Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1630fe1e by security tracker role at 2025-07-30T08:12:03+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,9 +1,211 @@
+CVE-2025-8323 (The e-School from Ventem has a Arbitrary File Upload
vulnerability, al ...)
+ TODO: check
+CVE-2025-8322 (The e-School from Ventem has a Missing Authorization
vulnerability, al ...)
+ TODO: check
+CVE-2025-8321 (Tesla Wall Connector Firmware Downgrade Vulnerability. This
vulnerabil ...)
+ TODO: check
+CVE-2025-8320 (Tesla Wall Connector Content-Length Header Improper Input
Validation R ...)
+ TODO: check
+CVE-2025-8319 (the BMA login interface allows arbitrary JavaScript or HTML to
be writ ...)
+ TODO: check
+CVE-2025-8217 (The Amazon Q Developer Visual Studio Code (VS Code) extension
v1.84.0 ...)
+ TODO: check
+CVE-2025-7849 (A memory corruption vulnerability due to improper error
handling when ...)
+ TODO: check
+CVE-2025-7848 (A memory corruption vulnerability due to improper input
validation in ...)
+ TODO: check
+CVE-2025-7361 (A code injection vulnerability due to an improper
initialization check ...)
+ TODO: check
+CVE-2025-54381 (BentoML is a Python library for building online serving
systems optimi ...)
+ TODO: check
+CVE-2025-54126 (The WebAssembly Micro Runtime's (WAMR) iwasm package is the
executable ...)
+ TODO: check
+CVE-2025-4426 (The vulnerability was identified in the code developed
specifically fo ...)
+ TODO: check
+CVE-2025-4425 (The vulnerability was identified in the code developed
specifically fo ...)
+ TODO: check
+CVE-2025-4424 (The vulnerability was identified in the code developed
specifically fo ...)
+ TODO: check
+CVE-2025-4423 (The vulnerability was identified in the code developed
specifically fo ...)
+ TODO: check
+CVE-2025-4422 (The vulnerability was identified in the code developed
specifically fo ...)
+ TODO: check
+CVE-2025-4421 (The vulnerability was identified in the code developed
specifically fo ...)
+ TODO: check
+CVE-2025-43277 (The issue was addressed with improved memory handling. This
issue is f ...)
+ TODO: check
+CVE-2025-43276 (A logic error was addressed with improved error handling. This
issue i ...)
+ TODO: check
+CVE-2025-43275 (A race condition was addressed with additional validation.
This issue ...)
+ TODO: check
+CVE-2025-43274 (A privacy issue was addressed by removing the vulnerable code.
This is ...)
+ TODO: check
+CVE-2025-43273 (A permissions issue was addressed with additional sandbox
restrictions ...)
+ TODO: check
+CVE-2025-43270 (An access issue was addressed with additional sandbox
restrictions. Th ...)
+ TODO: check
+CVE-2025-43267 (An injection issue was addressed with improved validation.
This issue ...)
+ TODO: check
+CVE-2025-43266 (A permissions issue was addressed with additional
restrictions. This i ...)
+ TODO: check
+CVE-2025-43265 (An out-of-bounds read was addressed with improved input
validation. Th ...)
+ TODO: check
+CVE-2025-43261 (A logic issue was addressed with improved checks. This issue
is fixed ...)
+ TODO: check
+CVE-2025-43260 (This issue was addressed with improved data protection. This
issue is ...)
+ TODO: check
+CVE-2025-43259 (This issue was addressed with improved redaction of sensitive
informat ...)
+ TODO: check
+CVE-2025-43256 (This issue was addressed through improved state management.
This issue ...)
+ TODO: check
+CVE-2025-43254 (An out-of-bounds read was addressed with improved input
validation. Th ...)
+ TODO: check
+CVE-2025-43253 (This issue was addressed with improved input validation. This
issue is ...)
+ TODO: check
+CVE-2025-43252 (This issue was addressed by adding an additional prompt for
user conse ...)
+ TODO: check
+CVE-2025-43251 (An authorization issue was addressed with improved state
management. T ...)
+ TODO: check
+CVE-2025-43250 (A path handling issue was addressed with improved validation.
This iss ...)
+ TODO: check
+CVE-2025-43249 (A logic issue was addressed with improved checks. This issue
is fixed ...)
+ TODO: check
+CVE-2025-43248 (A logic issue was addressed with improved restrictions. This
issue is ...)
+ TODO: check
+CVE-2025-43247 (A permissions issue was addressed with additional
restrictions. This i ...)
+ TODO: check
+CVE-2025-43246 (This issue was addressed with improved checks. This issue is
fixed in ...)
+ TODO: check
+CVE-2025-43245 (A downgrade issue was addressed with additional code-signing
restricti ...)
