[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Dec 15 08:13:00 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
894f1317 by security tracker role at 2025-12-15T08:12:51+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,75 @@
+CVE-2025-67907
+	REJECTED
+CVE-2025-67906 (In MISP before 2.5.28, app/View/Elements/Workflows/executionPath.ctp a ...)
+	TODO: check
+CVE-2025-67901 (openrsync through 0.5.0, as used in OpenBSD through 7.8 and on other p ...)
+	TODO: check
+CVE-2025-67900 (NXLog Agent before 6.11 can load a file specified by the OPENSSL_CONF  ...)
+	TODO: check
+CVE-2025-67899 (uriparser through 0.9.9 allows unbounded recursion and stack consumpti ...)
+	TODO: check
+CVE-2025-67898 (MJML through 4.18.0 allows mj-include directory traversal to test file ...)
+	TODO: check
+CVE-2025-14712 (Student Learning Assessment and Support System developed by JHENG GAO  ...)
+	TODO: check
+CVE-2025-14710 (A vulnerability was detected in FantasticLBP Hotels Server up to 67b44 ...)
+	TODO: check
+CVE-2025-14709 (A security vulnerability has been detected in Shiguangwu sgwbox N3 2.0 ...)
+	TODO: check
+CVE-2025-14708 (A weakness has been identified in Shiguangwu sgwbox N3 2.0.25. Affecte ...)
+	TODO: check
+CVE-2025-14707 (A security flaw has been discovered in Shiguangwu sgwbox N3 2.0.25. Af ...)
+	TODO: check
+CVE-2025-14706 (A vulnerability was identified in Shiguangwu sgwbox N3 2.0.25. This im ...)
+	TODO: check
+CVE-2025-14705 (A vulnerability was determined in Shiguangwu sgwbox N3 2.0.25. This af ...)
+	TODO: check
+CVE-2025-14704 (A vulnerability was found in Shiguangwu sgwbox N3 2.0.25. The impacted ...)
+	TODO: check
+CVE-2025-14703 (A vulnerability has been found in Shiguangwu sgwbox N3 2.0.25. The aff ...)
+	TODO: check
+CVE-2025-14702 (A flaw has been found in Smartbit CommV Smartschool App up to 10.4.4.  ...)
+	TODO: check
+CVE-2025-14699 (A security vulnerability has been detected in Municorn FAX App 3.27.0  ...)
+	TODO: check
+CVE-2025-14698 (A weakness has been identified in atlaszz AI Photo Team Galleryit App  ...)
+	TODO: check
+CVE-2025-14697 (A security flaw has been discovered in Shenzhen Sixun Software Sixun S ...)
+	TODO: check
+CVE-2025-14696 (A vulnerability was identified in Shenzhen Sixun Software Sixun Shangh ...)
+	TODO: check
+CVE-2025-14695 (A vulnerability was determined in SamuNatsu HaloBot up to 026b01d4a896 ...)
+	TODO: check
+CVE-2025-14694 (A vulnerability was found in ketr JEPaaS up to 7.2.8. This impacts the ...)
+	TODO: check
+CVE-2025-14693 (A vulnerability has been found in Ugreen DH2100+ up to 5.3.0. This aff ...)
+	TODO: check
+CVE-2025-14692 (A flaw has been found in Mayan EDMS up to 4.10.1. The impacted element ...)
+	TODO: check
+CVE-2025-14691 (A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected  ...)
+	TODO: check
+CVE-2025-14549 (In the Eclipse OMR compiler component, since release 0.7.0, an optimiz ...)
+	TODO: check
+CVE-2025-14023 (LINE client for iOS prior to 15.19 allows UI spoofing due to inconsist ...)
+	TODO: check
+CVE-2025-14022 (LINE client for iOS prior to 15.4 allows man-in-the-middle attacks due ...)
+	TODO: check
+CVE-2025-14021 (The in-app browser in LINE client for iOS versions prior to 14.14 is v ...)
+	TODO: check
+CVE-2025-14020 (LINE client for Android versions prior to 14.20 contains a UI spoofing ...)
+	TODO: check
+CVE-2025-14019 (LINE client for Android versions from 13.8 to 15.5 is vulnerable to UI ...)
+	TODO: check
+CVE-2025-13740 (The Lightweight Accordion plugin for WordPress is vulnerable to Stored ...)
+	TODO: check
+CVE-2025-13355 (The URL Shortify  WordPress plugin before 1.11.4 does not sanitise and ...)
+	TODO: check
+CVE-2025-13281 (A half-blind Server Side Request Forgery (SSRF) vulnerability exists i ...)
+	TODO: check
+CVE-2025-12684 (The URL Shortify  WordPress plugin before 1.11.3 does not sanitize and ...)
+	TODO: check
+CVE-2025-11363 (The Royal Addons for Elementor  WordPress plugin before 1.7.1037 does  ...)
+	TODO: check
 CVE-2025-14674 (A vulnerability was found in aizuda snail-job up to 1.6.0. Affected by ...)
 	NOT-FOR-US: snail-job
 CVE-2025-14673 (A vulnerability has been found in gmg137 snap7-rs up to 1.142.1. Affec ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/894f1317cffac993bc5363e4a3abf7d3c49c5a3f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/894f1317cffac993bc5363e4a3abf7d3c49c5a3f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251215/13d5ecdc/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list