[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Thu, 17 Jul 2025 01:12:34 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
c606542b by security tracker role at 2025-07-17T08:12:13+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,47 @@
+CVE-2025-7735 (The Hospital Information System developed by UNIMAX has a SQL 
Injectio ...)
+       TODO: check
+CVE-2025-7729 (A vulnerability classified as problematic was found in 
Scada-LTS up to ...)
+       TODO: check
+CVE-2025-7728 (A vulnerability classified as problematic has been found in 
Scada-LTS  ...)
+       TODO: check
+CVE-2025-7712 (The Madara - Core plugin for WordPress is vulnerable to 
arbitrary file ...)
+       TODO: check
+CVE-2025-6983 (A   Clickjackingvulnerability in TP-Link Archer C1200 web 
management p ...)
+       TODO: check
+CVE-2025-5396 (The Bears Backup plugin for WordPress is vulnerable to Remote 
Code Exe ...)
+       TODO: check
+CVE-2025-4302 (The Stop User Enumeration WordPress plugin before version 1.7.3 
blocks ...)
+       TODO: check
+CVE-2025-34132 (A command injection vulnerability exists in LILIN Digital 
Video Record ...)
+       TODO: check
+CVE-2025-34130 (An unauthenticated arbitrary file read exists in LILIN Digital 
Video R ...)
+       TODO: check
+CVE-2025-34129 (A command injection vulnerability exists in LILIN LILIN 
Digital Video  ...)
+       TODO: check
+CVE-2025-34128 (A buffer overflow vulnerability exists in the X360 VideoPlayer 
ActiveX ...)
+       TODO: check
+CVE-2025-34127 (A stack-based buffer overflow exists in Achat v0.150 in its 
default co ...)
+       TODO: check
+CVE-2025-34126 (A path traversal vulnerability exists in RIPS Scanner version 
0.54. Th ...)
+       TODO: check
+CVE-2025-34125 (An unauthenticated command injection vulnerability exists in 
the cooki ...)
+       TODO: check
+CVE-2025-34124 (A buffer overflow vulnerability exists in Heroes of Might and 
Magic II ...)
+       TODO: check
+CVE-2025-34123 (A stack-based buffer overflow vulnerability exists in 
VideoCharge Stud ...)
+       TODO: check
+CVE-2025-34121 (An unauthenticated arbitrary file upload vulnerability exists 
in Idera ...)
+       TODO: check
+CVE-2025-34120 (An unauthenticated file download vulnerability exists in 
LimeSurvey ve ...)
+       TODO: check
+CVE-2025-34119 (A remote file disclosure vulnerability exists in EasyCafe 
Server 2.2.1 ...)
+       TODO: check
+CVE-2025-34118 (A path traversal vulnerability exists in Linknat VOS Manager 
versions  ...)
+       TODO: check
+CVE-2025-34117 (A remote code execution vulnerability exists in multiple 
Netcore and N ...)
+       TODO: check
+CVE-2024-12498
+       REJECTED
 CVE-2025-7703 (Authentication vulnerability in the mobile 
application\uff08tech.palm. ...)
        NOT-FOR-US: TECNO Mobile
 CVE-2025-7699 (An improper access control vulnerability  was found in the EZ 
Sync Man ...)
@@ -418,9 +462,11 @@ CVE-2025-30761 (Vulnerability in the Oracle Java SE, 
Oracle GraalVM Enterprise E
 CVE-2025-7667 (The Restrict File Access plugin for WordPress is vulnerable to 
Cross-S ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-7657 (Use after free in WebRTC in Google Chrome prior to 
138.0.7204.157 allo ...)
+       {DSA-5963-1}
        - chromium 138.0.7204.157-1
        [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2025-7656 (Integer overflow in V8 in Google Chrome prior to 138.0.7204.157 
allowe ...)
+       {DSA-5963-1}
        - chromium 138.0.7204.157-1
        [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2025-7042 (Use After Free vulnerability exists in the IPT file reading 
procedure  ...)
@@ -438,6 +484,7 @@ CVE-2025-6965 (There exists a vulnerability in SQLite 
versions before 3.50.2 whe
        [bookworm] - sqlite3 <no-dsa> (Minor issue)
        NOTE: 
https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8
 CVE-2025-6558 (Insufficient validation of untrusted input in ANGLE and GPU in 
Google  ...)
+       {DSA-5963-1}
        - chromium 138.0.7204.157-1
        [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2025-53959 (In JetBrains YouTrack before 2025.2.86069,  2024.3.85077,  
2025.1.8619 ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c606542bd35cbf80c5b7be472575bd5041eae442

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c606542bd35cbf80c5b7be472575bd5041eae442
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to