Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4d945456 by security tracker role at 2025-12-16T20:13:15+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,839 @@
+CVE-2025-9460 (A maliciously crafted SLDPRT file, when parsed through certain
Autodes ...)
+ TODO: check
+CVE-2025-9459 (A maliciously crafted SLDPRT file, when parsed through certain
Autodes ...)
+ TODO: check
+CVE-2025-9457 (A maliciously crafted PRT file, when parsed through certain
Autodesk p ...)
+ TODO: check
+CVE-2025-9456 (A maliciously crafted SLDPRT file, when parsed through certain
Autodes ...)
+ TODO: check
+CVE-2025-9455 (A maliciously crafted CATPRODUCT file, when parsed through
certain Aut ...)
+ TODO: check
+CVE-2025-9454 (A maliciously crafted PRT file, when parsed through certain
Autodesk p ...)
+ TODO: check
+CVE-2025-9453 (A maliciously crafted PRT file, when parsed through certain
Autodesk p ...)
+ TODO: check
+CVE-2025-9452 (A maliciously crafted SLDPRT file, when parsed through certain
Autodes ...)
+ TODO: check
+CVE-2025-9122 (Hitachi Vantara Pentaho Data Integration and Analytics
Community Dashb ...)
+ TODO: check
+CVE-2025-9121 (Pentaho Data Integration and Analytics Community Dashboard
Editor plug ...)
+ TODO: check
+CVE-2025-8872 (On affected platforms running Arista EOS with OSPFv3
configured, a spe ...)
+ TODO: check
+CVE-2025-68322 (In the Linux kernel, the following vulnerability has been
resolved: p ...)
+ TODO: check
+CVE-2025-68321 (In the Linux kernel, the following vulnerability has been
resolved: p ...)
+ TODO: check
+CVE-2025-68320 (In the Linux kernel, the following vulnerability has been
resolved: l ...)
+ TODO: check
+CVE-2025-68319 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
+ TODO: check
+CVE-2025-68318 (In the Linux kernel, the following vulnerability has been
resolved: c ...)
+ TODO: check
+CVE-2025-68317 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
+ TODO: check
+CVE-2025-68316 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
+ TODO: check
+CVE-2025-68315 (In the Linux kernel, the following vulnerability has been
resolved: f ...)
+ TODO: check
+CVE-2025-68314 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
+ TODO: check
+CVE-2025-68313 (In the Linux kernel, the following vulnerability has been
resolved: x ...)
+ TODO: check
+CVE-2025-68312 (In the Linux kernel, the following vulnerability has been
resolved: u ...)
+ TODO: check
+CVE-2025-68311 (In the Linux kernel, the following vulnerability has been
resolved: t ...)
+ TODO: check
+CVE-2025-68310 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
+ TODO: check
+CVE-2025-68309 (In the Linux kernel, the following vulnerability has been
resolved: P ...)
+ TODO: check
+CVE-2025-68308 (In the Linux kernel, the following vulnerability has been
resolved: c ...)
+ TODO: check
+CVE-2025-68307 (In the Linux kernel, the following vulnerability has been
resolved: c ...)
+ TODO: check
+CVE-2025-68306 (In the Linux kernel, the following vulnerability has been
resolved: B ...)
+ TODO: check
+CVE-2025-68305 (In the Linux kernel, the following vulnerability has been
resolved: B ...)
+ TODO: check
+CVE-2025-68304 (In the Linux kernel, the following vulnerability has been
resolved: B ...)
+ TODO: check
+CVE-2025-68303 (In the Linux kernel, the following vulnerability has been
resolved: p ...)
+ TODO: check
+CVE-2025-68302 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
+ TODO: check
+CVE-2025-68301 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
+ TODO: check
+CVE-2025-68300 (In the Linux kernel, the following vulnerability has been
resolved: f ...)
+ TODO: check
+CVE-2025-68299 (In the Linux kernel, the following vulnerability has been
resolved: a ...)
+ TODO: check
+CVE-2025-68298 (In the Linux kernel, the following vulnerability has been
resolved: B ...)
+ TODO: check
+CVE-2025-68297 (In the Linux kernel, the following vulnerability has been
resolved: c ...)
+ TODO: check
+CVE-2025-68296 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
+ TODO: check
+CVE-2025-68295 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
+ TODO: check
+CVE-2025-68294 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
+ TODO: check
+CVE-2025-68293 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
+ TODO: check
+CVE-2025-68292 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
+ TODO: check
+CVE-2025-68291 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
+ TODO: check
+CVE-2025-68290 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
+ TODO: check
+CVE-2025-68289 (In the Linux kernel, the following vulnerability has been
resolved: u ...)
+ TODO: check
+CVE-2025-68288 (In the Linux kernel, the following vulnerability has been
resolved: u ...)
+ TODO: check
+CVE-2025-68287 (In the Linux kernel, the following vulnerability has been
resolved: u ...)
+ TODO: check
+CVE-2025-68286 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
+ TODO: check
+CVE-2025-68285 (In the Linux kernel, the following vulnerability has been
resolved: l ...)
+ TODO: check
+CVE-2025-68284 (In the Linux kernel, the following vulnerability has been
resolved: l ...)
+ TODO: check
+CVE-2025-68283 (In the Linux kernel, the following vulnerability has been
resolved: l ...)
+ TODO: check
+CVE-2025-68282 (In the Linux kernel, the following vulnerability has been
resolved: u ...)
+ TODO: check
+CVE-2025-68281 (In the Linux kernel, the following vulnerability has been
resolved: A ...)
+ TODO: check
+CVE-2025-68270 (The Open edX Platform is a learning management platform. Prior
to comm ...)
+ TODO: check
+CVE-2025-68269 (In JetBrains IntelliJ IDEA before 2025.3 missing confirmation
allowed ...)
+ TODO: check
+CVE-2025-68268 (In JetBrains TeamCity before 2025.11.1 reflected XSS was
possible on t ...)
+ TODO: check
+CVE-2025-68267 (In JetBrains TeamCity before 2025.11.1 excessive privileges
were possi ...)
+ TODO: check
+CVE-2025-68266 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
+ TODO: check
+CVE-2025-68265 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
+ TODO: check
+CVE-2025-68264 (In the Linux kernel, the following vulnerability has been
resolved: e ...)
+ TODO: check
+CVE-2025-68263 (In the Linux kernel, the following vulnerability has been
resolved: k ...)
+ TODO: check
+CVE-2025-68262 (In the Linux kernel, the following vulnerability has been
resolved: c ...)
+ TODO: check
+CVE-2025-68261 (In the Linux kernel, the following vulnerability has been
resolved: e ...)
+ TODO: check
+CVE-2025-68260 (In the Linux kernel, the following vulnerability has been
resolved: r ...)
+ TODO: check
+CVE-2025-68259 (In the Linux kernel, the following vulnerability has been
resolved: K ...)
+ TODO: check
+CVE-2025-68258 (In the Linux kernel, the following vulnerability has been
resolved: c ...)
+ TODO: check
+CVE-2025-68257 (In the Linux kernel, the following vulnerability has been
resolved: c ...)
