[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Aug 13 21:12:22 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9e100029 by security tracker role at 2025-08-13T20:12:15+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,204 @@
-CVE-2025-53859 [nginx: ngx_mail_smtp_module buffer over-read potentially resulting in sensitive information leak]
+CVE-2025-8941 (A flaw was found in linux-pam. The pam_namespace module may improperly ...)
+ TODO: check
+CVE-2025-8927 (A vulnerability was determined in mtons mblog up to 3.5.0. Affected by ...)
+ TODO: check
+CVE-2025-8926 (A vulnerability was found in SourceCodester COVID 19 Testing Managemen ...)
+ TODO: check
+CVE-2025-8925 (A vulnerability has been found in itsourcecode Sports Management Syste ...)
+ TODO: check
+CVE-2025-8924 (A vulnerability was identified in Campcodes Online Water Billing Syste ...)
+ TODO: check
+CVE-2025-8923 (A vulnerability was determined in code-projects Job Diary 1.0. This vu ...)
+ TODO: check
+CVE-2025-8922 (A vulnerability was found in code-projects Job Diary 1.0. This affects ...)
+ TODO: check
+CVE-2025-8921 (A vulnerability has been found in code-projects Job Diary 1.0. Affecte ...)
+ TODO: check
+CVE-2025-8920 (A vulnerability was identified in Portabilis i-Diario 1.6. Affected by ...)
+ TODO: check
+CVE-2025-8919 (A vulnerability was determined in Portabilis i-Diario up to 1.6. Affec ...)
+ TODO: check
+CVE-2025-8918 (A vulnerability was found in Portabilis i-Educar up to 2.10. This issu ...)
+ TODO: check
+CVE-2025-8916 (Allocation of Resources Without Limits or Throttling vulnerability in ...)
+ TODO: check
+CVE-2025-8914 (Organization Portal System developed by WellChoose has a SQL Injection ...)
+ TODO: check
+CVE-2025-8913 (Organization Portal System developed by WellChoose has a Local File In ...)
+ TODO: check
+CVE-2025-8912 (Organization Portal System developed by WellChoose has an Arbitrary Fi ...)
+ TODO: check
+CVE-2025-8911 (Organization Portal System developed by WellChoose has a Reflected Cro ...)
+ TODO: check
+CVE-2025-8910 (Organization Portal System developed by WellChoose has a Reflected Cro ...)
+ TODO: check
+CVE-2025-8909 (Organization Portal System developed by WellChoose has an Arbitrary Fi ...)
+ TODO: check
+CVE-2025-8908 (A vulnerability was determined in Shanghai Lingdang Information Techno ...)
+ TODO: check
+CVE-2025-8907 (A vulnerability was found in H3C M2 NAS V100R006. Affected by this vul ...)
+ TODO: check
+CVE-2025-8904 (Amazon EMR Secret Agent creates a keytab file containing Kerberos cred ...)
+ TODO: check
+CVE-2025-8770 (An issue has been discovered in GitLab EE affecting all versions from ...)
+ TODO: check
+CVE-2025-8754 (Missing Authentication for Critical Function vulnerability in ABB ABB ...)
+ TODO: check
+CVE-2025-8671 (A mismatch caused by client-triggered server-sent stream resets betwee ...)
+ TODO: check
+CVE-2025-7739 (An issue has been discovered in GitLab CE/EE affecting all versions fr ...)
+ TODO: check
+CVE-2025-7734 (An issue has been discovered in GitLab CE/EE affecting all versions fr ...)
+ TODO: check
+CVE-2025-6186 (An issue has been discovered in GitLab CE/EE affecting all versions fr ...)
+ TODO: check
+CVE-2025-5819 (An issue has been discovered in GitLab CE/EE affecting all versions fr ...)
+ TODO: check
+CVE-2025-55668 (Session Fixation vulnerability in Apache Tomcat via rewrite valve. Th ...)
+ TODO: check
+CVE-2025-55345 (Using Codex CLI in workspace-write mode inside a malicious context (re ...)
