[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Dec 11 20:13:17 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
85495e41 by security tracker role at 2025-12-11T20:13:09+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,271 @@
+CVE-2025-67742 (In JetBrains TeamCity before 2025.11 path traversal was possible via f ...)
+ TODO: check
+CVE-2025-67741 (In JetBrains TeamCity before 2025.11 stored XSS was possible via sessi ...)
+ TODO: check
+CVE-2025-67740 (In JetBrains TeamCity before 2025.11 improper access control could exp ...)
+ TODO: check
+CVE-2025-67739 (In JetBrains TeamCity before 2025.11.2 improper repository URL validat ...)
+ TODO: check
+CVE-2025-66918 (edoc-doctor-appointment-system v1.0.1 is vulnerable to Cross Site Scri ...)
+ TODO: check
+CVE-2025-66048 (Several stack-based buffer overflow vulnerabilities exists in the MFER ...)
+ TODO: check
+CVE-2025-66047 (Several stack-based buffer overflow vulnerabilities exists in the MFER ...)
+ TODO: check
+CVE-2025-66046 (Several stack-based buffer overflow vulnerabilities exists in the MFER ...)
+ TODO: check
+CVE-2025-66045 (Several stack-based buffer overflow vulnerabilities exists in the MFER ...)
+ TODO: check
+CVE-2025-66044 (Several stack-based buffer overflow vulnerabilities exists in the MFER ...)
+ TODO: check
+CVE-2025-66043 (Several stack-based buffer overflow vulnerabilities exists in the MFER ...)
+ TODO: check
+CVE-2025-65474 (An arbitrary file rename vulnerability in the /admin/manager.php compo ...)
+ TODO: check
+CVE-2025-65473 (An arbitrary file rename vulnerability in the /admin/filer.php compone ...)
+ TODO: check
+CVE-2025-65472 (A Cross-Site Request Forgery (CSRF) in the /admin/admin.inc.php compon ...)
+ TODO: check
+CVE-2025-65471 (An arbitrary file upload vulnerability in the /admin/manager.php compo ...)
+ TODO: check
+CVE-2025-64995 (A privilege escalation vulnerability was discovered in TeamViewer DEX ...)
+ TODO: check
+CVE-2025-64994 (A privilege escalation vulnerability was discovered in TeamViewer DEX ...)
+ TODO: check
+CVE-2025-64993 (A command injection vulnerability was discovered in TeamViewer DEX (fo ...)
+ TODO: check
+CVE-2025-64992 (A command injection vulnerability was discovered in TeamViewer DEX (fo ...)
+ TODO: check
+CVE-2025-64991 (A command injection vulnerability was discovered in TeamViewer DEX (fo ...)
+ TODO: check
+CVE-2025-64990 (A command injection vulnerability was discovered in TeamViewer DEX (fo ...)
+ TODO: check
+CVE-2025-64989 (A command injection vulnerability was discovered in TeamViewer DEX (fo ...)
+ TODO: check
+CVE-2025-64988 (A command injection vulnerability was discovered in TeamViewer DEX (fo ...)
+ TODO: check
+CVE-2025-64987 (A command injection vulnerability was discovered in TeamViewer DEX (fo ...)
+ TODO: check
+CVE-2025-64986 (A command injection vulnerability was discovered in TeamViewer DEX (fo ...)
+ TODO: check
+CVE-2025-64701 (QND Premium/Advance/Standard Ver.11.0.9i and prior contains a privileg ...)
+ TODO: check
+CVE-2025-64669 (Improper access control in Windows Admin Center allows an authorized a ...)
+ TODO: check
+CVE-2025-59803 (Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing v ...)
+ TODO: check
+CVE-2025-59802 (Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing v ...)
+ TODO: check
+CVE-2025-56130 (OS Command Injection vulnerability in Ruijie RG-S1930 S1930SWITCH_3.0( ...)
+ TODO: check
+CVE-2025-56129 (OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing ...)
+ TODO: check
+CVE-2025-56127 (OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowin ...)
+ TODO: check
+CVE-2025-56124 (OS Command Injection vulnerability in Ruijie X60 PRO X60_10212014RG-X6 ...)
