[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Aug 14 09:12:14 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6548ecac by security tracker role at 2025-08-14T08:12:07+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,107 @@
+CVE-2025-8950 (A vulnerability was identified in Campcodes Online Recruitment Managem ...)
+	TODO: check
+CVE-2025-8949 (A vulnerability was identified in D-Link DIR-825 2.10. Affected by thi ...)
+	TODO: check
+CVE-2025-8948 (A vulnerability was determined in projectworlds Visitor Management Sys ...)
+	TODO: check
+CVE-2025-8947 (A vulnerability was found in projectworlds Visitor Management System 1 ...)
+	TODO: check
+CVE-2025-8946 (A vulnerability has been found in projectworlds Online Notes Sharing P ...)
+	TODO: check
+CVE-2025-8940 (A vulnerability was identified in Tenda AC20 up to 16.03.08.12. Affect ...)
+	TODO: check
+CVE-2025-8939 (A vulnerability was determined in Tenda AC20 up to 16.03.08.12. Affect ...)
+	TODO: check
+CVE-2025-8938 (A vulnerability was found in TOTOLINK N350R 1.2.3-B20130826. This issu ...)
+	TODO: check
+CVE-2025-8937 (A vulnerability has been found in TOTOLINK N350R 1.2.3-B20130826. This ...)
+	TODO: check
+CVE-2025-8936 (A vulnerability was determined in 1000 Projects Sales Management Syste ...)
+	TODO: check
+CVE-2025-8935 (A vulnerability was found in 1000 Projects Sales Management System 1.0 ...)
+	TODO: check
+CVE-2025-8934 (A vulnerability has been found in 1000 Projects Sales Management Syste ...)
+	TODO: check
+CVE-2025-8933 (A vulnerability was identified in 1000 Projects Sales Management Syste ...)
+	TODO: check
+CVE-2025-8932 (A vulnerability was determined in 1000 Projects Sales Management Syste ...)
+	TODO: check
+CVE-2025-8931 (A vulnerability was determined in code-projects Medical Store Manageme ...)
+	TODO: check
+CVE-2025-8930 (A vulnerability was found in code-projects Medical Store Management Sy ...)
+	TODO: check
+CVE-2025-8929 (A vulnerability has been found in code-projects Medical Store Manageme ...)
+	TODO: check
+CVE-2025-8928 (A vulnerability was identified in code-projects Medical Store Manageme ...)
+	TODO: check
+CVE-2025-8046 (The Injection Guard WordPress plugin before 1.2.8 does not escape the  ...)
+	TODO: check
+CVE-2025-7808 (The WP Shopify WordPress plugin before 1.5.4 does not sanitise and esc ...)
+	TODO: check
+CVE-2025-6790 (The Quiz and Survey Master (QSM)  WordPress plugin before 10.2.3 does  ...)
+	TODO: check
+CVE-2025-5942 (Netskope was notified about a potential gap in its agent (NS Client) o ...)
+	TODO: check
+CVE-2025-5941 (Netskope is notified about a potential gap in its agent (NS Client) in ...)
+	TODO: check
+CVE-2025-55199 (Helm is a package manager for Charts for Kubernetes. Prior to version  ...)
+	TODO: check
+CVE-2025-55198 (Helm is a package manager for Charts for Kubernetes. Prior to version  ...)
+	TODO: check
+CVE-2025-55197 (pypdf is a free and open-source pure-python PDF library. Prior to vers ...)
+	TODO: check
+CVE-2025-55196 (External Secrets Operator is a Kubernetes operator that integrates ext ...)
+	TODO: check
+CVE-2025-55194 (Part-DB is an open source inventory management system for electronic c ...)
+	TODO: check
+CVE-2025-55193 (Active Record connects classes to relational database tables. Prior to ...)
+	TODO: check
+CVE-2025-3414 (The Structured Content (JSON-LD) #wpsc WordPress plugin before 1.7.0 d ...)
+	TODO: check
+CVE-2025-34154 (UnForm Server Manager versions prior to 10.1.12 expose an unauthentica ...)
+	TODO: check
+CVE-2025-27388 (Loading arbitrary external URLs through WebView components introduces  ...)
+	TODO: check
+CVE-2025-0309 (An insufficient validation on the server connection endpoint in Netsko ...)
+	TODO: check
+CVE-2024-7402 (Netskope has identified a potential gap in its agent (Netskope Client) ...)
