[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Nov 14 08:13:04 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
28bebeb3 by security tracker role at 2025-11-14T08:12:50+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,85 @@
+CVE-2025-9479 (Out of bounds read in V8 in Google Chrome prior to 133.0.6943.141 allo ...)
+	TODO: check
+CVE-2025-64754 (Jitsi Meet is an open source video conferencing application. A vulnera ...)
+	TODO: check
+CVE-2025-64753 (grist-core is a spreadsheet hosting server. Prior to version 1.7.7, a  ...)
+	TODO: check
+CVE-2025-64752 (grist-core is a spreadsheet hosting server. Prior to version 1.7.7, a  ...)
+	TODO: check
+CVE-2025-64749 (Directus is a real-time API and App dashboard for managing SQL databas ...)
+	TODO: check
+CVE-2025-64748 (Directus is a real-time API and App dashboard for managing SQL databas ...)
+	TODO: check
+CVE-2025-64747 (Directus is a real-time API and App dashboard for managing SQL databas ...)
+	TODO: check
+CVE-2025-64746 (Directus is a real-time API and App dashboard for managing SQL databas ...)
+	TODO: check
+CVE-2025-64745 (Astro is a web framework. Starting in version 5.2.0 and prior to versi ...)
+	TODO: check
+CVE-2025-64744 (OpenObserve is a cloud-native observability platform. In versions up t ...)
+	TODO: check
+CVE-2025-64530 (Apollo Federation is an architecture for declaratively composing APIs  ...)
+	TODO: check
+CVE-2025-64444 (Improper neutralization of special elements used in an OS command ('OS ...)
+	TODO: check
+CVE-2025-55073 (Mattermost versions 10.11.x <= 10.11.3, 10.5.x <= 10.5.11, 10.12.x <=  ...)
+	TODO: check
+CVE-2025-55070 (Mattermost versions <11 fail to enforce multi-factor authentication on ...)
+	TODO: check
+CVE-2025-4619 (A denial-of-service (DoS) vulnerability in Palo Alto Networks PAN-OS s ...)
+	TODO: check
+CVE-2025-47913 (SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed respons ...)
+	TODO: check
+CVE-2025-47222 (Keyfactor SignServer before 7.3.1 has Incorrect Access Control, issue  ...)
+	TODO: check
+CVE-2025-47221 (Keyfactor SignServer before 7.3.1 has Incorrect Access Control, issue  ...)
+	TODO: check
+CVE-2025-47220 (Keyfactor SignServer before 7.3.1 has Incorrect Access Control, issue  ...)
+	TODO: check
+CVE-2025-41436 (Mattermost versions <11.0 fail to properly enforce the "Allow users to ...)
+	TODO: check
+CVE-2025-36251 (IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 nimsh service SSL/TLS i ...)
+	TODO: check
+CVE-2025-36250 (IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server (formerly kn ...)
+	TODO: check
+CVE-2025-36236 (IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server (formerly kn ...)
+	TODO: check
+CVE-2025-36096 (IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 stores NIM private keys ...)
+	TODO: check
+CVE-2025-13161 (IQ-Support developed by IQ Service International has an Arbitrary File ...)
+	TODO: check
+CVE-2025-13160 (IQ-Support developed by IQ Service International has a Exposure of Sen ...)
+	TODO: check
+CVE-2025-13131 (A vulnerability was found in Sonarr 4.0.15.2940. The impacted element  ...)
+	TODO: check
+CVE-2025-13130 (A vulnerability has been found in Radarr 5.28.0.10274. The affected el ...)
+	TODO: check
+CVE-2025-13107 (Inappropriate implementation in Compositing in Google Chrome prior to  ...)
+	TODO: check
+CVE-2025-13102 (Inappropriate implementation in WebApp Installs in Google Chrome on An ...)
+	TODO: check
+CVE-2025-13097 (Inappropriate implementation in DevTools in Google Chrome prior to 136 ...)
+	TODO: check
+CVE-2025-12904 (The SNORDIAN's H5PxAPIkatchu plugin for WordPress is vulnerable to Sto ...)
+	TODO: check
+CVE-2025-11776 (Mattermost versions <11 fail to properly restrict access to archived c ...)
+	TODO: check
+CVE-2025-10686 (The Creta Testimonial Showcase WordPress plugin before 1.2.4 is vulner ...)
+	TODO: check
+CVE-2024-9126 (Use after free in Internals in Google Chrome on iOS prior to 127.0.653 ...)
+	TODO: check
+CVE-2024-7021 (Inappropriate implementation in Autofill in Google Chrome on Windows p ...)
+	TODO: check
+CVE-2024-7017 (Inappropriate implementation in DevTools in Google Chrome prior to 126 ...)
+	TODO: check
+CVE-2024-13983 (Inappropriate implementation in Lens in Google Chrome on iOS prior to  ...)
+	TODO: check
+CVE-2024-13178 (Inappropriate implementation in Fullscreen in Google Chrome prior to 1 ...)
+	TODO: check
+CVE-2024-11920 (Inappropriate implementation in Dawn in Google Chrome on Mac prior to  ...)
+	TODO: check
+CVE-2024-11919 (Inappropriate implementation in Intents in Google Chrome on Android pr ...)
+	TODO: check
 CVE-2025-8397 (The Save as PDF Button plugin for WordPress is vulnerable to Stored Cr ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-7704 (Supermicro BMC  Insyde SMASH shell program has a stacked-based overflo ...)
@@ -2381,7 +2463,7 @@ CVE-2025-12790 (A flaw was found in Rubygem MQTT. By default, the package used t
 	NOT-FOR-US: Rubygem MQTT
 CVE-2025-12789 (A flaw was found in Red Hat Single Sign-On. This issue is an Open Redi ...)
 	NOT-FOR-US: Red Hat Single Sign-On
-CVE-2024-12125 (A flaw was found in the 3scale developer portal. This issue can allow  ...)
+CVE-2024-12125 (A flaw was found in the 3scale Developer Portal. When creating or upda ...)
 	NOT-FOR-US: 3scale developer portal
 CVE-2025-6327 (Unrestricted Upload of File with Dangerous Type vulnerability in KingA ...)
 	NOT-FOR-US: WordPress plugin or theme



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/28bebeb3840d4856b97b8b033688046097f42368

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/28bebeb3840d4856b97b8b033688046097f42368
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251114/fe946394/attachment.htm>

More information about the debian-security-tracker-commits mailing list