[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Nov 6 20:13:04 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
bd780807 by security tracker role at 2025-11-06T20:12:55+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,385 @@
+CVE-2025-6327 (Unrestricted Upload of File with Dangerous Type vulnerability in KingA ...)
+ TODO: check
+CVE-2025-6325 (Incorrect Privilege Assignment vulnerability in KingAddons.com King Ad ...)
+ TODO: check
+CVE-2025-64287 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-64232 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-64224 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-64198 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-64196 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-63589 (A reflected XSS vulnerability exists in CMSimple_XH 1.8's index.php ro ...)
+ TODO: check
+CVE-2025-63588 (An unauthenticated reflected cross-site scripting vulnerability in the ...)
+ TODO: check
+CVE-2025-63560 (An issue in KiloView Dual Channel 4k HDMI & 3G-SDI HEVC Video Encoder ...)
+ TODO: check
+CVE-2025-63551 (A Server-Side Request Forgery (SSRF) vulnerability, achievable through ...)
+ TODO: check
+CVE-2025-63307 (alexusmai laravel-file-manager 3.3.1 is vulnerable to Cross Site Scrip ...)
+ TODO: check
+CVE-2025-62950 (Cross-Site Request Forgery (CSRF) vulnerability in Wasiliy Strecker / ...)
+ TODO: check
+CVE-2025-62914 (Missing Authorization vulnerability in anibalwainstein Effect Maker ef ...)
+ TODO: check
+CVE-2025-62076 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-62075 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-62074 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-62067 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-62066 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-62065 (Unrestricted Upload of File with Dangerous Type vulnerability in Romet ...)
+ TODO: check
+CVE-2025-62064 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
+ TODO: check
+CVE-2025-62059 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-62057 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-62055 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-62053 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-62051 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-62049 (Missing Authorization vulnerability in Stylemix Cost Calculator Builde ...)
+ TODO: check
+CVE-2025-62047 (Unrestricted Upload of File with Dangerous Type vulnerability in Case- ...)
+ TODO: check
+CVE-2025-62046 (Missing Authorization vulnerability in CodexThemes TheGem Demo Import ...)
+ TODO: check
+CVE-2025-62045 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-62044 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-62041 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-62040 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-62039 (Insertion of Sensitive Information Into Sent Data vulnerability in Ays ...)
+ TODO: check
+CVE-2025-62038 (Insertion of Sensitive Information Into Sent Data vulnerability in Sov ...)
+ TODO: check
+CVE-2025-62037 (Missing Authorization vulnerability in uxper Togo togo.This issue affe ...)
+ TODO: check
+CVE-2025-62036 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-62035 (Deserialization of Untrusted Data vulnerability in uxper Togo togo.Thi ...)
+ TODO: check
+CVE-2025-62034 (Incorrect Privilege Assignment vulnerability in uxper Togo togo.This i ...)
+ TODO: check
+CVE-2025-62033 (Missing Authorization vulnerability in uxper Togo togo.This issue affe ...)
+ TODO: check
+CVE-2025-62032 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-62031 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-62030 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-62028 (Missing Authorization vulnerability in ThemeNectar Salient salient.Thi ...)
+ TODO: check
+CVE-2025-62018 (Missing Authorization vulnerability in hogash Kallyas kallyas.This iss ...)
+ TODO: check
+CVE-2025-62017 (Missing Authorization vulnerability in hogash Kallyas kallyas.This iss ...)
+ TODO: check
+CVE-2025-62016 (Unrestricted Upload of File with Dangerous Type vulnerability in hogas ...)
+ TODO: check
+CVE-2025-62014 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-62012 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-62011 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-62010 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-60541 (A Server-Side Request Forgery (SSRF) in the /api/proxy/ component of l ...)
+ TODO: check
+CVE-2025-60248 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-60247 (Missing Authorization vulnerability in Bux Bux Woocommerce bux-woocomm ...)
+ TODO: check
+CVE-2025-60245 (Deserialization of Untrusted Data vulnerability in WP User Manager WP ...)
+ TODO: check
+CVE-2025-60244 (Improper Neutralization of Script-Related HTML Tags in a Web Page (Bas ...)
