[Git][security-tracker-team/security-tracker][master] automatic update

Sat Oct 11 09:12:58 BST 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
65973a09 by security tracker role at 2025-10-11T08:12:50+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,91 @@
+CVE-2025-9560 (The Colibri Page Builder plugin for WordPress is vulnerable to Stored  ...)
+	TODO: check
+CVE-2025-9554 (Vulnerability in Drupal Owl Carousel 2.This issue affects Owl Carousel ...)
+	TODO: check
+CVE-2025-9553 (Vulnerability in Drupal API Key manager.This issue affects API Key man ...)
+	TODO: check
+CVE-2025-9552 (Vulnerability in Drupal Synchronize composer.Json With Contrib Modules ...)
+	TODO: check
+CVE-2025-9551 (Improper Restriction of Excessive Authentication Attempts vulnerabilit ...)
+	TODO: check
+CVE-2025-9550 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+	TODO: check
+CVE-2025-9549 (Missing Authorization vulnerability in Drupal Facets allows Forceful B ...)
+	TODO: check
+CVE-2025-9496 (The Enable Media Replace plugin for WordPress is vulnerable to Stored  ...)
+	TODO: check
+CVE-2025-9196 (The Trinity Audio \u2013 Text to Speech AI audio player to convert con ...)
+	TODO: check
+CVE-2025-8093 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
+	TODO: check
+CVE-2025-62162 (cel-rust is a Common Expression Language interpreter written in Rust.  ...)
+	TODO: check
+CVE-2025-62159 (External Secrets Operator reads information from a third-party service ...)
+	TODO: check
+CVE-2025-62158 (Frappe Learning is a learning system that helps users structure their  ...)
+	TODO: check
+CVE-2025-61930 (Emlog is an open source website building system. Emlog Pro versions 2. ...)
+	TODO: check
+CVE-2025-61912 (python-ldap is a lightweight directory access protocol (LDAP) client A ...)
+	TODO: check
+CVE-2025-61911 (python-ldap is a lightweight directory access protocol (LDAP) client A ...)
+	TODO: check
+CVE-2025-58285 (Permission control vulnerability in the media module.Successful exploi ...)
+	TODO: check
+CVE-2025-58284 (Permission control vulnerability in the network module.Successful expl ...)
+	TODO: check
+CVE-2025-58283 (Permission control vulnerability in the Wi-Fi module.Successful exploi ...)
+	TODO: check
+CVE-2025-58282 (Permission control vulnerability in the camera module.Successful explo ...)
+	TODO: check
+CVE-2025-58278 (Identity authentication bypass vulnerability in the Gallery app.Succes ...)
+	TODO: check
+CVE-2025-58277 (Permission verification bypass vulnerability in the Camera app.Success ...)
+	TODO: check
+CVE-2025-54654 (Permission control vulnerability in the Gallery module. Successful exp ...)
+	TODO: check
+CVE-2025-52885 (Poppler ia a library for rendering PDF files, and examining or modifyi ...)
+	TODO: check
+CVE-2025-52647 (The BigFix WebUI application responds with HOST information from the H ...)
+	TODO: check
+CVE-2025-31718 (In modem, there is a possible system crash due to improper input valid ...)
+	TODO: check
+CVE-2025-31717 (In modem, there is a possible system crash due to improper input valid ...)
+	TODO: check
+CVE-2025-11626 (MONGO dissector infinite loop in Wireshark 4.4.0 to 4.4.9 and 4.2.0 to ...)
+	TODO: check
+CVE-2025-11593 (A flaw has been found in CodeAstro Gym Management System 1.0. This vul ...)
+	TODO: check
+CVE-2025-11592 (A vulnerability was detected in CodeAstro Gym Management System 1.0. T ...)
+	TODO: check
+CVE-2025-11591 (A security vulnerability has been detected in CodeAstro Gym Management ...)
+	TODO: check
+CVE-2025-11590 (A weakness has been identified in CodeAstro Gym Management System 1.0. ...)
+	TODO: check
+CVE-2025-11589 (A security flaw has been discovered in CodeAstro Gym Management System ...)
+	TODO: check
+CVE-2025-11588 (A vulnerability was identified in CodeAstro Gym Management System 1.0. ...)
+	TODO: check
+CVE-2025-11586 (A vulnerability was determined in Tenda AC7 15.03.06.44. This affects  ...)
+	TODO: check
+CVE-2025-11585 (A vulnerability was found in code-projects Project Monitoring System 1 ...)
+	TODO: check
+CVE-2025-11584 (A vulnerability has been found in code-projects Online Job Search Engi ...)
+	TODO: check
+CVE-2025-11583 (A flaw has been found in code-projects Online Job Search Engine 1.0. I ...)
+	TODO: check
+CVE-2025-11582 (A vulnerability was detected in code-projects Online Job Search Engine ...)
+	TODO: check
+CVE-2025-11533 (The WP Freeio plugin for WordPress is vulnerable to Privilege Escalati ...)
+	TODO: check
+CVE-2025-11380 (The Everest Backup \u2013 WordPress Cloud Backup, Migration, Restore & ...)
+	TODO: check
+CVE-2025-11197 (The Draft List plugin for WordPress is vulnerable to Stored Cross-Site ...)
+	TODO: check
+CVE-2025-10185 (The NEX-Forms \u2013 Ultimate Forms Plugin for WordPress plugin for Wo ...)
+	TODO: check
+CVE-2025-10048 (The My auctions allegro plugin for WordPress is vulnerable to SQL Inje ...)
+	TODO: check
 CVE-2025-8887 (Authorization Bypass Through User-Controlled Key, Missing Authorizatio ...)
 	TODO: check
 CVE-2025-8886 (Incorrect Permission Assignment for Critical Resource, Exposure of Sen ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/65973a0964bb469e906dfd37f52818739e7b2592

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/65973a0964bb469e906dfd37f52818739e7b2592
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251011/bc077f42/attachment.htm>
