Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cd3d95c1 by security tracker role at 2025-12-14T08:12:08+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,38 @@
-CVE-2025-67896 [Remote heap corruption]
+CVE-2025-14650 (A flaw has been found in itsourcecode Online Cake Ordering
System 1.0. ...)
+ TODO: check
+CVE-2025-14649 (A vulnerability was detected in itsourcecode Online Cake
Ordering Syst ...)
+ TODO: check
+CVE-2025-14648 (A security vulnerability has been detected in DedeBIZ up to
6.5.9. Aff ...)
+ TODO: check
+CVE-2025-14647 (A weakness has been identified in code-projects Computer Book
Store 1. ...)
+ TODO: check
+CVE-2025-14646 (A security flaw has been discovered in code-projects Student
File Mana ...)
+ TODO: check
+CVE-2025-14645 (A vulnerability was identified in code-projects Student File
Managemen ...)
+ TODO: check
+CVE-2025-14644 (A vulnerability was determined in itsourcecode Student
Management Syst ...)
+ TODO: check
+CVE-2025-14643 (A vulnerability was found in code-projects Simple Attendance
Record Sy ...)
+ TODO: check
+CVE-2025-14642 (A vulnerability has been found in code-projects Computer
Laboratory Sy ...)
+ TODO: check
+CVE-2025-14641 (A flaw has been found in code-projects Computer Laboratory
System 1.0. ...)
+ TODO: check
+CVE-2025-14640 (A flaw has been found in code-projects Student File Management
System ...)
+ TODO: check
+CVE-2025-14639 (A vulnerability was detected in itsourcecode Student
Management System ...)
+ TODO: check
+CVE-2025-14638 (A security vulnerability has been detected in itsourcecode
Online Pet ...)
+ TODO: check
+CVE-2025-13832
+ REJECTED
+CVE-2025-13126 (The wpForo Forum plugin for WordPress is vulnerable to generic
SQL Inj ...)
+ TODO: check
+CVE-2025-12696 (The HelloLeads CRM Form Shortcode WordPress plugin through 1.0
does no ...)
+ TODO: check
+CVE-2025-12537 (The Addon Elements for Elementor plugin for WordPress is
vulnerable to ...)
+ TODO: check
+CVE-2025-67896 (Exim before 4.99.1 allows remote heap corruption that will be
further ...)
- exim4 <unfixed>
NOTE: https://www.openwall.com/lists/oss-security/2025/12/11/2
TODO: wait for publication on 2025-12-18 15:00 UTC
@@ -1086,7 +1120,7 @@ CVE-2024-42197 (HCL Workload Scheduler stores user
credentials in plain text whi
NOT-FOR-US: HCL
CVE-2024-40593 (A key management errors vulnerability in Fortinet
FortiAnalyzer 7.4.0 ...)
NOT-FOR-US: Fortinet
-CVE-2025-67897 [DOS (crash) via special crafted encrypted message]
+CVE-2025-67897 (In Sequoia before 2.1.0, aes_key_unwrap panics if passed a
ciphertext ...)
- rust-sequoia-openpgp 2.1.0-1 (bug #1122582)
[trixie] - rust-sequoia-openpgp <no-dsa> (Minor issue)
[bookworm] - rust-sequoia-openpgp <no-dsa> (Minor issue)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cd3d95c1fa6f7b5acdf703acefc86530bd977c8e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cd3d95c1fa6f7b5acdf703acefc86530bd977c8e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