+ TODO: check
+CVE-2025-60243 (Incorrect Privilege Assignment vulnerability in Holest Engineering Sel ...)
+ TODO: check
+CVE-2025-60242 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
+ TODO: check
+CVE-2025-60241 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-60240 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-60239 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2025-60235 (Unrestricted Upload of File with Dangerous Type vulnerability in Plugi ...)
+ TODO: check
+CVE-2025-60207 (Unrestricted Upload of File with Dangerous Type vulnerability in Addif ...)
+ TODO: check
+CVE-2025-60204 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-60203 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-60202 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-60201 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-60200 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-60199 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-60198 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-60197 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-60196 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-60195 (Incorrect Privilege Assignment vulnerability in Vito Peleg Atarim atar ...)
+ TODO: check
+CVE-2025-60194 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-60193 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-60192 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-60191 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-60190 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-60189 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-60188 (Insertion of Sensitive Information Into Sent Data vulnerability in Vit ...)
+ TODO: check
+CVE-2025-60187 (Unrestricted Upload of File with Dangerous Type vulnerability in Vito ...)
+ TODO: check
+CVE-2025-60074 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-60073 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-5803 (Missing Authorization vulnerability in e4jvikwp VikBooking Hotel Booki ...)
+ TODO: check
+CVE-2025-59556 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-59396 (The default configuration of WatchGuard Firebox devices through 2025-0 ...)
+ TODO: check
+CVE-2025-59392 (On Elspec G5 devices through 1.2.2.19, a person with physical access t ...)
+ TODO: check
+CVE-2025-58998 (Deserialization of Untrusted Data vulnerability in Cristi\xe1n L\xe1va ...)
+ TODO: check
+CVE-2025-58996 (Unrestricted Upload of File with Dangerous Type vulnerability in Helmu ...)
+ TODO: check
+CVE-2025-58995 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-58994 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-58986 (Missing Authorization vulnerability in ganddser Jock On Air Now (JOAN) ...)
+ TODO: check
+CVE-2025-58972 (Path Traversal: '.../...//' vulnerability in Dmitry V. (CEO of "UKR So ...)
+ TODO: check
+CVE-2025-58964 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-58638 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-58636 (Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravit ...)
+ TODO: check
+CVE-2025-58629 (Missing Authorization vulnerability in kamleshyadav Miraculous miracul ...)
+ TODO: check
+CVE-2025-58627 (Authorization Bypass Through User-Controlled Key vulnerability in kaml ...)
+ TODO: check
+CVE-2025-58619 (Deserialization of Untrusted Data vulnerability in sbouey Falang multi ...)
+ TODO: check
+CVE-2025-58595 (Authentication Bypass by Spoofing vulnerability in Saad Iqbal All In O ...)
+ TODO: check
+CVE-2025-58592 (Deserialization of Untrusted Data vulnerability in Cozmoslabs Translat ...)
+ TODO: check
+CVE-2025-58243 (Missing Authorization vulnerability in Jthemes imEvent imevent allows ...)
+ TODO: check
+CVE-2025-58207 (Missing Authorization vulnerability in WP Messiah Ai Image Alt Text Ge ...)
+ TODO: check
+CVE-2025-54737 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-54722 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-54721 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-54719 (Deserialization of Untrusted Data vulnerability in NooTheme Yogi - Hea ...)
+ TODO: check
+CVE-2025-54718 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-54711 (Missing Authorization vulnerability in bPlugins Info Cards info-cards ...)
+ TODO: check
+CVE-2025-53586 (Deserialization of Untrusted Data vulnerability in NooTheme WeMusic no ...)
+ TODO: check
+CVE-2025-53585 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-53574 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-53573 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-53349 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-53324 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-53316 (Cross-Site Request Forgery (CSRF) vulnerability in Shahjahan Jewel WP ...)
+ TODO: check
+CVE-2025-53286 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-53283 (Unrestricted Upload of File with Dangerous Type vulnerability in boris ...)
+ TODO: check
+CVE-2025-53252 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-53246 (Missing Authorization vulnerability in Gaurav Aggarwal Backup and Move ...)
