[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Jul 26 21:12:18 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f514a233 by security tracker role at 2025-07-26T20:12:10+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,31 @@
+CVE-2025-8207 (A vulnerability was found in Canara ai1 Mobile Banking App 3.6.23 on A ...)
+	TODO: check
+CVE-2025-8206 (A vulnerability, which was classified as problematic, was found in Com ...)
+	TODO: check
+CVE-2025-8205 (A vulnerability, which was classified as problematic, has been found i ...)
+	TODO: check
+CVE-2025-8204 (A vulnerability classified as problematic was found in Comodo Dragon u ...)
+	TODO: check
+CVE-2025-8203 (A vulnerability classified as critical has been found in Jingmen Zeyou ...)
+	TODO: check
+CVE-2025-8191 (A vulnerability, which was classified as problematic, was found in mac ...)
+	TODO: check
+CVE-2025-8190 (A vulnerability, which was classified as critical, has been found in C ...)
+	TODO: check
+CVE-2025-8189 (A vulnerability classified as critical was found in Campcodes Courier  ...)
+	TODO: check
+CVE-2025-8188 (A vulnerability classified as critical has been found in Campcodes Cou ...)
+	TODO: check
+CVE-2025-8187 (A vulnerability was found in Campcodes Courier Management System 1.0.  ...)
+	TODO: check
+CVE-2025-8186 (A vulnerability was found in Campcodes Courier Management System 1.0.  ...)
+	TODO: check
+CVE-2025-8185 (A vulnerability was found in 1000 Projects ABC Courier Management Syst ...)
+	TODO: check
+CVE-2025-8184 (A vulnerability was found in D-Link DIR-513 up to 1.10 and classified  ...)
+	TODO: check
+CVE-2025-8182 (A vulnerability has been found in Tenda AC18 15.03.05.19 and classifie ...)
+	TODO: check
 CVE-2025-23286
 	- nvidia-graphics-drivers <unfixed> (bug #1109907)
 	[bookworm] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -12796,6 +12824,7 @@ CVE-2025-6177 (Privilege Escalation in MiniOS in Google ChromeOS (16063.45.2 and
 CVE-2025-6172 (Permission vulnerability in the mobile application (com.afmobi.boompla ...)
 	NOT-FOR-US: TECNO Mobile
 CVE-2025-6170 (A flaw was found in the interactive shell of the xmllint command-line  ...)
+	{DLA-4251-1}
 	- libxml2 <unfixed> (bug #1107938; unimportant)
 	NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/941
 	NOTE: Crash in CLI tool, no security impact
@@ -13284,6 +13313,7 @@ CVE-2024-38823 (Salt's request server is vulnerable to replay attacks when not u
 CVE-2024-38822 (Multiple methods in the salt master skip minion token validation. Ther ...)
 	- salt <removed>
 CVE-2025-49794 (A use-after-free vulnerability was found in libxml2. This issue occurs ...)
+	{DLA-4251-1}
 	- libxml2 2.12.7+dfsg+really2.9.14-2 (bug #1107755)
 	[bookworm] - libxml2 <postponed> (Minor issue; revisit when fixed upstream)
 	NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/931
@@ -13296,6 +13326,7 @@ CVE-2025-49795 (A NULL pointer dereference vulnerability was found in libxml2 wh
 	NOTE: Follow up: https://gitlab.gnome.org/GNOME/libxml2/-/commit/24d7e15914588cb45e7fb41cbe4fcf785e1a4861 (master)
 	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/c24909ba2601848825b49a60f988222da3019667 (2.14)
 CVE-2025-49796 (A vulnerability was found in libxml2. Processing certain sch:name elem ...)
+	{DLA-4251-1}
 	- libxml2 2.12.7+dfsg+really2.9.14-2 (bug #1107755)
 	[bookworm] - libxml2 <no-dsa> (Minor issue)
 	NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/933
@@ -13303,6 +13334,7 @@ CVE-2025-49796 (A vulnerability was found in libxml2. Processing certain sch:nam
 CVE-2025-6031 (Amazon Cloud Cam is a home security camera that was deprecated on Dece ...)
 	NOT-FOR-US: Amazon
 CVE-2025-6021 (A flaw was found in libxml2's xmlBuildQName function, where integer ov ...)
+	{DLA-4251-1}
 	- libxml2 2.12.7+dfsg+really2.9.14-2 (bug #1107720)
 	[bookworm] - libxml2 <no-dsa> (Minor issue; does not affect the parser code)
 	NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/926
@@ -131606,7 +131638,7 @@ CVE-2024-34697 (FreeScout is a free, self-hosted help desk and shared mailbox. A
 CVE-2024-34555 (Unrestricted Upload of File with Dangerous Type vulnerability in URBAN ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-34459 (An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2. ...)
-	{DSA-5949-1}
+	{DSA-5949-1 DLA-4251-1}
 	- libxml2 2.12.7+dfsg+really2.9.14-0.4 (unimportant; bug #1071162)
 	NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/720
 	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/8ddc7f13337c9fe7c6b6e616f404b0fffb8a5145 (v2.11.8)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f514a233e05bd80a0bc77a4d6bc8c9d0ff1ad081

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f514a233e05bd80a0bc77a4d6bc8c9d0ff1ad081
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250726/6b5049b5/attachment.htm>

More information about the debian-security-tracker-commits mailing list