[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Oct 6 09:13:07 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d842602c by security tracker role at 2025-10-06T08:12:58+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,89 @@
+CVE-2025-9914 (The credentials of the users stored in the system's local database can ...)
+	TODO: check
+CVE-2025-9913 (JavaScript can be ran inside the address bar via the dashboard "Open i ...)
+	TODO: check
+CVE-2025-9710 (The Responsive Lightbox & Gallery WordPress plugin before 2.5.3 does n ...)
+	TODO: check
+CVE-2025-9703 (The Ultimate Addons for Elementor (Formerly Elementor Header & Footer  ...)
+	TODO: check
+CVE-2025-58591 (A remote, unauthorized attacker can brute force folders and files and  ...)
+	TODO: check
+CVE-2025-58590 (It's possible to brute force folders and files, what can be used by an ...)
+	TODO: check
+CVE-2025-58589 (When an error occurs in the application a full stacktrace is provided  ...)
+	TODO: check
+CVE-2025-58587 (The application does not implement sufficient measures to prevent mult ...)
+	TODO: check
+CVE-2025-58586 (For failed login attempts, the application returns different error mes ...)
+	TODO: check
+CVE-2025-58585 (Multiple endpoints with sensitive information do not require authentic ...)
+	TODO: check
+CVE-2025-58584 (In the HTTP request, the username and password are transferred directl ...)
+	TODO: check
+CVE-2025-58583 (The  application  provides  access  to  a  login  protected  H2  datab ...)
+	TODO: check
+CVE-2025-58582 (If a user tries to login but the provided credentials are incorrect a  ...)
+	TODO: check
+CVE-2025-58581 (When an error occurs in the application a full stacktrace is  provided ...)
+	TODO: check
+CVE-2025-58580 (An API  endpoint  allows  arbitrary  log  entries  to  be  created  vi ...)
+	TODO: check
+CVE-2025-58579 (Due to a lack of authentication, it is possible for an unauthenticated ...)
+	TODO: check
+CVE-2025-58578 (A user with the appropriate authorization can create any number of use ...)
+	TODO: check
+CVE-2025-57781 (The installers of DENSO TEN drive recorder viewer contain an issue wit ...)
+	TODO: check
+CVE-2025-50538 (Flowise before 3.0.5 allows XSS via an IFRAME element when an admin vi ...)
+	TODO: check
+CVE-2025-29192 (Flowise before 3.0.5 allows XSS via a FORM element and an INPUT elemen ...)
+	TODO: check
+CVE-2025-11326 (A weakness has been identified in Tenda AC18 15.03.05.19(6318). This a ...)
+	TODO: check
+CVE-2025-11325 (A security flaw has been discovered in Tenda AC18 15.03.05.19(6318). A ...)
+	TODO: check
+CVE-2025-11324 (A vulnerability was identified in Tenda AC18 15.03.05.19(6318). Affect ...)
+	TODO: check
+CVE-2025-11323 (A vulnerability was determined in UTT 1250GW up to v2v3.2.2-200710. Af ...)
+	TODO: check
+CVE-2025-11322 (A flaw has been found in Mangati NovoSGA up to 2.2.12. The impacted el ...)
+	TODO: check
+CVE-2025-11321 (A vulnerability was detected in zhuimengshaonian wisdom-education up t ...)
+	TODO: check
+CVE-2025-11320 (A security vulnerability has been detected in zhuimengshaonian wisdom- ...)
+	TODO: check
+CVE-2025-11319 (A weakness has been identified in nahiduddinahammed Hospital-Managemen ...)
+	TODO: check
+CVE-2025-11318 (A security flaw has been discovered in Tipray \u53a6\u95e8\u5929\u9510 ...)
+	TODO: check
+CVE-2025-11317 (A vulnerability was identified in Tipray \u53a6\u95e8\u5929\u9510\u79d ...)
+	TODO: check
+CVE-2025-11316 (A vulnerability was determined in Tipray \u53a6\u95e8\u5929\u9510\u79d ...)
+	TODO: check
+CVE-2025-11315 (A vulnerability was found in Tipray \u53a6\u95e8\u5929\u9510\u79d1\u62 ...)
+	TODO: check
+CVE-2025-11314 (A vulnerability has been found in Tipray \u53a6\u95e8\u5929\u9510\u79d ...)
+	TODO: check
+CVE-2025-11313 (A flaw has been found in Tipray \u53a6\u95e8\u5929\u9510\u79d1\u6280\u ...)
+	TODO: check
+CVE-2025-11312 (A vulnerability was detected in Tipray \u53a6\u95e8\u5929\u9510\u79d1\ ...)
+	TODO: check
+CVE-2025-11311 (A security vulnerability has been detected in Tipray \u53a6\u95e8\u592 ...)
+	TODO: check
+CVE-2025-11310 (A weakness has been identified in Tipray \u53a6\u95e8\u5929\u9510\u79d ...)
+	TODO: check
+CVE-2025-11309 (A security flaw has been discovered in Tipray \u53a6\u95e8\u5929\u9510 ...)
+	TODO: check
+CVE-2025-11308 (A vulnerability was identified in Vanderlande Baggage 360 7.0.0. This  ...)
+	TODO: check
+CVE-2025-11306 (A vulnerability was found in qianfox FoxCMS up to 1.2. This affects an ...)
+	TODO: check
+CVE-2025-11305 (A vulnerability has been found in UTT HiPER 840G up to 3.1.1-190328. A ...)
+	TODO: check
+CVE-2025-11304 (A flaw has been found in CodeCanyon/ui-lib Mentor LMS up to 1.1.1. Aff ...)
+	TODO: check
+CVE-2025-11303 (A vulnerability was detected in Belkin F9K1015 1.00.10. Affected is an ...)
+	TODO: check
 CVE-2025-8917 (A vulnerability in allegroai/clearml version v2.0.1 allows for path tr ...)
 	NOT-FOR-US: allegroai/clearml
 CVE-2025-8406 (ZenML version 0.83.1 is affected by a path traversal vulnerability in  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d842602cab7af613897a0a5d68de80f6313bfde5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d842602cab7af613897a0a5d68de80f6313bfde5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251006/f9fb6d22/attachment.htm>

More information about the debian-security-tracker-commits mailing list