+ TODO: check
+CVE-2025-43244 (A race condition was addressed with improved state handling.
This issu ...)
+ TODO: check
+CVE-2025-43243 (A permissions issue was addressed with additional
restrictions. This i ...)
+ TODO: check
+CVE-2025-43241 (A permissions issue was addressed with additional
restrictions. This i ...)
+ TODO: check
+CVE-2025-43240 (A logic issue was addressed with improved checks. This issue
is fixed ...)
+ TODO: check
+CVE-2025-43239 (An out-of-bounds access issue was addressed with improved
bounds check ...)
+ TODO: check
+CVE-2025-43237 (An out-of-bounds write issue was addressed with improved
bounds checki ...)
+ TODO: check
+CVE-2025-43235 (The issue was addressed with improved memory handling. This
issue is f ...)
+ TODO: check
+CVE-2025-43234 (Multiple memory corruption issues were addressed with improved
input v ...)
+ TODO: check
+CVE-2025-43233 (This issue was addressed with improved access restrictions.
This issue ...)
+ TODO: check
+CVE-2025-43232 (A permissions issue was addressed with additional
restrictions. This i ...)
+ TODO: check
+CVE-2025-43230 (The issue was addressed with additional permissions checks.
This issue ...)
+ TODO: check
+CVE-2025-43229 (This issue was addressed through improved state management.
This issue ...)
+ TODO: check
+CVE-2025-43228 (The issue was addressed with improved UI. This issue is fixed
in iOS 1 ...)
+ TODO: check
+CVE-2025-43227 (This issue was addressed through improved state management.
This issue ...)
+ TODO: check
+CVE-2025-43226 (An out-of-bounds read was addressed with improved input
validation. Th ...)
+ TODO: check
+CVE-2025-43225 (A logging issue was addressed with improved data redaction.
This issue ...)
+ TODO: check
+CVE-2025-43224 (An out-of-bounds access issue was addressed with improved
bounds check ...)
+ TODO: check
+CVE-2025-43223 (A denial-of-service issue was addressed with improved input
validation ...)
+ TODO: check
+CVE-2025-43222 (A use-after-free issue was addressed by removing the
vulnerable code. ...)
+ TODO: check
+CVE-2025-43221 (An out-of-bounds access issue was addressed with improved
bounds check ...)
+ TODO: check
+CVE-2025-43220 (This issue was addressed with improved validation of symlinks.
This is ...)
+ TODO: check
+CVE-2025-43218 (An out-of-bounds read was addressed with improved input
validation. Th ...)
+ TODO: check
+CVE-2025-43217 (The issue was addressed by adding additional logic. This issue
is fixe ...)
+ TODO: check
+CVE-2025-43216 (A use-after-free issue was addressed with improved memory
management. ...)
+ TODO: check
+CVE-2025-43215 (The issue was addressed with improved checks. This issue is
fixed in m ...)
+ TODO: check
+CVE-2025-43214 (The issue was addressed with improved memory handling. This
issue is f ...)
+ TODO: check
+CVE-2025-43213 (The issue was addressed with improved memory handling. This
issue is f ...)
+ TODO: check
+CVE-2025-43212 (The issue was addressed with improved memory handling. This
issue is f ...)
+ TODO: check
+CVE-2025-43211 (The issue was addressed with improved memory handling. This
issue is f ...)
+ TODO: check
+CVE-2025-43209 (An out-of-bounds access issue was addressed with improved
bounds check ...)
+ TODO: check
+CVE-2025-43206 (A parsing issue in the handling of directory paths was
addressed with ...)
+ TODO: check
+CVE-2025-43199 (A permissions issue was addressed by removing the vulnerable
code. Thi ...)
+ TODO: check
+CVE-2025-43198 (This issue was addressed by removing the vulnerable code. This
issue i ...)
+ TODO: check
+CVE-2025-43197 (This issue was addressed with additional entitlement checks.
This issu ...)
+ TODO: check
+CVE-2025-43196 (A path handling issue was addressed with improved validation.
This iss ...)
+ TODO: check
+CVE-2025-43195 (An issue existed in the handling of environment variables.
This issue ...)
+ TODO: check
+CVE-2025-43194 (The issue was addressed with improved checks. This issue is
fixed in m ...)
+ TODO: check
+CVE-2025-43193 (The issue was addressed with improved memory handling. This
issue is f ...)
+ TODO: check
+CVE-2025-43192 (A configuration issue was addressed with additional
restrictions. This ...)
+ TODO: check
+CVE-2025-43191 (A path handling issue was addressed with improved validation.
This iss ...)
+ TODO: check
+CVE-2025-43189 (This issue was addressed with improved memory handling. This
issue is ...)
