[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jul 17 09:12:21 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c606542b by security tracker role at 2025-07-17T08:12:13+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,47 @@
+CVE-2025-7735 (The Hospital Information System developed by UNIMAX has a SQL Injectio ...)
+	TODO: check
+CVE-2025-7729 (A vulnerability classified as problematic was found in Scada-LTS up to ...)
+	TODO: check
+CVE-2025-7728 (A vulnerability classified as problematic has been found in Scada-LTS  ...)
+	TODO: check
+CVE-2025-7712 (The Madara - Core plugin for WordPress is vulnerable to arbitrary file ...)
+	TODO: check
+CVE-2025-6983 (A   Clickjackingvulnerability in TP-Link Archer C1200 web management p ...)
+	TODO: check
+CVE-2025-5396 (The Bears Backup plugin for WordPress is vulnerable to Remote Code Exe ...)
+	TODO: check
+CVE-2025-4302 (The Stop User Enumeration WordPress plugin before version 1.7.3 blocks ...)
+	TODO: check
+CVE-2025-34132 (A command injection vulnerability exists in LILIN Digital Video Record ...)
+	TODO: check
+CVE-2025-34130 (An unauthenticated arbitrary file read exists in LILIN Digital Video R ...)
+	TODO: check
+CVE-2025-34129 (A command injection vulnerability exists in LILIN LILIN Digital Video  ...)
+	TODO: check
+CVE-2025-34128 (A buffer overflow vulnerability exists in the X360 VideoPlayer ActiveX ...)
+	TODO: check
+CVE-2025-34127 (A stack-based buffer overflow exists in Achat v0.150 in its default co ...)
+	TODO: check
+CVE-2025-34126 (A path traversal vulnerability exists in RIPS Scanner version 0.54. Th ...)
+	TODO: check
+CVE-2025-34125 (An unauthenticated command injection vulnerability exists in the cooki ...)
+	TODO: check
+CVE-2025-34124 (A buffer overflow vulnerability exists in Heroes of Might and Magic II ...)
+	TODO: check
+CVE-2025-34123 (A stack-based buffer overflow vulnerability exists in VideoCharge Stud ...)
+	TODO: check
+CVE-2025-34121 (An unauthenticated arbitrary file upload vulnerability exists in Idera ...)
+	TODO: check
+CVE-2025-34120 (An unauthenticated file download vulnerability exists in LimeSurvey ve ...)
+	TODO: check
+CVE-2025-34119 (A remote file disclosure vulnerability exists in EasyCafe Server 2.2.1 ...)
+	TODO: check
+CVE-2025-34118 (A path traversal vulnerability exists in Linknat VOS Manager versions  ...)
+	TODO: check
+CVE-2025-34117 (A remote code execution vulnerability exists in multiple Netcore and N ...)
+	TODO: check
+CVE-2024-12498
+	REJECTED
 CVE-2025-7703 (Authentication vulnerability in the mobile application\uff08tech.palm. ...)
 	NOT-FOR-US: TECNO Mobile
 CVE-2025-7699 (An improper access control vulnerability  was found in the EZ Sync Man ...)
@@ -418,9 +462,11 @@ CVE-2025-30761 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise E
 CVE-2025-7667 (The Restrict File Access plugin for WordPress is vulnerable to Cross-S ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-7657 (Use after free in WebRTC in Google Chrome prior to 138.0.7204.157 allo ...)
+	{DSA-5963-1}
 	- chromium 138.0.7204.157-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2025-7656 (Integer overflow in V8 in Google Chrome prior to 138.0.7204.157 allowe ...)
+	{DSA-5963-1}
 	- chromium 138.0.7204.157-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2025-7042 (Use After Free vulnerability exists in the IPT file reading procedure  ...)
@@ -438,6 +484,7 @@ CVE-2025-6965 (There exists a vulnerability in SQLite versions before 3.50.2 whe
 	[bookworm] - sqlite3 <no-dsa> (Minor issue)
 	NOTE: https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8
 CVE-2025-6558 (Insufficient validation of untrusted input in ANGLE and GPU in Google  ...)
+	{DSA-5963-1}
 	- chromium 138.0.7204.157-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2025-53959 (In JetBrains YouTrack before 2025.2.86069,  2024.3.85077,  2025.1.8619 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c606542bd35cbf80c5b7be472575bd5041eae442

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c606542bd35cbf80c5b7be472575bd5041eae442
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250717/d3b4e0f2/attachment.htm>

More information about the debian-security-tracker-commits mailing list