[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Sep 9 21:13:06 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
206707dd by security tracker role at 2025-09-09T20:12:58+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,517 @@
+CVE-2025-9994 (The Amp\u2019ed RF BT-AP 111 Bluetooth access point's HTTP admin inter ...)
+ TODO: check
+CVE-2025-9951 (A heap-buffer-overflow write exists in jpeg2000dec FFmpeg which allows ...)
+ TODO: check
+CVE-2025-9872 (Insufficient filename validation in Ivanti Endpoint Manager before 202 ...)
+ TODO: check
+CVE-2025-9712 (Insufficient filename validation in Ivanti Endpoint Manager before 202 ...)
+ TODO: check
+CVE-2025-9364 (An open database issue exists in the affected product and version. The ...)
+ TODO: check
+CVE-2025-9269 (A Server-Side Request Forgery (SSRF) vulnerability has been identified ...)
+ TODO: check
+CVE-2025-9166 (A denial-of-service security issue exists in the affected product and ...)
+ TODO: check
+CVE-2025-9161 (A security issue exists within FactoryTalk Optix MQTT broker due to th ...)
+ TODO: check
+CVE-2025-9160 (A code execution security issue exists in the affected product. An att ...)
+ TODO: check
+CVE-2025-9065 (A server-side request forgery security issue exists within Rockwell Au ...)
+ TODO: check
+CVE-2025-8712 (Missing authorization in Ivanti Connect Secure before 22.7R2.9 or 22.8 ...)
+ TODO: check
+CVE-2025-8711 (CSRF in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy ...)
+ TODO: check
+CVE-2025-8277 (A flaw was found in libssh's handling of key exchange (KEX) processes ...)
+ TODO: check
+CVE-2025-8008 (A security issue exists in the protected mode of EN4TR devices, where ...)
+ TODO: check
+CVE-2025-8007 (A security issue exists in the protected mode of 1756-EN4TR and 1756-E ...)
+ TODO: check
+CVE-2025-7970 (A security issue exists within FactoryTalk Activation Manager. An err ...)
+ TODO: check
+CVE-2025-7635 (Unauthenticated Telnet access vulnerability in Calix GigaCenter ONT al ...)
+ TODO: check
+CVE-2025-7350 (A security issue affecting multiple Cisco devices also directly impact ...)
+ TODO: check
+CVE-2025-5500 (A flaw has been found in ZhenShi Mibro Fit App 1.6.3.17499 on Android. ...)
+ TODO: check
+CVE-2025-5005 (A vulnerability was detected in Shanghai Lingdang Information Technolo ...)
+ TODO: check
+CVE-2025-59019 (Missing authorization checks in the CSV download feature of TYPO3 CMS ...)
+ TODO: check
+CVE-2025-59018 (Missing authorization checks in the Workspace Module of TYPO3 CMS vers ...)
+ TODO: check
+CVE-2025-59017 (Missing authorization checks in the Backend Routing of TYPO3 CMS versi ...)
+ TODO: check
+CVE-2025-59016 (Error messages containing sensitive information in the File Abstractio ...)
+ TODO: check
+CVE-2025-59015 (A deterministic three\u2011character prefix in the Password Generation ...)
+ TODO: check
+CVE-2025-59014 (An uncaught exception in the Bookmark Toolbar of TYPO3 CMS versions 11 ...)
+ TODO: check
+CVE-2025-59013 (An open\u2011redirect vulnerability in GeneralUtility::sanitizeLocalUr ...)
+ TODO: check
+CVE-2025-59008 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2025-59005 (Missing Authorization vulnerability in frenify Categorify allows Explo ...)
+ TODO: check
+CVE-2025-58997 (Cross-Site Request Forgery (CSRF) vulnerability in Frenify Mow allows ...)
+ TODO: check
+CVE-2025-58993 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2025-58991 (Cross-Site Request Forgery (CSRF) vulnerability in Cristiano Zanca Woo ...)
+ TODO: check
+CVE-2025-58990 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-58989 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-58988 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-58987 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-58985 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-58984 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-58983 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-58982 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-58981 (Missing Authorization vulnerability in Equalize Digital Accessibility ...)
+ TODO: check
+CVE-2025-58980 (Missing Authorization vulnerability in recorp Export WP Page to Static ...)
