[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Aug 22 09:12:12 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a8397ff7 by security tracker role at 2025-08-22T08:12:04+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,65 @@
+CVE-2025-8678 (The WP Crontrol plugin for WordPress is vulnerable to Server-Side Requ ...)
+	TODO: check
+CVE-2025-8281 (The WP Talroo WordPress plugin through 2.4 does not sanitise and escap ...)
+	TODO: check
+CVE-2025-57699 (Western Digital Kitfox for Windows provided by Western Digital Corpora ...)
+	TODO: check
+CVE-2025-51606 (hippo4j 1.0.0 to 1.5.0, uses a hard-coded secret key in its JWT (JSON  ...)
+	TODO: check
+CVE-2025-43753 (A reflected cross-site scripting (XSS) vulnerability in the Liferay Po ...)
+	TODO: check
+CVE-2025-43752 (Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 thro ...)
+	TODO: check
+CVE-2025-43747 (A server-side request forgery (SSRF) vulnerability exists in the Lifer ...)
+	TODO: check
+CVE-2025-41452 (Post-authenticated external control of system web interface configurat ...)
+	TODO: check
+CVE-2025-41451 (Improper neutralization of alarm-to-mail configuration fields used in  ...)
+	TODO: check
+CVE-2023-4143
+	REJECTED
+CVE-2023-4131
+	REJECTED
+CVE-2023-3948
+	REJECTED
+CVE-2010-20123 (Steinberg MyMP3Player version 3.0 (build 3.0.0.67) is vulnerable to a  ...)
+	TODO: check
+CVE-2010-20122 (Xftp FTP Client version up to and including 3.0 (build 0238) contain a ...)
+	TODO: check
+CVE-2010-20121 (EasyFTP Server versions up to 1.7.0.11 contain a stack-based buffer ov ...)
+	TODO: check
+CVE-2010-20120 (Maple versions up to and including 13's Maplet framework allows embedd ...)
+	TODO: check
+CVE-2010-20119 (CommuniCrypt Mail versions up to and including 1.16 contains a stack-b ...)
+	TODO: check
+CVE-2010-20115 (Arcane Software\u2019s Vermillion FTP Daemon (vftpd) versions up to an ...)
+	TODO: check
+CVE-2010-20114 (VariCAD EN up to and including version 2010-2.05 is vulnerable to a st ...)
+	TODO: check
+CVE-2010-20113 (EasyFTP Server 1.7.0.11 and earlier contains a stack-based buffer over ...)
+	TODO: check
+CVE-2010-20112 (Amlib\u2019s NetOpacs webquery.dll contains a stack-based buffer overf ...)
+	TODO: check
+CVE-2010-20111 (Digital Music Pad v8.2.3.3.4 contains a stack-based buffer overflow vu ...)
+	TODO: check
+CVE-2010-20109 (Barracuda products, confirmed in Spam & Virus Firewall, SSL VPN, and W ...)
+	TODO: check
+CVE-2010-20108 (FTPPad <= 1.2.0 contains a stack-based buffer overflow vulnerability i ...)
+	TODO: check
+CVE-2010-20107 (A stack-based buffer overflow exists in FTP Synchronizer Professional  ...)
+	TODO: check
+CVE-2010-20034 (Gekko Manager FTP Client <= 0.77 contains a stack-based buffer overflo ...)
+	TODO: check
+CVE-2010-20007 (Seagull FTP Client <= v3.3 Build 409 contains a stack-based buffer ove ...)
+	TODO: check
+CVE-2010-10015 (AOL versions up to and including 9.5 includes an ActiveX control (Phob ...)
+	TODO: check
+CVE-2009-20004 (gAlan 0.2.1, a modular audio processing environment for Windows, is vu ...)
+	TODO: check
+CVE-2009-20003 (Xenorate versions up to and including 2.50, a Windows-based multimedia ...)
+	TODO: check
+CVE-2009-20002 (Millenium MP3 Studio versions up to and including 2.0 is vulnerable to ...)
+	TODO: check
 CVE-2025-9141
 	- vllm <itp> (bug #1095237)
 CVE-2025-9311 (A vulnerability was identified in itsourcecode Apartment Management Sy ...)
@@ -165446,7 +165508,7 @@ CVE-2024-1708 (ConnectWise ScreenConnect 23.9.7 and prior are affected by path-t
 	NOT-FOR-US: ConnectWise ScreenConnect
 CVE-2024-1707 (A vulnerability, which was classified as problematic, was found in GAR ...)
 	NOT-FOR-US: GARO WALLBOX GLB+ T2EV7
-CVE-2024-1706 (A vulnerability, which was classified as problematic, has been found i ...)
+CVE-2024-1706 (A vulnerability was determined in ZKTeco ZKBio Access IVS up to 3.3.2. ...)
 	NOT-FOR-US: ZKTeco ZKBio Access IVS
 CVE-2024-1705 (A vulnerability was found in Shopwind up to 4.6. It has been rated as  ...)
 	NOT-FOR-US: Shopwind



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a8397ff76870e252513919f006861293d86a148b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a8397ff76870e252513919f006861293d86a148b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250822/16d079c4/attachment.htm>

More information about the debian-security-tracker-commits mailing list