[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Jul 26 09:12:09 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5e665831 by security tracker role at 2025-07-26T08:12:01+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,9 +1,75 @@
-CVE-2025-8177
+CVE-2025-8198 (The MinimogWP \u2013 The High Converting eCommerce WordPress Theme the ...)
+	TODO: check
+CVE-2025-8181 (A vulnerability, which was classified as critical, was found in TOTOLI ...)
+	TODO: check
+CVE-2025-8180 (A vulnerability, which was classified as critical, has been found in T ...)
+	TODO: check
+CVE-2025-8179 (A vulnerability classified as critical was found in PHPGurukul Local S ...)
+	TODO: check
+CVE-2025-8178 (A vulnerability classified as critical has been found in Tenda AC10 16 ...)
+	TODO: check
+CVE-2025-8175 (A vulnerability was found in D-Link DI-8400 16.07.26A1. It has been cl ...)
+	TODO: check
+CVE-2025-8174 (A vulnerability was found in code-projects Voting System 1.0 and class ...)
+	TODO: check
+CVE-2025-8173 (A vulnerability has been found in 1000 Projects ABC Courier Management ...)
+	TODO: check
+CVE-2025-8172 (A vulnerability, which was classified as critical, was found in itsour ...)
+	TODO: check
+CVE-2025-8171 (A vulnerability, which was classified as critical, has been found in c ...)
+	TODO: check
+CVE-2025-8170 (A vulnerability classified as critical was found in TOTOLINK T6 4.1.5c ...)
+	TODO: check
+CVE-2025-8169 (A vulnerability classified as critical has been found in D-Link DIR-51 ...)
+	TODO: check
+CVE-2025-8103 (The WPeMatico RSS Feed Fetcher plugin for WordPress is vulnerable to C ...)
+	TODO: check
+CVE-2025-8101 (Improperly Controlled Modification of Object Prototype Attributes ('Pr ...)
+	TODO: check
+CVE-2025-8097 (The WoodMart theme for WordPress is vulnerable to Improper Input Valid ...)
+	TODO: check
+CVE-2025-7501 (The Wonder Slider Lite plugin for WordPress is vulnerable to Stored Cr ...)
+	TODO: check
+CVE-2025-6991 (The kallyas theme for WordPress is vulnerable to Local File Inclusion  ...)
+	TODO: check
+CVE-2025-6989 (The Kallyas theme for WordPress is vulnerable to arbitrary folder dele ...)
+	TODO: check
+CVE-2025-6987 (The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross ...)
+	TODO: check
+CVE-2025-6895 (The Melapress Login Security plugin for WordPress is vulnerable to Aut ...)
+	TODO: check
+CVE-2025-5529 (The Educenter theme for WordPress is vulnerable to Stored Cross-Site S ...)
+	TODO: check
+CVE-2025-54416 (tj-actions/branch-names is a Github actions repository that contains w ...)
+	TODO: check
+CVE-2025-54415 (dag-factory is a library for Apache Airflow\xae to construct DAGs decl ...)
+	TODO: check
+CVE-2025-54414 (Anubis is a Web AI Firewall Utility that weighs the soul of users' con ...)
+	TODO: check
+CVE-2025-54413 (skops is a Python library which helps users share and ship their sciki ...)
+	TODO: check
+CVE-2025-54412 (skops is a Python library which helps users share and ship their sciki ...)
+	TODO: check
+CVE-2025-54385 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
+	TODO: check
+CVE-2025-54380 (Opencast is a free, open-source platform to support the management of  ...)
+	TODO: check
+CVE-2025-54378 (HAX CMS allows you to manage your microsite universe with PHP or NodeJ ...)
+	TODO: check
+CVE-2025-54366 (FreeScout is a lightweight free open source help desk and shared inbox ...)
+	TODO: check
+CVE-2025-50185 (DbGate is cross-platform database manager. In versions 6.6.0 and below ...)
+	TODO: check
+CVE-2025-50184 (DbGate is cross-platform database manager. In versions 6.4.3-premium-b ...)
+	TODO: check
+CVE-2024-13507 (The GeoDirectory \u2013 WP Business Directory Plugin and Classified Li ...)
+	TODO: check
+CVE-2025-8177 (A vulnerability was found in LibTIFF up to 4.7.0. It has been rated as ...)
 	- tiff <unfixed> (unimportant)
 	NOTE: https://gitlab.com/libtiff/libtiff/-/issues/715
 	NOTE: https://gitlab.com/libtiff/libtiff/-/merge_requests/737
 	NOTE: Crash in CLI tool, no security impact
-CVE-2025-8176
+CVE-2025-8176 (A vulnerability was found in LibTIFF up to 4.7.0. It has been declared ...)
 	- tiff <unfixed> (unimportant)
 	NOTE: https://gitlab.com/libtiff/libtiff/-/issues/707
 	NOTE: https://gitlab.com/libtiff/libtiff/-/merge_requests/727
@@ -203713,7 +203779,7 @@ CVE-2023-2276 (The WCFM Membership \u2013 WooCommerce Memberships for Multivendo
 CVE-2023-2275 (The WooCommerce Multivendor Marketplace \u2013 REST API plugin for Wor ...)
 	NOT-FOR-US: WooCommerce plugin
 CVE-2023-2274
-	RESERVED
+	REJECTED
 CVE-2023-2273 (Rapid7 Insight Agent token handler versions 3.2.6 and below, suffer fr ...)
 	NOT-FOR-US: Rapid7
 CVE-2023-2272 (The Tiempo.com WordPress plugin through 0.1.2 does not sanitise and es ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e66583141bf6c19434c652021d0883540011662

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e66583141bf6c19434c652021d0883540011662
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250726/b94072e5/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list