+ TODO: check
+CVE-2025-58979 (Missing Authorization vulnerability in BerqWP BerqWP allows Exploiting ...)
+ TODO: check
+CVE-2025-58978 (Missing Authorization vulnerability in WP Swings PDF Generator for Wor ...)
+ TODO: check
+CVE-2025-58977 (Server-Side Request Forgery (SSRF) vulnerability in Rhys Wynne WP eBay ...)
+ TODO: check
+CVE-2025-58976 (Missing Authorization vulnerability in Equalize Digital Accessibility ...)
+ TODO: check
+CVE-2025-58975 (Cross-Site Request Forgery (CSRF) vulnerability in Helmut Wandl Advanc ...)
+ TODO: check
+CVE-2025-58762 (Tautulli is a Python based monitoring and tracking tool for Plex Media ...)
+ TODO: check
+CVE-2025-58761 (Tautulli is a Python based monitoring and tracking tool for Plex Media ...)
+ TODO: check
+CVE-2025-58760 (Tautulli is a Python based monitoring and tracking tool for Plex Media ...)
+ TODO: check
+CVE-2025-58759 (TinyEnv is an environment variable loader for PHP applications. In ver ...)
+ TODO: check
+CVE-2025-58758 (TinyEnv is an environment variable loader for PHP applications. In ver ...)
+ TODO: check
+CVE-2025-58753 (Copyparty is a portable file server. In versions prior to 1.19.8, ther ...)
+ TODO: check
+CVE-2025-58442 (Saleor is an e-commerce platform. Starting in version 3.21.0 and prior ...)
+ TODO: check
+CVE-2025-58435 (Open OnDemand is an open-source HPC portal. Prior to versions 3.1.15 a ...)
+ TODO: check
+CVE-2025-58430 (listmonk is a standalone, self-hosted, newsletter and mailing list man ...)
+ TODO: check
+CVE-2025-58215 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-58180 (OctoPrint provides a web interface for controlling consumer 3D printer ...)
+ TODO: check
+CVE-2025-58063 (CoreDNS is a DNS server that chains plugins. Starting in version 1.2.0 ...)
+ TODO: check
+CVE-2025-57665 (Element Plus Link component (el-link) through 2.10.6 implements insuff ...)
+ TODO: check
+CVE-2025-57540 (A stored cross-site scripting (XSS) vulnerability exists in the WebAut ...)
+ TODO: check
+CVE-2025-57539 (A stored cross-site scripting (XSS) vulnerability in the U2F Origin fi ...)
+ TODO: check
+CVE-2025-57538 (A stored cross-site scripting (XSS) vulnerability in the HTTP Proxy fi ...)
+ TODO: check
+CVE-2025-57278 (The LB-Link BL-CPE300M AX300 4G LTE Router firmware version BL-R8800_B ...)
+ TODO: check
+CVE-2025-57087 (Tenda W30E V16.01.0.19 (5037) was discovered to contain a stack overfl ...)
+ TODO: check
+CVE-2025-57086 (Tenda W30E V16.01.0.19 (5037) was discovered to contain a stack overfl ...)
+ TODO: check
+CVE-2025-57085 (Tenda W30E V16.01.0.19 (5037) was discovered to contain a stack overfl ...)
+ TODO: check
+CVE-2025-57078 (Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow ...)
+ TODO: check
+CVE-2025-57072 (Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow ...)
+ TODO: check
+CVE-2025-57071 (Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow ...)
+ TODO: check
+CVE-2025-57070 (Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow ...)
+ TODO: check
+CVE-2025-57069 (Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow ...)
+ TODO: check
+CVE-2025-57064 (Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow ...)
+ TODO: check
+CVE-2025-57063 (Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow ...)
+ TODO: check
+CVE-2025-57062 (Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow ...)
+ TODO: check
+CVE-2025-57061 (Tenda G3 v3.0br_V15.11.0.17 was discovered to contain multiple stack o ...)
+ TODO: check
+CVE-2025-57060 (Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow ...)
+ TODO: check
+CVE-2025-57059 (Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow ...)
+ TODO: check
+CVE-2025-57058 (Tenda G3 v3.0br_V15.11.0.17 was discovered to contain multiple stack o ...)
+ TODO: check
+CVE-2025-57057 (Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow ...)
