[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Aug 5 09:12:14 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0fe13845 by security tracker role at 2025-08-05T08:12:07+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,4 +1,138 @@
-CVE-2025-46094
+CVE-2025-8551 (A vulnerability was found in atjiu pybbs up to 6.0.0. It has been rate ...)
+	TODO: check
+CVE-2025-8550 (A vulnerability was found in atjiu pybbs up to 6.0.0. It has been decl ...)
+	TODO: check
+CVE-2025-8549 (A vulnerability was found in atjiu pybbs up to 6.0.0. It has been clas ...)
+	TODO: check
+CVE-2025-8548 (A vulnerability was found in atjiu pybbs up to 6.0.0 and classified as ...)
+	TODO: check
+CVE-2025-8547 (A vulnerability has been found in atjiu pybbs up to 6.0.0 and classifi ...)
+	TODO: check
+CVE-2025-8546 (A vulnerability, which was classified as problematic, was found in atj ...)
+	TODO: check
+CVE-2025-8545 (A vulnerability, which was classified as problematic, has been found i ...)
+	TODO: check
+CVE-2025-8544 (A vulnerability classified as problematic was found in Portabilis i-Ed ...)
+	TODO: check
+CVE-2025-8543 (A vulnerability classified as problematic has been found in Portabilis ...)
+	TODO: check
+CVE-2025-8542 (A vulnerability was found in Portabilis i-Educar 2.10. It has been rat ...)
+	TODO: check
+CVE-2025-8541 (A vulnerability was found in Portabilis i-Educar 2.10. It has been dec ...)
+	TODO: check
+CVE-2025-8540 (A vulnerability was found in Portabilis i-Educar 2.10. It has been cla ...)
+	TODO: check
+CVE-2025-8539 (A vulnerability was found in Portabilis i-Educar 2.10 and classified a ...)
+	TODO: check
+CVE-2025-8538 (A vulnerability has been found in Portabilis i-Educar 2.10 and classif ...)
+	TODO: check
+CVE-2025-8537 (A vulnerability, which was classified as problematic, was found in Axi ...)
+	TODO: check
+CVE-2025-8535 (A vulnerability, which was classified as problematic, has been found i ...)
+	TODO: check
+CVE-2025-8534 (A vulnerability classified as problematic was found in libtiff 4.6.0.  ...)
+	TODO: check
+CVE-2025-8530 (A vulnerability, which was classified as problematic, has been found i ...)
+	TODO: check
+CVE-2025-8529 (A vulnerability classified as critical was found in cloudfavorites fav ...)
+	TODO: check
+CVE-2025-8528 (A vulnerability classified as problematic has been found in Exrick xbo ...)
+	TODO: check
+CVE-2025-8527 (A vulnerability was found in Exrick xboot up to 3.3.4. It has been rat ...)
+	TODO: check
+CVE-2025-8526 (A vulnerability was found in Exrick xboot up to 3.3.4. It has been dec ...)
+	TODO: check
+CVE-2025-8525 (A vulnerability was found in Exrick xboot up to 3.3.4. It has been cla ...)
+	TODO: check
+CVE-2025-8315 (The WP Easy Contact plugin for WordPress is vulnerable to Stored Cross ...)
+	TODO: check
+CVE-2025-8313 (The Campus Directory plugin for WordPress is vulnerable to Stored Cros ...)
+	TODO: check
+CVE-2025-8295 (The Employee Directory plugin for WordPress is vulnerable to Stored Cr ...)
+	TODO: check
+CVE-2025-8294 (The Download Counter plugin for WordPress is vulnerable to Stored Cros ...)
+	TODO: check
+CVE-2025-7844 (Exporting a TPM based RSA key larger than 2048 bits from the TPM could ...)
+	TODO: check
+CVE-2025-7050 (The Use-your-Drive | Google Drive plugin for WordPress plugin for Word ...)
+	TODO: check
+CVE-2025-6207 (The WP Import Export Lite plugin for WordPress is vulnerable to arbitr ...)
+	TODO: check
+CVE-2025-5061 (The WP Import Export Lite plugin for WordPress is vulnerable to arbitr ...)
+	TODO: check
+CVE-2025-54982 (An improper verification of cryptographic signature in Zscaler's SAML  ...)
+	TODO: check
+CVE-2025-54980
+	REJECTED