+ TODO: check
+CVE-2025-53245 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-53242 (Deserialization of Untrusted Data vulnerability in VictorThemes Seil s ...)
+ TODO: check
+CVE-2025-53239 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-53214 (Missing Authorization vulnerability in sertifier Sertifier Certificate ...)
+ TODO: check
+CVE-2025-52773 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2025-52764 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-49909 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-49905 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-49904 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-49900 (Incorrect Privilege Assignment vulnerability in bPlugins Advanced scro ...)
+ TODO: check
+CVE-2025-49398 (Improper Neutralization of Script-Related HTML Tags in a Web Page (Bas ...)
+ TODO: check
+CVE-2025-49394 (Missing Authorization vulnerability in bPlugins Image Gallery block \u ...)
+ TODO: check
+CVE-2025-49393 (Deserialization of Untrusted Data vulnerability in Fetch Designs Sign- ...)
+ TODO: check
+CVE-2025-49390 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-49386 (Deserialization of Untrusted Data vulnerability in Scott Reilly Preser ...)
+ TODO: check
+CVE-2025-49372 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
+ TODO: check
+CVE-2025-48330 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-48290 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-48090 (Path Traversal: '.../...//' vulnerability in CocoBasic Blanka - One Pa ...)
+ TODO: check
+CVE-2025-48089 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2025-48086 (Deserialization of Untrusted Data vulnerability in wpdreams Ajax Searc ...)
+ TODO: check
+CVE-2025-48085 (Cross-Site Request Forgery (CSRF) vulnerability in ZIPANG Simple Strip ...)
+ TODO: check
+CVE-2025-48083 (Cross-Site Request Forgery (CSRF) vulnerability in andriassundskard wp ...)
+ TODO: check
+CVE-2025-48078 (Cross-Site Request Forgery (CSRF) vulnerability in Norbert Slick Googl ...)
+ TODO: check
+CVE-2025-48077 (Cross-Site Request Forgery (CSRF) vulnerability in nitinmaurya12 Block ...)
+ TODO: check
+CVE-2025-47588 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
+ TODO: check
+CVE-2025-39468 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-39467 (Path Traversal: '.../...//' vulnerability in Mikado-Themes Wanderland ...)
+ TODO: check
+CVE-2025-39466 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-39465 (Missing Authorization vulnerability in flippercode Advanced Google Map ...)
+ TODO: check
+CVE-2025-39463 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-37735 (Improper preservation of permissions in Elastic Defend on Windows host ...)
+ TODO: check
+CVE-2025-36054 (IBM Business Automation Workflow containers 24.0.0 through 24.0.0-IF00 ...)
+ TODO: check
+CVE-2025-34247 (Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injectio ...)
+ TODO: check
+CVE-2025-34246 (Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injectio ...)
+ TODO: check
+CVE-2025-34245 (Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injectio ...)
+ TODO: check
+CVE-2025-34244 (Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injectio ...)
+ TODO: check
+CVE-2025-34243 (Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injectio ...)
+ TODO: check
+CVE-2025-34242 (Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injectio ...)
+ TODO: check
+CVE-2025-34241 (Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injectio ...)
+ TODO: check
+CVE-2025-34240 (Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injectio ...)
+ TODO: check
+CVE-2025-34239 (Advantech WebAccess/VPN versions prior to 1.1.5 contain a command inje ...)
+ TODO: check
+CVE-2025-34238 (Advantech WebAccess/VPN versions prior to 1.1.5 contain an absolute pa ...)
+ TODO: check
+CVE-2025-34237 (Advantech WebAccess/VPN versions prior to 1.1.5 contain a stored cross ...)
+ TODO: check
+CVE-2025-34236 (Advantech WebAccess/VPN versions prior to 1.1.5 contain a stored cross ...)
+ TODO: check
+CVE-2025-32222 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
+ TODO: check
+CVE-2025-31029 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-28953 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2025-27919 (An issue was discovered in AnyDesk through 9.0.4. A remotely connected ...)
+ TODO: check
+CVE-2025-27918 (An issue was discovered in AnyDesk before 9.0.0. It has an integer ove ...)
+ TODO: check
+CVE-2025-27917 (An issue was discovered in AnyDesk through 9.0.4. Remote Denial of Ser ...)