+ TODO: check
+CVE-2025-56123 (OS Command Injection vulnerability in Ruijie RG-EW1200G PRO RG-EW1200G ...)
+ TODO: check
+CVE-2025-56122 (OS Command Injection vulnerability in Ruijie RG-EW1800GX PRO B11P226_E ...)
+ TODO: check
+CVE-2025-56120 (OS Command Injection vulnerability in Ruijie X60 PRO X60_10212014RG-X6 ...)
+ TODO: check
+CVE-2025-56118 (OS Command Injection vulnerability in Ruijie X60 PRO X60_10212014RG-X6 ...)
+ TODO: check
+CVE-2025-56117 (OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_092415 ...)
+ TODO: check
+CVE-2025-56114 (OS Command Injection vulnerability in Ruijie M18 EW_3.0(1)B11P226_M18_ ...)
+ TODO: check
+CVE-2025-56113 (OS Command Injection vulnerability in Ruijie RG-YST EST, YSTAP_3.0(1)B ...)
+ TODO: check
+CVE-2025-56111 (OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing ...)
+ TODO: check
+CVE-2025-56110 (OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing ...)
+ TODO: check
+CVE-2025-56109 (OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing ...)
+ TODO: check
+CVE-2025-56108 (OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_092415 ...)
+ TODO: check
+CVE-2025-56107 (OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowin ...)
+ TODO: check
+CVE-2025-56106 (OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226_EW180 ...)
+ TODO: check
+CVE-2025-56102 (OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226_EW180 ...)
+ TODO: check
+CVE-2025-56101 (OS Command Injection vulnerability in Ruijie M18 EW_3.0(1)B11P226_M18_ ...)
+ TODO: check
+CVE-2025-56099 (OS Command Injection vulnerability in Ruijie RG-YST AP_3.0(1)B11P280YS ...)
+ TODO: check
+CVE-2025-56098 (OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_092415 ...)
+ TODO: check
+CVE-2025-56097 (OS Command Injection vulnerability in Ruijie RG-EW1800GX PRO B11P226_E ...)
+ TODO: check
+CVE-2025-56096 (OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowin ...)
+ TODO: check
+CVE-2025-56095 (OS Command Injection vulnerability in Ruijie RG-EW1200G PRO RG-EW1200G ...)
+ TODO: check
+CVE-2025-56094 (OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_092415 ...)
+ TODO: check
+CVE-2025-56093 (OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_092415 ...)
+ TODO: check
+CVE-2025-56092 (OS Command Injection vulnerability in Ruijie X30 PRO V1 X30-PRO-V1_092 ...)
+ TODO: check
+CVE-2025-56091 (OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226_EW180 ...)
+ TODO: check
+CVE-2025-56090 (OS Command Injection vulnerability in Ruijie RG-EW1200G PRO RG-EW1200G ...)
+ TODO: check
+CVE-2025-56089 (OS Command Injection vulnerability in Ruijie M18 EW_3.0(1)B11P226_M18_ ...)
+ TODO: check
+CVE-2025-56088 (OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing ...)
+ TODO: check
+CVE-2025-56087 (OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowin ...)
+ TODO: check
+CVE-2025-56086 (OS Command Injection vulnerability in Ruijie RG-EW1200 EW_3.0(1)B11P22 ...)
+ TODO: check
+CVE-2025-56085 (OS Command Injection vulnerability in Ruijie RG-EW1200 EW_3.0(1)B11P22 ...)
+ TODO: check
+CVE-2025-56084 (OS Command Injection vulnerability in Ruijie RG-EW1800GX PRO B11P226_E ...)
+ TODO: check
+CVE-2025-56083 (OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_092415 ...)
+ TODO: check
+CVE-2025-56082 (OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowin ...)
+ TODO: check
+CVE-2025-56079 (OS Command Injection vulnerability in Ruijie RG-EW1300G EW1300G V1.00/ ...)
+ TODO: check
+CVE-2025-56077 (OS Command Injection vulnerability in Ruijie RG-RAP2200(E) 247 2200 al ...)
+ TODO: check
+CVE-2025-55314 (An issue was discovered in Foxit PDF and Editor for Windows and macOS ...)
