[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Dec 22 08:14:59 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ddb6dd71 by security tracker role at 2025-12-22T08:13:16+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,59 @@
+CVE-2025-8305 (An authenticated local user can obtain information that allows claimin ...)
+	TODO: check
+CVE-2025-8304 (An authenticated local user can obtain information that allows claimin ...)
+	TODO: check
+CVE-2025-62955 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
+	TODO: check
+CVE-2025-62926 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+	TODO: check
+CVE-2025-62901 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+	TODO: check
+CVE-2025-59301 (Delta Electronics DVP15MC11Tlacks proper validation of the modbus/tcp  ...)
+	TODO: check
+CVE-2025-15016 (Enterprise Cloud Database developed by Ragic has a Hard-coded Cryptogr ...)
+	TODO: check
+CVE-2025-15015 (Enterprise Cloud Database developed by Ragic has a Arbitrary File Read ...)
+	TODO: check
+CVE-2025-15014 (A security flaw has been discovered in loganhong php loganSite up to c ...)
+	TODO: check
+CVE-2025-15013 (A vulnerability was identified in floooh sokol up to 5d11344150973f15e ...)
+	TODO: check
+CVE-2025-15012 (A vulnerability was determined in code-projects Refugee Food Managemen ...)
+	TODO: check
+CVE-2025-15011 (A vulnerability was found in code-projects Simple Stock System 1.0. Im ...)
+	TODO: check
+CVE-2025-15010 (A vulnerability has been found in Tenda WH450 1.0.0.18. This issue aff ...)
+	TODO: check
+CVE-2025-15009 (A flaw has been found in liweiyi ChestnutCMS up to 1.5.8. This vulnera ...)
+	TODO: check
+CVE-2025-15008 (A vulnerability was detected in Tenda WH450 1.0.0.18. This affects an  ...)
+	TODO: check
+CVE-2025-15007 (A security vulnerability has been detected in Tenda WH450 1.0.0.18. Af ...)
+	TODO: check
+CVE-2025-15006 (A weakness has been identified in Tenda WH450 1.0.0.18. Affected by th ...)
+	TODO: check
+CVE-2025-15005 (A security flaw has been discovered in CouchCMS up to 2.4. Affected is ...)
+	TODO: check
+CVE-2025-15004 (A vulnerability was identified in DedeCMS up to 5.7.118. This impacts  ...)
+	TODO: check
+CVE-2025-15003 (A vulnerability was found in SeaCMS up to 13.3. The impacted element i ...)
+	TODO: check
+CVE-2025-15002 (A vulnerability has been found in SeaCMS up to 13.3. The affected elem ...)
+	TODO: check
+CVE-2025-12049 (Missing Authentication for Critical Function vulnerability in Sharp Di ...)
+	TODO: check
+CVE-2025-11545 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
+	TODO: check
+CVE-2025-11544 (Improper Validation of Integrity Check Value vulnerability in Sharp Di ...)
+	TODO: check
+CVE-2025-11543 (Improper Validation of Integrity Check Value vulnerability in Sharp Di ...)
+	TODO: check
+CVE-2025-11542 (Stack-based Buffer Overflow vulnerability in Sharp Display Solutions p ...)
+	TODO: check
+CVE-2025-11541 (Stack-based Buffer Overflow vulnerability in Sharp Display Solutions p ...)
+	TODO: check
+CVE-2025-11540 (Path Traversal vulnerability in Sharp Display Solutions projectors all ...)
+	TODO: check
 CVE-2025-14995 (A vulnerability has been found in Tenda FH1201 1.2.0.14(408). Affected ...)
 	NOT-FOR-US: Tenda
 CVE-2025-9343 (The ELEX WordPress HelpDesk & Customer Ticketing System plugin for Wor ...)
@@ -4673,6 +4729,7 @@ CVE-2025-66675 (Denial of Service vulnerability in Apache Struts, file leak in m
 	- libstruts1.2-java <removed>
 	NOTE: https://cwiki.apache.org/confluence/display/WW/S2-068
 CVE-2025-66004 (A Path Traversal vulnerability in usbmuxd allows local users to escala ...)
+	{DLA-4417-1}
 	- usbmuxd <unfixed> (bug #1122507)
 	NOTE: https://bugzilla.opensuse.org/show_bug.cgi?id=1254302
 	NOTE: https://github.com/libimobiledevice/usbmuxd/issues/272
@@ -404110,7 +404167,7 @@ CVE-2021-32839 (sqlparse is a non-validating SQL parser module for Python. In sq
 CVE-2021-32838 (Flask-RESTX (pypi package flask-restx) is a community driven fork of F ...)
 	NOT-FOR-US: Flask restx
 CVE-2021-32837 (mechanize, a library for automatically interacting with HTTP web serve ...)
-	{DLA-3460-1}
+	{DLA-4418-1 DLA-3460-1}
 	- python-mechanize 1:0.4.7-1
 	NOTE: https://securitylab.github.com/advisories/GHSL-2021-108-python-mechanize-mechanize/
 	NOTE: https://github.com/python-mechanize/mechanize/commit/dd05334448e9f39814bab044d2eaa5ef69b410d6 (v0.4.6)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ddb6dd713dd031ea6a4d0c180351f185e6914f5f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ddb6dd713dd031ea6a4d0c180351f185e6914f5f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251222/440a9a6c/attachment.htm>

More information about the debian-security-tracker-commits mailing list