[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Aug 15 21:12:20 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
036ed05b by security tracker role at 2025-08-15T20:12:13+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,107 @@
+CVE-2025-9060 (A vulnerability has been found in the MSoft MFlash application that ...)
+ TODO: check
+CVE-2025-9053 (A vulnerability has been found in projectworlds Travel Management Syst ...)
+ TODO: check
+CVE-2025-9052 (A vulnerability was identified in projectworlds Travel Management Syst ...)
+ TODO: check
+CVE-2025-9051 (A vulnerability was determined in projectworlds Travel Management Syst ...)
+ TODO: check
+CVE-2025-9050 (A vulnerability was found in projectworlds Travel Management System 1. ...)
+ TODO: check
+CVE-2025-9047 (A vulnerability has been found in projectworlds Visitor Management Sys ...)
+ TODO: check
+CVE-2025-9046 (A vulnerability was identified in Tenda AC20 16.03.08.12. This issue a ...)
+ TODO: check
+CVE-2025-9028 (A vulnerability was found in code-projects Online Medicine Guide 1.0. ...)
+ TODO: check
+CVE-2025-9027 (A vulnerability has been found in code-projects Online Medicine Guide ...)
+ TODO: check
+CVE-2025-9026 (A vulnerability was identified in D-Link DIR-860L 2.04.B04. This affec ...)
+ TODO: check
+CVE-2025-9025 (A vulnerability was determined in code-projects Simple Cafe Ordering S ...)
+ TODO: check
+CVE-2025-9024 (A vulnerability was found in PHPGurukul Beauty Parlour Management Syst ...)
+ TODO: check
+CVE-2025-9023 (A vulnerability has been found in Tenda AC7 and AC18 15.03.05.19/15.03 ...)
+ TODO: check
+CVE-2025-8996 (Missing Authorization vulnerability in Drupal Layout Builder Advanced ...)
+ TODO: check
+CVE-2025-8995 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
+ TODO: check
+CVE-2025-8905 (The Inpersttion For Theme plugin for WordPress is vulnerable to Remote ...)
+ TODO: check
+CVE-2025-8720 (The Plugin README Parser plugin for WordPress is vulnerable to Stored ...)
+ TODO: check
+CVE-2025-8675 (Server-Side Request Forgery (SSRF) vulnerability in Drupal AI SEO Link ...)
+ TODO: check
+CVE-2025-8362 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-8361 (Missing Authorization vulnerability in Drupal Config Pages allows Forc ...)
+ TODO: check
+CVE-2025-8092 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-8091 (The EventON Lite plugin for WordPress is vulnerable to Information Exp ...)
+ TODO: check
+CVE-2025-8080 (The Alobaidi Captcha plugin for WordPress is vulnerable to Stored Cros ...)
+ TODO: check
+CVE-2025-8066 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in B ...)
+ TODO: check
+CVE-2025-7961 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
+ TODO: check
+CVE-2025-7778 (The Icons Factory plugin for WordPress is vulnerable to Arbitrary File ...)
+ TODO: check
+CVE-2025-7688 (The Add User Meta plugin for WordPress is vulnerable to Cross-Site Req ...)
+ TODO: check
+CVE-2025-7662 (The Gestion de tarifs plugin for WordPress is vulnerable to SQL Inject ...)
+ TODO: check
+CVE-2025-7650 (The BizCalendar Web plugin for WordPress is vulnerable to Local File I ...)
+ TODO: check
+CVE-2025-7641 (The Assistant for NextGEN Gallery plugin for WordPress is vulnerable t ...)
+ TODO: check
+CVE-2025-7507 (The elink \u2013 Embed Content plugin for WordPress is vulnerable to M ...)
+ TODO: check
+CVE-2025-5844 (The Radius Blocks plugin for WordPress is vulnerable to Stored Cross-S ...)
+ TODO: check
+CVE-2025-5048 (A maliciously crafted DGN file, when linked or imported into Autodesk ...)
+ TODO: check
+CVE-2025-5047 (A maliciously crafted DGN file, when parsed through Autodesk AutoCAD, ...)
+ TODO: check
+CVE-2025-5046 (A maliciously crafted DGN file, when linked or imported into Autodesk ...)
+ TODO: check
+CVE-2025-55285 (@backstage/plugin-scaffolder-backend is the backend for the default Ba ...)
+ TODO: check
+CVE-2025-55207 (Astro is a web framework for content-driven websites. Following CVE-20 ...)
+ TODO: check
+CVE-2025-55203 (Plane is open-source project management software. Prior to version 0.2 ...)
+ TODO: check
+CVE-2025-54989 (Firebird is a relational database. Prior to versions 3.0.13, 4.0.6, an ...)
