[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Oct 11 21:12:56 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
af4b9ef8 by security tracker role at 2025-10-11T20:12:48+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,109 @@
+CVE-2025-9975 (The WP Scraper plugin for WordPress is vulnerable to Server-Side Reque ...)
+ TODO: check
+CVE-2025-9950 (The Error Log Viewer by BestWebSoft plugin for WordPress is vulnerable ...)
+ TODO: check
+CVE-2025-9947 (The Custom 404 Pro plugin for WordPress is vulnerable to time-based SQ ...)
+ TODO: check
+CVE-2025-9626 (The Page Blocks plugin for WordPress is vulnerable to Cross-Site Reque ...)
+ TODO: check
+CVE-2025-9621 (The WidgetPack Comment System plugin for WordPress is vulnerable to Cr ...)
+ TODO: check
+CVE-2025-8682 (The Newsup theme for WordPress is vulnerable to unauthorized plugin in ...)
+ TODO: check
+CVE-2025-8606 (The GSheetConnector For Gravity Forms plugin for WordPress is vulnerab ...)
+ TODO: check
+CVE-2025-8593 (The GSheetConnector For Gravity Forms plugin for WordPress is vulnerab ...)
+ TODO: check
+CVE-2025-8484 (The Code Quality Control Tool plugin for WordPress is vulnerable to Se ...)
+ TODO: check
+CVE-2025-7652 (The Easy Plugin Stats plugin for WordPress is vulnerable to Stored Cro ...)
+ TODO: check
+CVE-2025-6553 (The Ovatheme Events Manager plugin for WordPress is vulnerable to arbi ...)
+ TODO: check
+CVE-2025-6439 (The WooCommerce Designer Pro plugin for WordPress, used by the Pricom ...)
+ TODO: check
+CVE-2025-58301 (Buffer overflow vulnerability in the device management module.Successf ...)
+ TODO: check
+CVE-2025-58300 (Buffer overflow vulnerability in the device management module.Successf ...)
+ TODO: check
+CVE-2025-58299 (Use After Free (UAF) vulnerability in the storage management module.Su ...)
+ TODO: check
+CVE-2025-58298 (Data processing error vulnerability in the package management module.S ...)
+ TODO: check
+CVE-2025-58297 (Buffer overflow vulnerability in the sensor service.Successful exploit ...)
+ TODO: check
+CVE-2025-58295 (Buffer overflow vulnerability in the development framework module.Succ ...)
+ TODO: check
+CVE-2025-58293 (Vulnerability of improper exception handling in the print module.Succe ...)
+ TODO: check
+CVE-2025-58292 (Denial of service (DoS) vulnerability in the office service.Successful ...)
+ TODO: check
+CVE-2025-58291 (Denial of service (DoS) vulnerability in the office service.Successful ...)
+ TODO: check
+CVE-2025-58290 (Denial of service (DoS) vulnerability in the office service.Successful ...)
+ TODO: check
+CVE-2025-58289 (Vulnerability of improper exception handling in the print module.Succe ...)
+ TODO: check
+CVE-2025-58288 (Denial of service (DoS) vulnerability in the office service.Successful ...)
+ TODO: check
+CVE-2025-58287 (Use After Free (UAF) vulnerability in the office service.Successful ex ...)
+ TODO: check
+CVE-2025-58286 (Denial of service (DoS) vulnerability in the office service. Successfu ...)
+ TODO: check
+CVE-2025-11613 (A vulnerability was found in code-projects Simple Food Ordering System ...)
+ TODO: check
+CVE-2025-11612 (A vulnerability has been found in code-projects Simple Food Ordering S ...)
+ TODO: check
+CVE-2025-11611 (A weakness has been identified in SourceCodester Simple Inventory Syst ...)
+ TODO: check
+CVE-2025-11610 (A security flaw has been discovered in SourceCodester Simple Inventory ...)
+ TODO: check
+CVE-2025-11609 (A flaw has been found in code-projects Hospital Management System 1.0. ...)
+ TODO: check
+CVE-2025-11608 (A security vulnerability has been detected in code-projects E-Banking ...)
+ TODO: check
+CVE-2025-11607 (A weakness has been identified in harry0703 MoneyPrinterTurbo up to 1. ...)
+ TODO: check
+CVE-2025-11606 (A security flaw has been discovered in iPynch Social Network Website u ...)
+ TODO: check
+CVE-2025-11605 (A vulnerability was identified in code-projects Client Details System ...)
