Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bbe45f53 by security tracker role at 2025-08-26T08:12:08+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,91 @@
+CVE-2025-9476 (A vulnerability has been found in SourceCodester Human Resource
Inform ...)
+ TODO: check
+CVE-2025-9475 (A flaw has been found in SourceCodester Human Resource
Information Sys ...)
+ TODO: check
+CVE-2025-9474 (A vulnerability was detected in Mihomo Party up to 1.8.1 on
macOS. Aff ...)
+ TODO: check
+CVE-2025-9473 (A security vulnerability has been detected in SourceCodester
Online Ba ...)
+ TODO: check
+CVE-2025-9472 (A vulnerability was found in itsourcecode Apartment Management
System ...)
+ TODO: check
+CVE-2025-9471 (A vulnerability has been found in itsourcecode Apartment
Management Sy ...)
+ TODO: check
+CVE-2025-9470 (A flaw has been found in itsourcecode Apartment Management
System 1.0. ...)
+ TODO: check
+CVE-2025-9469 (A vulnerability was detected in itsourcecode Apartment
Management Syst ...)
+ TODO: check
+CVE-2025-9468 (A security vulnerability has been detected in itsourcecode
Apartment M ...)
+ TODO: check
+CVE-2025-9461 (A weakness has been identified in diyhi bbs up to 6.8. The
impacted el ...)
+ TODO: check
+CVE-2025-9444 (A vulnerability has been found in 1000projects Online Project
Report S ...)
+ TODO: check
+CVE-2025-9443 (A flaw has been found in Tenda CH22 1.0.0.1. This vulnerability
affect ...)
+ TODO: check
+CVE-2025-9440 (A security vulnerability has been detected in 1000projects
Online Proj ...)
+ TODO: check
+CVE-2025-9439 (A weakness has been identified in 1000projects Online Project
Report S ...)
+ TODO: check
+CVE-2025-9438 (A security flaw has been discovered in 1000projects Online
Project Rep ...)
+ TODO: check
+CVE-2025-9434 (A vulnerability was determined in 1000projects Online Project
Report S ...)
+ TODO: check
+CVE-2025-9433 (A vulnerability was found in mtons mblog up to 3.5.0. The
impacted ele ...)
+ TODO: check
+CVE-2025-9432 (A vulnerability has been found in mtons mblog up to 3.5.0. The
affecte ...)
+ TODO: check
+CVE-2025-9431 (A flaw has been found in mtons mblog up to 3.5.0. Impacted is
an unkno ...)
+ TODO: check
+CVE-2025-9430 (A vulnerability was detected in mtons mblog up to 3.5.0. This
issue af ...)
+ TODO: check
+CVE-2025-9429 (A security vulnerability has been detected in mtons mblog up to
3.5.0. ...)
+ TODO: check
+CVE-2025-9426 (A weakness has been identified in itsourcecode Online Tour and
Travel ...)
+ TODO: check
+CVE-2025-9425 (A security flaw has been discovered in itsourcecode Online Tour
and Tr ...)
+ TODO: check
+CVE-2025-9424 (A vulnerability was identified in Ruijie WS7204-A 2017.06.15.
Affected ...)
+ TODO: check
+CVE-2025-9423 (A vulnerability was determined in Campcodes Online Water
Billing Syste ...)
+ TODO: check
+CVE-2025-9422 (A vulnerability was found in oitcode samarium up to 0.9.6. This
impact ...)
+ TODO: check
+CVE-2025-9421 (A vulnerability has been found in itsourcecode Apartment
Management Sy ...)
+ TODO: check
+CVE-2025-9420 (A flaw has been found in itsourcecode Apartment Management
System 1.0. ...)
+ TODO: check
+CVE-2025-9419 (A vulnerability was detected in itsourcecode Apartment
Management Syst ...)
+ TODO: check
+CVE-2025-9418 (A security vulnerability has been detected in itsourcecode
Apartment M ...)
+ TODO: check
+CVE-2025-9172 (The Vibes plugin for WordPress is vulnerable to time-based SQL
Injecti ...)
+ TODO: check
+CVE-2025-8627 (The TP-Link KP303 Smartplugcan be issued unauthenticated
protocol comm ...)
+ TODO: check
+CVE-2025-8447 (An improper access control vulnerability was identified in
GitHub Ente ...)
+ TODO: check
+CVE-2025-6188 (On affected platforms running Arista EOS, maliciously formed
UDP packe ...)
+ TODO: check
+CVE-2025-5931 (The Dokan Pro plugin for WordPress is vulnerable to privilege
escalati ...)
+ TODO: check
+CVE-2025-57814 (request-filtering-agent is an http(s).Agent implementation
that blocks ...)
+ TODO: check
+CVE-2025-57809 (XGrammar is an open-source library for efficient, flexible,
and portab ...)
+ TODO: check
+CVE-2025-57805 (The Scratch Channel is a news website. In versions 1 and 1.1,
a POST r ...)