+ TODO: check
+CVE-2025-55280 (This vulnerability exists in ZKTeco WL20 due to storage of Wi-Fi crede ...)
+ TODO: check
+CVE-2025-55279 (This vulnerability exists in ZKTeco WL20 due to hard-coded private key ...)
+ TODO: check
+CVE-2025-55163 (Netty is an asynchronous, event-driven network application framework. ...)
+ TODO: check
+CVE-2025-55160 (ImageMagick is free and open-source software used for editing and mani ...)
+ TODO: check
+CVE-2025-55154 (ImageMagick is free and open-source software used for editing and mani ...)
+ TODO: check
+CVE-2025-55005 (ImageMagick is free and open-source software used for editing and mani ...)
+ TODO: check
+CVE-2025-55004 (ImageMagick is free and open-source software used for editing and mani ...)
+ TODO: check
+CVE-2025-54809 (F5 Access for Android before version 3.1.2 which uses HTTPS does not v ...)
+ TODO: check
+CVE-2025-54791 (OMERO.web provides a web based client and plugin infrastructure. Prior ...)
+ TODO: check
+CVE-2025-54500 (An HTTP/2 implementation flaw allows a denial-of-service (DoS) that us ...)
+ TODO: check
+CVE-2025-54465 (This vulnerability exists in ZKTeco WL20 due to hard-coded MQTT creden ...)
+ TODO: check
+CVE-2025-54464 (This vulnerability exists in ZKTeco WL20 due to storage of admin and u ...)
+ TODO: check
+CVE-2025-54382 (Cherry Studio is a desktop client that supports for multiple LLM provi ...)
+ TODO: check
+CVE-2025-54074 (Cherry Studio is a desktop client that supports for multiple LLM provi ...)
+ TODO: check
+CVE-2025-52585 (When a BIG-IP LTM Client SSL profile is configured on a virtual server ...)
+ TODO: check
+CVE-2025-52392 (Soosyze CMS 2.0 allows brute-force login attacks via the /user/login e ...)
+ TODO: check
+CVE-2025-52386 (CycloneDX Sunshine v0.9 is vulnerable to CSV Formula Injection via a c ...)
+ TODO: check
+CVE-2025-52385 (An issue in Studio 3T v.2025.1.0 and before allows a remote attacker t ...)
+ TODO: check
+CVE-2025-51691 (Cross-Site Scripting (XSS) vulnerability found in MarkTwo commit e3a1d ...)
+ TODO: check
+CVE-2025-51452 (In TOTOLINK A7000R firmware 9.1.0u.6115_B20201022, an attacker can byp ...)
+ TODO: check
+CVE-2025-51451 (In TOTOLINK EX1200T firmware 4.1.2cu.5215, an attacker can bypass logi ...)
+ TODO: check
+CVE-2025-50946 (OS Command Injection in Olivetin 2025.4.22 Custom Themes via the Parse ...)
+ TODO: check
+CVE-2025-50690 (A Cross-Site Scripting (XSS) vulnerability exists in SpatialReference. ...)
+ TODO: check
+CVE-2025-50635 (A null pointer dereference vulnerability was discovered in Netis WF278 ...)
+ TODO: check
+CVE-2025-50617 (A buffer overflow vulnerability has been discovered in Netis WF2880 v2 ...)
+ TODO: check
+CVE-2025-50616 (A buffer overflow vulnerability has been discovered in Netis WF2880 v2 ...)
+ TODO: check
+CVE-2025-50615 (A buffer overflow vulnerability has been discovered in Netis WF2880 v2 ...)
+ TODO: check
+CVE-2025-50614 (A buffer overflow vulnerability has been discovered in the Netis WF288 ...)
+ TODO: check
+CVE-2025-50613 (A buffer overflow vulnerability has been discovered in Netis WF2880 v2 ...)
+ TODO: check
+CVE-2025-50612 (A buffer overflow vulnerability has been discovered in the Netis WF288 ...)
