[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Fri, 17 Oct 2025 18:51:07 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
8f2cde44 by security tracker role at 2025-10-04T08:12:45+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,121 @@
+CVE-2025-9952 (The Trinity Audio \u2013 Text to Speech AI audio player to 
convert con ...)
+       TODO: check
+CVE-2025-9886 (The Trinity Audio \u2013 Text to Speech AI audio player to 
convert con ...)
+       TODO: check
+CVE-2025-9485 (The OAuth Single Sign On \u2013 SSO (OAuth Client) plugin for 
WordPres ...)
+       TODO: check
+CVE-2025-9243 (The Cost Calculator Builder plugin for WordPress is vulnerable 
to unau ...)
+       TODO: check
+CVE-2025-9030 (The Majestic Before After Image plugin for WordPress is 
vulnerable to  ...)
+       TODO: check
+CVE-2025-9029 (The WDesignKit \u2013 Elementor & Gutenberg Starter Templates, 
Pattern ...)
+       TODO: check
+CVE-2025-8726 (The WP Photo Album Plus plugin for WordPress is vulnerable to 
Cross-Si ...)
+       TODO: check
+CVE-2025-61962 (In fetchmail before 6.5.6, the SMTP client can crash when 
authenticati ...)
+       TODO: check
+CVE-2025-61895
+       REJECTED
+CVE-2025-61894
+       REJECTED
+CVE-2025-61893
+       REJECTED
+CVE-2025-61892
+       REJECTED
+CVE-2025-61891
+       REJECTED
+CVE-2025-61890
+       REJECTED
+CVE-2025-61889
+       REJECTED
+CVE-2025-61888
+       REJECTED
+CVE-2025-61887
+       REJECTED
+CVE-2025-61685 (Mastra is a Typescript framework for building AI agents and 
assistants ...)
+       TODO: check
+CVE-2025-61681 (KUNO CMS is a fully deployable full-stack blog application. 
Versions 1 ...)
+       TODO: check
+CVE-2025-61680 (Minecraft RCON Terminal is a VS Code extension that 
streamlines Minecr ...)
+       TODO: check
+CVE-2025-61679 (Anyquery is an SQL query engine built on top of SQLite. 
Versions 0.4.3 ...)
+       TODO: check
+CVE-2025-61677 (DataChain is a Python-based AI-data warehouse for transforming 
and ana ...)
+       TODO: check
+CVE-2025-61673 (Karapace is an open-source implementation of Kafka REST and 
Schema Reg ...)
+       TODO: check
+CVE-2025-61585
+       REJECTED
+CVE-2025-59944 (Cursor is a code editor built for programming with AI. 
Versions 1.6.23 ...)
+       TODO: check
+CVE-2025-59943 (phpMyFAQ is an open source FAQ web application. Versions 
4.0-nightly-2 ...)
+       TODO: check
+CVE-2025-43825 (A vulnerability in Liferay Portal 7.4.0 through 7.4.3.132, and 
Liferay ...)
+       TODO: check
+CVE-2025-39953 (In the Linux kernel, the following vulnerability has been 
resolved:  c ...)
+       TODO: check
+CVE-2025-39952 (In the Linux kernel, the following vulnerability has been 
resolved:  w ...)
+       TODO: check
+CVE-2025-39951 (In the Linux kernel, the following vulnerability has been 
resolved:  u ...)
+       TODO: check
+CVE-2025-39950 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
+       TODO: check
+CVE-2025-39949 (In the Linux kernel, the following vulnerability has been 
resolved:  q ...)
+       TODO: check
+CVE-2025-39948 (In the Linux kernel, the following vulnerability has been 
resolved:  i ...)
+       TODO: check
+CVE-2025-39947 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
+       TODO: check
+CVE-2025-39946 (In the Linux kernel, the following vulnerability has been 
resolved:  t ...)
+       TODO: check
+CVE-2025-39945 (In the Linux kernel, the following vulnerability has been 
resolved:  c ...)
+       TODO: check
+CVE-2025-39944 (In the Linux kernel, the following vulnerability has been 
resolved:  o ...)
