[Git][security-tracker-team/security-tracker][master] automatic update

Sat Nov 15 08:12:52 GMT 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8593b087 by security tracker role at 2025-11-15T08:12:44+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,99 @@
+CVE-2025-9317 (The vulnerability, if exploited, could allow a miscreant with read  ac ...)
+	TODO: check
+CVE-2025-8994 (The Project Management, Team Collaboration, Kanban Board, Gantt Charts ...)
+	TODO: check
+CVE-2025-8386 (The vulnerability, if exploited, could allow an authenticated miscrean ...)
+	TODO: check
+CVE-2025-65072
+	REJECTED
+CVE-2025-65071
+	REJECTED
+CVE-2025-65070
+	REJECTED
+CVE-2025-65069
+	REJECTED
+CVE-2025-65068
+	REJECTED
+CVE-2025-65067
+	REJECTED
+CVE-2025-65066
+	REJECTED
+CVE-2025-65065
+	REJECTED
+CVE-2025-65064
+	REJECTED
+CVE-2025-64309 (Brightpick Mission Control  discloses device telemetry, configuration, ...)
+	TODO: check
+CVE-2025-64308 (The Brightpick Mission Control web application exposes hardcoded crede ...)
+	TODO: check
+CVE-2025-64307 (The Brightpick Internal Logic Control web interface is accessible  wit ...)
+	TODO: check
+CVE-2025-64084 (An authenticated SQL injection vulnerability exists in Cloudlog 2.7.5  ...)
+	TODO: check
+CVE-2025-63891 (Information Disclosure in web-accessible backup file in SourceCodester ...)
+	TODO: check
+CVE-2025-63745 (A NULL pointer dereference vulnerability was discovered in radare2 6.0 ...)
+	TODO: check
+CVE-2025-63744 (A NULL pointer dereference vulnerability was discovered in radare2 6.0 ...)
+	TODO: check
+CVE-2025-62765 (General Industrial Controls Lynx+ Gatewayis vulnerable to a cleartext  ...)
+	TODO: check
+CVE-2025-59780 (General Industrial Controls Lynx+ Gatewayis missing critical authentic ...)
+	TODO: check
+CVE-2025-58083 (General Industrial Controls Lynx+ Gateway  is missing critical authent ...)
+	TODO: check
+CVE-2025-55034 (General Industrial Controls Lynx+ Gatewayis vulnerable to a weak passw ...)
+	TODO: check
+CVE-2025-1256
+	REJECTED
+CVE-2025-13191 (A vulnerability was determined in D-Link DIR-816L 2_06_b09_beta. This  ...)
+	TODO: check
+CVE-2025-13190 (A vulnerability was found in D-Link DIR-816L 2_06_b09_beta. This vulne ...)
+	TODO: check
+CVE-2025-13189 (A vulnerability has been found in D-Link DIR-816L 2_06_b09_beta. This  ...)
+	TODO: check
+CVE-2025-13188 (A vulnerability was detected in D-Link DIR-816L 2_06_b09_beta. Affecte ...)
+	TODO: check
+CVE-2025-13187 (A security vulnerability has been detected in Intelbras ICIP 2.0.20. A ...)
+	TODO: check
+CVE-2025-13186 (A weakness has been identified in Bdtask/CodeCanyon Isshue Multi Store ...)
+	TODO: check
+CVE-2025-13185 (A security flaw has been discovered in Bdtask/CodeCanyon News365 up to ...)
+	TODO: check
+CVE-2025-13182 (A vulnerability was identified in pojoin h3blog 1.0. The impacted elem ...)
+	TODO: check
+CVE-2025-13181 (A vulnerability was determined in pojoin h3blog 1.0. The affected elem ...)
+	TODO: check
+CVE-2025-12849 (The Contest Gallery plugin for WordPress is vulnerable to authorizatio ...)
+	TODO: check
+CVE-2025-12847 (The All in One SEO \u2013 Powerful SEO Plugin to Boost SEO Rankings &  ...)
+	TODO: check
+CVE-2025-12494 (The Image Gallery \u2013 Photo Grid & Video Gallery plugin for WordPre ...)
+	TODO: check
+CVE-2025-12182 (The Qi Blocks plugin for WordPress is vulnerable to unauthorized acces ...)
+	TODO: check
+CVE-2023-7328 (Screen SFT DAB 600/C firmware versions up to and including 1.9.3 conta ...)
+	TODO: check
+CVE-2022-4985 (Vodafone H500s devices running firmware v3.5.10 (hardware model Sercom ...)
+	TODO: check
+CVE-2021-4471 (TG8 Firewall exposes a directory such as /data/ over HTTP without auth ...)
+	TODO: check
+CVE-2021-4470 (TG8 Firewall contains a pre-authentication remote code execution vulne ...)
