Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6dab3a69 by Salvatore Bonaccorso at 2025-01-29T22:15:01+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,49 +1,49 @@
CVE-2025-24882 (regclient is a Docker and OCI Registry Client in Go. A
malicious regis ...)
- golang-github-regclient-regclient <itp> (bug #1084521)
CVE-2025-24792 (Snowflake PHP PDO Driver is a driver that uses the PHP Data
Objects (P ...)
- TODO: check
+ NOT-FOR-US: Snowflake PHP PDO Driver
CVE-2025-24791 (snowflake-connector-nodejs is a NodeJS driver for Snowflake.
Snowflake ...)
- TODO: check
+ NOT-FOR-US: snowflake-connector-nodejs
CVE-2025-24790 (Snowflake JDBC provides a JDBC type 4 driver that supports
core functi ...)
- TODO: check
+ NOT-FOR-US: Snowflake JDBC
CVE-2025-24789 (Snowflake JDBC provides a JDBC type 4 driver that supports
core functi ...)
- TODO: check
+ NOT-FOR-US: Snowflake JDBC
CVE-2025-24527 (An issue was discovered in Akamai Enterprise Application
Access (EAA) ...)
- TODO: check
+ NOT-FOR-US: Akamai
CVE-2025-24374 (Twig is a template language for PHP. When using the ??
operator, outpu ...)
TODO: check
CVE-2025-20061 (mySCADA myPRO does not properly neutralize POST requests sent
to a spe ...)
- TODO: check
+ NOT-FOR-US: mySCADA myPRO
CVE-2025-20014 (mySCADA myPRO does not properly neutralize POST requests sent
to a spe ...)
- TODO: check
+ NOT-FOR-US: mySCADA myPRO
CVE-2025-0840 (A vulnerability, which was classified as problematic, was found
in GNU ...)
TODO: check
CVE-2025-0617 (An attacker with access to an HX 10.0.0 and previous versions,
may se ...)
- TODO: check
+ NOT-FOR-US: Trellix
CVE-2025-0353 (The Divi Torque Lite \u2013 Best Divi Addon, Extensions,
Modules & Soc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-57965 (In axios before 1.7.8, lib/helpers/isURLSameOrigin.js does not
use a U ...)
TODO: check
CVE-2024-57439 (An issue in the reset password interface of ruoyi v4.8.0
allows attack ...)
- TODO: check
+ NOT-FOR-US: ruoyi
CVE-2024-57438 (Insecure permissions in RuoYi v4.8.0 allows authenticated
attackers to ...)
- TODO: check
+ NOT-FOR-US: RuoYi
CVE-2024-57437 (RuoYi v4.8.0 was discovered to contain a SQL injection
vulnerability v ...)
- TODO: check
+ NOT-FOR-US: RuoYi
CVE-2024-57436 (RuoYi v4.8.0 was discovered to allow unauthorized attackers to
view th ...)
- TODO: check
+ NOT-FOR-US: RuoYi
CVE-2024-54462 (The file names constructed within image_picker are missing
sanitizatio ...)
TODO: check
CVE-2024-54461 (The file names constructed within file_selector are missing
sanitizati ...)
TODO: check
CVE-2024-48852 (Insertion of Sensitive Information into Log File vulnerability
observe ...)
- TODO: check
+ NOT-FOR-US: FLEXON
CVE-2024-48849 (Missing Origin Validation in WebSockets vulnerability
inFLXEON. Sessio ...)
- TODO: check
+ NOT-FOR-US: FLEXON
CVE-2024-41140 (Zohocorp ManageEngine Applications Manager versions174000 and
prior ar ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2024-13561 (The Target Video Easy Publish plugin for WordPress is
vulnerable to St ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10001 (A Code Injection vulnerability was identified in GitHub
Enterprise Ser ...)
TODO: check
CVE-2023-37413 (IBM Aspera Faspex 5.0.0 through 5.0.10 could disclose
sensitive userna ...)
@@ -493386,7 +493386,7 @@ CVE-2018-9380 (In l2c_lcc_proc_pdu of l2c_fcr.cc,
there is a possible out of bou
CVE-2018-9379 (In multiple functions of MiniThumbFile.java, there is a
possible way t ...)
NOT-FOR-US: Android
CVE-2018-9378 (In BnAudioPolicyService::onTransact of IAudioPolicyService.cpp,
there ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2018-9377 (In getIntentForIntentSender of ActivityManagerService.java,
there is a ...)
NOT-FOR-US: Android
CVE-2018-9376 (In rpc_msg_handler and related handlers
ofdrivers/misc/mediatek/eccci/ ...)
@@ -493396,7 +493396,7 @@ CVE-2018-9375 (In multiple functions of
UserDictionaryProvider.java, there is a
CVE-2018-9374 (In installPackageLI of PackageManagerService.java, there is a
possible ...)
NOT-FOR-US: Android
CVE-2018-9373 (In TdlsexRxFrameHandle of the MTK WLAN driver, there is a
possible out ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2018-9372 (In cmd_flash_mmc_sparse_img of dl_commands.c, there is a
possible out ...)
NOT-FOR-US: Android
CVE-2018-9371 (In the Mediatek Preloader, there are out of bounds reads and
writes du ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6dab3a69daff9793faa90d2cb98303278b6915f6
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6dab3a69daff9793faa90d2cb98303278b6915f6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