+ TODO: check
+CVE-2025-68256 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
+ TODO: check
+CVE-2025-68255 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
+ TODO: check
+CVE-2025-68254 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
+ TODO: check
+CVE-2025-68253 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
+ TODO: check
+CVE-2025-68252 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
+ TODO: check
+CVE-2025-68251 (In the Linux kernel, the following vulnerability has been
resolved: e ...)
+ TODO: check
+CVE-2025-68250 (In the Linux kernel, the following vulnerability has been
resolved: h ...)
+ TODO: check
+CVE-2025-68249 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
+ TODO: check
+CVE-2025-68248 (In the Linux kernel, the following vulnerability has been
resolved: v ...)
+ TODO: check
+CVE-2025-68247 (In the Linux kernel, the following vulnerability has been
resolved: p ...)
+ TODO: check
+CVE-2025-68246 (In the Linux kernel, the following vulnerability has been
resolved: k ...)
+ TODO: check
+CVE-2025-68245 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
+ TODO: check
+CVE-2025-68244 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
+ TODO: check
+CVE-2025-68243 (In the Linux kernel, the following vulnerability has been
resolved: N ...)
+ TODO: check
+CVE-2025-68242 (In the Linux kernel, the following vulnerability has been
resolved: N ...)
+ TODO: check
+CVE-2025-68241 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
+ TODO: check
+CVE-2025-68240 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
+ TODO: check
+CVE-2025-68239 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
+ TODO: check
+CVE-2025-68238 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
+ TODO: check
+CVE-2025-68237 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
+ TODO: check
+CVE-2025-68236 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
+ TODO: check
+CVE-2025-68235 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
+ TODO: check
+CVE-2025-68234 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
+ TODO: check
+CVE-2025-68233 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
+ TODO: check
+CVE-2025-68232 (In the Linux kernel, the following vulnerability has been
resolved: v ...)
+ TODO: check
+CVE-2025-68231 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
+ TODO: check
+CVE-2025-68230 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
+ TODO: check
+CVE-2025-68229 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
+ TODO: check
+CVE-2025-68228 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
+ TODO: check
+CVE-2025-68227 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
+ TODO: check
+CVE-2025-68226 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
+ TODO: check
+CVE-2025-68225 (In the Linux kernel, the following vulnerability has been
resolved: l ...)
+ TODO: check
+CVE-2025-68224 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
+ TODO: check
+CVE-2025-68223 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
+ TODO: check
+CVE-2025-68222 (In the Linux kernel, the following vulnerability has been
resolved: p ...)
+ TODO: check
+CVE-2025-68221 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
+ TODO: check
+CVE-2025-68220 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
+ TODO: check
+CVE-2025-68219 (In the Linux kernel, the following vulnerability has been
resolved: c ...)
+ TODO: check
+CVE-2025-68218 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
+ TODO: check
+CVE-2025-68217 (In the Linux kernel, the following vulnerability has been
resolved: I ...)
+ TODO: check
+CVE-2025-68216 (In the Linux kernel, the following vulnerability has been
resolved: L ...)
+ TODO: check
+CVE-2025-68215 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
+ TODO: check
+CVE-2025-68214 (In the Linux kernel, the following vulnerability has been
resolved: t ...)
+ TODO: check
+CVE-2025-68213 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
+ TODO: check
+CVE-2025-68212 (In the Linux kernel, the following vulnerability has been
resolved: f ...)
+ TODO: check
+CVE-2025-68211 (In the Linux kernel, the following vulnerability has been
resolved: k ...)
+ TODO: check
+CVE-2025-68210 (In the Linux kernel, the following vulnerability has been
resolved: e ...)
+ TODO: check
+CVE-2025-68209 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
+ TODO: check
+CVE-2025-68208 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
+ TODO: check
+CVE-2025-68207 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
+ TODO: check
+CVE-2025-68206 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
+ TODO: check
+CVE-2025-68205 (In the Linux kernel, the following vulnerability has been
resolved: A ...)
+ TODO: check
+CVE-2025-68204 (In the Linux kernel, the following vulnerability has been
resolved: p ...)
+ TODO: check
+CVE-2025-68203 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
+ TODO: check
+CVE-2025-68202 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
+ TODO: check
+CVE-2025-68201 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
+ TODO: check
+CVE-2025-68200 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
+ TODO: check
+CVE-2025-68199 (In the Linux kernel, the following vulnerability has been
resolved: c ...)
+ TODO: check
+CVE-2025-68198 (In the Linux kernel, the following vulnerability has been
resolved: c ...)
+ TODO: check
+CVE-2025-68197 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
+ TODO: check
+CVE-2025-68196 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
+ TODO: check
+CVE-2025-68195 (In the Linux kernel, the following vulnerability has been
resolved: x ...)
+ TODO: check
+CVE-2025-68194 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
+ TODO: check
+CVE-2025-68193 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
+ TODO: check
+CVE-2025-68192 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
+ TODO: check
+CVE-2025-68191 (In the Linux kernel, the following vulnerability has been
resolved: u ...)
+ TODO: check
+CVE-2025-68190 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
+ TODO: check
+CVE-2025-68189 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
+ TODO: check
+CVE-2025-68188 (In the Linux kernel, the following vulnerability has been
resolved: t ...)
+ TODO: check
+CVE-2025-68187 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
+ TODO: check
+CVE-2025-68186 (In the Linux kernel, the following vulnerability has been
resolved: r ...)
+ TODO: check
+CVE-2025-68185 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
+ TODO: check
+CVE-2025-68184 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
+ TODO: check
+CVE-2025-68183 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
+ TODO: check
+CVE-2025-68182 (In the Linux kernel, the following vulnerability has been
resolved: w ...)
+ TODO: check
+CVE-2025-68181 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
+ TODO: check
+CVE-2025-68180 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
+ TODO: check
+CVE-2025-68179 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
+ TODO: check
+CVE-2025-68178 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
+ TODO: check
+CVE-2025-68177 (In the Linux kernel, the following vulnerability has been
resolved: c ...)
+ TODO: check
+CVE-2025-68176 (In the Linux kernel, the following vulnerability has been
resolved: P ...)
+ TODO: check
+CVE-2025-68175 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
+ TODO: check
+CVE-2025-68174 (In the Linux kernel, the following vulnerability has been
resolved: a ...)
+ TODO: check
+CVE-2025-68173 (In the Linux kernel, the following vulnerability has been
resolved: f ...)
+ TODO: check
+CVE-2025-68172 (In the Linux kernel, the following vulnerability has been
resolved: c ...)
+ TODO: check
+CVE-2025-68171 (In the Linux kernel, the following vulnerability has been
resolved: x ...)
+ TODO: check
+CVE-2025-68170 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
+ TODO: check
+CVE-2025-68169 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
+ TODO: check
+CVE-2025-68168 (In the Linux kernel, the following vulnerability has been
resolved: j ...)
+ TODO: check
+CVE-2025-68167 (In the Linux kernel, the following vulnerability has been
resolved: g ...)
+ TODO: check
+CVE-2025-68166 (In JetBrains TeamCity before 2025.11 a DOM-based XSS was
possible on t ...)
+ TODO: check
+CVE-2025-68165 (In JetBrains TeamCity before 2025.11 reflected XSS was
possible on VCS ...)
