Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ce873f5c by security tracker role at 2026-01-01T08:13:04+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,113 @@
+CVE-2025-69413 (In Gitea before 1.25.2, /api/v1/user has different responses
for faile ...)
+ TODO: check
+CVE-2025-69412 (KDE messagelib before 25.11.90 ignores SSL errors for
threatMatches:fi ...)
+ TODO: check
+CVE-2025-69288 (Titra is open source project time tracking software. Prior to
version ...)
+ TODO: check
+CVE-2025-69286 (RAGFlow is an open-source RAG (Retrieval-Augmented Generation)
engine. ...)
+ TODO: check
+CVE-2025-68700 (RAGFlow is an open-source RAG (Retrieval-Augmented Generation)
engine. ...)
+ TODO: check
+CVE-2025-67711 (There is a stored cross site scripting issue in Esri ArcGIS
Server 11. ...)
+ TODO: check
+CVE-2025-67710 (There is a stored cross site scripting issue in Esri ArcGIS
Server 11. ...)
+ TODO: check
+CVE-2025-67709 (There is a stored cross site scripting issue in Esri ArcGIS
Server 11. ...)
+ TODO: check
+CVE-2025-67708 (There is a stored cross site scripting issue in Esri ArcGIS
Server 11. ...)
+ TODO: check
+CVE-2025-67707 (ArcGIS Server version 11.5 and earlier on Windows and Linux
does not p ...)
+ TODO: check
+CVE-2025-67706 (ArcGIS Server version 11.5 and earlier on Windows and Linux
does not p ...)
+ TODO: check
+CVE-2025-67705 (There is a stored cross site scripting issue in Esri ArcGIS
Server 11. ...)
+ TODO: check
+CVE-2025-67704 (There is a stored cross site scripting issue in Esri ArcGIS
Server 11. ...)
+ TODO: check
+CVE-2025-67703 (There is a stored cross site scripting issue in Esri ArcGIS
Server 11. ...)
+ TODO: check
+CVE-2025-53235 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-52739 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-50053 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-47566 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-34469 (Cowrie versions prior to 2.9.0 contain a server-side request
forgery ( ...)
+ TODO: check
+CVE-2025-31054 (Cross-Site Request Forgery (CSRF) vulnerability in Themefy
Bloggie all ...)
+ TODO: check
+CVE-2025-30628 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2025-28973 (Path Traversal: '.../...//' vulnerability in AA-Team Pro Bulk
Watermar ...)
+ TODO: check
+CVE-2025-28949 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2025-22203
+ REJECTED
+CVE-2025-22202
+ REJECTED
+CVE-2025-22201
+ REJECTED
+CVE-2025-22200
+ REJECTED
+CVE-2025-22199
+ REJECTED
+CVE-2025-22198
+ REJECTED
+CVE-2025-22197
+ REJECTED
+CVE-2025-22196
+ REJECTED
+CVE-2025-22195
+ REJECTED
+CVE-2025-22194
+ REJECTED
+CVE-2025-22193
+ REJECTED
+CVE-2025-22192
+ REJECTED
+CVE-2025-22191
+ REJECTED
+CVE-2025-22190
+ REJECTED
+CVE-2025-22189
+ REJECTED
+CVE-2025-22188
+ REJECTED
+CVE-2025-22187
+ REJECTED
+CVE-2025-22186
+ REJECTED
+CVE-2025-22185
+ REJECTED
+CVE-2025-22184
+ REJECTED
+CVE-2025-22183
+ REJECTED
+CVE-2025-22182
+ REJECTED
+CVE-2025-22181
+ REJECTED
+CVE-2025-22180
+ REJECTED
+CVE-2025-22155
+ REJECTED
+CVE-2025-22154
+ REJECTED
+CVE-2025-15398 (A security vulnerability has been detected in Uasoft badaso up
to 2.9. ...)
+ TODO: check
+CVE-2025-13820 (The Comments WordPress plugin before 7.6.40 does not properly
validat ...)
+ TODO: check
+CVE-2025-11157 (A high-severity remote code execution vulnerability exists in
feast-de ...)
+ TODO: check
+CVE-2023-7332 (PocketMine-MP versions prior to 4.18.1 contain an improper
input valid ...)
+ TODO: check
+CVE-2023-7331 (A vulnerability was detected in PKrystian Full-Stack-Bank up to
bf73a0 ...)
+ TODO: check
+CVE-2015-10145 (Gargoyle router management utility versions 1.5.x contain an
authentic ...)
+ TODO: check
CVE-2025-66160 (Missing Authorization vulnerability in merkulove Select
Graphist for E ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-66159 (Missing Authorization vulnerability in merkulove Walker for
Elementor ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ce873f5c65a398b5e3e00fa124d48f5350b14cb6
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ce873f5c65a398b5e3e00fa124d48f5350b14cb6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
