Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9e15bdb8 by Moritz Muehlenhoff at 2025-03-03T12:44:07+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,45 +1,45 @@
CVE-2025-27590 (In oxidized-web (aka Oxidized Web) before 0.15.0, the RANCID
migration ...)
TODO: check
CVE-2025-27585 (A stored cross-site scripting (XSS) vulnerability in Serosoft
Solution ...)
- TODO: check
+ NOT-FOR-US: Serosoft Solutions
CVE-2025-27584 (A stored cross-site scripting (XSS) vulnerability in Serosoft
Solution ...)
- TODO: check
+ NOT-FOR-US: Serosoft Solutions
CVE-2025-27583 (Incorrect access control in the component
/rest/staffResource/findAllU ...)
- TODO: check
+ NOT-FOR-US: Serosoft Solutions
CVE-2025-27579 (In Bitaxe ESP-Miner before 2.5.0 with AxeOS, one can use an
/api/syste ...)
TODO: check
CVE-2025-25953 (Serosoft Solutions Pvt Ltd Academia Student Information System
(SIS) E ...)
- TODO: check
+ NOT-FOR-US: Serosoft Solutions
CVE-2025-25952 (An Insecure Direct Object References (IDOR) in the component
/getStude ...)
- TODO: check
+ NOT-FOR-US: Serosoft Solutions
CVE-2025-25951 (An information disclosure vulnerability in the component
/rest/cb/exec ...)
- TODO: check
+ NOT-FOR-US: Serosoft Solutions
CVE-2025-25950 (Incorrect access control in the component
/rest/staffResource/update o ...)
- TODO: check
+ NOT-FOR-US: Serosoft Solutions
CVE-2025-25949 (A stored cross-site scripting (XSS) vulnerability in Serosoft
Solution ...)
- TODO: check
+ NOT-FOR-US: Serosoft Solutions
CVE-2025-25948 (Incorrect access control in the component
/rest/staffResource/create o ...)
- TODO: check
+ NOT-FOR-US: Serosoft Solutions
CVE-2025-20653 (In da, there is a possible out of bounds read due to an
integer overfl ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20652 (In V5 DA, there is a possible out of bounds read due to a
missing boun ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20651 (In da, there is a possible out of bounds read due to a missing
bounds ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20650 (In da, there is a possible out of bounds write due to a
missing bounds ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20649 (In Bluetooth Stack SW, there is a possible information
disclosure due ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20648 (In apu, there is a possible out of bounds read due to a
missing bounds ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20647 (In Modem, there is a possible system crash due to a missing
bounds che ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20646 (In wlan AP FW, there is a possible out of bounds write due to
improper ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20645 (In KeyInstall, there is a possible out of bounds write due to
a missin ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20644 (In Modem, there is a possible memory corruption due to
incorrect error ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-1857 (A vulnerability classified as critical has been found in
PHPGurukul Ni ...)
TODO: check
CVE-2025-1856 (A vulnerability was found in Codezips Gym Management System
1.0. It ha ...)
@@ -49,11 +49,11 @@ CVE-2025-1855 (A vulnerability was found in PHPGurukul
Online Shopping Portal 2.
CVE-2025-1854 (A vulnerability was found in Codezips Gym Management System
1.0. It ha ...)
TODO: check
CVE-2025-1853 (A vulnerability was found in Tenda AC8 16.03.34.06 and
classified as c ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-1852 (A vulnerability has been found in Totolink EX1800T
9.1.0cu.2112_B20220 ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-1851 (A vulnerability, which was classified as critical, was found in
Tenda ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-1850 (A vulnerability, which was classified as critical, has been
found in C ...)
TODO: check
CVE-2025-1849 (A vulnerability classified as critical was found in zj1983 zz
up to 20 ...)
@@ -65,17 +65,17 @@ CVE-2025-1847 (A vulnerability was found in zj1983 zz up to
2024-8. It has been
CVE-2025-1846 (A vulnerability was found in zj1983 zz up to 2024-8. It has
been decla ...)
TODO: check
CVE-2025-1845 (A vulnerability has been found in ESAFENET DSM 3.1.2 and
classified as ...)
- TODO: check
+ NOT-FOR-US: ESAFENET
CVE-2025-1844 (A vulnerability, which was classified as critical, was found in
ESAFEN ...)
- TODO: check
+ NOT-FOR-US: ESAFENET
CVE-2025-1843 (A vulnerability, which was classified as critical, has been
found in M ...)
TODO: check
CVE-2025-1842 (A vulnerability classified as problematic was found in FITSTATS
Techno ...)
TODO: check
CVE-2025-1841 (A vulnerability classified as critical has been found in
ESAFENET CDG ...)
- TODO: check
+ NOT-FOR-US: ESAFENET
CVE-2025-1840 (A vulnerability was found in ESAFENET CDG 5.6.3.154.205. It has
been r ...)
- TODO: check
+ NOT-FOR-US: ESAFENET
CVE-2025-1836 (A vulnerability was found in Incorta 2023.4.3. It has been
classified ...)
TODO: check
CVE-2025-1835 (A vulnerability has been found in osuuu LightPicture 1.2.2 and
classif ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e15bdb87f8bd29255dd5db975b60c256379f1d8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e15bdb87f8bd29255dd5db975b60c256379f1d8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