+ TODO: check
+CVE-2025-50611 (A buffer overflow vulnerability has been discovered in Netis WF2880 v2 ...)
+ TODO: check
+CVE-2025-50610 (A buffer overflow vulnerability has been discovered in Netis WF2880 v2 ...)
+ TODO: check
+CVE-2025-50609 (A buffer overflow vulnerability has been discovered in Netis WF2880 v2 ...)
+ TODO: check
+CVE-2025-50608 (A buffer overflow vulnerability has been discovered in Netis WF2880 v2 ...)
+ TODO: check
+CVE-2025-50594 (An issue was discovered in /Code/Websites/DanpheEMR/Controllers/Settin ...)
+ TODO: check
+CVE-2025-50251 (Server side request forgery (SSRF) vulnerability in makeplane plane 0. ...)
+ TODO: check
+CVE-2025-48989 (Improper Resource Shutdown or Release vulnerability in Apache Tomcat m ...)
+ TODO: check
+CVE-2025-48500 (A missing file integrity check vulnerability exists on MacOS F5 VPN br ...)
+ TODO: check
+CVE-2025-46405 (When Network Access is configured on a BIG-IP APM virtual server, undi ...)
+ TODO: check
+CVE-2025-45317 (A zip slip vulnerability in the /modules/ImportModule.php component of ...)
+ TODO: check
+CVE-2025-45316 (A cross-site scripting (XSS) vulnerability in the TextBlockModule.php ...)
+ TODO: check
+CVE-2025-45315 (A cross-site scripting (XSS) vulnerability in the /controller/admin.ph ...)
+ TODO: check
+CVE-2025-45314 (A cross-site scripting (XSS) vulnerability in the /Calendar endpoint o ...)
+ TODO: check
+CVE-2025-45313 (A cross-site scripting (XSS) vulnerability in the /tasks endpoint of h ...)
+ TODO: check
+CVE-2025-43989 (The /goform/formJsonAjaxReq POST endpoint of Shenzhen Tuoshi NR500-EA ...)
+ TODO: check
+CVE-2025-43988 (KuWFi 5G01-X55 FL2020_V0.0.12 devices expose an unauthenticated API en ...)
+ TODO: check
+CVE-2025-43986 (An issue was discovered on KuWFi GC111 GC111-GL-LM321_V3.0_20191211 de ...)
+ TODO: check
+CVE-2025-43982 (Shenzhen Tuoshi NR500-EA RG500UEAABxCOMSLICv3.4.2731.16.43 devices ena ...)
+ TODO: check
+CVE-2025-34153 (Hyland OnBase versions prior to 17.0.2.87 (other versions may be affec ...)
+ TODO: check
+CVE-2025-32451 (A memory corruption vulnerability exists in Foxit Reader 2025.1.0.2793 ...)
+ TODO: check
+CVE-2025-2937 (An issue has been discovered in GitLab CE/EE affecting all versions fr ...)
+ TODO: check
+CVE-2025-2614 (An issue has been discovered in GitLab CE/EE affecting all versions fr ...)
+ TODO: check
+CVE-2025-2498 (An improper access control in Gitlab EE affecting all versions from 12 ...)
+ TODO: check
+CVE-2025-2184 (A credential management flaw in Palo Alto Networks Cortex XDR\xae Brok ...)
+ TODO: check
+CVE-2025-2183 (An insufficient certificate validation issue in the Palo Alto Networks ...)
+ TODO: check
+CVE-2025-2182 (A problem with the implementation of the MACsec protocol in Palo Alto ...)
+ TODO: check
+CVE-2025-2181 (A sensitive information disclosure vulnerability in Palo Alto Networks ...)
+ TODO: check
+CVE-2025-2180 (An unsafe deserialization vulnerability in Palo Alto Networks Checkov ...)
+ TODO: check
+CVE-2025-23306 (NVIDIA Megatron-LM for all platforms contains a vulnerability in the m ...)
+ TODO: check
+CVE-2025-23305 (NVIDIA Megatron-LM for all platforms contains a vulnerability in the t ...)