+ TODO: check
+CVE-2025-43188 (A permissions issue was addressed with additional
restrictions. This i ...)
+ TODO: check
+CVE-2025-43186 (The issue was addressed with improved memory handling. This
issue is f ...)
+ TODO: check
+CVE-2025-43185 (A downgrade issue was addressed with additional code-signing
restricti ...)
+ TODO: check
+CVE-2025-43184 (This issue was addressed by adding an additional prompt for
user conse ...)
+ TODO: check
+CVE-2025-40600 (Use of Externally-Controlled Format String vulnerability in
the SonicO ...)
+ TODO: check
+CVE-2025-31281 (An input validation issue was addressed with improved memory
handling. ...)
+ TODO: check
+CVE-2025-31280 (A memory corruption issue was addressed with improved
validation. This ...)
+ TODO: check
+CVE-2025-31279 (A permissions issue was addressed with additional
restrictions. This i ...)
+ TODO: check
+CVE-2025-31278 (The issue was addressed with improved memory handling. This
issue is f ...)
+ TODO: check
+CVE-2025-31277 (The issue was addressed with improved memory handling. This
issue is f ...)
+ TODO: check
+CVE-2025-31276 (This issue was addressed through improved state management.
This issue ...)
+ TODO: check
+CVE-2025-31275 (A permissions issue was addressed with additional
restrictions. This i ...)
+ TODO: check
+CVE-2025-31273 (The issue was addressed with improved memory handling. This
issue is f ...)
+ TODO: check
+CVE-2025-31243 (A permissions issue was addressed with additional
restrictions. This i ...)
+ TODO: check
+CVE-2025-31229 (A logic issue was addressed with improved checks. This issue
is fixed ...)
+ TODO: check
+CVE-2025-25011 (An uncontrolled search path element vulnerability can lead to
local pr ...)
+ TODO: check
+CVE-2025-24224 (The issue was addressed with improved checks. This issue is
fixed in t ...)
+ TODO: check
+CVE-2025-24188 (A logic issue was addressed with improved checks. This issue
is fixed ...)
+ TODO: check
+CVE-2025-24119 (This issue was addressed through improved state management.
This issue ...)
+ TODO: check
+CVE-2025-0712 (An uncontrolled search path element vulnerability can lead to
local pr ...)
+ TODO: check
CVE-2025-7777
NOT-FOR-US: mirror-registry for Quay
-CVE-2025-8292
+CVE-2025-8292 (Use after free in Media Stream in Google Chrome prior to
138.0.7204.18 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2025-38498 [do_change_type(): refuse to operate on unmounted/not ours
mounts]
+CVE-2025-38498 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 6.12.35-1
NOTE:
https://git.kernel.org/linus/12f147ddd6de7382dad54812e65f3f08d05809fc (6.16-rc1)
CVE-2025-8216 (The Sky Addons for Elementor plugin for WordPress is vulnerable
to Sto ...)
@@ -5826,7 +6028,7 @@ CVE-2025-27165 (Substance3D - Stager versions 3.1.2 and
earlier are affected by
NOT-FOR-US: Adobe
CVE-2024-56468 (IBM InfoSphere Data Replication VSAM for z/OS Remote Source
11.4 could ...)
NOT-FOR-US: IBM
-CVE-2025-4674
+CVE-2025-4674 (The go command may execute unexpected commands when operating
in untru ...)
- golang-1.24 <unfixed> (bug #1109109)
- golang-1.23 <unfixed> (bug #1109110)
- golang-1.19 <removed>
@@ -13215,7 +13417,7 @@ CVE-2025-33122 (IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 could
allow a user to gain ele
NOT-FOR-US: IBM
CVE-2025-32549 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-32510 (Unrestricted Upload of File with Dangerous Type vulnerability
in ovath ...)
+CVE-2025-32510 (Unrestricted Upload of File with Dangerous Type vulnerability
in Ovath ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-31919 (Deserialization of Untrusted Data vulnerability in themeton
Spare allo ...)
NOT-FOR-US: WordPress plugin or theme
@@ -14249,7 +14451,7 @@ CVE-2025-4798 (The WP-DownloadManager plugin for
WordPress is vulnerable to arbi
NOT-FOR-US: WordPress plugin
CVE-2025-4666 (The Zotpress plugin for WordPress is vulnerable to Stored
Cross-Site S ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-4275 (Running the provided utility changes the certificate on any
Insyde BIO ...)
+CVE-2025-4275 (A vulnerability in the digital signature verification process
does not ...)
NOT-FOR-US: Insyde
CVE-2025-49793
REJECTED
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1630fe1e937cbf994ed90faacdf60d20ec0b6ec6
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1630fe1e937cbf994ed90faacdf60d20ec0b6ec6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
