[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Oct 28 08:13:28 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5ead8d8c by security tracker role at 2025-10-28T08:13:21+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,4 +1,111 @@
+CVE-2025-62793 (eLabFTW is an open source electronic lab notebook for research labs. T ...)
+	TODO: check
+CVE-2025-62784 (InventoryGui is a library for creating chest GUIs for Bukkit/Spigot pl ...)
+	TODO: check
+CVE-2025-62783 (InventoryGui is a library for creating chest GUIs for Bukkit/Spigot pl ...)
+	TODO: check
+CVE-2025-62782 (InventoryGui is a library for creating chest GUIs for Bukkit/Spigot pl ...)
+	TODO: check
+CVE-2025-62781 (PILOS (Platform for Interactive Live-Online Seminars) is a frontend fo ...)
+	TODO: check
+CVE-2025-62779 (Frappe Learning is a learning system that helps users structure their  ...)
+	TODO: check
+CVE-2025-62778 (Frappe Learning is a learning management system. A security issue was  ...)
+	TODO: check
+CVE-2025-62777 (Use of Hard-Coded Credentials issue exists in MZK-DP300N version 1.07  ...)
+	TODO: check
+CVE-2025-62725 (Docker Compose trusts the path information embedded in remote OCI comp ...)
+	TODO: check
+CVE-2025-62594 (ImageMagick is a software suite to create, edit, compose, or convert b ...)
+	TODO: check
+CVE-2025-62524 (PILOS (Platform for Interactive Live-Online Seminars) is a frontend fo ...)
+	TODO: check
+CVE-2025-62523 (PILOS (Platform for Interactive Live-Online Seminars) is a frontend fo ...)
+	TODO: check
+CVE-2025-62262 (Information exposure through log file vulnerability in LDAP import fea ...)
+	TODO: check
+CVE-2025-62261 (Liferay Portal 7.4.0 through 7.4.3.99, and older unsupported versions, ...)
+	TODO: check
+CVE-2025-62260 (Liferay Portal 7.4.0 through 7.4.3.99, and Liferay DXP 2023.Q3.1 throu ...)
+	TODO: check
+CVE-2025-62259 (Liferay Portal 7.4.0 through 7.4.3.109, and older unsupported versions ...)
+	TODO: check
+CVE-2025-62258 (CSRF vulnerability in Headless API in Liferay Portal 7.4.0 through 7.4 ...)
+	TODO: check
+CVE-2025-43024 (A GUI dialog of an application allows to view what files are in the fi ...)
+	TODO: check
+CVE-2025-33133 (IBM DB2 High Performance Unload 6.1.0.3, 5.1.0.1, 6.1.0.2, 6.5, 6.5.0. ...)
+	TODO: check
+CVE-2025-33132 (IBM DB2 High Performance Unload 6.1.0.3, 5.1.0.1, 6.1.0.2, 6.5, 6.5.0. ...)
+	TODO: check
+CVE-2025-33131 (IBM DB2 High Performance Unload 6.1.0.3, 5.1.0.1, 6.1.0.2, 6.5, 6.5.0. ...)
+	TODO: check
+CVE-2025-33126 (IBM DB2 High Performance Unload 6.1.0.3, 5.1.0.1, 6.1.0.2, 6.5, 6.5.0. ...)
+	TODO: check
+CVE-2025-12378 (A security flaw has been discovered in code-projects Simple Food Order ...)
+	TODO: check
+CVE-2025-12347 (A flaw has been found in MaxSite CMS up to 109. This issue affects som ...)
+	TODO: check
+CVE-2025-12346 (A vulnerability was detected in MaxSite CMS up to 109. This vulnerabil ...)
+	TODO: check
+CVE-2025-12344 (A vulnerability has been found in Yonyou U8 Cloud up to 5.1sp. The imp ...)
+	TODO: check
+CVE-2025-12342 (A flaw has been found in Serdar Bayram Ghost Hot Spot up to 20251014.  ...)