+ TODO: check
+CVE-2025-23304 (NVIDIA NeMo library for all platforms contains a vulnerability in the ...)
+ TODO: check
+CVE-2025-23303 (NVIDIA NeMo Framework for all platforms contains a vulnerability where ...)
+ TODO: check
+CVE-2025-23298 (NVIDIA Merlin Transformers4Rec for all platforms contains a vulnerabil ...)
+ TODO: check
+CVE-2025-23296 (NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Pyt ...)
+ TODO: check
+CVE-2025-23295 (NVIDIA Apex for all platforms contains a vulnerability in a Python com ...)
+ TODO: check
+CVE-2025-23294 (NVIDIA WebDataset for all platforms contains a vulnerability where an ...)
+ TODO: check
+CVE-2025-1477 (An issue has been discovered in GitLab CE/EE affecting all versions fr ...)
+ TODO: check
+CVE-2024-5477 (A potential security vulnerability has been identified in the System B ...)
+ TODO: check
+CVE-2024-12303 (An issue has been discovered in GitLab CE/EE affecting all versions fr ...)
+ TODO: check
+CVE-2024-10219 (An issue has been discovered in GitLab CE/EE affecting all versions fr ...)
+ TODO: check
+CVE-2025-53859 (NGINX Open Source and NGINX Plus have a vulnerability in the ngx_mail_ ...)
- nginx <unfixed>
NOTE: https://www.openwall.com/lists/oss-security/2025/08/13/5
NOTE: https://nginx.org/download/patch.2025.smtp.txt
@@ -709,6 +909,7 @@ CVE-2024-26009 (An authentication bypass using an alternate path or channel [CWE
CVE-2023-45584 (A double free vulnerability [CWE-415] in Fortinet FortiOS version 7.4. ...)
NOT-FOR-US: Fortinet
CVE-2025-38500 (In the Linux kernel, the following vulnerability has been resolved: x ...)
+ {DSA-5975-1}
- linux <unfixed>
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a90b2a1aaacbcf0f91d7e4868ad6c51c5dee814b (6.16)
@@ -941,7 +1142,7 @@ CVE-2025-44004 (Mattermost Confluence Plugin version <1.5.0 fails to check the a
CVE-2025-44001 (Mattermost Confluence Plugin version <1.5.0 fails to check the access ...)
NOT-FOR-US: Mattermost Confluence Plugin
CVE-2025-38499 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
NOTE: https://git.kernel.org/linus/c28f922c9dcee0e4876a2c095939d77fe7e15116 (6.16-rc1)
CVE-2025-25231 (Omnissa Workspace ONE UEM contains a Secondary Context Path Traversal ...)
@@ -1249,7 +1450,7 @@ CVE-2025-8732 (A vulnerability was found in libxml2 up to 2.14.5. It has been de
NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/958
NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/958#note_2505853
NOTE: Issue can only be triggered with untrusted SGML, negligible security impact
-CVE-2025-8731 (A vulnerability was found in TRENDnet TI-G160i, TI-PG102i and TPL-430A ...)
+CVE-2025-8731 (A vulnerability was identified in TRENDnet TI-G160i, TI-PG102i and TPL ...)
NOT-FOR-US: TRENDnet
CVE-2025-8730 (A vulnerability was found in Belkin F9K1009 and F9K1010 2.00.04/2.00.0 ...)
NOT-FOR-US: Belkin
@@ -4021,23 +4222,25 @@ CVE-2024-49343 (IBM Informix Dynamic Server 12.10 and 14.10 is vulnerable to HTM
CVE-2024-49342 (IBM Informix Dynamic Server 12.10 and 14.10 uses an inadequate account ...)
NOT-FOR-US: IBM
CVE-2025-38497 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
NOTE: https://git.kernel.org/linus/3014168731b7930300aab656085af784edc861f6 (6.16-rc7)
CVE-2025-38496 (In the Linux kernel, the following vulnerability has been resolved: d ...)
