[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Fri, 02 Jan 2026 00:12:50 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
41950fc3 by security tracker role at 2026-01-02T08:12:27+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,61 @@
+CVE-2025-15435 (A flaw has been found in Yonyou KSOA 9.0. Affected by this 
vulnerabili ...)
+       TODO: check
+CVE-2025-15434 (A vulnerability was detected in Yonyou KSOA 9.0. Affected is 
an unknow ...)
+       TODO: check
+CVE-2025-15432 (A vulnerability has been found in yeqifu carRental up to 
3fabb7eae93d2 ...)
+       TODO: check
+CVE-2025-15431 (A flaw has been found in UTT \u8fdb\u53d6 512W 1.7.7-171114. 
This affe ...)
+       TODO: check
+CVE-2025-15430 (A vulnerability was detected in UTT \u8fdb\u53d6 512W 
1.7.7-171114. Af ...)
+       TODO: check
+CVE-2025-15429 (A security vulnerability has been detected in UTT \u8fdb\u53d6 
512W 1. ...)
+       TODO: check
+CVE-2025-15428 (A weakness has been identified in UTT \u8fdb\u53d6 512W 
1.7.7-171114.  ...)
+       TODO: check
+CVE-2025-15427 (A security flaw has been discovered in Seeyon Zhiyuan OA Web 
Applicati ...)
+       TODO: check
+CVE-2025-15426 (A vulnerability was identified in jackying H-ui.admin up to 
3.1. This  ...)
+       TODO: check
+CVE-2025-15425 (A vulnerability was determined in Yonyou KSOA 9.0. The 
impacted elemen ...)
+       TODO: check
+CVE-2025-15424 (A vulnerability was found in Yonyou KSOA 9.0. The affected 
element is  ...)
+       TODO: check
+CVE-2025-15423 (A vulnerability has been found in EmpireSoft EmpireCMS up to 
8.0. Impa ...)
+       TODO: check
+CVE-2025-15422 (A flaw has been found in EmpireSoft EmpireCMS up to 8.0. This 
issue af ...)
+       TODO: check
+CVE-2025-15421 (A vulnerability was detected in Yonyou KSOA 9.0. This 
vulnerability af ...)
+       TODO: check
+CVE-2025-15420 (A security vulnerability has been detected in Yonyou KSOA 9.0. 
This af ...)
+       TODO: check
+CVE-2025-15419 (A weakness has been identified in Open5GS up to 2.7.6. 
Affected by thi ...)
+       TODO: check
+CVE-2025-15418 (A security flaw has been discovered in Open5GS up to 2.7.6. 
Affected b ...)
+       TODO: check
+CVE-2025-15417 (A vulnerability was identified in Open5GS up to 2.7.6. 
Affected is the ...)
+       TODO: check
+CVE-2025-15416 (A vulnerability was found in xnx3 wangmarket up to 6.4. This 
affects a ...)
+       TODO: check
+CVE-2025-15415 (A vulnerability has been found in xnx3 wangmarket up to 6.4. 
The impac ...)
+       TODO: check
+CVE-2025-15414 (A flaw has been found in go-sonic sonic up to 1.1.4. The 
affected elem ...)
+       TODO: check
+CVE-2025-15413 (A vulnerability was detected in wasm3 up to 0.5.0. Impacted is 
the fun ...)
+       TODO: check
+CVE-2025-15412 (A security vulnerability has been detected in WebAssembly wabt 
up to 1 ...)
+       TODO: check
+CVE-2025-14998 (The Branda plugin for WordPress is vulnerable to privilege 
escalation  ...)
+       TODO: check
+CVE-2025-14072 (The Ninja Forms  WordPress plugin before 3.13.3 allows 
unauthenticated ...)
+       TODO: check
+CVE-2025-14047 (The Registration, User Profile, Membership, Content 
Restriction, User  ...)
+       TODO: check
+CVE-2025-13456 (The ShopBuilder  WordPress plugin before 3.2.2 does not 
sanitise and e ...)
+       TODO: check
+CVE-2025-13153 (The Logo Slider  WordPress plugin before 4.9.0 does not 
validate and e ...)
+       TODO: check
+CVE-2025-12685 (The WPBookit WordPress plugin through 1.0.7 lacks a CSRF check 
when de ...)
+       TODO: check
 CVE-2026-21437 (eopkg is a Solus package manager implemented in python3. In 
versions p ...)
        NOT-FOR-US: eopkg
 CVE-2026-21436 (eopkg is a Solus package manager implemented in python3. In 
versions p ...)
@@ -10354,6 +10412,7 @@ CVE-2024-2105 (An unauthorised attacker within 
bluetooth range may use an improp
 CVE-2024-2104 (Due to improper BLE security configurations on the device's 
GATT serve ...)
        NOT-FOR-US: JBL
 CVE-2025-66003
+       {DSA-6092-1}
        - smb4k 4.0.5-1 (bug #1122381)
        NOTE: https://www.openwall.com/lists/oss-security/2025/12/10/6
        NOTE: Fixed by: 
https://invent.kde.org/network/smb4k/-/commit/0dea60194ab6eb8f6e34ca2e6cb0f97b90c46f1e
@@ -10362,6 +10421,7 @@ CVE-2025-66003
        NOTE: Bugfix: 
https://invent.kde.org/network/smb4k/-/commit/55c535cbab6843c88cac033a21e43206b5eefbd0
 (4.0.5)
        NOTE: bugfix: 
https://invent.kde.org/network/smb4k/-/commit/35f8cf121bfab276b739d4b8a866f8f3cdc0f7d1
 (4.0.5)
 CVE-2025-66002
+       {DSA-6092-1}
        - smb4k 4.0.5-1 (bug #1122381)
        NOTE: https://www.openwall.com/lists/oss-security/2025/12/10/6
        NOTE: Fixed by: 
https://invent.kde.org/network/smb4k/-/commit/0dea60194ab6eb8f6e34ca2e6cb0f97b90c46f1e



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/41950fc375fd1fdb3ccb0531453556c8ff4da715

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/41950fc375fd1fdb3ccb0531453556c8ff4da715
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to