+	TODO: check
+CVE-2021-4469 (Denver SHO-110 IP cameras expose a secondary HTTP service on TCP port  ...)
+	TODO: check
+CVE-2021-4468 (PLANEX CS-QP50F-ING2 smart cameras expose a configuration backup inter ...)
+	TODO: check
+CVE-2021-4467 (Positive Technologies MaxPatrol 8 and XSpider contain a remote denial- ...)
+	TODO: check
+CVE-2021-4466 (IPCop versions up to and including 2.1.9 contain an authenticated remo ...)
+	TODO: check
+CVE-2021-4465 (ReQuest Serious Play F3 Media Server versions 7.0.3.4968 (Pro), 7.0.2. ...)
+	TODO: check
+CVE-2018-25125 (Netis ADSL Router DL4322D firmware RTK 2.1.1 contains a buffer overflo ...)
+	TODO: check
+CVE-2016-15056 (Ubee EVW3226 cable modem/routers firmware versions up to and including ...)
+	TODO: check
 CVE-2025-9982 (A vulnerability exists in QuickCMS version 6.8 where sensitive admin c ...)
 	NOT-FOR-US: QuickCMS
 CVE-2025-8870 (On affected platforms running Arista EOS, certain serial console input ...)
@@ -426,13 +522,13 @@ CVE-2025-13120 (A vulnerability has been found in mruby up to 3.4.0. This vulner
 	NOTE: Fixed by: https://github.com/mruby/mruby/commit/eb398971bfb43c38db3e04528b68ac9a7ce509bc
 CVE-2025-13119 (A flaw has been found in Fabian Ros/SourceCodester Simple E-Banking Sy ...)
 	NOT-FOR-US: SourceCodester
-CVE-2025-13118 (A vulnerability was detected in macrozheng mall-swarm up to 1.0.3. Aff ...)
+CVE-2025-13118 (A vulnerability was detected in macrozheng mall-swarm and mall up to 1 ...)
 	NOT-FOR-US: macrozheng mall-swarm
-CVE-2025-13117 (A security vulnerability has been detected in macrozheng mall-swarm up ...)
+CVE-2025-13117 (A security vulnerability has been detected in macrozheng mall-swarm an ...)
 	NOT-FOR-US: macrozheng mall-swarm
-CVE-2025-13116 (A weakness has been identified in macrozheng mall-swarm up to 1.0.3. A ...)
+CVE-2025-13116 (A weakness has been identified in macrozheng mall-swarm and mall up to ...)
 	NOT-FOR-US: macrozheng mall-swarm
-CVE-2025-13115 (A security flaw has been discovered in macrozheng mall-swarm up to 1.0 ...)
+CVE-2025-13115 (A security flaw has been discovered in macrozheng mall-swarm and mall  ...)
 	NOT-FOR-US: macrozheng mall-swarm
 CVE-2025-13114 (A vulnerability was identified in macrozheng mall-swarm up to 1.0.3. T ...)
 	NOT-FOR-US: macrozheng mall-swarm
@@ -522,19 +618,19 @@ CVE-2011-10034 (AUTOMGEN versions up to and including 8.0.0.7 (also referenced a
 	NOT-FOR-US: AUTOMGEN
 CVE-2025-12983
 	- gitlab <unfixed>
-CVE-2025-7736
+CVE-2025-7736 (GitLab has remediated an issue in GitLab CE/EE affecting all versions  ...)
 	- gitlab <not-affected> (Vulnerable code not yet present)
-CVE-2025-6171
+CVE-2025-6171 (GitLab has remediated an issue in GitLab CE/EE affecting all versions  ...)
 	- gitlab <unfixed>
-CVE-2025-11990
+CVE-2025-11990 (GitLab has remediated an issue in GitLab EE affecting all versions fro ...)
 	- gitlab <not-affected> (Specific to EE)
-CVE-2025-6945
+CVE-2025-6945 (GitLab has remediated an issue in GitLab EE affecting all versions fro ...)
 	- gitlab <not-affected> (Specific to EE)
-CVE-2025-7000
+CVE-2025-7000 (An issue has been discovered in GitLab CE/EE affecting all versions  f ...)
 	- gitlab <unfixed>
-CVE-2025-2615
+CVE-2025-2615 (GitLab has remediated an issue in GitLab CE/EE affecting all versions  ...)
 	- gitlab <unfixed>
-CVE-2025-11865
+CVE-2025-11865 (An issue has been discovered in GitLab EE affecting all versions from  ...)
 	- gitlab <not-affected> (Specific to EE)
 CVE-2025-11224
 	- gitlab <unfixed>



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8593b0877449adb002b412829581153323697209

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8593b0877449adb002b412829581153323697209
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251115/d8398e96/attachment.htm>