+ TODO: check
+CVE-2025-68164 (In JetBrains TeamCity before 2025.11 port enumeration was
possible via ...)
+ TODO: check
+CVE-2025-68163 (In JetBrains TeamCity before 2025.11 stored XSS was possible
on agentp ...)
+ TODO: check
+CVE-2025-68162 (In JetBrains TeamCity before 2025.11 maven embedder allowed
loading ex ...)
+ TODO: check
+CVE-2025-68156 (Expr is an expression language and expression evaluation for
Go. Prior ...)
+ TODO: check
+CVE-2025-68155 (@vitejs/plugin-rs provides React Server Components (RSC)
support for V ...)
+ TODO: check
+CVE-2025-68154 (systeminformation is a System and OS information library for
node.js. ...)
+ TODO: check
+CVE-2025-68150 (Parse Server is an open source backend that can be deployed to
any inf ...)
+ TODO: check
+CVE-2025-68146 (filelock is a platform-independent file lock for Python. In
versions p ...)
+ TODO: check
+CVE-2025-68142 (PyMdown Extensions is a set of extensions for the
`Python-Markdown` ma ...)
+ TODO: check
+CVE-2025-68130 (tRPC allows users to build and consume fully typesafe APIs
without sch ...)
+ TODO: check
+CVE-2025-68116 (FileRise is a self-hosted web file manager / WebDAV server.
Versions p ...)
+ TODO: check
+CVE-2025-68115 (Parse Server is an open source backend that can be deployed to
any inf ...)
+ TODO: check
+CVE-2025-68113 (ALTCHA is privacy-first software for captcha and bot
protection. A cry ...)
+ TODO: check
+CVE-2025-68088 (Missing Authorization vulnerability in merkulove Huger for
Elementor h ...)
+ TODO: check
+CVE-2025-68087 (Missing Authorization vulnerability in merkulove Modalier for
Elemento ...)
+ TODO: check
+CVE-2025-68086 (Missing Authorization vulnerability in merkulove Reformer for
Elemento ...)
+ TODO: check
+CVE-2025-68085 (Missing Authorization vulnerability in merkulove Buttoner for
Elemento ...)
+ TODO: check
+CVE-2025-68084 (Missing Authorization vulnerability in Nitesh Ultimate Auction
ultima ...)
+ TODO: check
+CVE-2025-68083 (Cross-Site Request Forgery (CSRF) vulnerability in Meks Meks
Quick Plu ...)
+ TODO: check
+CVE-2025-68082 (Cross-Site Request Forgery (CSRF) vulnerability in SEMrush CY
LTD Semr ...)
+ TODO: check
+CVE-2025-68080 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-68079 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-68078 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-68077 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-68076 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-68071 (Authorization Bypass Through User-Controlled Key vulnerability
in g5th ...)
+ TODO: check
+CVE-2025-68070 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-68068 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
+ TODO: check
+CVE-2025-68067 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
+ TODO: check
+CVE-2025-68066 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
+ TODO: check
+CVE-2025-68065 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
+ TODO: check
+CVE-2025-68062 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
+ TODO: check
+CVE-2025-68061 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
+ TODO: check
+CVE-2025-68056 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2025-68055 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2025-68054 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2025-68053 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2025-67999 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2025-67989 (Server-Side Request Forgery (SSRF) vulnerability in LMPixels
Kerge ker ...)
+ TODO: check
+CVE-2025-67986 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-67985 (Authorization Bypass Through User-Controlled Key vulnerability
in Barn ...)
+ TODO: check
+CVE-2025-67983 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-67976 (Missing Authorization vulnerability in Bob Watu Quiz watu
allows Explo ...)
+ TODO: check
+CVE-2025-67965 (Missing Authorization vulnerability in favethemes Homey Core
homey-cor ...)
+ TODO: check
+CVE-2025-67962 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2025-67951 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-67950 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2025-67948 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
+ TODO: check
+CVE-2025-67929 (Missing Authorization vulnerability in templateinvaders TI
WooCommerce ...)
+ TODO: check
+CVE-2025-67912 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-67874 (ChurchCRM is an open-source church management system. Prior to
version ...)
+ TODO: check
+CVE-2025-67751 (ChurchCRM is an open-source church management system. Prior to
version ...)
+ TODO: check
+CVE-2025-67748 (Fickling is a Python pickling decompiler and static analyzer.
Versions ...)
+ TODO: check
+CVE-2025-67747 (Fickling is a Python pickling decompiler and static analyzer.
Versions ...)
+ TODO: check
+CVE-2025-67744 (DeepChat is an open-source artificial intelligence agent
platform that ...)
+ TODO: check
+CVE-2025-67736 (The FreePBX module tts (Text to Speech) for FreePBX, an
open-source we ...)
+ TODO: check
+CVE-2025-67735 (Netty is an asynchronous, event-driven network application
framework. ...)
+ TODO: check
+CVE-2025-67722 (FreePBX is an open-source web-based graphical user interface
(GUI) tha ...)
+ TODO: check
+CVE-2025-67715 (Weblate is a web based localization tool. In versions prior to
5.15, i ...)
+ TODO: check
+CVE-2025-67492 (Weblate is a web based localization tool. In versions prior to
5.15, i ...)
+ TODO: check
+CVE-2025-66635 (Stack-based buffer overflow vulnerability exists in SEIKO
EPSON Web Co ...)
+ TODO: check
+CVE-2025-66482 (Misskey is an open source, federated social media platform.
Attackers ...)
+ TODO: check
+CVE-2025-66449 (ConvertXis a self-hosted online file converter. In versions
prior to 0 ...)
+ TODO: check
+CVE-2025-66407 (Weblate is a web based localization tool. The Create Component
functio ...)
+ TODO: check
+CVE-2025-66402 (Misskey is an open source, federated social media platform.
Starting i ...)
+ TODO: check
+CVE-2025-66357 (CHOCO TEI WATCHER mini (IB-MCT001) contains an issue with
improper che ...)
+ TODO: check
+CVE-2025-66167 (Missing Authorization vulnerability in merkulove Lottier
lottier-guten ...)
+ TODO: check
+CVE-2025-66166 (Missing Authorization vulnerability in merkulove Lottier for
Elementor ...)
+ TODO: check
+CVE-2025-66165 (Missing Authorization vulnerability in merkulove Lottier for
WPBakery ...)
+ TODO: check
+CVE-2025-66164 (Missing Authorization vulnerability in merkulove Laser laser
allows Ex ...)
+ TODO: check
+CVE-2025-66163 (Missing Authorization vulnerability in merkulove Masker for
Elementor ...)
+ TODO: check
+CVE-2025-66162 (Missing Authorization vulnerability in merkulove Spoter for
Elementor ...)
+ TODO: check
+CVE-2025-66161 (Missing Authorization vulnerability in merkulove Grider for
Elementor ...)
+ TODO: check
+CVE-2025-66147 (Missing Authorization vulnerability in merkulove Coder for
Elementor c ...)
+ TODO: check
+CVE-2025-66134 (Missing Authorization vulnerability in NinjaTeam FileBird Pro
filebird ...)
+ TODO: check
+CVE-2025-66133 (Missing Authorization vulnerability in WP Legal Pages WP
Cookie Notice ...)
