[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5c375ac5 by security tracker role at 2025-10-07T08:13:10+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,41 @@
+CVE-2025-7400 (The Featured Image from URL (FIFU) plugin for WordPress is vulnerable  ...)
+	TODO: check
+CVE-2025-61774 (PyVista provides 3D plotting and mesh analysis through an interface fo ...)
+	TODO: check
+CVE-2025-61768 (KUNO CMS is a fully deployable full-stack blog application. In version ...)
+	TODO: check
+CVE-2025-43824 (The Profile widget in Liferay Portal 7.4.0 through 7.4.3.111, and olde ...)
+	TODO: check
+CVE-2025-34251 (Tesla Telematics Control Unit (TCU) firmware prior to v2025.14 contain ...)
+	TODO: check
+CVE-2025-11362 (Versions of the package pdfmake before 0.3.0-beta.17 are vulnerable to ...)
+	TODO: check
+CVE-2025-11358 (A weakness has been identified in code-projects Simple Banking System  ...)
+	TODO: check
+CVE-2025-11357 (A security flaw has been discovered in code-projects Simple Banking Sy ...)
+	TODO: check
+CVE-2025-11356 (A vulnerability was found in Tenda AC23 up to 16.03.07.52. Affected by ...)
+	TODO: check
+CVE-2025-11355 (A vulnerability has been found in UTT 1250GW up to v2v3.2.2-200710. Af ...)
+	TODO: check
+CVE-2025-11354 (A flaw has been found in code-projects Online Hotel Reservation System ...)
+	TODO: check
+CVE-2025-11353 (A vulnerability was detected in code-projects Online Hotel Reservation ...)
+	TODO: check
+CVE-2025-11352 (A security vulnerability has been detected in code-projects Online Hot ...)
+	TODO: check
+CVE-2025-11351 (A weakness has been identified in code-projects Online Hotel Reservati ...)
+	TODO: check
+CVE-2025-11350 (A security flaw has been discovered in Campcodes Online Apartment Visi ...)
+	TODO: check
+CVE-2025-11349 (A vulnerability was identified in Campcodes Online Apartment Visitor M ...)
+	TODO: check
+CVE-2025-11348 (A vulnerability was determined in Campcodes Online Apartment Visitor M ...)
+	TODO: check
+CVE-2025-11347 (A vulnerability was found in code-projects Student Crud Operation up t ...)
+	TODO: check
+CVE-2025-10162 (The Admin and Customer Messages After Order for WooCommerce: OrderConv ...)
+	TODO: check
 CVE-2025-6985 (The HTMLSectionSplitter class in langchain-text-splitters version 0.3. ...)
 	NOT-FOR-US: langchain-text-splitters
 CVE-2025-61985 (ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, ...)
@@ -37917,7 +37955,7 @@ CVE-2025-2091 (An open redirection vulnerability in M-Files mobile applications
 	NOT-FOR-US: M-Files
 CVE-2025-25265 (A web application for configuring the controller is accessible at a sp ...)
 	NOT-FOR-US: WAGO
-CVE-2025-25264 (An unauthenticated remote attacker can take advantage of the current o ...)
+CVE-2025-25264 (A low-privileged remote attacker can take advantage of the current ove ...)
 	NOT-FOR-US: WAGO
 CVE-2025-24388 (A vulnerability in the OTRS Admin Interface and Agent Interface (versi ...)
 	NOT-FOR-US: OTRS
@@ -39117,7 +39155,7 @@ CVE-2025-5969 (A vulnerability has been found in D-Link DIR-632 FW103B08 and cla
 	NOT-FOR-US: D-Link
 CVE-2025-5943 (MicroDicom   DICOM Viewer suffers from an out-of-bounds write vulnerab ...)
 	NOT-FOR-US: MicroDicom DICOM Viewer
-CVE-2025-5743 (CWE-78: I Improper Neutralization of Special Elements used in an OS Co ...)
+CVE-2025-5743 (CWE-78: Improper Neutralization of Special Elements used in an OS Comm ...)
 	NOT-FOR-US: Schneider Electric
 CVE-2025-5742 (CWE-79: Improper Neutralization of Input During Web Page Generation (\ ...)
 	NOT-FOR-US: Schneider Electric



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5c375ac56a181e85139c36652201d9308f08a215

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5c375ac56a181e85139c36652201d9308f08a215
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251007/e775c297/attachment.htm>