+ {DSA-5975-1}
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/b1bf1a782fdf5c482215c0c661b5da98b8e75773 (6.16-rc7)
CVE-2025-38495 (In the Linux kernel, the following vulnerability has been resolved: H ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
NOTE: https://git.kernel.org/linus/4f15ee98304b96e164ff2340e1dfd6181c3f42aa (6.16-rc7)
CVE-2025-38494 (In the Linux kernel, the following vulnerability has been resolved: H ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
NOTE: https://git.kernel.org/linus/c2ca42f190b6714d6c481dfd3d9b62ea091c946b (6.16-rc7)
CVE-2025-38493 (In the Linux kernel, the following vulnerability has been resolved: t ...)
+ {DSA-5975-1}
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
@@ -4046,101 +4249,107 @@ CVE-2025-38492 (In the Linux kernel, the following vulnerability has been resolv
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/89635eae076cd8eaa5cb752f66538c9dc6c9fdc3 (6.16-rc7)
CVE-2025-38491 (In the Linux kernel, the following vulnerability has been resolved: m ...)
+ {DSA-5975-1}
- linux <unfixed>
NOTE: https://git.kernel.org/linus/f8a1d9b18c5efc76784f5a326e905f641f839894 (6.16-rc7)
CVE-2025-38490 (In the Linux kernel, the following vulnerability has been resolved: n ...)
+ {DSA-5975-1}
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/1b7e585c04cd5f0731dd25ffd396277e55fae0e6 (6.16-rc7)
CVE-2025-38489 (In the Linux kernel, the following vulnerability has been resolved: s ...)
+ {DSA-5975-1}
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/6a5abf8cf182f577c7ae6c62f14debc9754ec986 (6.16-rc7)
CVE-2025-38488 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
NOTE: https://git.kernel.org/linus/b220bed63330c0e1733dc06ea8e75d5b9962b6b6 (6.16-rc7)
CVE-2025-38487 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
NOTE: https://git.kernel.org/linus/56448e78a6bb4e1a8528a0e2efe94eff0400c247 (6.16-rc7)
CVE-2025-38486 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/834bce6a715ae9a9c4dce7892454a19adf22b013 (6.16-rc7)
CVE-2025-38485 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/1fe16dc1a2f5057772e5391ec042ed7442966c9a (6.16-rc7)
CVE-2025-38484 (In the Linux kernel, the following vulnerability has been resolved: i ...)
+ {DSA-5975-1}
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/da9374819eb3885636934c1006d450c3cb1a02ed (6.16-rc7)
CVE-2025-38483 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
NOTE: https://git.kernel.org/linus/ed93c6f68a3be06e4e0c331c6e751f462dee3932 (6.16-rc7)
CVE-2025-38482 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
NOTE: https://git.kernel.org/linus/70f2b28b5243df557f51c054c20058ae207baaac (6.16-rc7)
CVE-2025-38481 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
NOTE: https://git.kernel.org/linus/08ae4b20f5e82101d77326ecab9089e110f224cc (6.16-rc7)
CVE-2025-38480 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
NOTE: https://git.kernel.org/linus/e9cb26291d009243a4478a7ffb37b3a9175bfce9 (6.16-rc7)
CVE-2025-38478 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
NOTE: https://git.kernel.org/linus/46d8c744136ce2454aa4c35c138cc06817f92b8e (6.16-rc7)
CVE-2025-38477 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
NOTE: https://git.kernel.org/linus/5e28d5a3f774f118896aec17a3a20a9c5c9dfc64 (6.16-rc7)
CVE-2025-38476 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
NOTE: https://git.kernel.org/linus/b640daa2822a39ff76e70200cb2b7b892b896dce (6.16-rc7)
CVE-2025-38475 (In the Linux kernel, the following vulnerability has been resolved: s ...)
