Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7cf0e000 by Salvatore Bonaccorso at 2025-02-13T09:48:02+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,103 +1,103 @@
CVE-2025-25286 (Crayfish is a collection of Islandora 8 microservices, one of
which, H ...)
TODO: check
CVE-2025-20097 (Uncaught exception in OpenBMC Firmware for the Intel(R) Server
M50FCP ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-1229 (A vulnerability classified as critical was found in olajowon
Loggrove ...)
TODO: check
CVE-2025-1228 (A vulnerability classified as problematic has been found in
olajowon L ...)
TODO: check
CVE-2025-1227 (A vulnerability was found in ywoa up to 2024.07.03. It has been
rated ...)
- TODO: check
+ NOT-FOR-US: ywoa
CVE-2025-1226 (A vulnerability was found in ywoa up to 2024.07.03. It has been
declar ...)
- TODO: check
+ NOT-FOR-US: ywoa
CVE-2025-1198 (An issue discovered in GitLab CE/EE affecting all versions from
16.11 ...)
TODO: check
CVE-2025-1070 (CWE-434: Unrestricted Upload of File with Dangerous Type
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2025-1060 (CWE-319: Cleartext Transmission of Sensitive Information
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2025-1059 (CWE-770: Allocation of Resources Without Limits or Throttling
vulnerab ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2025-1058 (CWE-494: Download of Code Without Integrity Check vulnerability
exists ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2025-0896 (Orthanc server prior to version 1.5.8 does not enable basic
authentica ...)
TODO: check
CVE-2025-0837 (The Puzzles theme for WordPress is vulnerable to Stored
Cross-Site Scr ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2025-0816 (CWE-20: Improper Input Validation vulnerability exists that
could caus ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2025-0815 (CWE-20: Improper Input Validation vulnerability exists that
could caus ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2025-0814 (CWE-20: Improper Input Validation vulnerability exists that
could caus ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2025-0692 (The Simple Video Management System WordPress plugin through
1.0.4 does ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-0661 (The DethemeKit For Elementor plugin for WordPress is vulnerable
to Inf ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-0327 (CWE-269: Improper Privilege Management vulnerability exists for
two se ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2025-0113 (A problem with the network isolation mechanism of the Palo Alto
Networ ...)
- TODO: check
+ NOT-FOR-US: Palo Alto Networks
CVE-2025-0111 (An authenticated file read vulnerability in the Palo Alto
Networks PAN ...)
- TODO: check
+ NOT-FOR-US: Palo Alto Networks
CVE-2025-0110 (A command injection vulnerability in the Palo Alto Networks
PAN-OS Ope ...)
- TODO: check
+ NOT-FOR-US: Palo Alto Networks
CVE-2025-0109 (An unauthenticated file deletion vulnerability in the Palo Alto
Networ ...)
- TODO: check
+ NOT-FOR-US: Palo Alto Networks
CVE-2025-0108 (An authentication bypass in the Palo Alto Networks PAN-OS
software ena ...)
- TODO: check
+ NOT-FOR-US: Palo Alto Networks
CVE-2024-8266 (An issue was discovered in GitLab CE/EE affecting all versions
startin ...)
TODO: check
CVE-2024-7102 (An issue was discovered in GitLab CE/EE affecting all versions
startin ...)
TODO: check
CVE-2024-57605 (Cross Site Scripting vulnerability in Daylight Studio Fuel CMS
v.1.5.2 ...)
- TODO: check
+ NOT-FOR-US: Daylight Studio Fuel CMS
CVE-2024-57604 (An issue in MaysWind ezBookkeeping 0.7.0 allows a remote
attacker to e ...)
- TODO: check
+ NOT-FOR-US: MaysWind ezBookkeeping
CVE-2024-57603 (An issue in MaysWind ezBookkeeping 0.7.0 allows a remote
attacker to e ...)
- TODO: check
+ NOT-FOR-US: MaysWind ezBookkeeping
CVE-2024-57602 (An issue in Alex Tselegidis EasyAppointments v.1.5.0 allows a
remote a ...)
