[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Aug 4 21:12:49 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6224e40a by security tracker role at 2025-08-04T20:12:42+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,119 @@
+CVE-2025-8524 (A vulnerability was found in Boquan DotWallet App 2.15.2 on Android an ...)
+	TODO: check
+CVE-2025-8523 (A vulnerability has been found in RiderLike Fruit Crush-Brain App 1.0  ...)
+	TODO: check
+CVE-2025-8522 (A vulnerability, which was classified as critical, was found in givanz ...)
+	TODO: check
+CVE-2025-8521 (A vulnerability, which was classified as problematic, has been found i ...)
+	TODO: check
+CVE-2025-8520 (A vulnerability classified as critical was found in givanz Vvveb up to ...)
+	TODO: check
+CVE-2025-8519 (A vulnerability classified as problematic has been found in givanz Vvv ...)
+	TODO: check
+CVE-2025-8518 (A vulnerability was found in givanz Vvveb 1.0.5. It has been rated as  ...)
+	TODO: check
+CVE-2025-8517 (A vulnerability was found in givanz Vvveb 1.0.6.1. It has been declare ...)
+	TODO: check
+CVE-2025-8516 (A vulnerability was found in Kingdee Cloud-Starry-Sky Enterprise Editi ...)
+	TODO: check
+CVE-2025-8515 (A vulnerability was found in Intelbras InControl 2.21.60.9 and classif ...)
+	TODO: check
+CVE-2025-8341 (Grafana is an open-source platform for monitoring and observability. T ...)
+	TODO: check
+CVE-2025-8109 (Software installed and run as a non-privileged user may conduct ptrace ...)
+	TODO: check
+CVE-2025-6205 (A missing authorization vulnerability affecting DELMIA Apriso from Rel ...)
+	TODO: check
+CVE-2025-6204 (An Improper Control of Generation of Code (Code Injection) vulnerabili ...)
+	TODO: check
+CVE-2025-5988 (A flaw was found in the Ansible aap-gateway. Cross-site request forger ...)
+	TODO: check
+CVE-2025-55014 (The YouDao plugin for StarDict, as used in stardict 3.0.7+git20220909+ ...)
+	TODO: check
+CVE-2025-53395 (Paramount Macrium Reflect through 2025-06-26 allows local attackers to ...)
+	TODO: check
+CVE-2025-53394 (Paramount Macrium Reflect through 2025-06-26 allows attackers to execu ...)
+	TODO: check
+CVE-2025-52239 (An arbitrary file upload vulnerability in ZKEACMS v4.1 allows attacker ...)
+	TODO: check
+CVE-2025-51536 (Austrian Archaeological Institute (AI) OpenAtlas v8.11.0 as discovered ...)
+	TODO: check
+CVE-2025-51535 (Austrian Archaeological Institute (AI) OpenAtlas v8.11.0 as discovered ...)
+	TODO: check
+CVE-2025-51534 (A cross-site scripting (XSS) vulnerability in Austrian Archaeological  ...)
+	TODO: check
+CVE-2025-51390 (TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a com ...)
+	TODO: check
+CVE-2025-50422 (An issue was discovered in freedesktop poppler v25.04.0. The heap memo ...)
+	TODO: check
+CVE-2025-50420 (An issue in the pdfseparate utility of freedesktop poppler v25.04.0 al ...)
+	TODO: check
+CVE-2025-50340 (An Insecure Direct Object Reference (IDOR) vulnerability was discovere ...)
+	TODO: check
+CVE-2025-46206 (An issue in Artifex mupdf 1.25.6, 1.25.5 allows a remote attacker to c ...)
+	TODO: check
+CVE-2025-44963 (RUCKUS Network Director (RND) before 4.5 allows spoofing of an adminis ...)
+	TODO: check
+CVE-2025-44962 (RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows ../ director ...)
+	TODO: check
+CVE-2025-44961 (In RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build, OS command inje ...)
+	TODO: check
+CVE-2025-44960 (RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows OS command i ...)
+	TODO: check
+CVE-2025-44958 (RUCKUS Network Director (RND) before 4.5 stores passwords in a recover ...)
+	TODO: check
+CVE-2025-44957 (Ruckus SmartZone (SZ) before 6.1.2p3 Refresh Build allows authenticati ...)
+	TODO: check
+CVE-2025-44955 (RUCKUS Network Director (RND) before 4.5 allows jailed users to obtain ...)
+	TODO: check
+CVE-2025-44954 (RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build has a hardcoded SSH ...)
+	TODO: check
+CVE-2025-44643 (Certain Draytek products are affected by Insecure Configuration. This  ...)
+	TODO: check
