Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b90f3cff by security tracker role at 2025-07-14T20:12:58+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,139 @@
+CVE-2025-7628 (A vulnerability was found in YiJiuSmile kkFileViewOfficeEdit up
to 5fb ...)
+ TODO: check
+CVE-2025-7627 (A vulnerability was found in YiJiuSmile kkFileViewOfficeEdit up
to 5fb ...)
+ TODO: check
+CVE-2025-7626 (A vulnerability has been found in YiJiuSmile
kkFileViewOfficeEdit up t ...)
+ TODO: check
+CVE-2025-7625 (A vulnerability, which was classified as critical, was found in
YiJiuS ...)
+ TODO: check
+CVE-2025-7618 (A stored Cross-Site Scripting (XSS) vulnerability vulnerability
was fo ...)
+ TODO: check
+CVE-2025-7616 (A vulnerability, which was classified as critical, has been
found in g ...)
+ TODO: check
+CVE-2025-7615 (A vulnerability classified as critical was found in TOTOLINK T6
4.1.5c ...)
+ TODO: check
+CVE-2025-7614 (A vulnerability classified as critical has been found in
TOTOLINK T6 4 ...)
+ TODO: check
+CVE-2025-7613 (A vulnerability was found in TOTOLINK T6 4.1.5cu.748. It has
been rate ...)
+ TODO: check
+CVE-2025-7612 (A vulnerability was found in code-projects Mobile Shop 1.0. It
has bee ...)
+ TODO: check
+CVE-2025-7611 (A vulnerability was found in code-projects Wedding Reservation
1.0. It ...)
+ TODO: check
+CVE-2025-7610 (A vulnerability was found in code-projects Electricity Billing
System ...)
+ TODO: check
+CVE-2025-7609 (A vulnerability has been found in code-projects Simple Shopping
Cart 1 ...)
+ TODO: check
+CVE-2025-7608 (A vulnerability, which was classified as critical, was found in
code-p ...)
+ TODO: check
+CVE-2025-7607 (A vulnerability, which was classified as critical, has been
found in c ...)
+ TODO: check
+CVE-2025-7606 (A vulnerability classified as critical has been found in
code-projects ...)
+ TODO: check
+CVE-2025-7605 (A vulnerability was found in code-projects AVL Rooms 1.0. It
has been ...)
+ TODO: check
+CVE-2025-7604 (A vulnerability was found in PHPGurukul Hospital Management
System 4.0 ...)
+ TODO: check
+CVE-2025-7603 (A vulnerability was found in D-Link DI-8100 16.07.26A1. It has
been cl ...)
+ TODO: check
+CVE-2025-7602 (A vulnerability was found in D-Link DI-8100 16.07.26A1 and
classified ...)
+ TODO: check
+CVE-2025-7601 (A vulnerability has been found in PHPGurukul Online Library
Management ...)
+ TODO: check
+CVE-2025-7600 (A vulnerability, which was classified as critical, was found in
PHPGur ...)
+ TODO: check
+CVE-2025-7599 (A vulnerability, which was classified as critical, has been
found in P ...)
+ TODO: check
+CVE-2025-7598 (A vulnerability classified as critical was found in Tenda
AX1803 1.0.0 ...)
+ TODO: check
+CVE-2025-7597 (A vulnerability classified as critical has been found in Tenda
AX1803 ...)
+ TODO: check
+CVE-2025-7596 (A vulnerability was found in Tenda FH1205 2.0.0.7(775). It has
been ra ...)
+ TODO: check
+CVE-2025-7595 (A vulnerability was found in code-projects Job Diary 1.0. It
has been ...)
+ TODO: check
+CVE-2025-7594 (A vulnerability was found in code-projects Job Diary 1.0. It
has been ...)
+ TODO: check
+CVE-2025-7593 (A vulnerability was found in code-projects Job Diary 1.0 and
classifie ...)
+ TODO: check
+CVE-2025-7592 (A vulnerability has been found in PHPGurukul Dairy Farm Shop
Managemen ...)
+ TODO: check
+CVE-2025-7591 (A vulnerability, which was classified as critical, was found in
PHPGur ...)
+ TODO: check
+CVE-2025-7590 (A vulnerability, which was classified as critical, has been
found in P ...)
