[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Sat, 26 Jul 2025 13:12:45 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
f514a233 by security tracker role at 2025-07-26T20:12:10+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,31 @@
+CVE-2025-8207 (A vulnerability was found in Canara ai1 Mobile Banking App 
3.6.23 on A ...)
+       TODO: check
+CVE-2025-8206 (A vulnerability, which was classified as problematic, was found 
in Com ...)
+       TODO: check
+CVE-2025-8205 (A vulnerability, which was classified as problematic, has been 
found i ...)
+       TODO: check
+CVE-2025-8204 (A vulnerability classified as problematic was found in Comodo 
Dragon u ...)
+       TODO: check
+CVE-2025-8203 (A vulnerability classified as critical has been found in 
Jingmen Zeyou ...)
+       TODO: check
+CVE-2025-8191 (A vulnerability, which was classified as problematic, was found 
in mac ...)
+       TODO: check
+CVE-2025-8190 (A vulnerability, which was classified as critical, has been 
found in C ...)
+       TODO: check
+CVE-2025-8189 (A vulnerability classified as critical was found in Campcodes 
Courier  ...)
+       TODO: check
+CVE-2025-8188 (A vulnerability classified as critical has been found in 
Campcodes Cou ...)
+       TODO: check
+CVE-2025-8187 (A vulnerability was found in Campcodes Courier Management 
System 1.0.  ...)
+       TODO: check
+CVE-2025-8186 (A vulnerability was found in Campcodes Courier Management 
System 1.0.  ...)
+       TODO: check
+CVE-2025-8185 (A vulnerability was found in 1000 Projects ABC Courier 
Management Syst ...)
+       TODO: check
+CVE-2025-8184 (A vulnerability was found in D-Link DIR-513 up to 1.10 and 
classified  ...)
+       TODO: check
+CVE-2025-8182 (A vulnerability has been found in Tenda AC18 15.03.05.19 and 
classifie ...)
+       TODO: check
 CVE-2025-23286
        - nvidia-graphics-drivers <unfixed> (bug #1109907)
        [bookworm] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -12796,6 +12824,7 @@ CVE-2025-6177 (Privilege Escalation in MiniOS in Google 
ChromeOS (16063.45.2 and
 CVE-2025-6172 (Permission vulnerability in the mobile application 
(com.afmobi.boompla ...)
        NOT-FOR-US: TECNO Mobile
 CVE-2025-6170 (A flaw was found in the interactive shell of the xmllint 
command-line  ...)
+       {DLA-4251-1}
        - libxml2 <unfixed> (bug #1107938; unimportant)
        NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/941
        NOTE: Crash in CLI tool, no security impact
@@ -13284,6 +13313,7 @@ CVE-2024-38823 (Salt's request server is vulnerable to 
replay attacks when not u
 CVE-2024-38822 (Multiple methods in the salt master skip minion token 
validation. Ther ...)
        - salt <removed>
 CVE-2025-49794 (A use-after-free vulnerability was found in libxml2. This 
issue occurs ...)
+       {DLA-4251-1}
        - libxml2 2.12.7+dfsg+really2.9.14-2 (bug #1107755)
        [bookworm] - libxml2 <postponed> (Minor issue; revisit when fixed 
upstream)
        NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/931
@@ -13296,6 +13326,7 @@ CVE-2025-49795 (A NULL pointer dereference 
vulnerability was found in libxml2 wh
        NOTE: Follow up: 
https://gitlab.gnome.org/GNOME/libxml2/-/commit/24d7e15914588cb45e7fb41cbe4fcf785e1a4861
 (master)
        NOTE: Fixed by: 
https://gitlab.gnome.org/GNOME/libxml2/-/commit/c24909ba2601848825b49a60f988222da3019667
 (2.14)
 CVE-2025-49796 (A vulnerability was found in libxml2. Processing certain 
sch:name elem ...)
+       {DLA-4251-1}
        - libxml2 2.12.7+dfsg+really2.9.14-2 (bug #1107755)
        [bookworm] - libxml2 <no-dsa> (Minor issue)
        NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/933
@@ -13303,6 +13334,7 @@ CVE-2025-49796 (A vulnerability was found in libxml2. 
Processing certain sch:nam
 CVE-2025-6031 (Amazon Cloud Cam is a home security camera that was deprecated 
on Dece ...)
        NOT-FOR-US: Amazon
 CVE-2025-6021 (A flaw was found in libxml2's xmlBuildQName function, where 
integer ov ...)
+       {DLA-4251-1}
        - libxml2 2.12.7+dfsg+really2.9.14-2 (bug #1107720)
        [bookworm] - libxml2 <no-dsa> (Minor issue; does not affect the parser 
code)
        NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/926
@@ -131606,7 +131638,7 @@ CVE-2024-34697 (FreeScout is a free, self-hosted help 
desk and shared mailbox. A
 CVE-2024-34555 (Unrestricted Upload of File with Dangerous Type vulnerability 
in URBAN ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-34459 (An issue was discovered in xmllint (from libxml2) before 
2.11.8 and 2. ...)
-       {DSA-5949-1}
+       {DSA-5949-1 DLA-4251-1}
        - libxml2 2.12.7+dfsg+really2.9.14-0.4 (unimportant; bug #1071162)
        NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/720
        NOTE: Fixed by: 
https://gitlab.gnome.org/GNOME/libxml2/-/commit/8ddc7f13337c9fe7c6b6e616f404b0fffb8a5145
 (v2.11.8)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f514a233e05bd80a0bc77a4d6bc8c9d0ff1ad081

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f514a233e05bd80a0bc77a4d6bc8c9d0ff1ad081
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to