[Git][security-tracker-team/security-tracker][master] 3 commits: Add more biosig issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Aug 25 21:38:30 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b6de0c9f by Salvatore Bonaccorso at 2025-08-25T22:38:16+02:00
Add more biosig issues
- - - - -
1cb2d303 by Salvatore Bonaccorso at 2025-08-25T22:38:16+02:00
Add some NFUs
- - - - -
bfa2169c by Salvatore Bonaccorso at 2025-08-25T22:38:16+02:00
Add CVE-2025-9403/jq
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -21,21 +21,21 @@ CVE-2025-9407 (A flaw has been found in mtons mblog up to 3.5.0. Affected by thi
CVE-2025-8562 (The Custom Query Shortcode plugin for WordPress is vulnerable to Path ...)
NOT-FOR-US: WordPress plugin
CVE-2025-7426 (Information disclosure and exposure of authentication FTP credentials ...)
- TODO: check
+ NOT-FOR-US: MINOVA TTA service
CVE-2025-6737 (Securden\u2019s Unified PAM Remote Vendor Gateway access portal shares ...)
- TODO: check
+ NOT-FOR-US: Securden's Unified PAM Remote Vendor Gateway access portal
CVE-2025-5302 (A denial of service vulnerability exists in the JSONReader component o ...)
TODO: check
CVE-2025-57811 (Craft is a platform for creating digital experiences. From versions 4. ...)
- TODO: check
+ NOT-FOR-US: Craft CMS
CVE-2025-57802 (Airlink's Daemon interfaces with Docker and the Panel to provide secur ...)
- TODO: check
+ NOT-FOR-US: Airlink
CVE-2025-57773 (DataEase is an open source business intelligence and data visualizatio ...)
NOT-FOR-US: DataEase
CVE-2025-57772 (DataEase is an open source business intelligence and data visualizatio ...)
NOT-FOR-US: DataEase
CVE-2025-57760 (Langflow is a tool for building and deploying AI-powered agents and wo ...)
- TODO: check
+ NOT-FOR-US: Langflow
CVE-2025-56216 (phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injecti ...)
NOT-FOR-US: PHPGurukul
CVE-2025-56215 (phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injecti ...)
@@ -45,39 +45,65 @@ CVE-2025-56214 (phpgurukul Hospital Management System 4.0 is vulnerable to SQL I
CVE-2025-56212 (phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injecti ...)
NOT-FOR-US: PHPGurukul
CVE-2025-55575 (SQL Injection vulnerability in SMM Panel 3.1 allowing remote attackers ...)
- TODO: check
+ NOT-FOR-US: SMM Panel
CVE-2025-55574 (Cross Site Scripting vulnerability in docmost v.0.21.0 and before allo ...)
- TODO: check
+ NOT-FOR-US: docmost
CVE-2025-55409 (FoxCMS 1.2.6, there is a Cross Site Scripting vulnerability in /index. ...)
- TODO: check
+ NOT-FOR-US: FoxCMS
CVE-2025-55301 (The Scratch Channel is a news website. In version 1, it is possible to ...)
- TODO: check
+ NOT-FOR-US: Scratch Channel
CVE-2025-54493 (A stack-based buffer overflow vulnerability exists in the MFER parsing ...)
- TODO: check
+ - biosig <unfixed>
+ NOTE: https://sourceforge.net/p/biosig/mailman/message/59224259/
+ NOTE: https://sourceforge.net/p/biosig/code/ci/ba2f1c381b10f5ab50c94be3291b2560af0f7a96/
CVE-2025-54492 (A stack-based buffer overflow vulnerability exists in the MFER parsing ...)
- TODO: check
+ - biosig <unfixed>
+ NOTE: https://sourceforge.net/p/biosig/mailman/message/59224259/
+ NOTE: https://sourceforge.net/p/biosig/code/ci/ba2f1c381b10f5ab50c94be3291b2560af0f7a96/
CVE-2025-54491 (A stack-based buffer overflow vulnerability exists in the MFER parsing ...)
- TODO: check
+ - biosig <unfixed>
+ NOTE: https://sourceforge.net/p/biosig/mailman/message/59224259/
+ NOTE: https://sourceforge.net/p/biosig/code/ci/ba2f1c381b10f5ab50c94be3291b2560af0f7a96/
CVE-2025-54490 (A stack-based buffer overflow vulnerability exists in the MFER parsing ...)
- TODO: check
+ - biosig <unfixed>
+ NOTE: https://sourceforge.net/p/biosig/mailman/message/59224259/
+ NOTE: https://sourceforge.net/p/biosig/code/ci/ba2f1c381b10f5ab50c94be3291b2560af0f7a96/
CVE-2025-54489 (A stack-based buffer overflow vulnerability exists in the MFER parsing ...)