+ TODO: check
+CVE-2025-55730 (XWiki Remote Macros provides XWiki rendering macros that are useful wh ...)
+ TODO: check
+CVE-2025-55729 (XWiki Remote Macros provides XWiki rendering macros that are useful wh ...)
+ TODO: check
+CVE-2025-55728 (XWiki Remote Macros provides XWiki rendering macros that are useful wh ...)
+ TODO: check
+CVE-2025-55727 (XWiki Remote Macros provides XWiki rendering macros that are useful wh ...)
+ TODO: check
+CVE-2025-55317 (Improper link resolution before file access ('link following') in Micr ...)
+ TODO: check
+CVE-2025-55316 (External control of file name or path in Azure Arc allows an authorize ...)
+ TODO: check
+CVE-2025-55245 (Improper link resolution before file access ('link following') in Xbox ...)
+ TODO: check
+CVE-2025-55243 (Exposure of sensitive information to an unauthorized actor in Microsof ...)
+ TODO: check
+CVE-2025-55236 (Time-of-check time-of-use (toctou) race condition in Graphics Kernel a ...)
+ TODO: check
+CVE-2025-55234 (SMB Server might be susceptible to relay attacks depending on the conf ...)
+ TODO: check
+CVE-2025-55232 (Deserialization of untrusted data in Microsoft High Performance Comput ...)
+ TODO: check
+CVE-2025-55228 (Concurrent execution using shared resource with improper synchronizati ...)
+ TODO: check
+CVE-2025-55227 (Improper neutralization of special elements used in a command ('comman ...)
+ TODO: check
+CVE-2025-55226 (Concurrent execution using shared resource with improper synchronizati ...)
+ TODO: check
+CVE-2025-55225 (Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) ...)
+ TODO: check
+CVE-2025-55224 (Concurrent execution using shared resource with improper synchronizati ...)
+ TODO: check
+CVE-2025-55223 (Concurrent execution using shared resource with improper synchronizati ...)
+ TODO: check
+CVE-2025-55148 (Missing authorization in Ivanti Connect Secure before 22.7R2.9 or 22.8 ...)
+ TODO: check
+CVE-2025-55147 (CSRF in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy ...)
+ TODO: check
+CVE-2025-55146 (An unchecked return value in Ivanti Connect Secure before 22.7R2.9 or ...)
+ TODO: check
+CVE-2025-55145 (Missing authorization in Ivanti Connect Secure before 22.7R2.9 or 22.8 ...)
+ TODO: check
+CVE-2025-55144 (Missing authorization in Ivanti Connect Secure before 22.7R2.9 or 22.8 ...)
+ TODO: check
+CVE-2025-55143 (Reflected text injection in Ivanti Connect Secure before 22.7R2.9 or 2 ...)
+ TODO: check
+CVE-2025-55142 (Missing authorization in Ivanti Connect Secure before 22.7R2.9 or 22.8 ...)
+ TODO: check
+CVE-2025-55141 (Missing authorization in Ivanti Connect Secure before 22.7R2.9 or 22.8 ...)
+ TODO: check
+CVE-2025-55139 (SSRF in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy ...)
+ TODO: check
+CVE-2025-55054 (CWE-79 Improper Neutralization of Input During Web Page Generation (XS ...)
+ TODO: check
+CVE-2025-55053 (CWE-328: Use of Weak Hash)
+ TODO: check
+CVE-2025-55052 (CWE-200 Exposure of Sensitive Information to an Unauthorized Actor)
+ TODO: check
+CVE-2025-55051 (CWE-1392: Use of Default Credentials)
+ TODO: check
+CVE-2025-55050 (CWE-1242: Inclusion of Undocumented Features)
+ TODO: check
+CVE-2025-55049 (Use of Default Cryptographic Key (CWE-1394))
+ TODO: check
+CVE-2025-55048 (Multiple CWE-78)
+ TODO: check
+CVE-2025-55047 (CWE-798 Use of Hard-coded Credentials)
+ TODO: check
+CVE-2025-54919 (Concurrent execution using shared resource with improper synchronizati ...)
+ TODO: check
+CVE-2025-54918 (Improper authentication in Windows NTLM allows an authorized attacker ...)
