[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Sat, 27 Sep 2025 13:48:34 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
12e668bb by security tracker role at 2025-09-27T20:12:47+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,47 @@
+CVE-2025-8014 (Denial of Service issue in GraphQL endpoints in Gitlab EE/CE 
affecting ...)
+       TODO: check
+CVE-2025-7647 (The llama-index-core package, up to version 0.12.44, contains a 
vulner ...)
+       TODO: check
+CVE-2025-11077 (A vulnerability was determined in Campcodes Online Learning 
Management ...)
+       TODO: check
+CVE-2025-11076 (A vulnerability was found in Campcodes Online Learning 
Management Syst ...)
+       TODO: check
+CVE-2025-11075 (A vulnerability has been found in Campcodes Online Learning 
Management ...)
+       TODO: check
+CVE-2025-11074 (A flaw has been found in code-projects Project Monitoring 
System 1.0.  ...)
+       TODO: check
+CVE-2025-11073 (A vulnerability was detected in Keyfactor RG-EW5100BE 
EW_3.0B11P280_EW ...)
+       TODO: check
+CVE-2025-11071 (A security vulnerability has been detected in SeaCMS 
13.3.20250820. Im ...)
+       TODO: check
+CVE-2025-11070 (A vulnerability was identified in Projectworlds Online 
Shopping System ...)
+       TODO: check
+CVE-2025-11069 (A vulnerability was determined in westboy CicadasCMS 1.0. 
Affected by  ...)
+       TODO: check
+CVE-2025-11068 (A vulnerability was found in westboy CicadasCMS 1.0. Affected 
by this  ...)
+       TODO: check
+CVE-2025-11067 (A vulnerability has been found in Projectworlds Visitor 
Management Sys ...)
+       TODO: check
+CVE-2025-11066 (A flaw has been found in code-projects Online Bidding System 
1.0. This ...)
+       TODO: check
+CVE-2025-11064 (A security flaw has been discovered in Campcodes Online 
Learning Manag ...)
+       TODO: check
+CVE-2025-11063 (A vulnerability was identified in Campcodes Online Learning 
Management ...)
+       TODO: check
+CVE-2025-11062 (A vulnerability was determined in Campcodes Online Learning 
Management ...)
+       TODO: check
+CVE-2025-11061 (A vulnerability was found in Campcodes Online Learning 
Management Syst ...)
+       TODO: check
+CVE-2025-11057 (A vulnerability has been found in SourceCodester Pet Grooming 
Manageme ...)
+       TODO: check
+CVE-2025-11056 (A flaw has been found in ProjectsAndPrograms School Management 
System  ...)
+       TODO: check
+CVE-2025-11055 (A vulnerability was detected in SourceCodester Online Hotel 
Reservatio ...)
+       TODO: check
+CVE-2025-11054 (A security vulnerability has been detected in itsourcecode 
Open Source ...)
+       TODO: check
+CVE-2025-11053 (A weakness has been identified in PHPGurukul Small CRM 4.0. 
This affec ...)
+       TODO: check
 CVE-2025-9944 (The Professional Contact Form plugin for WordPress is 
vulnerable to Cr ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-9899 (The Trust Reviews plugin for Google, Tripadvisor, Yelp, Airbnb 
and oth ...)
@@ -19527,7 +19571,7 @@ CVE-2025-54593 (FreshRSS is a free, self-hostable RSS 
aggregator. In versions 1.
 CVE-2025-54590 (webfinger.js is a TypeScript-based WebFinger client that runs 
in both  ...)
        NOT-FOR-US: webfinger.js (not the same as src:node-webfinger)
 CVE-2025-54574 (Squid is a caching proxy for the Web. In versions 6.3 and 
below, Squid ...)
-       {DSA-5982-1}
+       {DSA-5982-1 DLA-4312-1}
        - squid 6.5-1
        NOTE: 
https://github.com/squid-cache/squid/security/advisories/GHSA-w4gv-vw3f-29g3
        NOTE: 
https://github.com/squid-cache/squid/commit/a27bf4b84da23594150c7a86a23435df0b35b988
 (SQUID_6_4)
@@ -202477,6 +202521,7 @@ CVE-2021-46898 (views/switch.py in django-grappelli 
(aka Django Grappelli) befor
 CVE-2021-46897 (views.py in Wagtail CRX CodeRed Extensions (formerly CodeRed 
CMS or co ...)
        NOT-FOR-US: Wagtail CRX CodeRed Extensions
 CVE-2023-46728 (Squid is a caching proxy for the Web supporting HTTP, HTTPS, 
FTP, and  ...)
+       {DLA-4312-1}
        - squid 6.1-1
        [bookworm] - squid <ignored> (unsupported, Gopher support has been 
removed upstream)
        [buster] - squid <ignored> (unsupported, Gopher support has been 
removed upstream)
@@ -202506,7 +202551,7 @@ CVE-2023-46847 (Squid is vulnerable to a Denial of 
Service,  where a remote atta
        NOTE: 
https://github.com/squid-cache/squid/commit/052cf082b0faaef4eaaa4e94119d7a1437aac4a3
        NOTE: 
https://megamansec.github.io/Squid-Security-Audit/digest-overflow.html
 CVE-2023-5824 (A flaw was found in Squid. The limits applied for validation of 
HTTP r ...)
-       {DSA-5982-1}
+       {DSA-5982-1 DLA-4312-1}
        - squid 6.5-1 (bug #1055249)
        - squid3 <removed>
        NOTE: 
https://github.com/squid-cache/squid/security/advisories/GHSA-543m-w2m2-g255



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/12e668bb09d85f2c2e45b12410fe51169deeef86

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/12e668bb09d85f2c2e45b12410fe51169deeef86
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to