Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8bea8aee by security tracker role at 2025-09-22T08:12:15+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,65 @@
+CVE-2025-9541 (The Markup Markdown WordPress plugin before 3.20.10 allows
links to co ...)
+ TODO: check
+CVE-2025-9540 (The Markup Markdown WordPress plugin before 3.20.10 allows
links to co ...)
+ TODO: check
+CVE-2025-9487 (The Admin and Site Enhancements (ASE) WordPress plugin before
7.9.8 do ...)
+ TODO: check
+CVE-2025-9115 (The Etsy Shop WordPress plugin before 3.0.7 does not escape the
$_SERV ...)
+ TODO: check
+CVE-2025-5962 (A flaw was found in the Lightspeed history service.
Insufficient acces ...)
+ TODO: check
+CVE-2025-59801 (In Artifex GhostXPS before 10.06.0, there is a stack-based
buffer over ...)
+ TODO: check
+CVE-2025-59800 (In Artifex Ghostscript through 10.05.1, ocr_begin_page in
devices/gdev ...)
+ TODO: check
+CVE-2025-59799 (Artifex Ghostscript through 10.05.1 has a stack-based buffer
overflow ...)
+ TODO: check
+CVE-2025-59798 (Artifex Ghostscript through 10.05.1 has a stack-based buffer
overflow ...)
+ TODO: check
+CVE-2025-10789 (A vulnerability was identified in SourceCodester Online Hotel
Reservat ...)
+ TODO: check
+CVE-2025-10788 (A vulnerability was determined in SourceCodester Online Hotel
Reservat ...)
+ TODO: check
+CVE-2025-10787 (A vulnerability was found in MuYuCMS up to 2.7. Impacted is an
unknown ...)
+ TODO: check
+CVE-2025-10786 (A flaw has been found in Campcodes Grocery Sales and Inventory
System ...)
+ TODO: check
+CVE-2025-10785 (A vulnerability was detected in Campcodes Grocery Sales and
Inventory ...)
+ TODO: check
+CVE-2025-10784 (A security vulnerability has been detected in Campcodes Online
Learnin ...)
+ TODO: check
+CVE-2025-10783 (A weakness has been identified in Campcodes Online Learning
Management ...)
+ TODO: check
+CVE-2025-10782 (A security flaw has been discovered in Campcodes Online
Learning Manag ...)
+ TODO: check
+CVE-2025-10781 (A vulnerability was identified in Campcodes Online Learning
Management ...)
+ TODO: check
+CVE-2025-10780 (A vulnerability was determined in CodeAstro Simple Pharmacy
Management ...)
+ TODO: check
+CVE-2025-10779 (A vulnerability was found in D-Link DCS-935L up to 1.13.01.
The impact ...)
+ TODO: check
+CVE-2025-10778 (A vulnerability has been found in Smartstore up to 6.2.0. The
affected ...)
+ TODO: check
+CVE-2025-10777 (A flaw has been found in JSC R7 R7-Office Document Server up
to 202508 ...)
+ TODO: check
+CVE-2025-10776 (A vulnerability was detected in LionCoders SalePro POS up to
5.5.0. Th ...)
+ TODO: check
+CVE-2025-10775 (A security vulnerability has been detected in Wavlink
WL-NU516U1 24042 ...)
+ TODO: check
+CVE-2025-10774 (A weakness has been identified in Ruijie 6000-E10 up to
2.4.3.6-201711 ...)
+ TODO: check
+CVE-2025-10773 (A security flaw has been discovered in B-Link BL-AC2100 up to
1.0.3. A ...)
+ TODO: check
+CVE-2025-10772 (A vulnerability was identified in huggingface LeRobot up to
0.3.3. Aff ...)
+ TODO: check
+CVE-2025-10771 (A vulnerability was determined in jeecgboot JimuReport up to
2.1.2. Af ...)
+ TODO: check
+CVE-2025-10770 (A vulnerability was found in jeecgboot JimuReport up to 2.1.2.
This im ...)
+ TODO: check
+CVE-2025-10767 (A vulnerability was detected in CosmodiumCS OnlyRAT up to 3.2.
The aff ...)
+ TODO: check
+CVE-2025-0875 (Authorization Bypass Through User-Controlled Key vulnerability
in PROL ...)
+ TODO: check
CVE-2025-XXXX [RUSTSEC-2025-0071]
- rust-ammonia <unfixed>
NOTE: https://rustsec.org/advisories/RUSTSEC-2025-0071.html
@@ -215948,7 +216010,7 @@ CVE-2023-37287 (SmartBPM.NET has a vulnerability of
using hard-coded authenticat
NOT-FOR-US: SmartBPM.NET
CVE-2023-37286 (SmartSoft SmartBPM.NET has a vulnerability of using hard-coded
machine ...)
NOT-FOR-US: SmartBPM.NET
-CVE-2021-4406 (An administrator is able to execute commands as root via the
alerts ma ...)
+CVE-2021-4406 (An authenticated attacker is able to create alerts that trigger
a stor ...)
NOT-FOR-US: QuantaStor
CVE-2023-3045 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: Tise Technology Parking Web Report
@@ -348003,7 +348065,7 @@ CVE-2021-3869 (corenlp is vulnerable to Improper
Restriction of XML External Ent
NOT-FOR-US: CoreNLP
CVE-2021-42083 (An authenticated attacker is able to create alerts that
trigger a stor ...)
NOT-FOR-US: QuantaStor
-CVE-2021-42082 (Local users are able to execute scripts under root privileges.)
+CVE-2021-42082 (Local users are able to execute scripts under root privileges.
POC O ...)
NOT-FOR-US: QuantaStor
CVE-2021-42081 (An authenticated administrator is allowed to remotely execute
arbitrar ...)
NOT-FOR-US: QuantaStor
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8bea8aee6b8ebdd37e534880853ad56734cc1ddf
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8bea8aee6b8ebdd37e534880853ad56734cc1ddf
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