+ TODO: check
+CVE-2025-57804 (h2 is a pure-Python implementation of a HTTP/2 protocol stack.
Prior t ...)
+ TODO: check
+CVE-2025-57704 (Delta Electronics EIP Builder version 1.11 is vulnerable to a
File Par ...)
+ TODO: check
+CVE-2025-53419 (Delta Electronics COMMGR has Code Injection vulnerability.)
+ TODO: check
+CVE-2025-53418 (Delta Electronics COMMGR has Stack-based Buffer Overflow
vulnerability ...)
+ TODO: check
+CVE-2025-41702 (The JWT secret key is embedded in the egOS WebGUI backend and
is reada ...)
+ TODO: check
+CVE-2024-8860 (The Tourfic plugin for WordPress is vulnerable to unauthorized
modific ...)
+ TODO: check
CVE-2025-9417 (A weakness has been identified in itsourcecode Apartment
Management Sy ...)
NOT-FOR-US: itsourcecode System
CVE-2025-9416 (A security flaw has been discovered in oitcode samarium up to
0.9.6. T ...)
@@ -14903,16 +14991,19 @@ CVE-2024-37657 (An open redirect vulnerability in
gnuboard5 v.5.5.16 allows a re
CVE-2024-37656 (An open redirect vulnerability in gnuboard5 v.5.5.16 allows a
remote a ...)
NOT-FOR-US: Gnuboard
CVE-2024-25178 (LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240314
have an ...)
+ {DLA-4283-1}
- luajit 2.1.0+openresty20240314-1
[bookworm] - luajit <no-dsa> (Minor issue)
NOTE: https://github.com/LuaJIT/LuaJIT/issues/1152
NOTE: Fixed by:
https://github.com/LuaJIT/LuaJIT/commit/defe61a56751a0db5f00ff3ab7b8f45436ba74c8
(v2.1)
CVE-2024-25177 (LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240314
have an ...)
+ {DLA-4283-1}
- luajit 2.1.0+openresty20240314-1
[bookworm] - luajit <no-dsa> (Minor issue)
NOTE: https://github.com/LuaJIT/LuaJIT/issues/1147
NOTE: Fixed by:
https://github.com/LuaJIT/LuaJIT/commit/85b4fed0b0353dd78c8c875c2f562d522a2b310f
(v2.1)
CVE-2024-25176 (LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240626
have a s ...)
+ {DLA-4283-1}
- luajit 2.1.0+openresty20240314-1
[bookworm] - luajit <no-dsa> (Minor issue)
NOTE: https://github.com/LuaJIT/LuaJIT/issues/1149
@@ -414984,6 +415075,7 @@ CVE-2020-24374 (A DNS rebinding vulnerability in
Freebox v5 before 1.5.29.)
CVE-2020-24373 (A CSRF vulnerability in the UPnP MediaServer implementation in
Freebox ...)
NOT-FOR-US: Freebox
CVE-2020-24372 (LuaJIT through 2.1.0-beta3 has an out-of-bounds read in
lj_err_run in ...)
+ {DLA-4283-1}
- luajit 2.1.0~beta3+git20210112+dfsg-2 (unimportant)
NOTE: https://github.com/LuaJIT/LuaJIT/issues/603
NOTE: Fixed by:
https://github.com/LuaJIT/LuaJIT/commit/12ab596997b9cb27846a5b254d11230c3f9c50c8
(v2.1)
@@ -433492,7 +433584,7 @@ CVE-2020-15892 (An issue was discovered in apply.cgi
on D-Link DAP-1520 devices
CVE-2020-15891
RESERVED
CVE-2020-15890 (LuaJit through 2.1.0-beta3 has an out-of-bounds read because
__gc hand ...)
- {DLA-2296-1}
+ {DLA-4283-1 DLA-2296-1}
- luajit 2.1.0~beta3+git20210112+dfsg-2 (unimportant; bug #966148)
NOTE: https://github.com/LuaJIT/LuaJIT/issues/601
NOTE:
https://github.com/LuaJIT/LuaJIT/commit/53f82e6e2e858a0a62fd1a2ff47e9866693382e6
@@ -473162,6 +473254,7 @@ CVE-2019-19393 (The Web application on Rittal CMC PU
III 7030.000 V3.00 V3.11.00
CVE-2019-19392 (The forDNN.UsersExportImport module before 1.2.0 for DNN
(formerly Dot ...)
NOT-FOR-US: forDNN.UsersExportImport module for DNN
CVE-2019-19391 (In LuaJIT through 2.0.5, as used in Moonjit before 2.1.2 and
other pro ...)
+ {DLA-4283-1}
- luajit 2.1.0~beta3+git20210112+dfsg-2 (bug #946053; unimportant)
NOTE: https://github.com/LuaJIT/LuaJIT/pull/526
NOTE: Negligible security impact. The debug library is unsafe per se
and one is
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bbe45f53d3757f1c115ad79ccfc5a0264e63c7cd
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bbe45f53d3757f1c115ad79ccfc5a0264e63c7cd
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