+ TODO: check
+CVE-2025-11604 (A vulnerability was determined in projectworlds Online Ordering Food S ...)
+ TODO: check
+CVE-2025-11603 (A vulnerability was found in code-projects Simple Food Ordering System ...)
+ TODO: check
+CVE-2025-11601 (A vulnerability was detected in SourceCodester Online Student Result S ...)
+ TODO: check
+CVE-2025-11600 (A security vulnerability has been detected in code-projects Simple Foo ...)
+ TODO: check
+CVE-2025-11599 (A weakness has been identified in Campcodes Online Apartment Visitor M ...)
+ TODO: check
+CVE-2025-11597 (A vulnerability was identified in code-projects E-Commerce Website 1.0 ...)
+ TODO: check
+CVE-2025-11596 (A vulnerability was determined in code-projects E-Commerce Website 1.0 ...)
+ TODO: check
+CVE-2025-11595 (A vulnerability was found in Campcodes Online Apartment Visitor Manage ...)
+ TODO: check
+CVE-2025-11594 (A vulnerability has been found in ywxbear PHP-Bookstore-Website-Exampl ...)
+ TODO: check
+CVE-2025-11518 (The WPC Smart Wishlist for WooCommerce plugin for WordPress is vulnera ...)
+ TODO: check
+CVE-2025-11254 (The Contest Gallery \u2013 Upload, Vote & Sell with PayPal and Stripe ...)
+ TODO: check
+CVE-2025-11167 (The CM Registration \u2013 Tailored tool for seamless login and invita ...)
+ TODO: check
+CVE-2025-10376 (The Course Redirects for Learndash plugin for WordPress is vulnerable ...)
+ TODO: check
+CVE-2025-10375 (The Web Accessibility By accessiBe plugin for WordPress is vulnerable ...)
+ TODO: check
+CVE-2025-10190 (The WP Easy Toggles plugin for WordPress is vulnerable to Stored Cross ...)
+ TODO: check
+CVE-2025-10175 (The WP Links Page plugin for WordPress is vulnerable to SQL Injection ...)
+ TODO: check
+CVE-2025-10167 (The Stock History & Reports Manager for WooCommerce plugin for WordPre ...)
+ TODO: check
+CVE-2025-10129 (The WordPress Live Webcam Widget & Shortcode plugin for WordPress is v ...)
+ TODO: check
CVE-2025-9560 (The Colibri Page Builder plugin for WordPress is vulnerable to Stored ...)
NOT-FOR-US: WordPress plugin
CVE-2025-9554 (Vulnerability in Drupal Owl Carousel 2.This issue affects Owl Carousel ...)
@@ -7675,10 +7781,12 @@ CVE-2025-59800 (In Artifex Ghostscript through 10.05.1, ocr_begin_page in device
NOTE: https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=176cf0188a2294bc307b8caec876f39412e58350 (ghostpdl-10.06.0rc1)
NOTE: Ghostscript in Debian not compiled with Tesseract support
CVE-2025-59799 (Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow ...)
+ {DSA-6024-1}
- ghostscript 10.06.0~dfsg-1 (bug #1116443)
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=708517
NOTE: https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=6dab38fb211f15226c242ab7a83fa53e4b0ff781 (ghostpdl-10.06.0rc1)
CVE-2025-59798 (Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow ...)
+ {DSA-6024-1}
- ghostscript 10.06.0~dfsg-1 (bug #1116444)
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=708539
NOTE: https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=0cae41b23a9669e801211dd4cf97b6dadd6dbdd7 (ghostpdl-10.06.0rc1)
@@ -30389,6 +30497,7 @@ CVE-2025-7464 (A vulnerability classified as problematic has been found in osrg
CVE-2025-7463 (A vulnerability was found in Tenda FH1201 1.2.0.14. It has been declar ...)
NOT-FOR-US: Tenda
CVE-2025-7462 (A vulnerability was found in Artifex GhostPDL up to 3989415a5b8e99b9d1 ...)
+ {DSA-6024-1}
- ghostscript 10.05.1~dfsg-2 (bug #1109270)
[bullseye] - ghostscript <postponed> (Minor issue; crash)
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=708606
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/af4b9ef81b83c1dfb70919201009bc841ecf7039
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/af4b9ef81b83c1dfb70919201009bc841ecf7039
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251011/aa27f37e/attachment.htm>
More information about the debian-security-tracker-commits
mailing list