+ TODO: check
+CVE-2025-54475 (A SQL injection vulnerability in the JS Jobs plugin versions 1.3.2-1.4 ...)
+ TODO: check
+CVE-2025-54474 (A SQLi vulnerability in DJ-Classifieds component 3.9.2-3.10.1 for Joom ...)
+ TODO: check
+CVE-2025-54473 (An authenticated RCE vulnerability in Phoca Commander component 1.0.0- ...)
+ TODO: check
+CVE-2025-54466 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
+ TODO: check
+CVE-2025-49898 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-49897 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2025-49432 (Missing Authorization vulnerability in FWDesign Ultimate Video Player ...)
+ TODO: check
+CVE-2025-43490 (A potential security vulnerability has been identified in the HPAudioA ...)
+ TODO: check
+CVE-2025-36088 (IBM TS4500 1.11.0.0-D00, 1.11.0.1-C00, 1.11.0.2-C00, and 1.10.00-F00 w ...)
+ TODO: check
+CVE-2025-26709 (There is an unauthorized access vulnerability in ZTE F50. Due to impro ...)
+ TODO: check
+CVE-2025-24975 (Firebird is a relational database. Prior to snapshot versions 4.0.6.31 ...)
+ TODO: check
+CVE-2025-1929 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2024-12573
+ REJECTED
CVE-2025-9022 (A vulnerability was identified in SourceCodester Online Bank Managemen ...)
NOT-FOR-US: SourceCodester
CVE-2025-9021 (A vulnerability was determined in SourceCodester Online Bank Managemen ...)
@@ -640,8 +744,8 @@ CVE-2024-53945 (The KuWFi 4G AC900 LTE router 1.0.13 is vulnerable to command in
NOT-FOR-US: KuWFi router
CVE-2024-37945 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2023-5342
- REJECTED
+CVE-2023-5342 (The Fedora Secure Boot CA certificate shipped with shim in Fedora was ...)
+ TODO: check
CVE-2023-43694 (An issue was discovered in Malwarebytes 4.6.14.326 and before and 5.1. ...)
NOT-FOR-US: Malwarebytes
CVE-2023-43692 (An issue was discovered in Malwarebytes before 4.6.14.326 and before 5 ...)
@@ -2105,19 +2209,19 @@ CVE-2025-8807 (A vulnerability was found in xujeff tianti \u5929\u68af up to 2.3
NOT-FOR-US: xujeff tianti
CVE-2025-8806 (A vulnerability was found in zhilink \u667a\u4e92\u8054(\u6df1\u5733)\ ...)
NOT-FOR-US: zhilink
-CVE-2025-8805 (A vulnerability was found in Open5GS up to 2.7.5 and classified as pro ...)
+CVE-2025-8805 (A vulnerability was determined in Open5GS up to 2.7.5. Affected by thi ...)
- open5gs <itp> (bug #1094791)
-CVE-2025-8804 (A vulnerability has been found in Open5GS up to 2.7.5 and classified a ...)
+CVE-2025-8804 (A vulnerability was found in Open5GS up to 2.7.5. Affected by this vul ...)
- open5gs <itp> (bug #1094791)
-CVE-2025-8803 (A vulnerability, which was classified as problematic, was found in Ope ...)
+CVE-2025-8803 (A vulnerability has been found in Open5GS up to 2.7.5. Affected is the ...)
- open5gs <itp> (bug #1094791)
-CVE-2025-8802 (A vulnerability classified as problematic was found in Open5GS up to 2 ...)
+CVE-2025-8802 (A vulnerability was determined in Open5GS up to 2.7.5. This vulnerabil ...)
- open5gs <itp> (bug #1094791)
-CVE-2025-8801 (A vulnerability classified as problematic has been found in Open5GS up ...)
+CVE-2025-8801 (A vulnerability was found in Open5GS up to 2.7.5. This affects the fun ...)
- open5gs <itp> (bug #1094791)
-CVE-2025-8800 (A vulnerability was found in Open5GS up to 2.7.5. It has been rated as ...)
+CVE-2025-8800 (A vulnerability has been found in Open5GS up to 2.7.5. Affected by thi ...)
- open5gs <itp> (bug #1094791)
-CVE-2025-8799 (A vulnerability was found in Open5GS up to 2.7.5. It has been declared ...)
+CVE-2025-8799 (A vulnerability was identified in Open5GS up to 2.7.5. Affected by thi ...)
- open5gs <itp> (bug #1094791)
CVE-2025-8798 (A vulnerability was found in oitcode samarium up to 0.9.6. It has been ...)
NOT-FOR-US: Oitcode Samarium
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/036ed05b082ca41d8d39be0ac7c01f75c7a008a8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/036ed05b082ca41d8d39be0ac7c01f75c7a008a8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250815/a716a257/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list