+ TODO: check
+CVE-2025-66132 (Authorization Bypass Through User-Controlled Key vulnerability
in FAPI ...)
+ TODO: check
+CVE-2025-66131 (Missing Authorization vulnerability in yaadsarig Yaad Sarig
Payment Ga ...)
+ TODO: check
+CVE-2025-66130 (Missing Authorization vulnerability in etruel WP Views Counter
wpecoun ...)
+ TODO: check
+CVE-2025-66129 (Missing Authorization vulnerability in wppochipp Pochipp
pochipp allow ...)
+ TODO: check
+CVE-2025-66128 (Missing Authorization vulnerability in Brevo Sendinblue for
WooCommerc ...)
+ TODO: check
+CVE-2025-66127 (Missing Authorization vulnerability in g5theme Essential Real
Estate e ...)
+ TODO: check
+CVE-2025-66126 (Insertion of Sensitive Information Into Sent Data
vulnerability in wow ...)
+ TODO: check
+CVE-2025-66125 (Insertion of Sensitive Information Into Sent Data
vulnerability in Nit ...)
+ TODO: check
+CVE-2025-66124 (Missing Authorization vulnerability in ZEEN101 Leaky Paywall
leaky-pay ...)
+ TODO: check
+CVE-2025-66122 (Missing Authorization vulnerability in Design Stylish Price
List styli ...)
+ TODO: check
+CVE-2025-66121 (Missing Authorization vulnerability in SiteGround SiteGround
Security ...)
+ TODO: check
+CVE-2025-66120 (Missing Authorization vulnerability in CatFolders CatFolders
catfolder ...)
+ TODO: check
+CVE-2025-65834 (Meltytech Shotcut 25.10.31 is vulnerable to Buffer Overflow. A
memory ...)
+ TODO: check
+CVE-2025-65593 (nopCommerce 4.90.0 is vulnerable to Cross Site Request Forgery
(CSRF) ...)
+ TODO: check
+CVE-2025-65592 (nopCommerce 4.90.0 is vulnerable to Cross Site Scripting (XSS)
in the ...)
+ TODO: check
+CVE-2025-65591 (nopCommerce 4.90.0 is vulnerable to Cross Site Scripting (XSS)
via the ...)
+ TODO: check
+CVE-2025-65590 (nopCommerce 4.90.0 is vulnerable to Cross Site Scripting (XSS)
via the ...)
+ TODO: check
+CVE-2025-65589 (nopCommerce 4.90.0 is vulnerable to Cross Site Scripting (XSS)
via the ...)
+ TODO: check
+CVE-2025-65581 (An open redirect vulnerability exists in the Account module in
Volosof ...)
+ TODO: check
+CVE-2025-65427 (An issue was discovered in Dbit N300 T1 Pro Easy Setup
Wireless Wi-Fi ...)
+ TODO: check
+CVE-2025-65319 (When using the attachment interaction functionality, Blue Mail
1.140.1 ...)
+ TODO: check
+CVE-2025-65318 (When using the attachment interaction functionality, Canary
Mail 5.1.4 ...)
+ TODO: check
+CVE-2025-65076 (WaveView client allows users to execute restricted set of
predefined c ...)
+ TODO: check
+CVE-2025-65075 (WaveView client allows users to execute restricted set of
predefined c ...)
+ TODO: check
+CVE-2025-65074 (WaveView client allows users to execute restricted set of
predefined c ...)
+ TODO: check
+CVE-2025-64725 (Weblate is a web based localization tool. In versions prior to
5.15, i ...)
+ TODO: check
+CVE-2025-64639 (Missing Authorization vulnerability in WP Compress WP Compress
for Mai ...)
+ TODO: check
+CVE-2025-64638 (Missing Authorization vulnerability in OnPay.io OnPay.io for
WooCommer ...)
+ TODO: check
+CVE-2025-64635 (Missing Authorization vulnerability in Syed Balkhi Feeds for
YouTube f ...)
+ TODO: check
+CVE-2025-64634 (Missing Authorization vulnerability in ThemeFusion Avada avada
allows ...)
+ TODO: check
+CVE-2025-64633 (Improper Neutralization of Script-Related HTML Tags in a Web
Page (Bas ...)
+ TODO: check
+CVE-2025-64632 (Missing Authorization vulnerability in Auctollo Google XML
Sitemaps go ...)
+ TODO: check
+CVE-2025-64631 (Missing Authorization vulnerability in WC Lovers WCFM
Marketplace wc-m ...)
+ TODO: check
+CVE-2025-64630 (Missing Authorization vulnerability in Strategy11 Team
Business Direct ...)
+ TODO: check
+CVE-2025-64253 (Path Traversal: '.../...//' vulnerability in WordPress.org
Health Chec ...)
+ TODO: check
+CVE-2025-64251 (Missing Authorization vulnerability in azzaroco Ultimate
Learning Pro ...)
+ TODO: check
+CVE-2025-64250 (URL Redirection to Untrusted Site ('Open Redirect')
vulnerability in w ...)
+ TODO: check
+CVE-2025-64249 (Missing Authorization vulnerability in WP-EXPERTS.IN Protect
WP Admin ...)
+ TODO: check
+CVE-2025-64248 (Missing Authorization vulnerability in emarket-design Request
a Quote ...)
+ TODO: check
+CVE-2025-64247 (Missing Authorization vulnerability in edmon.parker Read More
& Accord ...)
+ TODO: check
+CVE-2025-64246 (Missing Authorization vulnerability in netopsae Accessibility
by Audio ...)
+ TODO: check
+CVE-2025-64245 (Missing Authorization vulnerability in ryanpcmcquen Import
external at ...)
+ TODO: check
+CVE-2025-64244 (Missing Authorization vulnerability in Codexpert, Inc Restrict
Element ...)
+ TODO: check
+CVE-2025-64243 (Missing Authorization vulnerability in e-plugins Directory Pro
directo ...)
+ TODO: check
+CVE-2025-64242 (Missing Authorization vulnerability in Merv Barrett Easy
Property List ...)
+ TODO: check
+CVE-2025-64241 (Missing Authorization vulnerability in Imtiaz Rayhan WP
Coupons and De ...)
+ TODO: check
+CVE-2025-64240 (Cross-Site Request Forgery (CSRF) vulnerability in freshchat
Freshchat ...)
+ TODO: check
+CVE-2025-64239 (Cross-Site Request Forgery (CSRF) vulnerability in Yoav Farhi
RTL Test ...)
+ TODO: check
+CVE-2025-64238 (Missing Authorization vulnerability in NicolasKulka WPS
Bidouille wps- ...)
+ TODO: check
+CVE-2025-64237 (Cross-Site Request Forgery (CSRF) vulnerability in Graham
Quick Intere ...)
+ TODO: check
+CVE-2025-64012 (InvoicePlane commit debb446c is vulnerable to Incorrect Access
Control ...)
+ TODO: check
+CVE-2025-63414 (A Path Traversal vulnerability in the Allsky WebUI version
v2024.12.06 ...)
+ TODO: check
+CVE-2025-62864 (Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04
devices b ...)
+ TODO: check
+CVE-2025-62863 (Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04
devices b ...)
+ TODO: check
+CVE-2025-62862 (Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04
devices b ...)