- TODO: check
+ - biosig <unfixed>
+ NOTE: https://sourceforge.net/p/biosig/mailman/message/59224259/
+ NOTE: https://sourceforge.net/p/biosig/code/ci/ba2f1c381b10f5ab50c94be3291b2560af0f7a96/
CVE-2025-54488 (A stack-based buffer overflow vulnerability exists in the MFER parsing ...)
- TODO: check
+ - biosig <unfixed>
+ NOTE: https://sourceforge.net/p/biosig/mailman/message/59224259/
+ NOTE: https://sourceforge.net/p/biosig/code/ci/ba2f1c381b10f5ab50c94be3291b2560af0f7a96/
CVE-2025-54487 (A stack-based buffer overflow vulnerability exists in the MFER parsing ...)
- TODO: check
+ - biosig <unfixed>
+ NOTE: https://sourceforge.net/p/biosig/mailman/message/59224259/
+ NOTE: https://sourceforge.net/p/biosig/code/ci/ba2f1c381b10f5ab50c94be3291b2560af0f7a96/
CVE-2025-54486 (A stack-based buffer overflow vulnerability exists in the MFER parsing ...)
- TODO: check
+ - biosig <unfixed>
+ NOTE: https://sourceforge.net/p/biosig/mailman/message/59224259/
+ NOTE: https://sourceforge.net/p/biosig/code/ci/ba2f1c381b10f5ab50c94be3291b2560af0f7a96/
CVE-2025-54485 (A stack-based buffer overflow vulnerability exists in the MFER parsing ...)
- TODO: check
+ - biosig <unfixed>
+ NOTE: https://sourceforge.net/p/biosig/mailman/message/59224259/
+ NOTE: https://sourceforge.net/p/biosig/code/ci/ba2f1c381b10f5ab50c94be3291b2560af0f7a96/
CVE-2025-54484 (A stack-based buffer overflow vulnerability exists in the MFER parsing ...)
- TODO: check
+ - biosig <unfixed>
+ NOTE: https://sourceforge.net/p/biosig/mailman/message/59224259/
+ NOTE: https://sourceforge.net/p/biosig/code/ci/ba2f1c381b10f5ab50c94be3291b2560af0f7a96/
CVE-2025-54483 (A stack-based buffer overflow vulnerability exists in the MFER parsing ...)
- TODO: check
+ - biosig <unfixed>
+ NOTE: https://sourceforge.net/p/biosig/mailman/message/59224259/
+ NOTE: https://sourceforge.net/p/biosig/code/ci/ba2f1c381b10f5ab50c94be3291b2560af0f7a96/
CVE-2025-54482 (A stack-based buffer overflow vulnerability exists in the MFER parsing ...)
- TODO: check
+ - biosig <unfixed>
+ NOTE: https://sourceforge.net/p/biosig/mailman/message/59224259/
+ NOTE: https://sourceforge.net/p/biosig/code/ci/ba2f1c381b10f5ab50c94be3291b2560af0f7a96/
CVE-2025-54481 (A stack-based buffer overflow vulnerability exists in the MFER parsing ...)
- TODO: check
+ - biosig <unfixed>
+ NOTE: https://sourceforge.net/p/biosig/mailman/message/59224259/
+ NOTE: https://sourceforge.net/p/biosig/code/ci/ba2f1c381b10f5ab50c94be3291b2560af0f7a96/
CVE-2025-54370 (PhpOffice/PhpSpreadsheet is a pure PHP library for reading and writing ...)
TODO: check
CVE-2025-53510 (A memory corruption vulnerability exists in the PSD Image Decoding fun ...)
@@ -211,7 +237,9 @@ CVE-2025-9405 (A security flaw has been discovered in Open5GS up to 2.7.5. The i
CVE-2025-9404 (A vulnerability was identified in Scada-LTS up to 2.7.8.1. The affecte ...)
NOT-FOR-US: Scada-LTS
CVE-2025-9403 (A vulnerability was determined in jqlang jq up to 1.6. Impacted is the ...)
- TODO: check
+ - jq <unfixed> (unimportant)
+ NOTE: https://github.com/jqlang/jq/issues/3393
+ NOTE: Assertion failure in testsuite, negligible security impact
CVE-2025-9402 (A vulnerability was found in HuangDou UTCMS 9. This issue affects some ...)
NOT-FOR-US: HuangDou UTCMS
CVE-2025-9401 (A vulnerability has been found in HuangDou UTCMS 9. This vulnerability ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/c518020b77582151f542a5bd176e131d9cef2916...bfa2169c04dd033b2d13b74d8d66c1b6d8b7dfde
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/c518020b77582151f542a5bd176e131d9cef2916...bfa2169c04dd033b2d13b74d8d66c1b6d8b7dfde
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250825/d43117da/attachment.htm>
More information about the debian-security-tracker-commits
mailing list