Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
28bebeb3 by security tracker role at 2025-11-14T08:12:50+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,85 @@
+CVE-2025-9479 (Out of bounds read in V8 in Google Chrome prior to
133.0.6943.141 allo ...)
+ TODO: check
+CVE-2025-64754 (Jitsi Meet is an open source video conferencing application. A
vulnera ...)
+ TODO: check
+CVE-2025-64753 (grist-core is a spreadsheet hosting server. Prior to version
1.7.7, a ...)
+ TODO: check
+CVE-2025-64752 (grist-core is a spreadsheet hosting server. Prior to version
1.7.7, a ...)
+ TODO: check
+CVE-2025-64749 (Directus is a real-time API and App dashboard for managing SQL
databas ...)
+ TODO: check
+CVE-2025-64748 (Directus is a real-time API and App dashboard for managing SQL
databas ...)
+ TODO: check
+CVE-2025-64747 (Directus is a real-time API and App dashboard for managing SQL
databas ...)
+ TODO: check
+CVE-2025-64746 (Directus is a real-time API and App dashboard for managing SQL
databas ...)
+ TODO: check
+CVE-2025-64745 (Astro is a web framework. Starting in version 5.2.0 and prior
to versi ...)
+ TODO: check
+CVE-2025-64744 (OpenObserve is a cloud-native observability platform. In
versions up t ...)
+ TODO: check
+CVE-2025-64530 (Apollo Federation is an architecture for declaratively
composing APIs ...)
+ TODO: check
+CVE-2025-64444 (Improper neutralization of special elements used in an OS
command ('OS ...)
+ TODO: check
+CVE-2025-55073 (Mattermost versions 10.11.x <= 10.11.3, 10.5.x <= 10.5.11,
10.12.x <= ...)
+ TODO: check
+CVE-2025-55070 (Mattermost versions <11 fail to enforce multi-factor
authentication on ...)
+ TODO: check
+CVE-2025-4619 (A denial-of-service (DoS) vulnerability in Palo Alto Networks
PAN-OS s ...)
+ TODO: check
+CVE-2025-47913 (SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed
respons ...)
+ TODO: check
+CVE-2025-47222 (Keyfactor SignServer before 7.3.1 has Incorrect Access
Control, issue ...)
+ TODO: check
+CVE-2025-47221 (Keyfactor SignServer before 7.3.1 has Incorrect Access
Control, issue ...)
+ TODO: check
+CVE-2025-47220 (Keyfactor SignServer before 7.3.1 has Incorrect Access
Control, issue ...)
+ TODO: check
+CVE-2025-41436 (Mattermost versions <11.0 fail to properly enforce the "Allow
users to ...)
+ TODO: check
+CVE-2025-36251 (IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 nimsh service
SSL/TLS i ...)
+ TODO: check
+CVE-2025-36250 (IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server
(formerly kn ...)
+ TODO: check
+CVE-2025-36236 (IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server
(formerly kn ...)
+ TODO: check
+CVE-2025-36096 (IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 stores NIM
private keys ...)
+ TODO: check
+CVE-2025-13161 (IQ-Support developed by IQ Service International has an
Arbitrary File ...)
+ TODO: check
+CVE-2025-13160 (IQ-Support developed by IQ Service International has a
Exposure of Sen ...)
+ TODO: check
+CVE-2025-13131 (A vulnerability was found in Sonarr 4.0.15.2940. The impacted
element ...)
+ TODO: check
+CVE-2025-13130 (A vulnerability has been found in Radarr 5.28.0.10274. The
affected el ...)
+ TODO: check
+CVE-2025-13107 (Inappropriate implementation in Compositing in Google Chrome
prior to ...)
+ TODO: check
+CVE-2025-13102 (Inappropriate implementation in WebApp Installs in Google
Chrome on An ...)
+ TODO: check
+CVE-2025-13097 (Inappropriate implementation in DevTools in Google Chrome
prior to 136 ...)
+ TODO: check
+CVE-2025-12904 (The SNORDIAN's H5PxAPIkatchu plugin for WordPress is
vulnerable to Sto ...)
+ TODO: check
+CVE-2025-11776 (Mattermost versions <11 fail to properly restrict access to
archived c ...)
+ TODO: check
+CVE-2025-10686 (The Creta Testimonial Showcase WordPress plugin before 1.2.4
is vulner ...)
+ TODO: check
+CVE-2024-9126 (Use after free in Internals in Google Chrome on iOS prior to
127.0.653 ...)
+ TODO: check
+CVE-2024-7021 (Inappropriate implementation in Autofill in Google Chrome on
Windows p ...)
+ TODO: check
+CVE-2024-7017 (Inappropriate implementation in DevTools in Google Chrome prior
to 126 ...)
+ TODO: check
+CVE-2024-13983 (Inappropriate implementation in Lens in Google Chrome on iOS
prior to ...)
+ TODO: check
+CVE-2024-13178 (Inappropriate implementation in Fullscreen in Google Chrome
prior to 1 ...)
+ TODO: check
+CVE-2024-11920 (Inappropriate implementation in Dawn in Google Chrome on Mac
prior to ...)
+ TODO: check
+CVE-2024-11919 (Inappropriate implementation in Intents in Google Chrome on
Android pr ...)
+ TODO: check
CVE-2025-8397 (The Save as PDF Button plugin for WordPress is vulnerable to
Stored Cr ...)
NOT-FOR-US: WordPress plugin
CVE-2025-7704 (Supermicro BMC Insyde SMASH shell program has a stacked-based
overflo ...)
@@ -2381,7 +2463,7 @@ CVE-2025-12790 (A flaw was found in Rubygem MQTT. By
default, the package used t
NOT-FOR-US: Rubygem MQTT
CVE-2025-12789 (A flaw was found in Red Hat Single Sign-On. This issue is an
Open Redi ...)
NOT-FOR-US: Red Hat Single Sign-On
-CVE-2024-12125 (A flaw was found in the 3scale developer portal. This issue
can allow ...)
+CVE-2024-12125 (A flaw was found in the 3scale Developer Portal. When creating
or upda ...)
NOT-FOR-US: 3scale developer portal
CVE-2025-6327 (Unrestricted Upload of File with Dangerous Type vulnerability
in KingA ...)
NOT-FOR-US: WordPress plugin or theme
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/28bebeb3840d4856b97b8b033688046097f42368
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/28bebeb3840d4856b97b8b033688046097f42368
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