+ TODO: check
+CVE-2025-62849 (An SQL injection vulnerability has been reported to affect
several QNA ...)
+ TODO: check
+CVE-2025-62848 (A NULL pointer dereference vulnerability has been reported to
affect s ...)
+ TODO: check
+CVE-2025-62847 (An improper neutralization of argument delimiters in a command
vulnera ...)
+ TODO: check
+CVE-2025-62330 (HCL DevOps Deploy is susceptible to a cleartext transmission
of sensit ...)
+ TODO: check
+CVE-2025-62329 (HCL DevOps Deploy / HCL Launch is susceptible to a race
condition in h ...)
+ TODO: check
+CVE-2025-61976 (CHOCO TEI WATCHER mini (IB-MCT001) contains an issue with
improper che ...)
+ TODO: check
+CVE-2025-59947 (NanoMQ is a messaging broker/bus for IoT Edge & SDV. Versions
prior to ...)
+ TODO: check
+CVE-2025-59935 (GLPI is a free asset and IT management software package.
Starting in v ...)
+ TODO: check
+CVE-2025-59479 (CHOCO TEI WATCHER mini (IB-MCT001) contains an issue with
improper res ...)
+ TODO: check
+CVE-2025-59385 (An authentication bypass by spoofing vulnerability has been
reported t ...)
+ TODO: check
+CVE-2025-59009 (Cross-Site Request Forgery (CSRF) vulnerability in Astoundify
Listify ...)
+ TODO: check
+CVE-2025-59001 (Missing Authorization vulnerability in ThemeNectar Salient
Core salien ...)
+ TODO: check
+CVE-2025-58999 (Cross-Site Request Forgery (CSRF) vulnerability in loopus WP
Attractiv ...)
+ TODO: check
+CVE-2025-58173 (FreshRSS is a self-hosted RSS feed aggregator. In versions
1.23.0 thro ...)
+ TODO: check
+CVE-2025-55895 (TOTOLINK A3300R V17.0.0cu.557_B20221024 and N200RE
V9.3.5u.6448_B20240 ...)
+ TODO: check
+CVE-2025-54045 (Missing Authorization vulnerability in CreativeMindsSolutions
CM On De ...)
+ TODO: check
+CVE-2025-54005 (Missing Authorization vulnerability in sonalsinha21 SKT Page
Builder s ...)
+ TODO: check
+CVE-2025-54004 (Missing Authorization vulnerability in WC Lovers WCFM \u2013
Frontend ...)
+ TODO: check
+CVE-2025-52196 (Server-Side Request Forgery (SSRF) vulnerability in Ctera
Portal 8.1.x ...)
+ TODO: check
+CVE-2025-50401 (Mercury D196G d196gv1-cn-up_2020-01-09_11.21.44 is vulnerable
to Buffe ...)
+ TODO: check
+CVE-2025-50398 (Mercury D196G d196gv1-cn-up_2020-01-09_11.21.44 is vulnerable
to Buffe ...)
+ TODO: check
+CVE-2025-49300 (Insertion of Sensitive Information Into Sent Data
vulnerability in shi ...)
+ TODO: check
+CVE-2025-46296 (An authorization bypass vulnerability in FileMaker Server
Admin Consol ...)
+ TODO: check
+CVE-2025-46295 (Apache Commons Text versions prior to 1.10.0 included
interpolation fe ...)
+ TODO: check
+CVE-2025-46294 (To enhance security, the FileMaker Server 22.0.4 installer now
include ...)
+ TODO: check
+CVE-2025-40363 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
+ TODO: check
+CVE-2025-40362 (In the Linux kernel, the following vulnerability has been
resolved: c ...)
+ TODO: check
+CVE-2025-40361 (In the Linux kernel, the following vulnerability has been
resolved: f ...)
+ TODO: check
+CVE-2025-40360 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
+ TODO: check
+CVE-2025-40359 (In the Linux kernel, the following vulnerability has been
resolved: p ...)
+ TODO: check
+CVE-2025-40358 (In the Linux kernel, the following vulnerability has been
resolved: r ...)
+ TODO: check
+CVE-2025-40357 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
+ TODO: check
+CVE-2025-40356 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
+ TODO: check
+CVE-2025-40355 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
+ TODO: check
+CVE-2025-40354 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
+ TODO: check
+CVE-2025-40353 (In the Linux kernel, the following vulnerability has been
resolved: a ...)
+ TODO: check
+CVE-2025-40352 (In the Linux kernel, the following vulnerability has been
resolved: p ...)
+ TODO: check
+CVE-2025-40351 (In the Linux kernel, the following vulnerability has been
resolved: h ...)
+ TODO: check
+CVE-2025-40350 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
+ TODO: check
+CVE-2025-40349 (In the Linux kernel, the following vulnerability has been
resolved: h ...)
+ TODO: check
+CVE-2025-40348 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
+ TODO: check
+CVE-2025-40347 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
+ TODO: check
+CVE-2025-40346 (In the Linux kernel, the following vulnerability has been
resolved: a ...)
+ TODO: check
+CVE-2025-37164 (A remote code execution issue exists in HPE OneView.)
+ TODO: check
+CVE-2025-33235 (NVIDIA Resiliency Extension for Linux contains a vulnerability
in the ...)
+ TODO: check
+CVE-2025-33226 (NVIDIA NeMo Framework for all platforms contains a
vulnerability where ...)
+ TODO: check
+CVE-2025-33225 (NVIDIA Resiliency Extension for Linux contains a vulnerability
in log ...)
+ TODO: check
+CVE-2025-33212 (NVIDIA NeMo Framework contains a vulnerability in model
loading that c ...)
+ TODO: check
+CVE-2025-33210 (NVIDIA Isaac Lab contains a deserialization vulnerability. A
successf ...)
+ TODO: check
+CVE-2025-29231 (A stored cross-site scripting (XSS) vulnerability in the
page_save com ...)
+ TODO: check
+CVE-2025-14780 (A vulnerability was detected in Xiongwei Smart Catering Cloud
Platform ...)
+ TODO: check
+CVE-2025-14777 (A flaw was found in Keycloak. An IDOR (Broken Access Control)
vulnerab ...)
+ TODO: check
+CVE-2025-14758 (Incorrect configuration of replication security in the MariaDB
compone ...)
+ TODO: check
+CVE-2025-14749 (A vulnerability was identified in Ningyuanda TC155 57.0.2.0.
This impa ...)
+ TODO: check
+CVE-2025-14748 (A vulnerability was determined in Ningyuanda TC155 57.0.2.0.
This affe ...)
+ TODO: check
+CVE-2025-14747 (A vulnerability was found in Ningyuanda TC155 57.0.2.0. The
impacted e ...)
+ TODO: check
+CVE-2025-14746 (A vulnerability has been found in Ningyuanda TC155 57.0.2.0.
The affec ...)
+ TODO: check
+CVE-2025-14731 (A weakness has been identified in CTCMS Content Management
System up t ...)
+ TODO: check
+CVE-2025-14730 (A security flaw has been discovered in CTCMS Content
Management System ...)
+ TODO: check
+CVE-2025-14729 (A vulnerability was identified in CTCMS Content Management
System up t ...)