+ TODO: check
+CVE-2025-7589 (A vulnerability classified as critical was found in PHPGurukul
Dairy F ...)
+ TODO: check
+CVE-2025-7588 (A vulnerability classified as critical has been found in
PHPGurukul Da ...)
+ TODO: check
+CVE-2025-7587 (A vulnerability was found in code-projects Online Appointment
Booking ...)
+ TODO: check
+CVE-2025-7519 (A flaw was found in polkit. When processing an XML policy with
32 or m ...)
+ TODO: check
+CVE-2025-53689 (Blind XXE Vulnerabilities in jackrabbit-spi-commons and
jackrabbit-cor ...)
+ TODO: check
+CVE-2025-53639 (MeterSphere is an open source continuous testing platform.
Prior to ve ...)
+ TODO: check
+CVE-2025-53623 (The Job Iteration API is an an extension for ActiveJob that
make jobs ...)
+ TODO: check
+CVE-2025-53101 (ImageMagick is free and open-source software used for editing
and mani ...)
+ TODO: check
+CVE-2025-53019 (ImageMagick is free and open-source software used for editing
and mani ...)
+ TODO: check
+CVE-2025-53015 (ImageMagick is free and open-source software used for editing
and mani ...)
+ TODO: check
+CVE-2025-53014 (ImageMagick is free and open-source software used for editing
and mani ...)
+ TODO: check
+CVE-2025-52363 (Tenda CP3 Pro Firmware V22.5.4.93 contains a hardcoded root
password h ...)
+ TODO: check
+CVE-2025-51660 (SemCms v5.0 was discovered to contain a SQL injection
vulnerability vi ...)
+ TODO: check
+CVE-2025-51659 (SemCms v5.0 was discovered to contain a SQL injection
vulnerability vi ...)
+ TODO: check
+CVE-2025-51658 (SemCms v5.0 was discovered to contain a SQL injection
vulnerability vi ...)
+ TODO: check
+CVE-2025-51657 (SemCms v5.0 was discovered to contain a SQL injection
vulnerability vi ...)
+ TODO: check
+CVE-2025-51656 (SemCms v5.0 was discovered to contain a SQL injection
vulnerability vi ...)
+ TODO: check
+CVE-2025-51655 (SemCms v5.0 was discovered to contain a SQL injection
vulnerability vi ...)
+ TODO: check
+CVE-2025-51654 (SemCms v5.0 was discovered to contain a SQL injection
vulnerability vi ...)
+ TODO: check
+CVE-2025-51653 (SemCms v5.0 was discovered to contain a SQL injection
vulnerability vi ...)
+ TODO: check
+CVE-2025-51652 (SemCms v5.0 was discovered to contain a SQL injection
vulnerability vi ...)
+ TODO: check
+CVE-2025-51651 (An authenticated arbitrary file download vulnerability in the
componen ...)
+ TODO: check
+CVE-2025-51650 (An arbitrary file upload vulnerability in the component
/controller/Pi ...)
+ TODO: check
+CVE-2025-50756 (Wavlink WN535K3 20191010 was found to contain a command
injection vuln ...)
+ TODO: check
+CVE-2025-27582 (The Secure Password extension in One Identity Password Manager
before ...)
+ TODO: check
+CVE-2025-24391 (A vulnerability in the External Interface of OTRS allows
conclusions t ...)
+ TODO: check
+CVE-2024-51770 (An information disclosure vulnerability exists in HPE AutoPass
License ...)
+ TODO: check
+CVE-2024-51769 (An information disclosure vulnerability exists in HPE AutoPass
License ...)
+ TODO: check
+CVE-2024-51768 (An hsqldb-related remote code execution vulnerability exists
in HPE Au ...)
+ TODO: check
+CVE-2024-51767 (An authentication bypass vulnerability exists in HPE AutoPass
License ...)
+ TODO: check
+CVE-2024-42649 (NanoMQ v0.22.10 was discovered to contain a memory leak which
allows a ...)
+ TODO: check
+CVE-2024-42648 (NanoMQ v0.22.10 was discovered to contain a heap overflow
which allows ...)
+ TODO: check
+CVE-2024-42646 (A segmentation fault in NanoMQ v0.21.10 allows attackers to
cause a De ...)
