[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Jul 11 09:12:36 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
093454f9 by security tracker role at 2025-07-11T08:12:28+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,129 @@
+CVE-2025-7442 (The WPGYM - Wordpress Gym Management System plugin for WordPress is vu ...)
+	TODO: check
+CVE-2025-7436 (A vulnerability was found in Campcodes Online Recruitment Management S ...)
+	TODO: check
+CVE-2025-7435 (A vulnerability was found in LiveHelperChat lhc-php-resque Extension u ...)
+	TODO: check
+CVE-2025-7434 (A vulnerability was found in Tenda FH451 up to 1.0.0.9 and classified  ...)
+	TODO: check
+CVE-2025-7423 (A vulnerability classified as critical was found in Tenda O3V2 1.0.0.1 ...)
+	TODO: check
+CVE-2025-7422 (A vulnerability classified as critical has been found in Tenda O3V2 1. ...)
+	TODO: check
+CVE-2025-7421 (A vulnerability was found in Tenda O3V2 1.0.0.12(3880). It has been ra ...)
+	TODO: check
+CVE-2025-7420 (A vulnerability was found in Tenda O3V2 1.0.0.12(3880). It has been de ...)
+	TODO: check
+CVE-2025-7419 (A vulnerability was found in Tenda O3V2 1.0.0.12(3880). It has been cl ...)
+	TODO: check
+CVE-2025-7418 (A vulnerability was found in Tenda O3V2 1.0.0.12(3880) and classified  ...)
+	TODO: check
+CVE-2025-7417 (A vulnerability has been found in Tenda O3V2 1.0.0.12(3880) and classi ...)
+	TODO: check
+CVE-2025-7416 (A vulnerability, which was classified as critical, was found in Tenda  ...)
+	TODO: check
+CVE-2025-7415 (A vulnerability, which was classified as critical, has been found in T ...)
+	TODO: check
+CVE-2025-7414 (A vulnerability classified as critical was found in Tenda O3V2 1.0.0.1 ...)
+	TODO: check
+CVE-2025-7401 (The Premium Age Verification / Restriction for WordPress plugin for Wo ...)
+	TODO: check
+CVE-2025-6745 (The WoodMart plugin for WordPress is vulnerable to Information Exposur ...)
+	TODO: check
+CVE-2025-6716 (The Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Cont ...)
+	TODO: check
+CVE-2025-6392 (Brocade SANnav before Brocade SANnav 2.4.0a could log database passwor ...)
+	TODO: check
+CVE-2025-6390 (Brocade SANnav before SANnav 2.4.0a logs passwords and pbe keys in the ...)
+	TODO: check
+CVE-2025-6200 (The GeoDirectory  WordPress plugin before 2.8.120 does not validate an ...)
+	TODO: check
+CVE-2025-6068 (The FooGallery \u2013 Responsive Photo Gallery, Image Viewer, Justifie ...)
+	TODO: check
+CVE-2025-5992 (When passing values outside of the expected range to QColorTransferGen ...)
+	TODO: check
+CVE-2025-5530 (The WPC Smart Compare for WooCommerce plugin for WordPress is vulnerab ...)
+	TODO: check
+CVE-2025-5392 (The GB Forms DB plugin for WordPress is vulnerable to Remote Code Exec ...)
+	TODO: check
+CVE-2025-5241 (Overly Restrictive Account Lockout Mechanism vulnerability in Mitsubis ...)
+	TODO: check
+CVE-2025-5028 (Installation file of ESET security products on Windows   allow an atta ...)
+	TODO: check
+CVE-2025-53864 (Connect2id Nimbus JOSE + JWT before 10.0.2 allows a remote attacker to ...)
+	TODO: check
+CVE-2025-53852
+	REJECTED
+CVE-2025-53851
+	REJECTED
+CVE-2025-53850
+	REJECTED
+CVE-2025-53849
+	REJECTED
+CVE-2025-53848
+	REJECTED
+CVE-2025-53637 (Meshtastic is an open source mesh networking solution. The main_matrix ...)
+	TODO: check
+CVE-2025-53519 (A vulnerability exists in Advantech iView versions prior to 5.7.05 bui ...)
+	TODO: check
+CVE-2025-53515 (A vulnerability exists in Advantech iView that allows for SQL injectio ...)
+	TODO: check
+CVE-2025-53509 (A vulnerability exists in Advantech iView that allows for argument  in ...)