+ TODO: check
+CVE-2025-54917 (Protection mechanism failure in Windows MapUrlToZone allows an unautho ...)
+ TODO: check
+CVE-2025-54916 (Stack-based buffer overflow in Windows NTFS allows an authorized attac ...)
+ TODO: check
+CVE-2025-54915 (Access of resource using incompatible type ('type confusion') in Windo ...)
+ TODO: check
+CVE-2025-54913 (Concurrent execution using shared resource with improper synchronizati ...)
+ TODO: check
+CVE-2025-54912 (Use after free in Windows BitLocker allows an authorized attacker to e ...)
+ TODO: check
+CVE-2025-54911 (Use after free in Windows BitLocker allows an authorized attacker to e ...)
+ TODO: check
+CVE-2025-54910 (Heap-based buffer overflow in Microsoft Office allows an unauthorized ...)
+ TODO: check
+CVE-2025-54908 (Use after free in Microsoft Office PowerPoint allows an unauthorized a ...)
+ TODO: check
+CVE-2025-54907 (Heap-based buffer overflow in Microsoft Office Visio allows an unautho ...)
+ TODO: check
+CVE-2025-54906 (Free of memory not on the heap in Microsoft Office allows an unauthori ...)
+ TODO: check
+CVE-2025-54905 (Untrusted pointer dereference in Microsoft Office Word allows an unaut ...)
+ TODO: check
+CVE-2025-54904 (Use after free in Microsoft Office Excel allows an unauthorized attack ...)
+ TODO: check
+CVE-2025-54903 (Use after free in Microsoft Office Excel allows an unauthorized attack ...)
+ TODO: check
+CVE-2025-54902 (Out-of-bounds read in Microsoft Office Excel allows an unauthorized at ...)
+ TODO: check
+CVE-2025-54901 (Buffer over-read in Microsoft Office Excel allows an unauthorized atta ...)
+ TODO: check
+CVE-2025-54900 (Heap-based buffer overflow in Microsoft Office Excel allows an unautho ...)
+ TODO: check
+CVE-2025-54899 (Free of memory not on the heap in Microsoft Office Excel allows an una ...)
+ TODO: check
+CVE-2025-54898 (Out-of-bounds read in Microsoft Office Excel allows an unauthorized at ...)
+ TODO: check
+CVE-2025-54897 (Deserialization of untrusted data in Microsoft Office SharePoint allow ...)
+ TODO: check
+CVE-2025-54896 (Use after free in Microsoft Office Excel allows an unauthorized attack ...)
+ TODO: check
+CVE-2025-54895 (Integer overflow or wraparound in Windows SPNEGO Extended Negotiation ...)
+ TODO: check
+CVE-2025-54894 (Local Security Authority Subsystem Service Elevation of Privilege Vuln ...)
+ TODO: check
+CVE-2025-54709 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-54261 (ColdFusion versions 2025.3, 2023.15, 2021.21 and earlier are affected ...)
+ TODO: check
+CVE-2025-54257 (Acrobat Reader versions 24.001.30254, 20.005.30774, 25.001.20672 and e ...)
+ TODO: check
+CVE-2025-54256 (Dreamweaver Desktop versions 21.5 and earlier are affected by a Cross- ...)
+ TODO: check
+CVE-2025-54255 (Acrobat Reader versions 24.001.30254, 20.005.30774, 25.001.20672 and e ...)
+ TODO: check
+CVE-2025-54252 (Adobe Experience Manager versions 6.5.23.0 and earlier are affected by ...)
+ TODO: check
+CVE-2025-54251 (Adobe Experience Manager versions 6.5.23.0 and earlier are affected by ...)
+ TODO: check
+CVE-2025-54250 (Adobe Experience Manager versions 6.5.23.0 and earlier are affected by ...)
+ TODO: check
+CVE-2025-54249 (Adobe Experience Manager versions 6.5.23.0 and earlier are affected by ...)
+ TODO: check
+CVE-2025-54248 (Adobe Experience Manager versions 6.5.23.0 and earlier are affected by ...)
+ TODO: check
+CVE-2025-54247 (Adobe Experience Manager versions 6.5.23.0 and earlier are affected by ...)
+ TODO: check
+CVE-2025-54246 (Adobe Experience Manager versions 6.5.23.0 and earlier are affected by ...)