+ TODO: check
+CVE-2025-55313 (An issue was discovered in Foxit PDF and Editor for Windows and macOS ...)
+ TODO: check
+CVE-2025-55312 (An issue was discovered in Foxit PDF and Editor for Windows before 13. ...)
+ TODO: check
+CVE-2025-55311 (An issue was discovered in Foxit PDF and Editor for Windows and macOS ...)
+ TODO: check
+CVE-2025-55310 (An issue was discovered in Foxit PDF and Editor for Windows and macOS ...)
+ TODO: check
+CVE-2025-55309 (An issue was discovered in Foxit PDF and Editor for Windows and macOS ...)
+ TODO: check
+CVE-2025-55308 (An issue was discovered in Foxit PDF and Editor for Windows before 13. ...)
+ TODO: check
+CVE-2025-55307 (An issue was discovered in Foxit PDF and Editor for Windows before 13. ...)
+ TODO: check
+CVE-2025-46266 (A vulnerability in TeamViewer DEX Client (former 1E Client) - Content ...)
+ TODO: check
+CVE-2025-44016 (A vulnerability in TeamViewer DEX Client (former 1E client) - Content ...)
+ TODO: check
+CVE-2025-36938 (In U-Boot of append_uint32_le(), there is a possible fault injection d ...)
+ TODO: check
+CVE-2025-36937 (In AudioDecoder::HandleProduceRequest of audio_decoder.cc, there is a ...)
+ TODO: check
+CVE-2025-36936 (In GetTachyonCommand of tachyon_server_common.h, there is a possible o ...)
+ TODO: check
+CVE-2025-36935 (In trusty_ffa_mem_reclaim of shared-mem-smcall.c, there is a possible ...)
+ TODO: check
+CVE-2025-36934 (In bigo_worker_thread of private/google-modules/video/gchips/bigo.c, t ...)
+ TODO: check
+CVE-2025-36932 (In tracepoint_msg_handler of cpm/google/lib/tracepoint/tracepoint_ipc. ...)
+ TODO: check
+CVE-2025-36931 (In GetHostAddress of gxp_buffer.h, there is a possible out of bounds w ...)
+ TODO: check
+CVE-2025-36930 (In GetHostAddress of gxp_buffer.h, there is a possible out of bounds w ...)
+ TODO: check
+CVE-2025-36929 (In AreFencesRegistered of gxp_fence_manager.cc, there is a possible in ...)
+ TODO: check
+CVE-2025-36928 (In GetHostAddress of gxp_buffer.h, there is a possible out of bounds w ...)
+ TODO: check
+CVE-2025-36927 (In GetTachyonCommand of tachyon_server_common.h, there is a possible o ...)
+ TODO: check
+CVE-2025-36925 (In WAVES_send_data_to_dsp of libaoc_waves.c, there is a possible out o ...)
+ TODO: check
+CVE-2025-36924 (In ss_DecodeLcsAssistDataReqMsg(void) of ss_LcsManagement.c, there is ...)
+ TODO: check
+CVE-2025-36923 (In NrmmDecoder::DecodeSORTransparentContext of cn_NrmmDecoder.cpp, the ...)
+ TODO: check
+CVE-2025-36922 (In bigo_map of bigo_iommu.c, there is a possible information disclosur ...)
+ TODO: check
+CVE-2025-36921 (In ProtocolPsUnthrottleApn() of protocolpsadapter.cpp, there is a poss ...)
+ TODO: check
+CVE-2025-36919 (In aocc_read of aoc_channel_dev.c, there is a possible double free due ...)
+ TODO: check
+CVE-2025-36918 (In aoc_service_read_message of aoc_ipc_core.c, there is a possible out ...)
+ TODO: check
+CVE-2025-36917 (In SwDcpItg of up_L2commonPdcpSecurity.cpp, there is a possible denial ...)
+ TODO: check
+CVE-2025-36916 (In PrepareWorkloadBuffers of gxp_main_actor.cc, there is a possible do ...)
+ TODO: check
+CVE-2025-36912 (In cellular modem, there is a possible denial of service due to a logi ...)
+ TODO: check
+CVE-2025-36889 (In onCreateTasks of CameraActivity.java, there is a possible permissio ...)