+ TODO: check
+CVE-2025-14722 (A vulnerability was determined in vion707 DMadmin up to
3403cafdb42537 ...)
+ TODO: check
+CVE-2025-14593 (A maliciously crafted CATPART file, when parsed through
certain Autode ...)
+ TODO: check
+CVE-2025-14553 (Exposure of password hashes through an unauthenticated API
response in ...)
+ TODO: check
+CVE-2025-14443 (A flaw was found in ose-openshift-apiserver. This
vulnerability allows ...)
+ TODO: check
+CVE-2025-14432 (In limited scenarios, sensitive data might be written to the
log file ...)
+ TODO: check
+CVE-2025-14252 (An Improper Access Control vulnerability in Advantech SUSI
driver (sus ...)
+ TODO: check
+CVE-2025-14002 (The WPCOM Member plugin for WordPress is vulnerable to
authentication ...)
+ TODO: check
+CVE-2025-13956 (The LearnPress \u2013 WordPress LMS Plugin plugin for
WordPress is vul ...)
+ TODO: check
+CVE-2025-13794 (The Auto Featured Image (Auto Post Thumbnail) plugin for
WordPress is ...)
+ TODO: check
+CVE-2025-13741 (The Schedule Post Changes With PublishPress Future: Unpublish,
Delete, ...)
+ TODO: check
+CVE-2025-13532 (Insecure defaults in the Server Agent component of Fortra's
Core Privi ...)
+ TODO: check
+CVE-2025-13474 (Authorization Bypass Through User-Controlled Key vulnerability
in Menu ...)
+ TODO: check
+CVE-2025-13439 (The Fancy Product Designer plugin for WordPress is vulnerable
to Infor ...)
+ TODO: check
+CVE-2025-13231 (The Fancy Product Designer plugin for WordPress is vulnerable
to Serve ...)
+ TODO: check
+CVE-2025-12809 (The Dokan Pro plugin for WordPress is vulnerable to
unauthorized acces ...)
+ TODO: check
+CVE-2025-11991 (The JetFormBuilder \u2014 Dynamic Blocks Form Builder plugin
for WordP ...)
+ TODO: check
+CVE-2025-11220 (The Elementor plugin for WordPress is vulnerable to Stored
Cross-Site ...)
+ TODO: check
+CVE-2025-10900 (AA maliciously crafted MODEL file, when parsed through certain
Autodes ...)
+ TODO: check
+CVE-2025-10899 (AA maliciously crafted MODEL file, when parsed through certain
Autodes ...)
+ TODO: check
+CVE-2025-10898 (AA maliciously crafted MODEL file, when parsed through certain
Autodes ...)
+ TODO: check
+CVE-2025-10889 (A maliciously crafted CATPART file, when parsed through
certain Autode ...)
+ TODO: check
+CVE-2025-10888 (AA maliciously crafted MODEL file, when parsed through certain
Autodes ...)
+ TODO: check
+CVE-2025-10887 (A maliciously crafted MODEL file, when parsed through certain
Autodesk ...)
+ TODO: check
+CVE-2025-10886 (A maliciously crafted MODEL file, when parsed through certain
Autodesk ...)
+ TODO: check
+CVE-2025-10884 (AA maliciously crafted CATPART file, when parsed through
certain Autod ...)
+ TODO: check
+CVE-2025-10883 (A maliciously crafted CATPRODUCT file, when parsed through
certain Aut ...)
+ TODO: check
+CVE-2025-10882 (AA maliciously crafted X_T file, when parsed through certain
Autodesk ...)
+ TODO: check
+CVE-2025-10881 (A maliciously crafted CATPRODUCT file, when parsed through
certain Aut ...)
+ TODO: check
+CVE-2025-10450 (Exposure of Private Personal Information to an Unauthorized
Actor vuln ...)
+ TODO: check
+CVE-2025-0836 (Missing Authorization vulnerability in Milestone Systems
XProtect VMS ...)
+ TODO: check
+CVE-2023-53903 (WebsiteBaker 2.13.3 contains a stored cross-site scripting
vulnerabili ...)
+ TODO: check
+CVE-2023-53902 (WebsiteBaker 2.13.3 contains a directory traversal
vulnerability that ...)
+ TODO: check
+CVE-2023-53901 (WBCE CMS 1.6.1 contains a cross-site scripting vulnerability
that allo ...)
+ TODO: check
+CVE-2023-53900 (Spip 4.1.10 contains a file upload vulnerability that allows
attackers ...)
+ TODO: check
+CVE-2023-53899 (PodcastGenerator 3.2.9 contains a blind server-side request
forgery vu ...)
+ TODO: check
+CVE-2023-53898 (Rukovoditel 3.4.1 contains a stored cross-site scripting
vulnerabiliti ...)
+ TODO: check
+CVE-2023-53897 (Rukovoditel 3.4.1 contains multiple stored cross-site
scripting vulner ...)
+ TODO: check
+CVE-2023-53896 (D-Link DAP-1325 firmware version 1.01 contains a broken access
control ...)
+ TODO: check
+CVE-2023-53895 (PimpMyLog 1.7.14 contains an improper access control
vulnerability tha ...)
+ TODO: check
+CVE-2023-53894 (phpfm 1.7.9 contains an authentication bypass vulnerability
that allow ...)
+ TODO: check
+CVE-2023-53893 (Ateme TITAN File 3.9.12.4 contains an authenticated
server-side reques ...)
+ TODO: check
+CVE-2023-53892 (Blackcat CMS 1.4 contains a remote code execution
vulnerability that a ...)
+ TODO: check
+CVE-2023-53891 (Blackcat CMS 1.4 contains a stored cross-site scripting
vulnerability ...)
+ TODO: check
+CVE-2023-53890 (Perch CMS 3.2 contains a stored cross-site scripting
vulnerability tha ...)
+ TODO: check
+CVE-2023-53889 (Perch CMS 3.2 contains a remote code execution vulnerability
that allo ...)
+ TODO: check
+CVE-2023-53888 (Zomplog 3.9 contains a remote code execution vulnerability
that allows ...)
+ TODO: check
+CVE-2023-53887 (Zomplog 3.9 contains a cross-site scripting vulnerability that
allows ...)
+ TODO: check
+CVE-2023-53886 (Xlight FTP Server 3.9.3.6 contains a stack buffer overflow
vulnerabili ...)
+ TODO: check
+CVE-2023-53885 (Webutler v3.2 contains a remote code execution vulnerability
that allo ...)
+ TODO: check
+CVE-2023-53884 (Webedition CMS v2.9.8.8 contains a stored cross-site scripting
vulnera ...)
+ TODO: check
+CVE-2023-53883 (Webedition CMS v2.9.8.8 contains a remote code execution
vulnerability ...)
+ TODO: check
+CVE-2023-53882 (JLex GuestBook 1.6.4 contains a reflected cross-site scripting
vulnera ...)
+ TODO: check
+CVE-2023-53881 (ReyeeOS 1.204.1614 contains an unencrypted CWMP communication
vulnerab ...)
+ TODO: check
+CVE-2023-53880 (Lucee 5.4.2.17 contains a reflected cross-site scripting
vulnerability ...)
+ TODO: check
+CVE-2023-53879 (NVClient 5.0 contains a stack buffer overflow vulnerability in
the use ...)
