)
+ TODO: check
+CVE-2025-9375 (XML Injection vulnerability in xmltodict allows Input Data
Manipulatio ...)
+ TODO: check
+CVE-2025-57799 (StreamVault is a multi-platform video parsing and downloading
tool. Pr ...)
+ TODO: check
+CVE-2025-55007 (Knowage is an open source analytics and business intelligence
suite. P ...)
+ TODO: check
+CVE-2025-3586 (In Liferay Portal 7.4.3.27 through 7.4.3.42, and Liferay DXP
2024.Q1.1 ...)
+ TODO: check
+CVE-2025-36133 (IBM App Connect Enterprise Certified Container CD: 9.2.0
through 11.6. ...)
+ TODO: check
+CVE-2025-33102 (IBM Concert Software 1.0.0 through 1.1.0 uses weaker than
expected cry ...)
+ TODO: check
+CVE-2025-33099 (IBM Concert Software 1.0.0 through 1.1.0 could allow a remote
attacker ...)
+ TODO: check
+CVE-2025-33084 (IBM Concert Software 1.0.0 through 1.1.0 could allow a remote
attacker ...)
+ TODO: check
+CVE-2025-33083 (IBM Concert Software 1.0.0 through 1.1.0 is vulnerable to
cross-site s ...)
+ TODO: check
+CVE-2025-33082 (IBM Concert Software 1.0.0 through 1.1.0 is vulnerable to
cross-site s ...)
+ TODO: check
+CVE-2025-2412 (Improper Restriction of Excessive Authentication Attempts
vulnerabilit ...)
+ TODO: check
+CVE-2025-0656 (IBM Concert Software 1.0.0 through 1.1.0 is vulnerable to
cross-site s ...)
+ TODO: check
+CVE-2025-0610 (Cross-Site Request Forgery (CSRF) vulnerability in
Ak\u0131nsoft QR Me ...)
+ TODO: check
+CVE-2024-12925 (Improper Validation of Certificate with Host Mismatch
vulnerability in ...)
+ TODO: check
+CVE-2024-12924 (URL Redirection to Untrusted Site ('Open Redirect')
vulnerability in A ...)
+ TODO: check
+CVE-2024-12914 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
+ TODO: check
CVE-2025-9768 (A vulnerability was identified in itsourcecode Sports
Management Syste ...)
NOT-FOR-US: itsourcecode System
CVE-2025-9767 (A vulnerability was determined in itsourcecode Sports
Management Syste ...)
@@ -9185,6 +9261,7 @@ CVE-2025-54575 (ImageSharp is a 2D graphics library. In
versions below 2.1.11 an
CVE-2025-54573 (CVAT is an open source interactive video and image annotation
tool for ...)
NOT-FOR-US: Computer Vision Annotation Tool (CVAT)
CVE-2025-54572 (The Ruby SAML library is for implementing the client side of a
SAML au ...)
+ {DLA-4288-1}
- ruby-saml <removed>
NOTE:
https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-rrqh-93c8-j966
NOTE: https://github.com/SAML-Toolkits/ruby-saml/pull/770
@@ -33193,7 +33270,7 @@ CVE-2025-28056 (rebuild v3.9.0 through v3.9.3 has a SQL
injection vulnerability
NOT-FOR-US: rebuild
CVE-2025-28055 (upset-gal-web v7.1.0 /api/music/v1/cover.ts contains an
arbitrary file ...)
NOT-FOR-US: upset-gal-web
-CVE-2025-27696 (Improper Authorization vulnerability in Apache Superset allows
ownersh ...)
+CVE-2025-27696 (Incorrect Authorization vulnerability in Apache Superset
allows owners ...)
NOT-FOR-US: Apache Superset
CVE-2025-27488 (Use of hard-coded credentials in Windows Hardware Lab Kit
allows an au ...)
NOT-FOR-US: Microsoft
@@ -118216,13 +118293,13 @@ CVE-2024-7223 (A vulnerability has been found in
SourceCodester Lot Reservation
NOT-FOR-US: SourceCodester
CVE-2024-7222 (A vulnerability, which was classified as critical, was found in
Source ...)
NOT-FOR-US: SourceCodester
-CVE-2024-7221 (A vulnerability, which was classified as critical, has been
found in S ...)
+CVE-2024-7221 (A vulnerability was determined in SourceCodester/Campcodes
School Log ...)
NOT-FOR-US: SourceCodester
-CVE-2024-7220 (A vulnerability classified as critical was found in
SourceCodester Sch ...)
+CVE-2024-7220 (A vulnerability was found in SourceCodester/Campcodes School
Log Manag ...)
NOT-FOR-US: SourceCodester
-CVE-2024-7219 (A vulnerability classified as critical has been found in
SourceCodeste ...)
+CVE-2024-7219 (A vulnerability has been found in SourceCodester/Campcodes
School Log ...)
NOT-FOR-US: SourceCodester
-CVE-2024-7218 (A vulnerability was found in SourceCodester School Log
Management Syst ...)
+CVE-2024-7218 (A flaw has been found in SourceCodester/Campcodes School Log
Managemen ...)
NOT-FOR-US: SourceCodester
CVE-2024-7217 (A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It
has been ...)
NOT-FOR-US: TOTOLINK
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/790e869004c992165791461f04f263d0d4f30d18
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/790e869004c992165791461f04f263d0d4f30d18
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
