[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Jan 2 08:12:36 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
41950fc3 by security tracker role at 2026-01-02T08:12:27+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,61 @@
+CVE-2025-15435 (A flaw has been found in Yonyou KSOA 9.0. Affected by this vulnerabili ...)
+	TODO: check
+CVE-2025-15434 (A vulnerability was detected in Yonyou KSOA 9.0. Affected is an unknow ...)
+	TODO: check
+CVE-2025-15432 (A vulnerability has been found in yeqifu carRental up to 3fabb7eae93d2 ...)
+	TODO: check
+CVE-2025-15431 (A flaw has been found in UTT \u8fdb\u53d6 512W 1.7.7-171114. This affe ...)
+	TODO: check
+CVE-2025-15430 (A vulnerability was detected in UTT \u8fdb\u53d6 512W 1.7.7-171114. Af ...)
+	TODO: check
+CVE-2025-15429 (A security vulnerability has been detected in UTT \u8fdb\u53d6 512W 1. ...)
+	TODO: check
+CVE-2025-15428 (A weakness has been identified in UTT \u8fdb\u53d6 512W 1.7.7-171114.  ...)
+	TODO: check
+CVE-2025-15427 (A security flaw has been discovered in Seeyon Zhiyuan OA Web Applicati ...)
+	TODO: check
+CVE-2025-15426 (A vulnerability was identified in jackying H-ui.admin up to 3.1. This  ...)
+	TODO: check
+CVE-2025-15425 (A vulnerability was determined in Yonyou KSOA 9.0. The impacted elemen ...)
+	TODO: check
+CVE-2025-15424 (A vulnerability was found in Yonyou KSOA 9.0. The affected element is  ...)
+	TODO: check
+CVE-2025-15423 (A vulnerability has been found in EmpireSoft EmpireCMS up to 8.0. Impa ...)
+	TODO: check
+CVE-2025-15422 (A flaw has been found in EmpireSoft EmpireCMS up to 8.0. This issue af ...)
+	TODO: check
+CVE-2025-15421 (A vulnerability was detected in Yonyou KSOA 9.0. This vulnerability af ...)
+	TODO: check
+CVE-2025-15420 (A security vulnerability has been detected in Yonyou KSOA 9.0. This af ...)
+	TODO: check
+CVE-2025-15419 (A weakness has been identified in Open5GS up to 2.7.6. Affected by thi ...)
+	TODO: check
+CVE-2025-15418 (A security flaw has been discovered in Open5GS up to 2.7.6. Affected b ...)
+	TODO: check
+CVE-2025-15417 (A vulnerability was identified in Open5GS up to 2.7.6. Affected is the ...)
+	TODO: check
+CVE-2025-15416 (A vulnerability was found in xnx3 wangmarket up to 6.4. This affects a ...)
+	TODO: check
+CVE-2025-15415 (A vulnerability has been found in xnx3 wangmarket up to 6.4. The impac ...)
+	TODO: check
+CVE-2025-15414 (A flaw has been found in go-sonic sonic up to 1.1.4. The affected elem ...)
+	TODO: check
+CVE-2025-15413 (A vulnerability was detected in wasm3 up to 0.5.0. Impacted is the fun ...)
+	TODO: check
+CVE-2025-15412 (A security vulnerability has been detected in WebAssembly wabt up to 1 ...)
+	TODO: check
+CVE-2025-14998 (The Branda plugin for WordPress is vulnerable to privilege escalation  ...)
+	TODO: check
+CVE-2025-14072 (The Ninja Forms  WordPress plugin before 3.13.3 allows unauthenticated ...)
+	TODO: check
+CVE-2025-14047 (The Registration, User Profile, Membership, Content Restriction, User  ...)
+	TODO: check
+CVE-2025-13456 (The ShopBuilder  WordPress plugin before 3.2.2 does not sanitise and e ...)
+	TODO: check
+CVE-2025-13153 (The Logo Slider  WordPress plugin before 4.9.0 does not validate and e ...)
+	TODO: check
+CVE-2025-12685 (The WPBookit WordPress plugin through 1.0.7 lacks a CSRF check when de ...)
+	TODO: check
 CVE-2026-21437 (eopkg is a Solus package manager implemented in python3. In versions p ...)
 	NOT-FOR-US: eopkg
 CVE-2026-21436 (eopkg is a Solus package manager implemented in python3. In versions p ...)
@@ -10354,6 +10412,7 @@ CVE-2024-2105 (An unauthorised attacker within bluetooth range may use an improp
 CVE-2024-2104 (Due to improper BLE security configurations on the device's GATT serve ...)
 	NOT-FOR-US: JBL
 CVE-2025-66003
+	{DSA-6092-1}
 	- smb4k 4.0.5-1 (bug #1122381)
 	NOTE: https://www.openwall.com/lists/oss-security/2025/12/10/6
 	NOTE: Fixed by: https://invent.kde.org/network/smb4k/-/commit/0dea60194ab6eb8f6e34ca2e6cb0f97b90c46f1e
@@ -10362,6 +10421,7 @@ CVE-2025-66003
 	NOTE: Bugfix: https://invent.kde.org/network/smb4k/-/commit/55c535cbab6843c88cac033a21e43206b5eefbd0 (4.0.5)
 	NOTE: bugfix: https://invent.kde.org/network/smb4k/-/commit/35f8cf121bfab276b739d4b8a866f8f3cdc0f7d1 (4.0.5)
 CVE-2025-66002
+	{DSA-6092-1}
 	- smb4k 4.0.5-1 (bug #1122381)
 	NOTE: https://www.openwall.com/lists/oss-security/2025/12/10/6
 	NOTE: Fixed by: https://invent.kde.org/network/smb4k/-/commit/0dea60194ab6eb8f6e34ca2e6cb0f97b90c46f1e



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/41950fc375fd1fdb3ccb0531453556c8ff4da715

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/41950fc375fd1fdb3ccb0531453556c8ff4da715
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260102/3a6e57c8/attachment.htm>

More information about the debian-security-tracker-commits mailing list