+ TODO: check
+CVE-2024-26293 (The Avid Nexis Agent uses a vulnerable gSOAP version. An
undocumented ...)
+ TODO: check
+CVE-2024-26292 (An authenticated Arbitrary File Deletion vulnerability enables
an atta ...)
+ TODO: check
+CVE-2024-26291 (An Unauthenticated Arbitrary File Read vulnerability affects
the Agent ...)
+ TODO: check
CVE-2025-XXXX [uscan must not skip OpenPGP check after failed check in
previous run]
- devscripts <unfixed> (bug #1109251)
CVE-2025-7620 (The cross-browser document creation component produced by
Digitware Sy ...)
@@ -606,7 +742,7 @@ CVE-2025-6168 (An issue has been discovered in GitLab EE
affecting all versions
- gitlab <not-affected> (Specific to EE)
CVE-2025-5040 (A maliciously crafted RTE file, when parsed through Autodesk
Revit, ca ...)
NOT-FOR-US: Autodesk
-CVE-2025-5037 (A maliciously crafted RFA file, when parsed through Autodesk
Revit, ca ...)
+CVE-2025-5037 (A maliciously crafted RFA, RTE, or RVT file, when parsed
through Autod ...)
NOT-FOR-US: Autodesk
CVE-2025-5023 (Use of Hard-coded Credentials vulnerability in Mitsubishi
Electric Cor ...)
NOT-FOR-US: Mitsubishi
@@ -62254,18 +62390,21 @@ CVE-2024-12996
CVE-2024-12970 (Improper Neutralization of Special Elements used in an OS
Command ('OS ...)
NOT-FOR-US: TUBITAK BILGEM Pardus OS My Computer
CVE-2023-6605 (A flaw was found in FFmpeg's DASH playlist support. This
vulnerability ...)
+ {DLA-4241-1}
- ffmpeg 7:7.1.1-1
[bookworm] - ffmpeg <postponed> (Minor issue, wait until it's fixed in
the 5.1 branch)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2334336
NOTE: Fixed by:
https://github.com/FFmpeg/FFmpeg/commit/4c96d6bf75357ab13808efc9f08c1b41b1bf5bdf
(master)
NOTE: Fixed by:
https://github.com/FFmpeg/FFmpeg/commit/c3c7ecfe48d464a0b06564f2e92504b1d9c91d69
(n7.1.1)
CVE-2023-6604 (A flaw was found in FFmpeg. This vulnerability allows
unexpected addit ...)
+ {DLA-4241-1}
- ffmpeg 7:7.1.1-1
[bookworm] - ffmpeg <postponed> (Minor issue, wait until it's fixed in
the 5.1 branch)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2334337
NOTE: Fixed by:
https://github.com/FFmpeg/FFmpeg/commit/91d96dc8ddaebe0b6cb393f672085e6bfaf15a31
(master)
NOTE: Fixed by:
https://github.com/FFmpeg/FFmpeg/commit/b753bac08f6881b2d3dea8f1ab84c81550f35897
(n7.1.1)
CVE-2023-6601 (A flaw was found in FFmpeg's HLS demuxer. This vulnerability
allows by ...)
+ {DLA-4241-1}
- ffmpeg <unfixed>
[trixie] - ffmpeg <postponed> (Minor issue, wait until it's fixed in
the 7.1 branch)
[bookworm] - ffmpeg <postponed> (Minor issue, wait until it's fixed in
the 5.1 branch)
@@ -63479,6 +63618,7 @@ CVE-2023-6603 (A flaw was found in FFmpeg's HLS
playlist parsing. This vulnerabi
[bullseye] - ffmpeg <postponed> (Minor issue, wait until it's fixed
upstream)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2334335
CVE-2023-6602 (A flaw was found in FFmpeg's TTY Demuxer. This vulnerability
allows po ...)
+ {DLA-4241-1}
- ffmpeg 7:7.1.1-1
[bookworm] - ffmpeg <postponed> (Minor issue, wait until it's fixed in
the 5.1 branch)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2334338
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b90f3cffbbcc13799db8d44c6caf19ab8f6b2f59
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b90f3cffbbcc13799db8d44c6caf19ab8f6b2f59
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