+CVE-2025-41691 (An unauthenticated remote attacker may trigger a NULL pointer derefere ...)
+	TODO: check
+CVE-2025-41659 (A low-privileged attacker can remotely access the PKI folder of the CO ...)
+	TODO: check
+CVE-2025-41658 (CODESYS Runtime Toolkit-based products may expose sensitive files to l ...)
+	TODO: check
+CVE-2025-38741 (Dell Enterprise SONiC OS, version 4.5.0, contains a cryptographic key  ...)
+	TODO: check
+CVE-2025-38739 (Dell Digital Delivery, versions prior to 5.6.1.0, contains an Insuffic ...)
+	TODO: check
+CVE-2025-36607 (Dell Unity, version(s) 5.5 and prior, contain(s) an OS Command Injecti ...)
+	TODO: check
+CVE-2025-36606 (Dell Unity, version(s) 5.5 and prior, contain(s) an OS Command Injecti ...)
+	TODO: check
+CVE-2025-36605 (Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutraliz ...)
+	TODO: check
+CVE-2025-36604 (Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutraliz ...)
+	TODO: check
+CVE-2025-36594 (Dell PowerProtect Data Domain with Data Domain Operating System (DD OS ...)
+	TODO: check
+CVE-2025-34147 (An unauthenticated OS command injection vulnerability exists in the Sh ...)
+	TODO: check
+CVE-2025-30099 (Dell PowerProtect Data Domain with Data Domain Operating System (DD OS ...)
+	TODO: check
+CVE-2025-30098 (Dell PowerProtect Data Domain with Data Domain Operating System (DD OS ...)
+	TODO: check
+CVE-2025-30097 (Dell PowerProtect Data Domain with Data Domain Operating System (DD OS ...)
+	TODO: check
+CVE-2025-30096 (Dell PowerProtect Data Domain with Data Domain Operating System (DD OS ...)
+	TODO: check
+CVE-2025-26476 (Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0, conta ...)
+	TODO: check
+CVE-2025-26065 (A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2.2.9  ...)
+	TODO: check
+CVE-2025-21120 (Dell Avamar, versions prior to 19.12 with patch 338905, excluding vers ...)
+	TODO: check
+CVE-2025-0932 (Use After Free vulnerability in Arm Ltd Bifrost GPU Userspace Driver,  ...)
+	TODO: check
+CVE-2024-45183 (An issue was discovered in Samsung Mobile Processor Exynos 2100, 1280, ...)
+	TODO: check
+CVE-2013-10054 (An unauthenticated arbitrary file upload vulnerability exists in Libre ...)
+	TODO: check
+CVE-2013-10052 (ZPanel includes a helper binary named zsudo, intended to allow restric ...)
+	TODO: check
 CVE-2025-54962 (/edit-user in webserver in OpenPLC Runtime 3 through 9cd8f1b allows au ...)
 	TODO: check
 CVE-2025-48499 (Out-of-bounds write vulnerability exists in FUJIFILM Business Innovati ...)
@@ -74499,7 +74615,7 @@ CVE-2024-53242 (A vulnerability has been identified in Teamcenter Visualization
 	NOT-FOR-US: Siemens
 CVE-2024-53041 (A vulnerability has been identified in Teamcenter Visualization V14.2  ...)
 	NOT-FOR-US: Siemens
-CVE-2024-52538 (Dell Avamar, version(s) 19.x, contain(s) an Improper Neutralization of ...)
+CVE-2024-52538 (Dell Avamar, versions prior to 19.12 with patch 338905, excluding 19.1 ...)
 	NOT-FOR-US: Dell
 CVE-2024-52051 (A vulnerability has been identified in SIMATIC S7-PLCSIM V17 (All vers ...)
 	NOT-FOR-US: Siemens
@@ -74683,9 +74799,9 @@ CVE-2024-49059 (Microsoft Office Elevation of Privilege Vulnerability)
 	NOT-FOR-US: Microsoft
 CVE-2024-49057 (Microsoft Defender for Endpoint on Android Spoofing Vulnerability)
 	NOT-FOR-US: Microsoft
-CVE-2024-47977 (Dell Avamar, version(s) 19.x, contain(s) an Improper Neutralization of ...)
+CVE-2024-47977 (Dell Avamar, versions prior to 19.12 with patch 338905, excluding 19.1 ...)
 	NOT-FOR-US: Dell
-CVE-2024-47484 (Dell Avamar, version(s) 19.x, contain(s) an Improper Neutralization of ...)
+CVE-2024-47484 (Dell Avamar, versions prior to 19.12 with patch 338905, excluding 19.1 ...)
 	NOT-FOR-US: Dell
 CVE-2024-47117 (IBM Carbon Design System (Carbon Charts 0.4.0 through 1.13.16) is vuln ...)
 	NOT-FOR-US: IBM



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6224e40a37300a41ee26e7e3a616b866d6178a94

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6224e40a37300a41ee26e7e3a616b866d6178a94
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250804/75d2c2a4/attachment.htm>

More information about the debian-security-tracker-commits mailing list