- TODO: check
+ NOT-FOR-US: Alex Tselegidis EasyAppointments
CVE-2024-57601 (Cross Site Scripting vulnerability in Alex Tselegidis
EasyAppointments ...)
- TODO: check
+ NOT-FOR-US: Alex Tselegidis EasyAppointments
CVE-2024-56940 (An issue in the profile image upload function of LearnDash
v6.7.1 allo ...)
- TODO: check
+ NOT-FOR-US: LearnDash
CVE-2024-56939 (LearnDash v6.7.1 was discovered to contain a stored cross-site
scripti ...)
- TODO: check
+ NOT-FOR-US: LearnDash
CVE-2024-56938 (LearnDash v6.7.1 was discovered to contain a stored cross-site
scripti ...)
- TODO: check
+ NOT-FOR-US: LearnDash
CVE-2024-51440 (An issue in Nothing Tech Nothing OS v.2.6 allows a local
attacker to e ...)
- TODO: check
+ NOT-FOR-US: Nothing Tech Nothing OS
CVE-2024-51376 (Directory Traversal vulnerability in yeqifu carRental v.1.0
allows a r ...)
- TODO: check
+ NOT-FOR-US: yeqifu carRental
CVE-2024-51123 (An issue in Zertificon Z1 SecureMail Z1 SecureMail Gateway
4.44.2-7240 ...)
- TODO: check
+ NOT-FOR-US: Zertificon Z1 SecureMail Z1 SecureMail Gateway
CVE-2024-51122 (Cross Site Scripting vulnerability in Zertificon Z1 SecureMail
Z1 Cert ...)
- TODO: check
+ NOT-FOR-US: Zertificon Z1 SecureMail Z1 CertServer
CVE-2024-47266 (Improper limitation of a pathname to a restricted directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-47265 (Improper limitation of a pathname to a restricted directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-47264 (Improper limitation of a pathname to a restricted directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-47006 (Uncontrolled search path for the Intel(R) RealSense D400
Series Univer ...)
- TODO: check
+ NOT-FOR-US: INtel
CVE-2024-46923 (An issue was discovered in Samsung Mobile Processor Exynos
2200, 1480, ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-46922 (An issue was discovered in Samsung Mobile Processor Exynos
1480 and 24 ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-42492 (Uncontrolled search path element in some BIOS and System
Firmware Upda ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-42419 (Incorrect default permissions for some Intel(R) GPA and
Intel(R) GPA F ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-42410 (Improper input validation in some Intel(R) Graphics Drivers
may allow ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-42405 (Uncontrolled search path for some Intel(R) Quartus(R) Prime
Software b ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-41934 (Improper access control in some Intel(R) GPA software before
version 2 ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-41917 (Time-of-check time-of-use race condition for some Intel(R)
Battery Lif ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-41168 (Use after free in some Intel(R) PROSet/Wireless WiFi and
Killer\xe2\u2 ...)
TODO: check
CVE-2024-41166 (Stack-based buffer overflow in some Intel(R) PROSet/Wireless
WiFi and ...)
@@ -105,13 +105,13 @@ CVE-2024-41166 (Stack-based buffer overflow in some
Intel(R) PROSet/Wireless WiF
CVE-2024-40887 (Race condition in some Intel(R) PROSet/Wireless WiFi and
Killer\xe2\u2 ...)
TODO: check
CVE-2024-39813 (Uncontrolled search path for some EPCT software before version
1.42.8. ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-39805 (Insufficient verification of data authenticity in some
Intel(R) DSA so ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-39797 (Improper access control in some drivers for Intel(R) Ethernet
Connecti ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-39779 (Stack-based buffer overflow in some drivers for Intel(R)
Ethernet Conn ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-39606 (Improper input validation in some Intel(R) PROSet/Wireless
WiFi and Ki ...)
TODO: check
CVE-2024-39372 (Uncontrolled search path for the Intel(R) XTU software for
Windows bef ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7cf0e000ebde9a06af222abe61451af7c4a06dcd
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7cf0e000ebde9a06af222abe61451af7c4a06dcd
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