+	TODO: check
+CVE-2025-53475 (A vulnerability exists in Advantech iView that could allow for SQL  in ...)
+	TODO: check
+CVE-2025-53471 (Emerson ValveLink products  receive input or data, but it do not valid ...)
+	TODO: check
+CVE-2025-53397 (A vulnerability exists in Advantech iView versions prior to 5.7.05 bui ...)
+	TODO: check
+CVE-2025-52579 (Emerson ValveLink Products store sensitive information in cleartext in ...)
+	TODO: check
+CVE-2025-52577 (A vulnerability exists in Advantech iView that could allow SQL injecti ...)
+	TODO: check
+CVE-2025-52459 (A vulnerability exists in Advantech iView that allows for argument  in ...)
+	TODO: check
+CVE-2025-50109 (Emerson ValveLink Products store sensitive information in cleartext wi ...)
+	TODO: check
+CVE-2025-4662 (Brocade SANnav before SANnav 2.4.0a logs plaintext passphrases in the  ...)
+	TODO: check
+CVE-2025-4593 (The WP Register Profile With Shortcode plugin for WordPress is vulnera ...)
+	TODO: check
+CVE-2025-48891 (A vulnerability exists in Advantech iView that could allow for SQL  in ...)
+	TODO: check
+CVE-2025-48496 (Emerson ValveLink products  use a fixed or controlled search path to f ...)
+	TODO: check
+CVE-2025-46704 (A vulnerability exists in Advantech iView in  NetworkServlet.processIm ...)
+	TODO: check
+CVE-2025-46358 (Emerson ValveLink products  do not use or incorrectly uses a protectio ...)
+	TODO: check
+CVE-2025-41442 (A vulnerability exists in Advantech iView versions prior to 5.7.05 bui ...)
+	TODO: check
+CVE-2025-3947 (The Honeywell Experion PKS contains an Integer Underflow   vulnerabili ...)
+	TODO: check
+CVE-2025-3946 (The Honeywell Experion PKS   and OneWireless WDM  contains a Deploymen ...)
+	TODO: check
+CVE-2025-31267 (An authentication issue was addressed with improved state management.  ...)
+	TODO: check
+CVE-2025-30026 (The AXIS Camera Station Server had a flaw that allowed to bypass authe ...)
+	TODO: check
+CVE-2025-30025 (The communication protocol used between the server process and the ser ...)
+	TODO: check
+CVE-2025-30024 (The communication protocol used between client and server had a flaw t ...)
+	TODO: check
+CVE-2025-30023 (The communication protocol used between client and server had a flaw t ...)
+	TODO: check
+CVE-2025-2942 (The Order Delivery Date WordPress plugin before 12.6.0 discloses arbit ...)
+	TODO: check
+CVE-2025-2523 (The Honeywell Experion PKS    and OneWireless WDM   contains an Intege ...)
+	TODO: check
+CVE-2025-2522 (The Honeywell Experion PKSand OneWireless WDM    contains Sensitive In ...)
+	TODO: check
+CVE-2025-2521 (The Honeywell Experion PKS and OneWireless WDM contains a Memory Buffe ...)
+	TODO: check
+CVE-2025-24798 (Meshtastic is an open source mesh networking solution. From 1.2.1 unti ...)
+	TODO: check
+CVE-2025-1727 (The protocol used for remote linking over RF for End-of-Train and  Hea ...)
+	TODO: check
 CVE-2025-53862
 	NOT-FOR-US: Ansible Automation Platform
 CVE-2025-53861
@@ -3691,7 +3817,8 @@ CVE-2025-45083 (Incorrect access control in Ullu (Android version v2.9.929 and I
 	NOT-FOR-US: Ullu
 CVE-2025-45081 (Misconfigured settings in IITB SSO v1.1.0 allow attackers to access se ...)
 	NOT-FOR-US: IITB SSO
-CVE-2025-45080 (YONO SBI: Banking & Lifestyle v1.23.36 was discovered to use unencrypt ...)
+CVE-2025-45080
+	REJECTED
 	NOT-FOR-US: YONO SBI
 CVE-2025-45006 (Improper mstatus.SUM bit retention (non-zero) in Open-Source RISC-V Pr ...)
 	TODO: check



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/093454f95768c50b4c9c2d38b82e0ae0eb306bfd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/093454f95768c50b4c9c2d38b82e0ae0eb306bfd
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250711/0e9bbe78/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list