Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ea235b98 by Salvatore Bonaccorso at 2025-02-14T10:11:29+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,45 +1,45 @@
CVE-2025-26789 (An issue was discovered in Logpoint AgentX before 1.5.0. A
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Logpoint AgentX
CVE-2025-26788 (StrongKey FIDO Server before 4.15.1 treats a non-discoverable
(namedcr ...)
- TODO: check
+ NOT-FOR-US: StrongKey FIDO Server
CVE-2025-26519 (musl libc 0.9.13 through 1.2.5 before 1.2.6 has an
out-of-bounds write ...)
TODO: check
CVE-2025-26473 (The Mojave Inverter uses the GET method for sensitive
information.)
- TODO: check
+ NOT-FOR-US: Mojave Inverter
CVE-2025-25281 (An attacker may modify the URL to discover sensitive
information about ...)
- TODO: check
+ NOT-FOR-US: Mojave Inverter
CVE-2025-25195 (Zulip is an open source team chat application. A weekly cron
job (adde ...)
TODO: check
CVE-2025-25067 (mySCADA myPRO Manager is vulnerable to an OS command
injection which ...)
- TODO: check
+ NOT-FOR-US: mySCADA myPRO Manager
CVE-2025-24865 (The administrative web interface of mySCADA myPRO Manager
can be acc ...)
- TODO: check
+ NOT-FOR-US: mySCADA myPRO Manager
CVE-2025-24861 (An attacker may inject commands via specially-crafted post
requests.)
- TODO: check
+ NOT-FOR-US: Mojave Inverter
CVE-2025-24836 (With a specially crafted Python script, an attacker could send
contin ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-23421 (An attacker could obtain firmware files and reverse engineer
their in ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-23411 (mySCADA myPRO Manager is vulnerable to cross-site request
forgery (CS ...)
- TODO: check
+ NOT-FOR-US: mySCADA
CVE-2025-23406 (Out-of-bounds read vulnerability caused by improper checking
of TCP MS ...)
- TODO: check
+ NOT-FOR-US: Cente middleware TCP/IP Network Series
CVE-2025-22962 (A critical remote code execution (RCE) vulnerability exists in
the web ...)
- TODO: check
+ NOT-FOR-US: GatesAir Maxiva UAXT
CVE-2025-22961 (A critical information disclosure vulnerability exists in the
web-base ...)
- TODO: check
+ NOT-FOR-US: GatesAir Maxiva UAXT
CVE-2025-22960 (A session hijacking vulnerability exists in the web-based
management i ...)
- TODO: check
+ NOT-FOR-US: GatesAir Maxiva UAXT
CVE-2025-22896 (mySCADA myPRO Manager stores credentials in cleartext, which
could a ...)
- TODO: check
+ NOT-FOR-US: mySCADA myPRO Manager
CVE-2025-22630 (Improper Neutralization of Special Elements used in a Command
('Comman ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-20615 (The Qardio Arm iOS application exposes sensitive data such as
username ...)
- TODO: check
+ NOT-FOR-US: Qardio Arm iOS application
CVE-2025-1298 (Logic vulnerability in the mobile application
(com.transsion.carlcare) ...)
- TODO: check
+ NOT-FOR-US: mobile application (com.transsion.carlcare)
CVE-2025-1283 (The Dingtian DT-R0 Series is vulnerable to an exploit that
allows att ...)
- TODO: check
+ NOT-FOR-US: Dingtian DT-R0 Series
CVE-2025-1053 (Under certain error conditions at time of SANnav installation
or upgra ...)
TODO: check
CVE-2024-9601 (The Qubely \u2013 Advanced Gutenberg Blocks plugin for
WordPress is vu ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea235b98ea6b7632382822634b9d54cd47c8d9b5
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea235b98ea6b7632382822634b9d54cd47c8d9b5
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