+ TODO: check
+CVE-2023-53878 (Member Login Script 3.3 contains a client-side
desynchronization vulne ...)
+ TODO: check
+CVE-2023-53877 (Bus Reservation System 1.1 contains a SQL injection
vulnerability in t ...)
+ TODO: check
+CVE-2023-53876 (Academy LMS 6.1 contains a file upload vulnerability that
allows authe ...)
+ TODO: check
+CVE-2023-53875 (GOM Player 2.3.90.5360 contains a remote code execution
vulnerability ...)
+ TODO: check
+CVE-2023-53874 (GOM Player 2.3.90.5360 contains a buffer overflow
vulnerability in the ...)
+ TODO: check
+CVE-2023-53873 (SyncBreeze 15.2.24 contains a denial of service vulnerability
in the l ...)
+ TODO: check
+CVE-2023-53872 (Wp2Fac 1.0 contains an OS command injection vulnerability in
the send. ...)
+ TODO: check
+CVE-2023-53871 (Soosyze 2.0.0 contains a file upload vulnerability that allows
attacke ...)
+ TODO: check
+CVE-2023-53870 (Jorani 1.0.3 contains a reflected cross-site scripting
vulnerability i ...)
+ TODO: check
+CVE-2023-53869 (WEBIGniter 28.7.23 contains a file upload vulnerability that
allows au ...)
+ TODO: check
+CVE-2023-53868 (Coppermine Gallery 1.6.25 contains a remote code execution
vulnerabili ...)
+ TODO: check
+CVE-2023-38913 (SQL injection vulnerability in anirbandutta9 NEWS-BUZZ v.1.0
allows a ...)
+ TODO: check
+CVE-2023-36338 (Inventory Management System 1 was discovered to contain a SQL
injectio ...)
+ TODO: check
CVE-2025-14282 [privilege escalation via unix stream socket forwarding]
- dropbear 2025.89-1 (bug #1123069)
[bookworm] - dropbear <not-affected> (Vulnerable code introduced later)
@@ -645,7 +1481,7 @@ CVE-2025-54981 (Weak Encryption Algorithm in
StreamPark,The use of an AES cipher
NOT-FOR-US: Apache software not packaged in Debian
CVE-2025-54947 (In Apache StreamPark versions 2.0.0 through 2.1.7, a security
vulnerab ...)
NOT-FOR-US: Apache software not packaged in Debian
-CVE-2025-53960 (When encrypting sensitive data, weak encryption keys that are
fixed or ...)
+CVE-2025-53960 (When issuing JSON Web Tokens (JWT), Apache StreamPark directly
uses th ...)
NOT-FOR-US: Apache software not packaged in Debian
CVE-2025-40829 (A vulnerability has been identified in Simcenter Femap (All
versions < ...)
NOT-FOR-US: Siemens
@@ -6944,7 +7780,8 @@ CVE-2025-59025 (Malicious e-mail content can be used to
execute script code. Uni
NOT-FOR-US: Open X-Change
CVE-2025-54057 (Improper Neutralization of Script-Related HTML Tags in a Web
Page (Bas ...)
NOT-FOR-US: Apache software not packaged in Debian
-CVE-2025-3261 (ThingsBoard in versions prior to v4.2.1 allows an authenticated
user t ...)
+CVE-2025-3261
+ REJECTED
NOT-FOR-US: ThingsBoard
CVE-2025-30190 (Malicious content at office documents can be used to inject
script cod ...)
NOT-FOR-US: Open X-Change
@@ -7256,6 +8093,7 @@ CVE-2025-13674 (BPv7 dissector crash in Wireshark 4.6.0
allows denial of service
CVE-2025-13611 (GitLab has remediated an issue in GitLab CE/EE affecting all
versions ...)
- gitlab <unfixed>
CVE-2025-14512 (A flaw was found in glib. This vulnerability allows a heap
buffer over ...)
+ {DLA-4412-1}
- glib2.0 2.86.3-1 (bug #1122346)
[trixie] - glib2.0 <no-dsa> (Minor issue)
[bookworm] - glib2.0 <no-dsa> (Minor issue)
@@ -7264,6 +8102,7 @@ CVE-2025-14512 (A flaw was found in glib. This
vulnerability allows a heap buffe
NOTE: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4936
NOTE: Fixed by:
https://gitlab.gnome.org/GNOME/glib/-/commit/4f0399c0aaf3ffc86b5625424580294bc7460404
(2.86.3)
CVE-2025-14087 (A flaw was found in GLib (Gnome Lib). This vulnerability
allows a remo ...)
+ {DLA-4412-1}
- glib2.0 2.86.3-1 (bug #1122347)
[trixie] - glib2.0 <no-dsa> (Minor issue)
[bookworm] - glib2.0 <no-dsa> (Minor issue)
@@ -7274,6 +8113,7 @@ CVE-2025-14087 (A flaw was found in GLib (Gnome Lib).
This vulnerability allows
NOTE: Fixed by:
https://gitlab.gnome.org/GNOME/glib/-/commit/6fe481cec709ec65b5846113848723bc25a8782a
(2.86.3)
NOTE: Fixed by:
https://gitlab.gnome.org/GNOME/glib/-/commit/dd333a40aa95819720a01caf6de564cd8a4a6310
(2.86.3)
CVE-2025-13601 (A heap-based buffer overflow problem was found in glib through
an inco ...)
+ {DLA-4412-1}
- glib2.0 2.86.3-1 (bug #1121488)
[trixie] - glib2.0 <no-dsa> (Minor issue)
[bookworm] - glib2.0 <no-dsa> (Minor issue)
@@ -9220,7 +10060,7 @@ CVE-2025-46776 (A buffer copy without checking size of
input ('classic buffer ov
NOT-FOR-US: Fortinet
CVE-2025-46775 (A debug messages revealing unnecessary information
vulnerability in Fo ...)
NOT-FOR-US: Fortinet
-CVE-2025-46373 (A Heap-based Buffer Overflow vulnerability [CWE-122] in
Fortinet Forti ...)
+CVE-2025-46373 (A Heap-based Buffer Overflow vulnerability [CWE-122]
vulnerability in ...)
NOT-FOR-US: Fortinet
CVE-2025-46215 (An Improper Isolation or Compartmentalization vulnerability
[CWE-653] ...)
NOT-FOR-US: Fortinet
@@ -12472,8 +13312,8 @@ CVE-2025-64343 ((conda) Constructor is a tool that
enables users to create insta
NOT-FOR-US: conda
CVE-2025-64339 (ClipBucket v5 is an open source video sharing platform. In
versions 5. ...)
NOT-FOR-US: ClipBucket
-CVE-2025-64338
- REJECTED
+CVE-2025-64338 (ClipBucket v5 is an open source video sharing platform. In
versions 5. ...)
+ TODO: check
CVE-2025-64336 (ClipBucket v5 is an open source video sharing platform. In
versions 5. ...)
NOT-FOR-US: ClipBucket
CVE-2025-64329 (containerd is an open-source container runtime. Versions
1.7.28 and be ...)