+ TODO: check
+CVE-2025-54242 (Premiere Pro versions 25.3, 24.6.5 and earlier are affected by a Use A ...)
+ TODO: check
+CVE-2025-54236 (Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2 ...)
+ TODO: check
+CVE-2025-54116 (Improper access control in Windows MultiPoint Services allows an autho ...)
+ TODO: check
+CVE-2025-54115 (Concurrent execution using shared resource with improper synchronizati ...)
+ TODO: check
+CVE-2025-54114 (Concurrent execution using shared resource with improper synchronizati ...)
+ TODO: check
+CVE-2025-54113 (Heap-based buffer overflow in Windows Routing and Remote Access Servic ...)
+ TODO: check
+CVE-2025-54112 (Use after free in Microsoft Virtual Hard Drive allows an authorized at ...)
+ TODO: check
+CVE-2025-54111 (Use after free in Windows UI XAML Phone DatePickerFlyout allows an aut ...)
+ TODO: check
+CVE-2025-54110 (Integer overflow or wraparound in Windows Kernel allows an authorized ...)
+ TODO: check
+CVE-2025-54109 (Access of resource using incompatible type ('type confusion') in Windo ...)
+ TODO: check
+CVE-2025-54108 (Concurrent execution using shared resource with improper synchronizati ...)
+ TODO: check
+CVE-2025-54107 (Improper resolution of path equivalence in Windows MapUrlToZone allows ...)
+ TODO: check
+CVE-2025-54106 (Integer overflow or wraparound in Windows Routing and Remote Access Se ...)
+ TODO: check
+CVE-2025-54105 (Concurrent execution using shared resource with improper synchronizati ...)
+ TODO: check
+CVE-2025-54104 (Access of resource using incompatible type ('type confusion') in Windo ...)
+ TODO: check
+CVE-2025-54103 (Use after free in Windows Management Services allows an unauthorized a ...)
+ TODO: check
+CVE-2025-54102 (Use after free in Windows Connected Devices Platform Service allows an ...)
+ TODO: check
+CVE-2025-54101 (Use after free in Windows SMBv3 Client allows an authorized attacker t ...)
+ TODO: check
+CVE-2025-54099 (Stack-based buffer overflow in Windows Ancillary Function Driver for W ...)
+ TODO: check
+CVE-2025-54098 (Improper access control in Windows Hyper-V allows an authorized attack ...)
+ TODO: check
+CVE-2025-54097 (Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) ...)
+ TODO: check
+CVE-2025-54096 (Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) ...)
+ TODO: check
+CVE-2025-54095 (Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) ...)
+ TODO: check
+CVE-2025-54094 (Access of resource using incompatible type ('type confusion') in Windo ...)
+ TODO: check
+CVE-2025-54093 (Time-of-check time-of-use (toctou) race condition in Windows TCP/IP al ...)
+ TODO: check
+CVE-2025-54092 (Concurrent execution using shared resource with improper synchronizati ...)
+ TODO: check
+CVE-2025-54091 (Integer overflow or wraparound in Windows Hyper-V allows an authorized ...)
+ TODO: check
+CVE-2025-53914 (Excessive Privilegesvulnerability in Calix GigaCenter ONT (Broadcom So ...)
+ TODO: check
+CVE-2025-53913 (Excessive Privileges vulnerability in Calix GigaCenter ONT (Quantenna ...)
+ TODO: check
+CVE-2025-53810 (Access of resource using incompatible type ('type confusion') in Windo ...)
+ TODO: check
+CVE-2025-53809 (Improper input validation in Windows Local Security Authority Subsyste ...)
+ TODO: check
+CVE-2025-53808 (Access of resource using incompatible type ('type confusion') in Windo ...)
+ TODO: check
+CVE-2025-53807 (Concurrent execution using shared resource with improper synchronizati ...)
+ TODO: check
+CVE-2025-53806 (Buffer over-read in Windows Routing and Remote Access Service (RRAS) a ...)
+ TODO: check
+CVE-2025-53805 (Out-of-bounds read in Windows Internet Information Services allows an ...)
+ TODO: check
+CVE-2025-53804 (Exposure of sensitive information to an unauthorized actor in Windows ...)
+ TODO: check
+CVE-2025-53803 (Generation of error message containing sensitive information in Window ...)
