[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Jul 6 21:12:11 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1cdc4350 by security tracker role at 2025-07-06T20:11:59+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,4 +1,36 @@
-CVE-2025-38235 [HID: appletb-kbd: fix "appletb_backlight" backlight device reference counting]
+CVE-2025-7092 (A vulnerability has been found in Belkin F9K1122 1.00.33 and classifie ...)
+	TODO: check
+CVE-2025-7091 (A vulnerability was found in Belkin F9K1122 1.00.33. It has been class ...)
+	TODO: check
+CVE-2025-7090 (A vulnerability, which was classified as critical, has been found in B ...)
+	TODO: check
+CVE-2025-7089 (A vulnerability was found in Belkin F9K1122 1.00.33 and classified as  ...)
+	TODO: check
+CVE-2025-7088 (A vulnerability, which was classified as critical, was found in Belkin ...)
+	TODO: check
+CVE-2025-7087 (A vulnerability classified as critical was found in Belkin F9K1122 1.0 ...)
+	TODO: check
+CVE-2025-7086 (A vulnerability classified as critical has been found in Belkin F9K112 ...)
+	TODO: check
+CVE-2025-7085 (A vulnerability was found in Belkin F9K1122 1.00.33. It has been rated ...)
+	TODO: check
+CVE-2025-7084 (A vulnerability was found in Belkin F9K1122 1.00.33. It has been decla ...)
+	TODO: check
+CVE-2025-7083 (A vulnerability was found in Belkin F9K1122 1.00.33. It has been class ...)
+	TODO: check
+CVE-2025-7082 (A vulnerability was found in Belkin F9K1122 1.00.33 and classified as  ...)
+	TODO: check
+CVE-2025-7081 (A vulnerability has been found in Belkin F9K1122 1.00.33 and classifie ...)
+	TODO: check
+CVE-2025-7080 (A vulnerability, which was classified as problematic, was found in Don ...)
+	TODO: check
+CVE-2025-7079 (A vulnerability, which was classified as problematic, has been found i ...)
+	TODO: check
+CVE-2025-7078 (A vulnerability classified as problematic was found in 07FLYCMS, 07FLY ...)
+	TODO: check
+CVE-2025-5333 (Remote attackers can execute arbitrary code in the context of the vuln ...)
+	TODO: check
+CVE-2025-38235 (In the Linux kernel, the following vulnerability has been resolved:  H ...)
 	- linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/4540e41e753a7d69ecd3f5bad51fe620205c3a18 (6.16-rc4)
 CVE-2025-7077 (A vulnerability classified as critical has been found in Shenzhen Libi ...)
@@ -3139,7 +3171,7 @@ CVE-2025-6431 (When a link can be opened in an external application, Firefox for
 	- firefox <not-affected> (Android-specific)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-51/#CVE-2025-6431
 CVE-2025-6430 (When a file download is specified via the `Content-Disposition` header ...)
-	{DSA-5950-1 DLA-4231-1}
+	{DSA-5959-1 DSA-5950-1 DLA-4231-1}
 	- firefox 140.0-1
 	- firefox-esr 128.12.0esr-1
 	- thunderbird 1:128.12.0esr-1
@@ -3147,7 +3179,7 @@ CVE-2025-6430 (When a file download is specified via the `Content-Disposition` h
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-53/#CVE-2025-6430
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-54/#CVE-2025-6430
 CVE-2025-6429 (Firefox could have incorrectly parsed a URL and rewritten it to the yo ...)
-	{DSA-5950-1 DLA-4231-1}
+	{DSA-5959-1 DSA-5950-1 DLA-4231-1}
 	- firefox 140.0-1
 	- firefox-esr 128.12.0esr-1
 	- thunderbird 1:128.12.0esr-1
@@ -3168,7 +3200,7 @@ CVE-2025-6426 (The executable file warning did not warn users before opening fil
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-53/#CVE-2025-6426
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-54/#CVE-2025-6426
 CVE-2025-6425 (An attacker who enumerated resources from the WebCompat extension coul ...)
-	{DSA-5950-1 DLA-4231-1}
+	{DSA-5959-1 DSA-5950-1 DLA-4231-1}
 	- firefox 140.0-1
 	- firefox-esr 128.12.0esr-1
 	- thunderbird 1:128.12.0esr-1
@@ -3176,7 +3208,7 @@ CVE-2025-6425 (An attacker who enumerated resources from the WebCompat extension
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-53/#CVE-2025-6425
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-54/#CVE-2025-6425
 CVE-2025-6424 (A use-after-free in FontFaceSet resulted in a potentially exploitable  ...)
-	{DSA-5950-1 DLA-4231-1}
+	{DSA-5959-1 DSA-5950-1 DLA-4231-1}
 	- firefox 140.0-1
 	- firefox-esr 128.12.0esr-1
 	- thunderbird 1:128.12.0esr-1
@@ -7579,6 +7611,7 @@ CVE-2024-1244 (Improper input validation in the OSSEC HIDS agent for Windows pri
 CVE-2024-1243 (Improper input validation in the Wazuh agent for Windows prior to vers ...)
 	NOT-FOR-US: Wazuh agent for Windows
 CVE-2025-5986 (A crafted HTML email using mailbox:/// links can trigger automatic, un ...)
+	{DSA-5959-1}
 	- thunderbird 1:128.12.0esr-1
 	[bullseye] - thunderbird <postponed> (Minor issue; can be fixed in next update)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-49/#CVE-2025-5986



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1cdc4350c1d2679c50f8d64624b7f7a546d1dd05

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1cdc4350c1d2679c50f8d64624b7f7a546d1dd05
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250706/48bc6ce2/attachment.htm>

More information about the debian-security-tracker-commits mailing list