@@ -18905,7 +19745,7 @@ CVE-2025-48044 (Incorrect Authorization vulnerability
in ash-project ash allows
NOT-FOR-US: ash-project ash
CVE-2025-34282 (ThingsBoard versions < 4.2.1 contain a server-side request
forgery (SS ...)
NOT-FOR-US: ThingsBoard
-CVE-2025-34281 (ThingsBoard versions < 4.2.1 contain a stored cross-site
scripting (XS ...)
+CVE-2025-34281 (ThingsBoard in versions prior to v4.2.1 allows an
authenticated user t ...)
NOT-FOR-US: ThingsBoard
CVE-2025-26625 (Git LFS is a Git extension for versioning large files. In Git
LFS vers ...)
- git-lfs 3.7.1-1 (bug #1118339)
@@ -44825,6 +45665,7 @@ CVE-2022-50233 (In the Linux kernel, the following
vulnerability has been resolv
- linux 6.0.2-1
NOTE:
https://git.kernel.org/linus/dd7b8cdde098cf9f7c8de409b5b7bbb98f97be80 (6.0-rc1)
CVE-2025-7039 (A flaw was found in glib. An integer overflow during temporary
file cr ...)
+ {DLA-4412-1}
- glib2.0 2.84.4-1 (bug #1110640)
[trixie] - glib2.0 2.84.4-3~deb13u1
[bookworm] - glib2.0 2.74.6-2+deb12u7
@@ -73312,6 +74153,7 @@ CVE-2025-4384 (The MQTT add-on of PcVue fails to verify
that a remote device\u20
CVE-2025-4374 (A flaw was found in Quay. When an organization acts as a proxy
cache, ...)
NOT-FOR-US: Quay
CVE-2025-4373 (A flaw was found in GLib, which is vulnerable to an integer
overflow i ...)
+ {DLA-4412-1}
- glib2.0 2.84.1-3 (bug #1104930)
[bookworm] - glib2.0 2.74.6-2+deb12u7
NOTE: https://gitlab.gnome.org/GNOME/glib/-/issues/3677
@@ -100985,7 +101827,7 @@ CVE-2025-25474 (DCMTK v3.6.9+ DEV was discovered to
contain a buffer overflow vi
- dcmtk 3.6.9-4 (bug #1098374)
[bookworm] - dcmtk 3.6.7-9~deb12u3
NOTE: Fixed by:
https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=1d205bcd307164c99e0d4bbf412110372658d847
-CVE-2025-25473 (FFmpeg git master before commit c08d30 was discovered to
contain a NUL ...)
+CVE-2025-25473 (FFmpeg git master before commit c08d30 was discovered to
contain a mem ...)
{DSA-6073-1}
- ffmpeg <unfixed>
[bookworm] - ffmpeg <not-affected> (Vulnerable code introduced later;
ff_flush_packet_queue() is always called)
@@ -284371,7 +285213,7 @@ CVE-2022-4512 (The Better Font Awesome WordPress
plugin before 2.0.4 does not va
CVE-2022-4511 (A vulnerability has been found in RainyGao DocSys and
classified as cr ...)
NOT-FOR-US: RainyGao DocSys
CVE-2022-4510 (A path traversal vulnerability was identified in ReFirm Labs
binwalk f ...)
- {DLA-3339-1}
+ {DLA-4410-1 DLA-3339-1}
- binwalk 2.3.4+dfsg1-1
NOTE: https://github.com/ReFirmLabs/binwalk/pull/617
NOTE:
https://github.com/ReFirmLabs/binwalk/commit/696fe34ed680ffd951bfeca737feb4a0b98dde5c
(v2.3.4)
@@ -350840,7 +351682,7 @@ CVE-2022-0641 (The Popup Like box WordPress plugin
before 3.6.1 does not sanitiz
CVE-2022-0640 (The Pricing Table Builder WordPress plugin before 1.1.5 does
not sanit ...)
NOT-FOR-US: WordPress plugin
CVE-2022-0639 (Authorization Bypass Through User-Controlled Key in NPM
url-parse prio ...)
- {DLA-3336-1}
+ {DLA-4413-1 DLA-3336-1}
- node-url-parse 1.5.7-1
[stretch] - node-url-parse <end-of-life> (Nodejs in stretch not covered
by security support)
NOTE: https://huntr.dev/bounties/83a6bc9a-b542-4a38-82cd-d995a1481155
@@ -353861,7 +354703,7 @@ CVE-2022-24303 (Pillow before 9.0.1 allows attackers
to delete files because spa
NOTE:
https://pillow.readthedocs.io/en/stable/releasenotes/9.0.1.html#security
NOTE:
https://github.com/python-pillow/Pillow/commit/427221ef5f19157001bf8b1ad7cfe0b905ca8c26
(9.0.1)
CVE-2022-24302 (In Paramiko before 2.10.1, a race condition (between creation
and chmo ...)
- {DLA-3104-1 DLA-2959-1}
+ {DLA-4409-1 DLA-3104-1 DLA-2959-1}
- paramiko 2.10.3-1 (bug #1008012)
NOTE:
https://github.com/paramiko/paramiko/commit/4c491e299c9b800358b16fa4886d8d94f45abe2e
(2.10.1)
CVE-2022-24296 (Use of a Broken or Risky Cryptographic Algorithm vulnerability
in Air ...)
@@ -381043,7 +381885,7 @@ CVE-2021-40814 (The Customer Photo Gallery addon
before 2.9.4 for PrestaShop is
CVE-2021-40813 (A cross-site scripting (XSS) vulnerability in the "Zip
content" featur ...)
NOT-FOR-US: Element-IT HTTP Commander
CVE-2021-40812 (The GD Graphics Library (aka LibGD) through 2.3.2 has an
out-of-bounds ...)
- {DLA-3781-1}
+ {DLA-4411-1 DLA-3781-1}
- libgd2 2.3.3-1
[stretch] - libgd2 <no-dsa> (Minor issue)
NOTE: https://github.com/libgd/libgd/issues/750#issuecomment-914872385
@@ -382877,6 +383719,7 @@ CVE-2021-3736 (A flaw was found in the Linux kernel.
A memory leak problem was f
[stretch] - linux <not-affected> (Vulnerable code not present)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1995570
CVE-2021-40145 (gdImageGd2Ptr in gd_gd2.c in the GD Graphics Library (aka
LibGD) throu ...)
+ {DLA-4411-1}
- libgd2 2.3.3-1 (unimportant)
NOTE: https://github.com/libgd/libgd/issues/700
NOTE: https://github.com/libgd/libgd/pull/713
@@ -387965,7 +388808,7 @@ CVE-2021-38117 (Possible Command injection
Vulnerability in iManager has been d
CVE-2021-38116 (Possible Elevation of Privilege Vulnerability in iManager has
been di ...)
NOT-FOR-US: NetIQ
CVE-2021-38115 (read_header_tga in gd_tga.c in the GD Graphics Library (aka
LibGD) thr ...)
- {DLA-3781-1}
+ {DLA-4411-1 DLA-3781-1}
- libgd2 2.3.3-1 (bug #991912)
[stretch] - libgd2 <no-dsa> (Minor issue)
NOTE: https://github.com/libgd/libgd/issues/697
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4d945456420688c026a0a289b1d96121b14a6b5b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4d945456420688c026a0a289b1d96121b14a6b5b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