+	TODO: check
+CVE-2012-10060 (Sysax Multi Server versions prior to 5.55 contains a stack-based buffe ...)
+	TODO: check
+CVE-2012-10059 (Dolibarr ERP/CRM versions <= 3.1.1 and <= 3.2.0 contain a post-authent ...)
+	TODO: check
+CVE-2012-10058 (RabidHamster R4 v1.25 contains astack-based buffer overflow vulnerabil ...)
+	TODO: check
+CVE-2012-10057 (Lattice Semiconductor ispVM System v18.0.2 contains a buffer overflow  ...)
+	TODO: check
+CVE-2012-10056 (PHP Volunteer Management System v1.0.2 contains an arbitrary file uplo ...)
+	TODO: check
+CVE-2012-10055 (ComSndFTP FTP Server version 1.3.7 Beta contains a format string vulne ...)
+	TODO: check
+CVE-2012-10054 (Umbraco CMS versions prior to 4.7.1 are vulnerable to unauthenticated  ...)
+	TODO: check
+CVE-2011-10019 (Spreecommerce versions prior to 0.60.2 contains a remote command execu ...)
+	TODO: check
+CVE-2011-10018 (myBB version 1.6.4 was distributed with an unauthorized backdoor embed ...)
+	TODO: check
+CVE-2011-10017 (Snort Report versions < 1.3.2 contains a remote command execution vuln ...)
+	TODO: check
+CVE-2011-10016 (Real Networks Netzip Classic version 7.5.1.86 is vulnerable to a stack ...)
+	TODO: check
+CVE-2011-10015 (Cytel Studio version 9.0 and earlier is vulnerable to a stack-based bu ...)
+	TODO: check
+CVE-2011-10014 (GTA San Andreas Multiplayer (SA-MP) server version 0.3.1.1 is vulnerab ...)
+	TODO: check
+CVE-2011-10013 (Traq versions 2.0 through 2.3 contain a remote code execution vulnerab ...)
+	TODO: check
+CVE-2011-10012 (NetOp (now part of Impero Software) Remote Control Client v9.5 is vuln ...)
+	TODO: check
+CVE-2011-10011 (WeBid 1.0.2 contains a remote code injection vulnerability in the conv ...)
+	TODO: check
+CVE-2011-10010 (QuickShare File Server 1.2.1 contains a path traversal vulnerability i ...)
+	TODO: check
+CVE-2011-10009 (S40 CMS v0.4.2 contains a path traversal vulnerability in its index.ph ...)
+	TODO: check
 CVE-2025-8941 (A flaw was found in linux-pam. The pam_namespace module may improperly ...)
 	- pam <undetermined>
 	TODO: check if RedHat specific incomplete fix for CVE-2025-6020
@@ -394,18 +498,23 @@ CVE-2025-8860
 	NOTE: Introduced with: https://gitlab.com/qemu-project/qemu/-/commit/90ca4e03c27dc8ac821a2e1686e705ae9a93d301 (v10.0.0-rc0)
 	NOTE: Fixed by: https://gitlab.com/qemu-project/qemu/-/commit/f757d9d90d19b914d4023663bfc4da73bbbf007e
 CVE-2025-8882 (Use after free in Aura in Google Chrome prior to 139.0.7258.127 allowe ...)
+	{DSA-5976-1}
 	- chromium 139.0.7258.127-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2025-8881 (Inappropriate implementation in File Picker in Google Chrome prior to  ...)
+	{DSA-5976-1}
 	- chromium 139.0.7258.127-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2025-8901 (Out of bounds write in ANGLE in Google Chrome prior to 139.0.7258.127  ...)
+	{DSA-5976-1}
 	- chromium 139.0.7258.127-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2025-8880 (Race in V8 in Google Chrome prior to 139.0.7258.127 allowed a remote a ...)
+	{DSA-5976-1}
 	- chromium 139.0.7258.127-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2025-8879 (Heap buffer overflow in libaom in Google Chrome prior to 139.0.7258.12 ...)
+	{DSA-5976-1}
 	- chromium 139.0.7258.127-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2025-8885 (Allocation of Resources Without Limits or Throttling vulnerability in  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6548ecacd239ef2f2e3b21a38a717fa09ea190ea

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6548ecacd239ef2f2e3b21a38a717fa09ea190ea
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250814/2b612a57/attachment.htm>

More information about the debian-security-tracker-commits mailing list