+ TODO: check
+CVE-2025-53802 (Use after free in Windows Bluetooth Service allows an authorized attac ...)
+ TODO: check
+CVE-2025-53801 (Untrusted pointer dereference in Windows DWM allows an authorized atta ...)
+ TODO: check
+CVE-2025-53800 (No cwe for this issue in Microsoft Graphics Component allows an author ...)
+ TODO: check
+CVE-2025-53799 (Use of uninitialized resource in Windows Imaging Component allows an u ...)
+ TODO: check
+CVE-2025-53798 (Buffer over-read in Windows Routing and Remote Access Service (RRAS) a ...)
+ TODO: check
+CVE-2025-53797 (Buffer over-read in Windows Routing and Remote Access Service (RRAS) a ...)
+ TODO: check
+CVE-2025-53796 (Buffer over-read in Windows Routing and Remote Access Service (RRAS) a ...)
+ TODO: check
+CVE-2025-53609 (A Relative Path Traversal vulnerability [CWE-23] in FortiWeb 7.6.0 thr ...)
+ TODO: check
+CVE-2025-53348 (Missing Authorization vulnerability in Laborator Kalium. This issue af ...)
+ TODO: check
+CVE-2025-53340 (Missing Authorization vulnerability in awesomesupport Awesome Support. ...)
+ TODO: check
+CVE-2025-53303 (Deserialization of Untrusted Data vulnerability in ThemeMove ThemeMove ...)
+ TODO: check
+CVE-2025-53291 (Missing Authorization vulnerability in spoddev2021 Spreadconnect. This ...)
+ TODO: check
+CVE-2025-52915 (K7RKScan.sys 23.0.0.10, part of the K7 Security Anti-Malware suite, al ...)
+ TODO: check
+CVE-2025-52322 (An issue in Open5GS v2.7.2 and before allows a remote attacker to caus ...)
+ TODO: check
+CVE-2025-52277 (Cross Site Scripting vulnerability in YesWiki v.4.54 allows a remote a ...)
+ TODO: check
+CVE-2025-49860 (Missing Authorization vulnerability in Majestic Support Majestic Suppo ...)
+ TODO: check
+CVE-2025-49734 (Improper restriction of communication channel to intended endpoints in ...)
+ TODO: check
+CVE-2025-49692 (Improper access control in Azure Windows Virtual Machine Agent allows ...)
+ TODO: check
+CVE-2025-49430 (Server-Side Request Forgery (SSRF) vulnerability in FWDesign Ultimate ...)
+ TODO: check
+CVE-2025-48208 (Improper Neutralization of Special Elements used in an LDAP Query ('LD ...)
+ TODO: check
+CVE-2025-48101 (Deserialization of Untrusted Data vulnerability in webdevstudios Const ...)
+ TODO: check
+CVE-2025-47997 (Concurrent execution using shared resource with improper synchronizati ...)
+ TODO: check
+CVE-2025-47695 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-47694 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-47579 (Deserialization of Untrusted Data vulnerability in ThemeGoods Photogra ...)
+ TODO: check
+CVE-2025-47571 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-47570 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-47569 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2025-47437 (Server-Side Request Forgery (SSRF) vulnerability in LiteSpeed Technolo ...)
+ TODO: check
+CVE-2025-47416 (A vulnerability exists in the ConsoleFindCommandMatchListfunction in l ...)
+ TODO: check
+CVE-2025-47415 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
+ TODO: check
+CVE-2025-44594 (halo v2.20.17 and before is vulnerable to server-side request forgery ...)
+ TODO: check
+CVE-2025-43786 (Enumeration of ERC from object entry in Liferay Portal 7.4.0 through 7 ...)
+ TODO: check
+CVE-2025-43781 (Reflected cross-site scripting (XSS) vulnerability in Liferay Portal 7 ...)
+ TODO: check
+CVE-2025-43776 (A Stored cross-site scripting vulnerability in the Liferay Portal 7.4 ...)
+ TODO: check
+CVE-2025-43775 (Stored cross-site scripting (XSS) vulnerability in Liferay Portal 7.4. ...)
+ TODO: check
+CVE-2025-41701 (An unauthenticated attacker can trick a local user into executing arbi ...)
