[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Nov 29 08:12:53 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3c1bf07d by security tracker role at 2025-11-29T08:12:44+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,51 @@
+CVE-2025-66291 (OrangeHRM is a comprehensive human resource management (HRM) system. F ...)
+	TODO: check
+CVE-2025-66290 (OrangeHRM is a comprehensive human resource management (HRM) system. F ...)
+	TODO: check
+CVE-2025-66289 (OrangeHRM is a comprehensive human resource management (HRM) system. F ...)
+	TODO: check
+CVE-2025-66225 (OrangeHRM is a comprehensive human resource management (HRM) system. F ...)
+	TODO: check
+CVE-2025-66224 (OrangeHRM is a comprehensive human resource management (HRM) system. F ...)
+	TODO: check
+CVE-2025-66223 (OpenObserve is a cloud-native observability platform. Prior to version ...)
+	TODO: check
+CVE-2025-66221 (Werkzeug is a comprehensive WSGI web application library. Prior to ver ...)
+	TODO: check
+CVE-2025-66219 (willitmerge is a command line tool to check if pull requests are merge ...)
+	TODO: check
+CVE-2025-66217 (AIS-catcher is a multi-platform AIS receiver. Prior to version 0.64, a ...)
+	TODO: check
+CVE-2025-66216 (AIS-catcher is a multi-platform AIS receiver. Prior to version 0.64, a ...)
+	TODO: check
+CVE-2025-66201 (LibreChat is a ChatGPT clone with additional features. Prior to versio ...)
+	TODO: check
+CVE-2025-66036 (Retro is an online platform providing items of vintage collections. Pr ...)
+	TODO: check
+CVE-2025-66034 (fontTools is a library for manipulating fonts, written in Python. In v ...)
+	TODO: check
+CVE-2025-66027 (Rallly is an open-source scheduling and collaboration tool. Prior to v ...)
+	TODO: check
+CVE-2025-65892 (Reflected Cross-Site Scripting (rXSS) in krpano before version 1.23.2  ...)
+	TODO: check
+CVE-2025-65540 (Multiple Cross-Site Scripting (XSS) vulnerabilities exist in xmall v1. ...)
+	TODO: check
+CVE-2025-65113 (ClipBucket v5 is an open source video sharing platform. Prior to versi ...)
+	TODO: check
+CVE-2025-65112 (PubNet is a self-hosted Dart & Flutter package service. Prior to versi ...)
+	TODO: check
+CVE-2025-64715 (Cilium is a networking, observability, and security solution with an e ...)
+	TODO: check
+CVE-2025-53939 (Kiteworks is a private data network (PDN). Prior to version 9.1.0, imp ...)
+	TODO: check
+CVE-2025-53900 (Kiteworks MFT orchestrates end-to-end file transfer workflows. Prior t ...)
+	TODO: check
+CVE-2025-53899 (Kiteworks MFT orchestrates end-to-end file transfer workflows. Prior t ...)
+	TODO: check
+CVE-2025-53897 (Kiteworks MFT orchestrates end-to-end file transfer workflows. Prior t ...)
+	TODO: check
+CVE-2025-53896 (Kiteworks MFT orchestrates end-to-end file transfer workflows. Prior t ...)
+	TODO: check
 CVE-2024-9183
 	- gitlab <not-affected> (Vulnerable code not present)
 CVE-2025-51736 (File upload vulnerability in HCL Technologies Ltd. Unica 12.0.0.)
@@ -92,7 +140,7 @@ CVE-2025-13737 (The Nextend Social Login and Register plugin for WordPress is vu
 	NOT-FOR-US: WordPress plugin
 CVE-2025-13338
 	REJECTED
-CVE-2025-58436
+CVE-2025-58436 (OpenPrinting CUPS is an open source printing system for Linux and othe ...)
 	- cups 2.4.15-1
 	[trixie] - cups <no-dsa> (Minor issue)
 	[bookworm] - cups <no-dsa> (Minor issue)
@@ -101,7 +149,7 @@ CVE-2025-58436
 	NOTE: https://github.com/OpenPrinting/cups/security/advisories/GHSA-8wpw-vfgm-qrrr
 	NOTE: Fixed by: https://github.com/OpenPrinting/cups/commit/40008d76a001babbb9beb9d9d74b01a86fb6ddb4 (master)
 	NOTE: Fixed by: https://github.com/OpenPrinting/cups/commit/5d414f1f91bdca118413301b148f0b188eb1cdc6 (v2.4.15)
-CVE-2025-61915
+CVE-2025-61915 (OpenPrinting CUPS is an open source printing system for Linux and othe ...)
 	- cups 2.4.15-1
 	[trixie] - cups <no-dsa> (Minor issue)
 	[bookworm] - cups <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3c1bf07df596b685688721a5366a2a883b6ce5d8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3c1bf07df596b685688721a5366a2a883b6ce5d8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251129/c76152fe/attachment.htm>

More information about the debian-security-tracker-commits mailing list