+CVE-2025-54979
+	REJECTED
+CVE-2025-54978
+	REJECTED
+CVE-2025-54977
+	REJECTED
+CVE-2025-54976
+	REJECTED
+CVE-2025-54975
+	REJECTED
+CVE-2025-54974
+	REJECTED
+CVE-2025-54871 (Electron Capture facilitates video playback for screen-sharing and cap ...)
+	TODO: check
+CVE-2025-54870 (VTun-ng is a Virtual Tunnel over TCP/IP network. In versions 3.0.17 an ...)
+	TODO: check
+CVE-2025-54868 (LibreChat is a ChatGPT clone with additional features. In versions 0.0 ...)
+	TODO: check
+CVE-2025-54865 (Tilesheets MediaWiki Extension adds a table lookup parser function for ...)
+	TODO: check
+CVE-2025-54804 (Russh is a Rust SSH client & server library. In versions 0.54.0 and be ...)
+	TODO: check
+CVE-2025-54803 (js-toml is a TOML parser for JavaScript, fully compliant with the TOML ...)
+	TODO: check
+CVE-2025-54802 (pyLoad is the free and open-source Download Manager written in pure Py ...)
+	TODO: check
+CVE-2025-54797
+	REJECTED
+CVE-2025-54795 (Claude Code is an agentic coding tool. In versions below 1.0.20, an er ...)
+	TODO: check
+CVE-2025-54794 (Claude Code is an agentic coding tool. In versions below 0.2.111, a pa ...)
+	TODO: check
+CVE-2025-54780 (The glpi-screenshot-plugin allows users to take screenshots or screens ...)
+	TODO: check
+CVE-2025-54554 (tiaudit in Tera Insights tiCrypt before 2025-07-17 allows unauthentica ...)
+	TODO: check
+CVE-2025-54387 (IPX is an image optimizer powered by sharp and svgo. In versions 1.3.1 ...)
+	TODO: check
+CVE-2025-54135 (Cursor is a code editor built for programming with AI. Cursor allows w ...)
+	TODO: check
+CVE-2025-54130 (Cursor is a code editor built for programming with AI. Cursor allows w ...)
+	TODO: check
+CVE-2025-54119 (ADOdb is a PHP database class library that provides abstractions for p ...)
+	TODO: check
+CVE-2025-53544 (Trilium Notes is an open-source, cross-platform hierarchical note taki ...)
+	TODO: check
+CVE-2025-53417 (DIAView (v4.2.0 and prior) - Directory Traversal Information Disclosur ...)
+	TODO: check
+CVE-2025-52892 (EspoCRM is a web application with a frontend designed as a single-page ...)
+	TODO: check
+CVE-2025-51726 (CyberGhostVPNSetup.exe (Windows installer) is signed using the weak cr ...)
+	TODO: check
+CVE-2025-51387 (The GitKraken Desktop 10.8.0 and 11.1.0 is susceptible to code injecti ...)
+	TODO: check
+CVE-2025-50754 (Unisite CMS version 5.0 contains a stored Cross-Site Scripting (XSS) v ...)
+	TODO: check
+CVE-2025-50341 (A Boolean-based SQL injection vulnerability was discovered in Axelor 5 ...)
+	TODO: check
+CVE-2025-4604 (The vulnerable code can bypass the Captcha check in Liferay Portal 7.4 ...)
+	TODO: check
+CVE-2025-4599 (The fragment preview functionality in Liferay Portal 7.4.3.61 through  ...)
+	TODO: check
+CVE-2025-46093 (LiquidFiles before 4.1.2 supports FTP SITE CHMOD for mode 6777 (setuid ...)
+	TODO: check
+CVE-2025-27212 (An Improper Input Validation in certain UniFi Access devices could all ...)
+	TODO: check
+CVE-2025-27211 (An Improper Input Validation in EdgeMAX EdgeSwitch (Version 1.10.4 and ...)
+	TODO: check
+CVE-2025-46094 (LiquidFiles before 4.1.2 allows directory traversal by configuring the ...)
 	NOT-FOR-US: LiquidFiles
 CVE-2025-8524 (A vulnerability was found in Boquan DotWallet App 2.15.2 on Android an ...)
 	NOT-FOR-US: Boquan DotWallet App



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0fe1384528bd7c1e6cabb04822a4a93931d6edde

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0fe1384528bd7c1e6cabb04822a4a93931d6edde
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250805/4fafcbaa/attachment.htm>

More information about the debian-security-tracker-commits mailing list