[Git][security-tracker-team/security-tracker][master] automatic update

Sun Sep 14 21:12:58 BST 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cbd1a7e9 by security tracker role at 2025-09-14T20:12:50+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,35 @@
+CVE-2025-6051 (A Regular Expression Denial of Service (ReDoS) vulnerability was disco ...)
+	TODO: check
+CVE-2025-36035 (IBM PowerVM Hypervisor FW950.00 through FW950.E0, FW1050.00 through FW ...)
+	TODO: check
+CVE-2025-10408 (A security flaw has been discovered in SourceCodester Student Grading  ...)
+	TODO: check
+CVE-2025-10407 (A vulnerability was identified in SourceCodester Student Grading Syste ...)
+	TODO: check
+CVE-2025-10405 (A vulnerability was determined in itsourcecode Baptism Information Man ...)
+	TODO: check
+CVE-2025-10404 (A vulnerability was found in itsourcecode Baptism Information Manageme ...)
+	TODO: check
+CVE-2025-10403 (A vulnerability has been found in PHPGurukul Beauty Parlour Management ...)
+	TODO: check
+CVE-2025-10402 (A flaw has been found in PHPGurukul Beauty Parlour Management System 1 ...)
+	TODO: check
+CVE-2025-10401 (A vulnerability was detected in D-Link DIR-823x up to 250416. The affe ...)
+	TODO: check
+CVE-2025-10400 (A security vulnerability has been detected in SourceCodester Food Orde ...)
+	TODO: check
+CVE-2025-10399 (A weakness has been identified in Korzh EasyQuery up to 7.4.0. This is ...)
+	TODO: check
+CVE-2025-10398 (A security flaw has been discovered in fcba_zzm ics-park Smart Park Ma ...)
+	TODO: check
+CVE-2025-10397 (A vulnerability was identified in Magicblack MacCMS 2025.1000.4050. Th ...)
+	TODO: check
+CVE-2025-10396 (A vulnerability was determined in SourceCodester Pet Grooming Manageme ...)
+	TODO: check
+CVE-2025-10204 (A vulnerability has been discovered in AC Smart II where passwords can ...)
+	TODO: check
+CVE-2025-0164 (IBM QRadar SIEM 7.5 through 7.5 Update Pack 13 Independent Fix 01 coul ...)
+	TODO: check
 CVE-2025-59363 (In One Identity OneLogin before 2025.3.0, a request returns the OIDC c ...)
 	NOT-FOR-US: One Identity OneLogin
 CVE-2025-10395 (A vulnerability was found in Magicblack MacCMS 2025.1000.4050. Affecte ...)
@@ -3536,6 +3568,7 @@ CVE-2025-57147 (A SQL Injection vulnerability was found in phpgurukul Complaint
 CVE-2025-57146 (phpgurukul Complaint Management System in PHP 2.0 is vulnerable to SQL ...)
 	NOT-FOR-US: PHPGurukul
 CVE-2025-57052 (cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decode_ ...)
+	{DSA-6001-1}
 	- cjson <unfixed> (bug #1114757)
 	NOTE: https://x-0r.com/posts/cJSON-Array-Index-Parsing-Vulnerability
 	NOTE: https://github.com/DaveGamble/cJSON/commit/74e1ff4994aa4139126967f6d289b675b4b36fef (v1.7.19)
@@ -7201,6 +7234,7 @@ CVE-2025-5261 (Authorization Bypass Through User-Controlled Key vulnerability in
 CVE-2025-5260 (Server-Side Request Forgery (SSRF) vulnerability in Pik Online Yaz\u01 ...)
 	NOT-FOR-US: Pik Online Yazilim Cozumleri
 CVE-2025-5115 (In Eclipse Jetty, versions <=9.4.57, <=10.0.25, <=11.0.25, <=12.0.21,  ...)
+	{DLA-4299-1}
 	- jetty12 12.0.17-3.1 (bug #1111765)
 	- jetty9 9.4.57-1.1 (bug #1111766)
 	- jetty <removed>



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cbd1a7e93985b5bdfe2c66798bdb45d3cb1827a4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cbd1a7e93985b5bdfe2c66798bdb45d3cb1827a4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250914/c2d1fe01/attachment.htm>