+ TODO: check
+CVE-2025-14535 (A vulnerability was identified in UTT \u8fdb\u53d6 512W up to 3.1.7.7- ...)
+ TODO: check
+CVE-2025-14534 (A vulnerability was determined in UTT \u8fdb\u53d6 512W up to 3.1.7.7- ...)
+ TODO: check
+CVE-2025-14531 (A vulnerability was found in code-projects Rental Management System 2. ...)
+ TODO: check
+CVE-2025-14530 (A vulnerability has been found in SourceCodester Real Estate Property ...)
+ TODO: check
+CVE-2025-14529 (A flaw has been found in Campcodes Retro Basketball Shoes Online Store ...)
+ TODO: check
+CVE-2025-14528 (A vulnerability was detected in D-Link DIR-803 up to 1.04. Impacted is ...)
+ TODO: check
+CVE-2025-14527 (A weakness has been identified in projectworlds Advanced Library Manag ...)
+ TODO: check
+CVE-2025-14526 (A security flaw has been discovered in Tenda CH22 1.0.0.1. This affect ...)
+ TODO: check
+CVE-2025-14523 (A flaw in libsoup\u2019s HTTP header handling allows multiple Host: he ...)
+ TODO: check
+CVE-2025-14522 (A vulnerability was detected in baowzh hfly up to 638ff9abe9078bc977c1 ...)
+ TODO: check
+CVE-2025-14521 (A security vulnerability has been detected in baowzh hfly up to 638ff9 ...)
+ TODO: check
+CVE-2025-14520 (A weakness has been identified in baowzh hfly up to 638ff9abe9078bc977 ...)
+ TODO: check
+CVE-2025-14519 (A security flaw has been discovered in baowzh hfly up to 638ff9abe9078 ...)
+ TODO: check
+CVE-2025-14518 (A vulnerability was identified in PowerJob up to 5.1.2. This vulnerabi ...)
+ TODO: check
+CVE-2025-14517 (A vulnerability was determined in Yalantis uCrop 2.2.11. This affects ...)
+ TODO: check
+CVE-2025-14516 (A vulnerability was found in Yalantis uCrop 2.2.11. Affected by this i ...)
+ TODO: check
+CVE-2025-14515 (A vulnerability has been found in Campcodes Supplier Management System ...)
+ TODO: check
+CVE-2025-14514 (A flaw has been found in Campcodes Supplier Management System 1.0. Aff ...)
+ TODO: check
+CVE-2025-14281
+ REJECTED
+CVE-2025-14265 (In versions of ScreenConnect\u2122 prior to 25.8, server-side validati ...)
+ TODO: check
+CVE-2025-14046 (An improper neutralization of input vulnerability was identified in Gi ...)
+ TODO: check
+CVE-2025-13912 (Multiple constant-time implementations in wolfSSL before version 5.8.4 ...)
+ TODO: check
+CVE-2025-13780 (pgAdmin versions up to 9.10 are affected by a Remote Code Execution (R ...)
+ TODO: check
+CVE-2025-13481 (IBM Aspera Orchestrator 4.0.0 through 4.1.0 could allow an authenticat ...)
+ TODO: check
+CVE-2025-13214 (IBM Aspera Orchestrator 4.0.0 through 4.1.0 is vulnerable to SQL injec ...)
+ TODO: check
+CVE-2025-13211 (IBM Aspera Orchestrator 4.0.0 through 4.1.0 could allow an authenticat ...)
+ TODO: check
+CVE-2025-13148 (IBM Aspera Orchestrator 4.0.0 through 4.1.0 could allow could an authe ...)
+ TODO: check
+CVE-2025-13124 (Authorization Bypass Through User-Controlled Key vulnerability in Neti ...)
+ TODO: check
+CVE-2025-13003 (Authorization Bypass Through User-Controlled Key vulnerability in Aksi ...)
+ TODO: check
+CVE-2025-12687 (A vulnerability in TeamViewer DEX Client (former 1E Client) - Content ...)
+ TODO: check
+CVE-2025-12532
+ REJECTED
+CVE-2024-8273 (Authentication Bypass by Spoofing vulnerability in HYPR Server allows ...)