+ {DSA-5975-1}
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/60ada4fe644edaa6c2da97364184b0425e8aeaf5 (6.16-rc7)
CVE-2025-38474 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
NOTE: https://git.kernel.org/linus/4c4ca3c46167518f8534ed70f6e3b4bf86c4d158 (6.16-rc7)
CVE-2025-38473 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
NOTE: https://git.kernel.org/linus/a0075accbf0d76c2dad1ad3993d2e944505d99a0 (6.16-rc7)
CVE-2025-38472 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/2d72afb340657f03f7261e9243b44457a9228ac7 (6.16-rc7)
CVE-2025-38471 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/4ab26bce3969f8fd925fe6f6f551e4d1a508c68b (6.16-rc7)
CVE-2025-38470 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
NOTE: https://git.kernel.org/linus/579d4f9ca9a9a605184a9b162355f6ba131f678d (6.16-rc7)
CVE-2025-38469 (In the Linux kernel, the following vulnerability has been resolved: K ...)
+ {DSA-5975-1}
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/5a53249d149f48b558368c5338b9921b76a12f8c (6.16)
CVE-2025-38468 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
NOTE: https://git.kernel.org/linus/0e1d5d9b5c5966e2e42e298670808590db5ed628 (6.16-rc7)
CVE-2025-8267 (Versions of the package ssrfcheck before 1.2.0 are vulnerable to Serve ...)
@@ -4525,61 +4734,63 @@ CVE-2025-3873 (The following APIs for the Silcon Labs SiWx91x prior to vesion 3.
CVE-2025-3508 (Certain HP DesignJet products may be vulnerable to information disclos ...)
NOT-FOR-US: HP
CVE-2025-38467 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
NOTE: https://git.kernel.org/linus/b846350aa272de99bf6fecfa6b08e64ebfb13173 (6.16-rc5)
CVE-2025-38466 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
NOTE: https://git.kernel.org/linus/ba677dbe77af5ffe6204e0f3f547f3ba059c6302 (6.16-rc5)
CVE-2025-38465 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
NOTE: https://git.kernel.org/linus/ae8f160e7eb24240a2a79fc4c815c6a0d4ee16cc (6.16-rc6)
CVE-2025-38464 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
NOTE: https://git.kernel.org/linus/667eeab4999e981c96b447a4df5f20bdf5c26f13 (6.16-rc6)
CVE-2025-38463 (In the Linux kernel, the following vulnerability has been resolved: t ...)
+ {DSA-5975-1}
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d3a5f2871adc0c61c61869f37f3e697d97f03d8c (6.16-rc6)
CVE-2025-38462 (In the Linux kernel, the following vulnerability has been resolved: v ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
NOTE: https://git.kernel.org/linus/209fd720838aaf1420416494c5505096478156b4 (6.16-rc6)
CVE-2025-38461 (In the Linux kernel, the following vulnerability has been resolved: v ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
NOTE: https://git.kernel.org/linus/687aa0c5581b8d4aa87fd92973e4ee576b550cdf (6.16-rc6)
CVE-2025-38460 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
NOTE: https://git.kernel.org/linus/706cc36477139c1616a9b2b96610a8bb520b7119 (6.16-rc6)
CVE-2025-38459 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
NOTE: https://git.kernel.org/linus/c489f3283dbfc0f3c00c312149cae90d27552c45 (6.16-rc6)
CVE-2025-38458 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
NOTE: https://git.kernel.org/linus/22fc46cea91df3dce140a7dc6847c6fcf0354505 (6.16-rc6)
CVE-2025-38457 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
NOTE: https://git.kernel.org/linus/ffdde7bf5a439aaa1955ebd581f5c64ab1533963 (6.16-rc6)
CVE-2025-38456 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/fa332f5dc6fc662ad7d3200048772c96b861cf6b (6.16-rc1)
CVE-2025-38455 (In the Linux kernel, the following vulnerability has been resolved: K ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ecf371f8b02d5e31b9aa1da7f159f1b2107bdb01 (6.16-rc6)
CVE-2025-38454 (In the Linux kernel, the following vulnerability has been resolved: A ...)