+ TODO: check
+CVE-2025-40804 (A vulnerability has been identified in SIMATIC Virtualization as a Ser ...)
+ TODO: check
+CVE-2025-40803 (A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA ...)
+ TODO: check
+CVE-2025-40802 (A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA ...)
+ TODO: check
+CVE-2025-40798 (A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versi ...)
+ TODO: check
+CVE-2025-40797 (A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versi ...)
+ TODO: check
+CVE-2025-40796 (A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versi ...)
+ TODO: check
+CVE-2025-40795 (A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versi ...)
+ TODO: check
+CVE-2025-40757 (A vulnerability has been identified in APOGEE PXC Series (BACnet) (All ...)
+ TODO: check
+CVE-2025-40594 (A vulnerability has been identified in SINAMICS G220 V6.4 (All version ...)
+ TODO: check
+CVE-2025-39553 (Missing Authorization vulnerability in andy_moyle Church Admin. This i ...)
+ TODO: check
+CVE-2025-39541 (Missing Authorization vulnerability in Roland Murg WP Simple Booking C ...)
+ TODO: check
+CVE-2025-39523 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in G ...)
+ TODO: check
+CVE-2025-36125 (IBM Hardware Management Console - Power 10.3.1050.0 and 11.1.1110.0 is ...)
+ TODO: check
+CVE-2025-36011 (IBM Jazz for Service Management 1.1.3.0 through 1.1.3.24 does not set ...)
+ TODO: check
+CVE-2025-34175 (In pfSense CE/usr/local/www/suricata/suricata_filecheck.php, the value ...)
+ TODO: check
+CVE-2025-34174 (In pfSense CE/usr/local/www/status_traffic_totals.php, the value of th ...)
+ TODO: check
+CVE-2025-34173 (In pfSense CE/usr/local/www/snort/snort_ip_reputation.php, the value o ...)
+ TODO: check
+CVE-2025-34172 (In pfSense CE/usr/local/www/haproxy/haproxy_stats.php, the value of th ...)
+ TODO: check
+CVE-2025-33045 (APTIOV contains vulnerabilities in the BIOS where a privileged user ma ...)
+ TODO: check
+CVE-2025-32689 (Improper Validation of Specified Quantity in Input vulnerability in Th ...)
+ TODO: check
+CVE-2025-32688 (Missing Authorization vulnerability in Sovica Target Video Easy Publis ...)
+ TODO: check
+CVE-2025-32486 (Weak Password Recovery Mechanism for Forgotten Password vulnerability ...)
+ TODO: check
+CVE-2025-30875 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-29089 (An issue in TP-Link AX10 Ax1500 v.1.3.10 Build (20230130) allows a rem ...)
+ TODO: check
+CVE-2025-24404 (XML Injection RCE by parse http sitemap xml response vulnerability in ...)
+ TODO: check
+CVE-2025-10199 (A local privilege escalation vulnerability exists in Sunshine for Wind ...)
+ TODO: check
+CVE-2025-10198 (Sunshine for Windows, version v2025.122.141614, contains a DLL search- ...)
+ TODO: check
+CVE-2025-10183 (A blind XML External Entity (XXE) injection in the OpenMessaging webse ...)
+ TODO: check
+CVE-2025-10164 (A security flaw has been discovered in lmsys sglang 0.4.6. Affected by ...)
+ TODO: check
+CVE-2025-10134 (The Goza - Nonprofit Charity WordPress Theme theme for WordPress is vu ...)
+ TODO: check
+CVE-2025-10107 (A vulnerability has been found in TRENDnet TEW-831DR 1.0 (601.130.1.14 ...)
+ TODO: check
+CVE-2025-10095 (A SQL injection vulnerability has been identified in the SMPP server c ...)
+ TODO: check
+CVE-2024-45325 (An improper neutralization of special elements used in an OS command ( ...)
+ TODO: check
CVE-2025-9542 (The AutomatorWP \u2013 Automator plugin for no-code automations, webho ...)
NOT-FOR-US: WordPress plugin
CVE-2025-9539 (The AutomatorWP \u2013 Automator plugin for no-code automations, webho ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/206707dd064727870b81d2c8c0c085614d6bc4de
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/206707dd064727870b81d2c8c0c085614d6bc4de
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250909/47f2974c/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list