+ TODO: check
+CVE-2025-27916 (An issue was discovered in AnyDesk through 9.0.4. When the connection ...)
+ TODO: check
+CVE-2025-22397 (Dell Integrated Dell Remote Access Controller 9, 14G versions prior to ...)
+ TODO: check
+CVE-2025-22288 (Path Traversal: '.../...//' vulnerability in WPMU DEV - Your All-in-On ...)
+ TODO: check
+CVE-2025-12815 (An ownership verification issue in the Virtual Desktop preview page in ...)
+ TODO: check
+CVE-2025-12808 (Improper access control in Devolutions Server 2025.3.5.0 and earlier a ...)
+ TODO: check
+CVE-2025-12556 (An argument injection vulnerability exists in the affected product tha ...)
+ TODO: check
+CVE-2025-12485 (Improper privilege management during pre-MFA cookie handling in Devolu ...)
+ TODO: check
+CVE-2025-11956 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2025-11268 (The Strong Testimonials plugin for WordPress is vulnerable to arbitrar ...)
+ TODO: check
+CVE-2025-10955 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2025-10885 (A maliciously crafted file, when executed on the victim's machine, can ...)
+ TODO: check
+CVE-2024-25621 (containerd is an open-source container runtime. Versions 0.1.0 through ...)
+ TODO: check
+CVE-2022-50596 (D-Link DIR-1260 Wi-Fi router firmware versions up to and including v1. ...)
+ TODO: check
+CVE-2022-50595 (Advantech iView versions prior to v5.7.04 build 6425contain a vulnerab ...)
+ TODO: check
+CVE-2022-50594 (Advantech iView versions prior to v5.7.04 build 6425contain a vulnerab ...)
+ TODO: check
+CVE-2022-50593 (Advantech iView versions prior to v5.7.04 build 6425contain a vulnerab ...)
+ TODO: check
+CVE-2022-50592 (Advantech iView versions prior to v5.7.04 build 6425contain a vulnerab ...)
+ TODO: check
+CVE-2022-50591 (Advantech iView versions prior to v5.7.04 build 6425contain a vulnerab ...)
+ TODO: check
+CVE-2022-50590 (SuiteCRM versions prior to 7.12.6 contain a type confusion vulnerabili ...)
+ TODO: check
+CVE-2022-50589 (SuiteCRM versions prior to 7.12.6 contain a SQL injection vulnerabilit ...)
+ TODO: check
CVE-2025-9338 (A improper restriction of operations within the bounds of a memory buf ...)
NOT-FOR-US: ASUS
CVE-2025-64480
@@ -221,7 +603,7 @@ CVE-2025-52565
- runc <unfixed> (bug #1120140)
NOTE: https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r
NOTE: https://www.openwall.com/lists/oss-security/2025/11/05/3
-CVE-2025-31133
+CVE-2025-31133 (runc is a CLI tool for spawning and running containers according to th ...)
- runc <unfixed> (bug #1120140)
NOTE: https://github.com/opencontainers/runc/security/advisories/GHSA-9493-h29p-rfm2
NOTE: https://www.openwall.com/lists/oss-security/2025/11/05/3
@@ -1470,7 +1852,7 @@ CVE-2020-36868 (Nagios XI versions prior to5.7.3contain a privilege escalation v
NOT-FOR-US: Nagios XI
CVE-2020-36867 (Nagios XI versions prior to5.7.3contain a command injection vulnerabil ...)
NOT-FOR-US: Nagios XI
-CVE-2020-36866 (Nagios XI versions prior to5.7.2are vulnerable to cross-site scripting ...)
+CVE-2020-36866 (Nagios XI versions prior to5.7.3are vulnerable to cross-site scripting ...)
NOT-FOR-US: Nagios XI
CVE-2020-36865 (Nagios XI versions prior to5.7.2are vulnerable to cross-site scripting ...)
NOT-FOR-US: Nagios XI
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bd7808070b3cd7fdd385d7585f1464e0b4075b4f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bd7808070b3cd7fdd385d7585f1464e0b4075b4f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251106/834f162b/attachment.htm>
More information about the debian-security-tracker-commits
mailing list