+ TODO: check
+CVE-2024-42197 (HCL Workload Scheduler stores user credentials in plain text which can ...)
+ TODO: check
+CVE-2024-40593 (A key management errors vulnerability in Fortinet FortiAnalyzer 7.4.0 ...)
+ TODO: check
CVE-2025-XXXX [DOS (crash) via special crafted encrypted message]
- rust-sequoia-openpgp 2.1.0-1 (bug #1122582)
NOTE: Fixed by: https://gitlab.com/sequoia-pgp/sequoia/-/commit/b59886e5e7bdf7169ed330f309a6633d131776e5 (openpgp/v2.1.0)
@@ -1596,7 +1864,7 @@ CVE-2024-38798 (EDK2 contains a vulnerability in BIOS where an attacker may caus
NOTE: https://github.com/tianocore/edk2/security/advisories/GHSA-q2c6-37h5-7cwf
NOTE: Fixed by: https://github.com/tianocore/edk2/commit/0cad130cb4885961da201bb9b08424b3fd3d2249 (edk2-stable202511)
CVE-2025-14333 (Memory safety bugs present in Firefox ESR 140.5, Thunderbird ESR 140.5 ...)
- {DSA-6078-1}
+ {DSA-6078-1 DLA-4401-1}
- firefox 146.0-1
- firefox-esr 140.6.0esr-1
- thunderbird 1:140.6.0esr-1
@@ -1607,7 +1875,7 @@ CVE-2025-14332 (Memory safety bugs present in Firefox 145 and Thunderbird 145. S
- firefox 146.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-92/#CVE-2025-14332
CVE-2025-14331 (Same-origin policy bypass in the Request Handling component. This vuln ...)
- {DSA-6078-1}
+ {DSA-6078-1 DLA-4401-1}
- firefox 146.0-1
- firefox-esr 140.6.0esr-1
- thunderbird 1:140.6.0esr-1
@@ -1615,7 +1883,7 @@ CVE-2025-14331 (Same-origin policy bypass in the Request Handling component. Thi
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-94/#CVE-2025-14331
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-96/#CVE-2025-14331
CVE-2025-14330 (JIT miscompilation in the JavaScript Engine: JIT component. This vulne ...)
- {DSA-6078-1}
+ {DSA-6078-1 DLA-4401-1}
- firefox 146.0-1
- firefox-esr 140.6.0esr-1
- thunderbird 1:140.6.0esr-1
@@ -1623,7 +1891,7 @@ CVE-2025-14330 (JIT miscompilation in the JavaScript Engine: JIT component. This
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-94/#CVE-2025-14330
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-96/#CVE-2025-14330
CVE-2025-14329 (Privilege escalation in the Netmonitor component. This vulnerability a ...)
- {DSA-6078-1}
+ {DSA-6078-1 DLA-4401-1}
- firefox 146.0-1
- firefox-esr 140.6.0esr-1
- thunderbird 1:140.6.0esr-1
@@ -1631,7 +1899,7 @@ CVE-2025-14329 (Privilege escalation in the Netmonitor component. This vulnerabi
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-94/#CVE-2025-14329
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-96/#CVE-2025-14329
CVE-2025-14328 (Privilege escalation in the Netmonitor component. This vulnerability a ...)
- {DSA-6078-1}
+ {DSA-6078-1 DLA-4401-1}
- firefox 146.0-1
- firefox-esr 140.6.0esr-1
- thunderbird 1:140.6.0esr-1
@@ -1645,7 +1913,7 @@ CVE-2025-14326 (Use-after-free in the Audio/Video: GMP component. This vulnerabi
- firefox 146.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-92/#CVE-2025-14326
CVE-2025-14325 (JIT miscompilation in the JavaScript Engine: JIT component. This vulne ...)
- {DSA-6078-1}
+ {DSA-6078-1 DLA-4401-1}
- firefox 146.0-1
- firefox-esr 140.6.0esr-1
- thunderbird 1:140.6.0esr-1
@@ -1653,7 +1921,7 @@ CVE-2025-14325 (JIT miscompilation in the JavaScript Engine: JIT component. This
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-94/#CVE-2025-14325
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-96/#CVE-2025-14325
CVE-2025-14324 (JIT miscompilation in the JavaScript Engine: JIT component. This vulne ...)