+ {DSA-5975-1}
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
@@ -4590,46 +4801,50 @@ CVE-2025-38453 (In the Linux kernel, the following vulnerability has been resolv
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/fc582cd26e888b0652bc1494f252329453fd3b23 (6.16-rc6)
CVE-2025-38452 (In the Linux kernel, the following vulnerability has been resolved: n ...)
+ {DSA-5975-1}
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/95a234f6affbf51f06338383537ab80d637bb785 (6.16-rc6)
CVE-2025-38451 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/c17fb542dbd1db745c9feac15617056506dd7195 (6.16-rc6)
CVE-2025-38450 (In the Linux kernel, the following vulnerability has been resolved: w ...)
+ {DSA-5975-1}
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/35ad47c0b3da04b00b19a8b9ed5632e2f2520472 (6.16-rc6)
CVE-2025-38449 (In the Linux kernel, the following vulnerability has been resolved: d ...)
+ {DSA-5975-1}
- linux <unfixed>
NOTE: https://git.kernel.org/linus/5307dce878d4126e1b375587318955bd019c3741 (6.16-rc5)
CVE-2025-38448 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
NOTE: https://git.kernel.org/linus/c529c3730bd09115684644e26bf01ecbd7e2c2c9 (6.16-rc5)
CVE-2025-38447 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ddd05742b45b083975a0855ef6ebbf88cf1f532a (6.16-rc6)
CVE-2025-38446 (In the Linux kernel, the following vulnerability has been resolved: c ...)
+ {DSA-5975-1}
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/aacc875a448d363332b9df0621dde6d3a225ea9f (6.16-rc6)
CVE-2025-38445 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
NOTE: https://git.kernel.org/linus/d67ed2ccd2d1dcfda9292c0ea8697a9d0f2f0d98 (6.16-rc6)
CVE-2025-38444 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/43806c3d5b9bb7d74ba4e33a6a8a41ac988bde24 (6.16-rc6)
CVE-2025-38443 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/aa9552438ebf015fc5f9f890dbfe39f0c53cf37e (6.16-rc6)
@@ -4637,24 +4852,26 @@ CVE-2025-38442 (In the Linux kernel, the following vulnerability has been resolv
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/4cdf1bdd45ac78a088773722f009883af30ad318 (6.16-rc6)
CVE-2025-38441 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/18cdb3d982da8976b28d57691eb256ec5688fad2 (6.16-rc6)
CVE-2025-38440 (In the Linux kernel, the following vulnerability has been resolved: n ...)
+ {DSA-5975-1}
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/eb41a264a3a576dc040ee37c3d9d6b7e2d9be968 (6.16-rc6)
CVE-2025-38439 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
NOTE: https://git.kernel.org/linus/3cdf199d4755d477972ee87110b2aebc88b3cfad (6.16-rc6)
CVE-2025-38438 (In the Linux kernel, the following vulnerability has been resolved: A ...)
+ {DSA-5975-1}
- linux <unfixed>
NOTE: https://git.kernel.org/linus/6c038b58a2dc5a008c7e7a1297f5aaa4deaaaa7e (6.16-rc4)
CVE-2025-38437 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/50f930db22365738d9387c974416f38a06e8057e (6.16-rc6)
@@ -6533,6 +6750,7 @@ CVE-2015-10133 (The Subscribe to Comments for WordPress is vulnerable to Local F
CVE-2012-10019 (The Front End Editor plugin for WordPress is vulnerable to arbitrary f ...)
NOT-FOR-US: WordPress plugin
CVE-2025-38351 (In the Linux kernel, the following vulnerability has been resolved: K ...)
+ {DSA-5975-1}
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
@@ -6929,6 +7147,7 @@ CVE-2025-3753 (A code execution vulnerability has been identified in the Robot O
CVE-2025-3740 (The School Management System for Wordpress plugin for WordPress is vul ...)
NOT-FOR-US: WordPress plugin
CVE-2025-38349 (In the Linux kernel, the following vulnerability has been resolved: e ...)
