[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Aug 5 21:12:20 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
620b8f5d by security tracker role at 2025-08-05T20:12:12+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,95 @@
+CVE-2025-8586 (A vulnerability, which was classified as problematic, was found in lib ...)
+	TODO: check
+CVE-2025-8585 (A vulnerability, which was classified as critical, has been found in l ...)
+	TODO: check
+CVE-2025-8584 (A vulnerability classified as problematic was found in libav up to 12. ...)
+	TODO: check
+CVE-2025-8555 (A vulnerability, which was classified as problematic, was found in atj ...)
+	TODO: check
+CVE-2025-8554 (A vulnerability, which was classified as problematic, has been found i ...)
+	TODO: check
+CVE-2025-8553 (A vulnerability classified as problematic was found in atjiu pybbs up  ...)
+	TODO: check
+CVE-2025-8552 (A vulnerability classified as problematic has been found in atjiu pybb ...)
+	TODO: check
+CVE-2025-7674 (Improper Input Validation vulnerability in Roche Diagnostics navify Mo ...)
+	TODO: check
+CVE-2025-7033 (A memory abuse issue exists in the Rockwell Automation Arena\xae Simul ...)
+	TODO: check
+CVE-2025-7032 (A memory abuse issue exists in the Rockwell Automation Arena\xae Simul ...)
+	TODO: check
+CVE-2025-7025 (A memory abuse issue exists in the Rockwell Automation Arena\xae Simul ...)
+	TODO: check
+CVE-2025-54987 (A vulnerability in Trend Micro Apex One (on-premise) management consol ...)
+	TODO: check
+CVE-2025-54948 (A vulnerability in Trend Micro Apex One (on-premise) management consol ...)
+	TODO: check
+CVE-2025-54254 (Adobe Experience Manager versions 6.5.23 and earlier are affected by a ...)
+	TODO: check
+CVE-2025-54253 (Adobe Experience Manager versions 6.5.23 and earlier are affected by a ...)
+	TODO: check
+CVE-2025-52078 (File upload vulnerability in Writebot AI Content Generator SaaS React  ...)
+	TODO: check
+CVE-2025-51857 (The reconcile method in the AttachmentReconciler class of the Halo sys ...)
+	TODO: check
+CVE-2025-51628 (Insecure Direct Object Reference (IDOR) vulnerability in PdfHandler co ...)
+	TODO: check
+CVE-2025-51627 (Incorrect access control in CaricaVerbale in Agenzia Impresa Eccobook  ...)
+	TODO: check
+CVE-2025-51541 (A stored cross-site scripting (XSS) vulnerability exists in the Shopwa ...)
+	TODO: check
+CVE-2025-51060 (An issue was discovered in CPUID cpuz.sys 1.0.5.4. An attacker can use ...)
+	TODO: check
+CVE-2025-50707 (An issue in thinkphp3 v.3.2.5 allows a remote attacker to execute arbi ...)
+	TODO: check
+CVE-2025-50706 (An issue in thinkphp v.5.1 allows a remote attacker to execute arbitra ...)
+	TODO: check
+CVE-2025-50688 (A command injection vulnerability exists in TwistedWeb (version 14.0.0 ...)
+	TODO: check
+CVE-2025-50592 (Cross site scripting vulnerability in seacms before 13.2 via the vid p ...)
+	TODO: check
+CVE-2025-50454 (An Authentication Bypass vulnerability in Blue Access' Cobalt X1 thru  ...)
+	TODO: check
+CVE-2025-47152 (An out-of-bounds read vulnerability exists in the EMF functionality of ...)
+	TODO: check
+CVE-2025-46958 (Adobe Experience Manager versions 6.5.22 and earlier are affected by a ...)
+	TODO: check
+CVE-2025-46658 (An issue was discovered in ExonautWeb in 4C Strategies Exonaut 21.6. T ...)
+	TODO: check
+CVE-2025-45512 (A lack of signature verification in the bootloader of DENX Software En ...)
+	TODO: check
+CVE-2025-44964 (A lack of SSL certificate validation in BlueStacks v5.20 allows attack ...)
+	TODO: check
+CVE-2025-43980 (An issue was discovered on FIRSTNUM JC21A-04 devices through 2.01ME/FN ...)
+	TODO: check
+CVE-2025-43979 (An issue was discovered on FIRSTNUM JC21A-04 devices through 2.01ME/FN ...)
+	TODO: check
+CVE-2025-43978 (Jointelli 5G CPE 21H01 firmware JY_21H01_A3_v1.36 devices allow (blind ...)
+	TODO: check
+CVE-2025-41698 (A low privileged local attacker can interact with the affected service ...)
+	TODO: check
+CVE-2025-2810 (A low privileged local attacker can abuse the affected service by usin ...)
+	TODO: check
+CVE-2025-2611 (The ICTBroadcast application unsafely passes session cookie data to sh ...)
+	TODO: check
+CVE-2025-29745 (A vulnerability affecting the scanning module in Emsisoft Anti-Malware ...)
+	TODO: check
+CVE-2025-27931 (An out-of-bounds read vulnerability exists in the EMF functionality of ...)
+	TODO: check
+CVE-2024-52890 (IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.03 cou ...)
+	TODO: check
+CVE-2014-125113 (An unrestricted file upload vulnerability exists in Dell (acquired by  ...)
+	TODO: check
+CVE-2013-10069 (The web interface of multiple D-Link routers, including DIR-600 rev B  ...)
+	TODO: check
+CVE-2013-10068 (Foxit Reader Plugin version 2.2.1.530, bundled with Foxit Reader 5.4.4 ...)
+	TODO: check
+CVE-2013-10064 (A stack-based buffer overflow vulnerability exists in ActFax Server ve ...)
+	TODO: check
+CVE-2012-10034 (ClanSphere 2011.3 is vulnerable to a local file inclusion (LFI) flaw d ...)
+	TODO: check
+CVE-2012-10031 (BlazeVideo HDTV Player Pro v6.6.0.3 is vulnerable to a stack-based buf ...)
+	TODO: check
 CVE-2025-8583
 	- chromium <unfixed>
 	[bullseye] - chromium <end-of-life> (see #1061268)
@@ -4585,7 +4677,7 @@ CVE-2023-47356 (Mingyu Security Gateway before v3.0-5.3p was discovered to conta
 	NOT-FOR-US: Mingyu Security Gateway
 CVE-2023-41566 (OA EKP v16 was discovered to contain an arbitrary download vulnerabili ...)
 	NOT-FOR-US: OA EKP
-CVE-2025-54874
+CVE-2025-54874 (OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG 2.5.3 and earl ...)
 	- openjpeg2 <unfixed> (bug #1110443)
 	[bookworm] - openjpeg2 <not-affected> (Vulnerable code introduced later)
 	[bullseye] - openjpeg2 <not-affected> (Vulnerable code introduced later)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/620b8f5d2206b93ac5ff03452a8e70b54d43e8c1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/620b8f5d2206b93ac5ff03452a8e70b54d43e8c1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250805/b7c785a9/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list