+	TODO: check
+CVE-2025-12341 (A vulnerability was detected in ermig1979 AntiDupl up to 2.3.12. Impac ...)
+	TODO: check
+CVE-2025-12339 (A security vulnerability has been detected in Campcodes Retro Basketba ...)
+	TODO: check
+CVE-2025-12338 (A weakness has been identified in Campcodes Retro Basketball Shoes Onl ...)
+	TODO: check
+CVE-2025-12337 (A security flaw has been discovered in Campcodes Retro Basketball Shoe ...)
+	TODO: check
+CVE-2025-12336 (A vulnerability was identified in Campcodes Retro Basketball Shoes Onl ...)
+	TODO: check
+CVE-2025-12335 (A vulnerability was determined in code-projects E-Commerce Website 1.0 ...)
+	TODO: check
+CVE-2025-12334 (A vulnerability was found in code-projects E-Commerce Website 1.0. Aff ...)
+	TODO: check
+CVE-2025-12333 (A vulnerability has been found in code-projects E-Commerce Website 1.0 ...)
+	TODO: check
+CVE-2025-12332 (A flaw has been found in SourceCodester Student Grades Management Syst ...)
+	TODO: check
+CVE-2025-12331 (A weakness has been identified in Willow CMS up to 1.4.0. Impacted is  ...)
+	TODO: check
+CVE-2025-12330 (A security flaw has been discovered in Willow CMS up to 1.4.0. This is ...)
+	TODO: check
+CVE-2025-12329 (A security flaw has been discovered in shawon100 RUET OJ up to 18fa45b ...)
+	TODO: check
+CVE-2025-12328 (A vulnerability was identified in shawon100 RUET OJ up to 18fa45b0a669 ...)
+	TODO: check
+CVE-2025-12327 (A vulnerability was determined in shawon100 RUET OJ up to 18fa45b0a669 ...)
+	TODO: check
+CVE-2025-12326 (A vulnerability was found in shawon100 RUET OJ up to 18fa45b0a669fa109 ...)
+	TODO: check
+CVE-2025-12325 (A vulnerability has been found in SourceCodester Best Salon Management ...)
+	TODO: check
+CVE-2025-12322 (A flaw has been found in Tenda CH22 1.0.0.1. Affected by this issue is ...)
+	TODO: check
+CVE-2025-12316 (A vulnerability was identified in code-projects Courier Management Sys ...)
+	TODO: check
+CVE-2025-12315 (A vulnerability was determined in code-projects Food Ordering System 1 ...)
+	TODO: check
+CVE-2025-12314 (A vulnerability was found in code-projects Food Ordering System 1.0. T ...)
+	TODO: check
+CVE-2025-12313 (A vulnerability has been found in D-Link DI-7001 MINI 19.09.19A1/24.04 ...)
+	TODO: check
+CVE-2025-11735 (The HUSKY \u2013 Products Filter Professional for WooCommerce plugin f ...)
+	TODO: check
+CVE-2025-10939 (A flaw was found in Keycloak. The Keycloak guides recommend to not exp ...)
+	TODO: check
+CVE-2025-10151 (Improper locking vulnerability in Softing Industrial Automation GmbH g ...)
+	TODO: check
+CVE-2025-10150 (Webserver crash caused by scanning on TCP port 80 in Softing Industria ...)
+	TODO: check
+CVE-2025-10145 (The Auto Featured Image (Auto Post Thumbnail) plugin for WordPress is  ...)
+	TODO: check
 CVE-2025-12343
+	{DSA-6007-1}
 	- ffmpeg <unfixed>
 	[bookworm] - ffmpeg <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/b8d5f65b9e89d893f27cf00799dbc15fc0ca2f8e (master)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5ead8d8c116e269665c77db74282ee02cbea336b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5ead8d8c116e269665c77db74282ee02cbea336b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251028/bcfc4fca/attachment.htm>

More information about the debian-security-tracker-commits mailing list