+ {DSA-5975-1}
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
@@ -8902,6 +9121,7 @@ CVE-2025-38336 (In the Linux kernel, the following vulnerability has been resolv
- linux 6.12.35-1
NOTE: https://git.kernel.org/linus/d29fc02caad7f94b62d56ee1b01c954f9c961ba7 (6.16-rc3)
CVE-2025-38335 (In the Linux kernel, the following vulnerability has been resolved: I ...)
+ {DSA-5975-1}
- linux <unfixed>
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f4a8f561d08e39f7833d4a278ebfb12a41eef15f (6.16-rc1)
@@ -16645,7 +16865,7 @@ CVE-2025-38068 (In the Linux kernel, the following vulnerability has been resolv
- linux 6.12.32-1
NOTE: https://git.kernel.org/linus/cc47f07234f72cbd8e2c973cdbf2a6730660a463 (6.15-rc1)
CVE-2025-38067 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
NOTE: https://git.kernel.org/linus/fd881d0a085fc54354414aed990ccf05f282ba53 (6.15-rc1)
CVE-2025-38066 (In the Linux kernel, the following vulnerability has been resolved: d ...)
@@ -23893,7 +24113,7 @@ CVE-2025-27804 (Several OS command injection vulnerabilities exist in the device
CVE-2025-27803 (The devices do not implement any authentication for the web interface ...)
NOT-FOR-US: eCharge Hardy Barth charging stations
CVE-2025-27558 (IEEE P802.11-REVme D1.1 through D7.0 allows FragAttacks against mesh n ...)
- {DSA-5973-1}
+ {DSA-5975-1 DSA-5973-1}
- linux <unfixed>
NOTE: https://git.kernel.org/linus/737bb912ebbe4571195c56eba557c4d7315b26fb (6.16-rc6)
NOTE: https://papers.mathyvanhoef.com/wisec2025.pdf
@@ -24208,6 +24428,7 @@ CVE-2025-37985 (In the Linux kernel, the following vulnerability has been resolv
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/c1846ed4eb527bdfe6b3b7dd2c78e2af4bf98f4f (6.15-rc4)
CVE-2025-37984 (In the Linux kernel, the following vulnerability has been resolved: c ...)
+ {DSA-5975-1}
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
@@ -34455,6 +34676,7 @@ CVE-2025-38152 (In the Linux kernel, the following vulnerability has been resolv
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/efdde3d73ab25cef4ff2d06783b0aad8b093c0e4 (6.15-rc1)
CVE-2025-38104 (In the Linux kernel, the following vulnerability has been resolved: d ...)
+ {DSA-5975-1}
- linux <unfixed>
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/dc0297f3198bd60108ccbd167ee5d9fa4af31ed0 (6.15-rc1)
@@ -34464,6 +34686,7 @@ CVE-2025-38049 (In the Linux kernel, the following vulnerability has been resolv
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a121798ae669351ec0697c94f71c3a692b2a755b (6.15-rc1)
CVE-2025-37925 (In the Linux kernel, the following vulnerability has been resolved: j ...)
+ {DSA-5975-1}
- linux <unfixed>
NOTE: https://git.kernel.org/linus/8c3f9a70d2d4dd6c640afe294b05c6a0a45434d9 (6.15-rc1)
CVE-2025-37893 (In the Linux kernel, the following vulnerability has been resolved: L ...)
@@ -35713,6 +35936,7 @@ CVE-2025-22116 (In the Linux kernel, the following vulnerability has been resolv
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/680811c67906191b237bbafe7dabbbad64649b39 (6.15-rc1)
CVE-2025-22115 (In the Linux kernel, the following vulnerability has been resolved: b ...)
+ {DSA-5975-1}
- linux <unfixed>
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/2d8e5168d48a91e7a802d3003e72afb4304bebfa (6.15-rc1)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e100029b7cb34b44eb96db602bf7ea3fa3b0fe1
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e100029b7cb34b44eb96db602bf7ea3fa3b0fe1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250813/e25a23d2/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list