[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Mar 3 08:13:02 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4010056f by security tracker role at 2025-03-03T08:12:25+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,97 @@
+CVE-2025-27590 (In oxidized-web (aka Oxidized Web) before 0.15.0, the RANCID migration ...)
+	TODO: check
+CVE-2025-27585 (A stored cross-site scripting (XSS) vulnerability in Serosoft Solution ...)
+	TODO: check
+CVE-2025-27584 (A stored cross-site scripting (XSS) vulnerability in Serosoft Solution ...)
+	TODO: check
+CVE-2025-27583 (Incorrect access control in the component /rest/staffResource/findAllU ...)
+	TODO: check
+CVE-2025-27579 (In Bitaxe ESP-Miner before 2.5.0 with AxeOS, one can use an /api/syste ...)
+	TODO: check
+CVE-2025-25953 (Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) E ...)
+	TODO: check
+CVE-2025-25952 (An Insecure Direct Object References (IDOR) in the component /getStude ...)
+	TODO: check
+CVE-2025-25951 (An information disclosure vulnerability in the component /rest/cb/exec ...)
+	TODO: check
+CVE-2025-25950 (Incorrect access control in the component /rest/staffResource/update o ...)
+	TODO: check
+CVE-2025-25949 (A stored cross-site scripting (XSS) vulnerability in Serosoft Solution ...)
+	TODO: check
+CVE-2025-25948 (Incorrect access control in the component /rest/staffResource/create o ...)
+	TODO: check
+CVE-2025-20653 (In da, there is a possible out of bounds read due to an integer overfl ...)
+	TODO: check
+CVE-2025-20652 (In V5 DA, there is a possible out of bounds read due to a missing boun ...)
+	TODO: check
+CVE-2025-20651 (In da, there is a possible out of bounds read due to a missing bounds  ...)
+	TODO: check
+CVE-2025-20650 (In da, there is a possible out of bounds write due to a missing bounds ...)
+	TODO: check
+CVE-2025-20649 (In Bluetooth Stack SW, there is a possible information disclosure due  ...)
+	TODO: check
+CVE-2025-20648 (In apu, there is a possible out of bounds read due to a missing bounds ...)
+	TODO: check
+CVE-2025-20647 (In Modem, there is a possible system crash due to a missing bounds che ...)
+	TODO: check
+CVE-2025-20646 (In wlan AP FW, there is a possible out of bounds write due to improper ...)
+	TODO: check
+CVE-2025-20645 (In KeyInstall, there is a possible out of bounds write due to a missin ...)
+	TODO: check
+CVE-2025-20644 (In Modem, there is a possible memory corruption due to incorrect error ...)
+	TODO: check
+CVE-2025-1857 (A vulnerability classified as critical has been found in PHPGurukul Ni ...)
+	TODO: check
+CVE-2025-1856 (A vulnerability was found in Codezips Gym Management System 1.0. It ha ...)
+	TODO: check
+CVE-2025-1855 (A vulnerability was found in PHPGurukul Online Shopping Portal 2.1. It ...)
+	TODO: check
+CVE-2025-1854 (A vulnerability was found in Codezips Gym Management System 1.0. It ha ...)
+	TODO: check
+CVE-2025-1853 (A vulnerability was found in Tenda AC8 16.03.34.06 and classified as c ...)
+	TODO: check
+CVE-2025-1852 (A vulnerability has been found in Totolink EX1800T 9.1.0cu.2112_B20220 ...)
+	TODO: check
+CVE-2025-1851 (A vulnerability, which was classified as critical, was found in Tenda  ...)
+	TODO: check
+CVE-2025-1850 (A vulnerability, which was classified as critical, has been found in C ...)
+	TODO: check
+CVE-2025-1849 (A vulnerability classified as critical was found in zj1983 zz up to 20 ...)
+	TODO: check
+CVE-2025-1848 (A vulnerability classified as critical has been found in zj1983 zz up  ...)
+	TODO: check
+CVE-2025-1847 (A vulnerability was found in zj1983 zz up to 2024-8. It has been rated ...)
+	TODO: check
+CVE-2025-1846 (A vulnerability was found in zj1983 zz up to 2024-8. It has been decla ...)
+	TODO: check
+CVE-2025-1845 (A vulnerability has been found in ESAFENET DSM 3.1.2 and classified as ...)
+	TODO: check
+CVE-2025-1844 (A vulnerability, which was classified as critical, was found in ESAFEN ...)
+	TODO: check
+CVE-2025-1843 (A vulnerability, which was classified as critical, has been found in M ...)
+	TODO: check
+CVE-2025-1842 (A vulnerability classified as problematic was found in FITSTATS Techno ...)
+	TODO: check
+CVE-2025-1841 (A vulnerability classified as critical has been found in ESAFENET CDG  ...)
+	TODO: check
+CVE-2025-1840 (A vulnerability was found in ESAFENET CDG 5.6.3.154.205. It has been r ...)
+	TODO: check
+CVE-2025-1836 (A vulnerability was found in Incorta 2023.4.3. It has been classified  ...)
+	TODO: check
+CVE-2025-1835 (A vulnerability has been found in osuuu LightPicture 1.2.2 and classif ...)
+	TODO: check
+CVE-2025-1834 (A vulnerability, which was classified as critical, was found in zj1983 ...)
+	TODO: check
+CVE-2025-1833 (A vulnerability, which was classified as critical, has been found in z ...)
+	TODO: check
+CVE-2025-1832 (A vulnerability classified as critical was found in zj1983 zz up to 20 ...)
+	TODO: check
+CVE-2025-1723 (Zohocorp ManageEngine ADSelfService Plus versions 6510 and below are v ...)
+	TODO: check
+CVE-2024-53386 (Stage.js through 0.8.10 allows DOM Clobbering (with resultant XSS for  ...)
+	TODO: check
+CVE-2024-53382 (Prism (aka PrismJS) through 1.29.0 allows DOM Clobbering (with resulta ...)
+	TODO: check
 CVE-2025-1801
 	NOT-FOR-US: RedHat Ansible Automation Platform Gateway
 CVE-2024-12225
@@ -4723,7 +4817,7 @@ CVE-2025-20051 (Mattermost versions 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <
 	- mattermost-server <itp> (bug #823556)
 CVE-2025-1629 (A vulnerability was found in Excitel Broadband Private my Excitel App  ...)
 	NOT-FOR-US: Excitel Broadband Private my Excitel App
-CVE-2025-1618 (A vulnerability has been found in vTiger CRM 6.4.0 and classified as p ...)
+CVE-2025-1618 (A vulnerability has been found in vTiger CRM 6.4.0/6.5.0 and classifie ...)
 	NOT-FOR-US: vTiger CRM
 CVE-2025-1617 (A vulnerability, which was classified as problematic, was found in Net ...)
 	NOT-FOR-US: Netis WF2780



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4010056f93f25f808c6de543cebffc30f7b9d80c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4010056f93f25f808c6de543cebffc30f7b9d80c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250303/a21d3b1d/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list