- {DSA-6078-1}
+ {DSA-6078-1 DLA-4401-1}
- firefox 146.0-1
- firefox-esr 140.6.0esr-1
- thunderbird 1:140.6.0esr-1
@@ -1661,7 +1929,7 @@ CVE-2025-14324 (JIT miscompilation in the JavaScript Engine: JIT component. This
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-94/#CVE-2025-14324
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-96/#CVE-2025-14324
CVE-2025-14323 (Privilege escalation in the DOM: Notifications component. This vulnera ...)
- {DSA-6078-1}
+ {DSA-6078-1 DLA-4401-1}
- firefox 146.0-1
- firefox-esr 140.6.0esr-1
- thunderbird 1:140.6.0esr-1
@@ -1669,7 +1937,7 @@ CVE-2025-14323 (Privilege escalation in the DOM: Notifications component. This v
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-94/#CVE-2025-14323
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-96/#CVE-2025-14323
CVE-2025-14322 (Sandbox escape due to incorrect boundary conditions in the Graphics: C ...)
- {DSA-6078-1}
+ {DSA-6078-1 DLA-4401-1}
- firefox 146.0-1
- firefox-esr 140.6.0esr-1
- thunderbird 1:140.6.0esr-1
@@ -1677,7 +1945,7 @@ CVE-2025-14322 (Sandbox escape due to incorrect boundary conditions in the Graph
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-94/#CVE-2025-14322
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-96/#CVE-2025-14322
CVE-2025-14321 (Use-after-free in the WebRTC: Signaling component. This vulnerability ...)
- {DSA-6078-1}
+ {DSA-6078-1 DLA-4401-1}
- firefox 146.0-1
- firefox-esr 140.6.0esr-1
- thunderbird 1:140.6.0esr-1
@@ -5737,7 +6005,7 @@ CVE-2025-13674 (BPv7 dissector crash in Wireshark 4.6.0 allows denial of service
NOTE: Crash in CLI tool, no security impact
CVE-2025-13611 (GitLab has remediated an issue in GitLab CE/EE affecting all versions ...)
- gitlab <unfixed>
-CVE-2025-14512
+CVE-2025-14512 (A flaw was found in glib. This vulnerability allows a heap buffer over ...)
- glib2.0 2.86.3-1 (bug #1122346)
[trixie] - glib2.0 <no-dsa> (Minor issue)
[bookworm] - glib2.0 <no-dsa> (Minor issue)
@@ -216396,7 +216664,7 @@ CVE-2023-7098 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as pro
NOT-FOR-US: icret EasyImages
CVE-2023-7097 (A vulnerability classified as critical has been found in code-projects ...)
NOT-FOR-US: code-projects Water Billing System
-CVE-2023-7096 (A vulnerability was found in code-projects Faculty Management System 1 ...)
+CVE-2023-7096 (A flaw has been found in code-projects Faculty Management System 1.0. ...)
NOT-FOR-US: code-projects Faculty Management System
CVE-2023-7095 (A vulnerability, which was classified as critical, has been found in T ...)
NOT-FOR-US: TOTOLINK
@@ -362024,7 +362292,7 @@ CVE-2021-4157 (An out of memory bounds write flaw (1 or 2 bytes of memory) in th
[stretch] - linux 4.9.272-1
NOTE: https://git.kernel.org/linus/ed34695e15aba74f45247f1ee2cf7e09d449f925 (5.13-rc1)
CVE-2021-4156 (An out-of-bounds read flaw was found in libsndfile's FLAC codec functi ...)
- {DLA-3126-1 DLA-3058-1}
+ {DLA-4402-1 DLA-3126-1 DLA-3058-1}
- libsndfile 1.1.0-1 (bug #1014713)
NOTE: https://github.com/libsndfile/libsndfile/issues/731
NOTE: https://github.com/libsndfile/libsndfile/commit/ced91d7b971be6173b604154c39279ce90ad87cc (1.1.0beta1)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/85495e41d40e61b78b74b179828180c45fed7886
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/85495e41d40e61b78b74b179828180c45fed7886
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251211/b746cb1c/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list