[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Jun 16 09:12:38 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d8c1710f by security tracker role at 2025-06-16T08:12:30+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,47 @@
+CVE-2025-6169 (The WIMP website co-construction management platform from HAMASTAR Tec ...)
+	TODO: check
+CVE-2025-6112 (A vulnerability, which was classified as critical, has been found in T ...)
+	TODO: check
+CVE-2025-6111 (A vulnerability classified as critical was found in Tenda FH1205 2.0.0 ...)
+	TODO: check
+CVE-2025-6110 (A vulnerability classified as critical has been found in Tenda FH1201  ...)
+	TODO: check
+CVE-2025-6109 (A vulnerability was found in javahongxi whatsmars 2021.4.0. It has bee ...)
+	TODO: check
+CVE-2025-6108 (A vulnerability was found in hansonwang99 Spring-Boot-In-Action up to  ...)
+	TODO: check
+CVE-2025-6107 (A vulnerability was found in comfyanonymous comfyui 0.3.40. It has bee ...)
+	TODO: check
+CVE-2025-6106 (A vulnerability was found in WuKongOpenSource WukongCRM 9.0 and classi ...)
+	TODO: check
+CVE-2025-6105 (A vulnerability has been found in jflyfox jfinal_cms 5.0.1 and classif ...)
+	TODO: check
+CVE-2025-6104 (A vulnerability, which was classified as critical, was found in Wifi-s ...)
+	TODO: check
+CVE-2025-6103 (A vulnerability, which was classified as critical, has been found in W ...)
+	TODO: check
+CVE-2025-6102 (A vulnerability classified as critical was found in Wifi-soft UniBox C ...)
+	TODO: check
+CVE-2025-6101 (A vulnerability classified as critical has been found in letta-ai lett ...)
+	TODO: check
+CVE-2025-6100 (A vulnerability was found in realguoshuai open-video-cms 1.0. It has b ...)
+	TODO: check
+CVE-2025-6099 (A vulnerability was found in szluyu99 gin-vue-blog up to 61dd11ccd296e ...)
+	TODO: check
+CVE-2025-6098 (A vulnerability was found in UTT \u8fdb\u53d6 750W up to 5.0. It has b ...)
+	TODO: check
+CVE-2025-6097 (A vulnerability was found in UTT \u8fdb\u53d6 750W up to 5.0 and class ...)
+	TODO: check
+CVE-2025-6096 (A vulnerability has been found in codesiddhant Jasmin Ransomware up to ...)
+	TODO: check
+CVE-2025-6095 (A vulnerability, which was classified as critical, was found in codesi ...)
+	TODO: check
+CVE-2025-6094 (A vulnerability, which was classified as critical, has been found in F ...)
+	TODO: check
+CVE-2025-6093 (A vulnerability classified as critical was found in uYanki board-stm32 ...)
+	TODO: check
+CVE-2025-4987 (A stored Cross-site Scripting (XSS) vulnerability affecting Opportunit ...)
+	TODO: check
 CVE-2025-6092 (A vulnerability was found in comfyanonymous comfyui up to 0.3.39. It h ...)
 	NOT-FOR-US: comfyanonymous comfyui
 CVE-2025-6091 (A vulnerability was found in H3C GR-3000AX V100R007L50. It has been cl ...)
@@ -5050,6 +5094,7 @@ CVE-2024-38866 (Improper neutralization of input in Nagvis before version 1.9.47
 	[bookworm] - nagvis <no-dsa> (Minor issue)
 	NOTE: https://github.com/NagVis/nagvis/commit/6493722cf52436dbafb2b9f1c20c3ab8b663ad0f (nagvis-1.9.47)
 CVE-2025-5222 (A stack buffer overflow was found in Internationl components for unico ...)
+	{DLA-4217-1}
 	- icu 76.1-4 (bug #1106684)
 	NOTE: https://unicode-org.atlassian.net/browse/ICU-22957
 	NOTE: Fixed by: https://github.com/unicode-org/icu/commit/2c667e31cfd0b6bb1923627a932fd3453a5bac77 (release-77-rc)
@@ -5708,6 +5753,7 @@ CVE-2024-48702 (PHPGurukul Old Age Home Management System v1.0 is vulnerable to
 CVE-2024-13945 (Stored Absolute Path Traversal vulnerabilities in ASPECT could expose  ...)
 	NOT-FOR-US: ABB group
 CVE-2023-53154 (parse_string in cJSON before 1.7.18 has a heap-based buffer over-read  ...)
+	{DLA-4216-1}
 	- cjson 1.7.18-1
 	NOTE: https://github.com/DaveGamble/cJSON/issues/800
 	NOTE: https://github.com/DaveGamble/cJSON/pull/852
@@ -204341,6 +204387,7 @@ CVE-2023-26821
 CVE-2023-26820 (siteproxy v1.0 was discovered to contain a path traversal vulnerabilit ...)
 	NOT-FOR-US: siteproxy
 CVE-2023-26819 (cJSON 1.7.15 might allow a denial of service via a crafted JSON docume ...)
+	{DLA-4216-1}
 	- cjson 1.7.18-3.1 (bug #1103687)
 	[bookworm] - cjson <no-dsa> (Minor issue)
 	NOTE: https://github.com/boofish/json_bugs/tree/main/cjson



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d8c1710fe62df6be1bc85a5a66e95af354980a3e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d8c1710fe62df6be1bc85a5a66e95af354980a3e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250616/5c9e4ef4/attachment.htm>

More information about the debian-security-tracker-commits mailing list