+       TODO: check
+CVE-2025-39943 (In the Linux kernel, the following vulnerability has been 
resolved:  k ...)
+       TODO: check
+CVE-2025-39942 (In the Linux kernel, the following vulnerability has been 
resolved:  k ...)
+       TODO: check
+CVE-2025-39941 (In the Linux kernel, the following vulnerability has been 
resolved:  z ...)
+       TODO: check
+CVE-2025-39940 (In the Linux kernel, the following vulnerability has been 
resolved:  d ...)
+       TODO: check
+CVE-2025-39939 (In the Linux kernel, the following vulnerability has been 
resolved:  i ...)
+       TODO: check
+CVE-2025-39938 (In the Linux kernel, the following vulnerability has been 
resolved:  A ...)
+       TODO: check
+CVE-2025-39937 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
+       TODO: check
+CVE-2025-39936 (In the Linux kernel, the following vulnerability has been 
resolved:  c ...)
+       TODO: check
+CVE-2025-39935 (In the Linux kernel, the following vulnerability has been 
resolved:  A ...)
+       TODO: check
+CVE-2025-39934 (In the Linux kernel, the following vulnerability has been 
resolved:  d ...)
+       TODO: check
+CVE-2025-39933 (In the Linux kernel, the following vulnerability has been 
resolved:  s ...)
+       TODO: check
+CVE-2025-39932 (In the Linux kernel, the following vulnerability has been 
resolved:  s ...)
+       TODO: check
+CVE-2025-39931 (In the Linux kernel, the following vulnerability has been 
resolved:  c ...)
+       TODO: check
+CVE-2025-39929 (In the Linux kernel, the following vulnerability has been 
resolved:  s ...)
+       TODO: check
+CVE-2025-11228 (The GiveWP \u2013 Donation Plugin and Fundraising Platform 
plugin for  ...)
+       TODO: check
+CVE-2025-11227 (The GiveWP \u2013 Donation Plugin and Fundraising Platform 
plugin for  ...)
+       TODO: check
+CVE-2025-10751 (MacForge contains an insecure XPC service that allows local, 
unprivile ...)
+       TODO: check
+CVE-2025-10746 (The Integrate Dynamics 365 CRM plugin for WordPress is 
vulnerable to u ...)
+       TODO: check
+CVE-2025-10696 (OpenSupports exposes an endpoint that allows the list of 
'supervised u ...)
+       TODO: check
+CVE-2025-10695 (Two unauthenticated diagnostic endpoints allow arbitrary 
backend-initi ...)
+       TODO: check
+CVE-2025-10692 (The endpoint POST /api/staff/get-new-tickets concatenates the 
user-con ...)
+       TODO: check
+CVE-2025-10383 (The Contest Gallery \u2013 Upload, Vote & Sell with PayPal and 
Stripe  ...)
+       TODO: check
 CVE-2025-9945 (The Optimize More! \u2013 CSS plugin for WordPress is 
vulnerable to Cr ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-9897 (The AP Background plugin for WordPress is vulnerable to 
Cross-Site Req ...)
@@ -4390,7 +4508,7 @@ CVE-2025-57973 (Improper Neutralization of Input During 
Web Page Generation ('Cr
        NOT-FOR-US: WordPress plugin or theme
 CVE-2025-57972 (Missing Authorization vulnerability in WPFactory Helpdesk 
Support Tick ...)
        NOT-FOR-US: WordPress plugin or theme
-CVE-2025-57971 (Missing Authorization vulnerability in SALESmanago SALESmanago 
allows  ...)
+CVE-2025-57971 (Missing Authorization vulnerability in SALESmanago SALESmanago 
& Leado ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2025-57970 (Cross-Site Request Forgery (CSRF) vulnerability in SALESmanago 
SALESma ...)
        NOT-FOR-US: WordPress plugin or theme



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8f2cde447373aa0681cdcd93fc22bed882821bf3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8f2cde447373aa0681cdcd93fc22bed882821bf3
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to