Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
99017761 by Salvatore Bonaccorso at 2025-03-03T22:37:44+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -112,7 +112,7 @@ CVE-2025-25301 (Rembg is a tool to remove images
background. In Rembg 2.0.57 and
CVE-2025-25280 (Buffer overflow vulnerability exists in FutureNet AS series
(Industria ...)
NOT-FOR-US: Century Systems
CVE-2025-25185 (GPT Academic provides interactive interfaces for large
language models ...)
- TODO: check
+ NOT-FOR-US: GPT Academic
CVE-2025-25170 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
NOT-FOR-US: WordPress plugin
CVE-2025-25169 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
@@ -393,9 +393,9 @@ CVE-2025-23433 (Improper Neutralization of Input During Web
Page Generation ('Cr
CVE-2025-23425 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
NOT-FOR-US: WordPress plugin
CVE-2025-21424 (Memory corruption while calling the NPU driver APIs
concurrently.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-1889 (picklescan before 0.0.22 only considers standard pickle file
extension ...)
- TODO: check
+ NOT-FOR-US: picklescan
CVE-2025-1880 (A vulnerability was found in i-Drive i11 and i12 up to
20250227. It ha ...)
NOT-FOR-US: i-Drive
CVE-2025-1879 (A vulnerability was found in i-Drive i11 and i12 up to 20250227
and cl ...)
@@ -421,9 +421,9 @@ CVE-2025-1870 (SQL injection vulnerability have been found
in 101news affecting
CVE-2025-1869 (SQL injection vulnerability have been found in 101news
affecting versi ...)
NOT-FOR-US: 101news
CVE-2025-1868 (Vulnerability of unauthorized exposure of confidential
information aff ...)
- TODO: check
+ NOT-FOR-US: Famatech
CVE-2025-1867 (Inconsistent Interpretation of HTTP Requests ('HTTP
Request/Response S ...)
- TODO: check
+ NOT-FOR-US: libhv
CVE-2025-1866 (Improper Restriction of Operations within the Bounds of a
Memory Buffe ...)
TODO: check
CVE-2025-1864 (Improper Restriction of Operations within the Bounds of a
Memory Buffe ...)
@@ -433,43 +433,43 @@ CVE-2025-1859 (A vulnerability, which was classified as
critical, has been found
CVE-2025-1858 (A vulnerability classified as critical was found in Codezips
Online Sh ...)
NOT-FOR-US: Codezips Online Shopping Website
CVE-2025-0289 (Paragon Partition Manager version 17, both community and
Business vers ...)
- TODO: check
+ NOT-FOR-US: Paragon Partition Manager
CVE-2025-0288 (Paragon Partition Manager version 7.9.1 contains an arbitrary
kernel m ...)
- TODO: check
+ NOT-FOR-US: Paragon Partition Manager
CVE-2025-0287 (Paragon Partition Manager version 7.9.1 contains a null pointer
derefe ...)
- TODO: check
+ NOT-FOR-US: Paragon Partition Manager
CVE-2025-0286 (Paragon Partition Manager version 7.9.1 contains an arbitrary
kernel m ...)
- TODO: check
+ NOT-FOR-US: Paragon Partition Manager
CVE-2025-0285 (Paragon Partition Manager version 7.9.1 contains an arbitrary
kernel m ...)
- TODO: check
+ NOT-FOR-US: Paragon Partition Manager
CVE-2024-8262 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: Proliz Software OBS
CVE-2024-8261 (Authorization Bypass Through User-Controlled Key vulnerability
in Prol ...)
- TODO: check
+ NOT-FOR-US: Proliz Software OBS
CVE-2024-5888 (There is a stored Cross-site Scripting vulnerability in ArcGIS
Server ...)
- TODO: check
+ NOT-FOR-US: ArcGIS Server
CVE-2024-57240 (A Cross-Site Scripting (XSS) vulnerability in the Rendering
Engine com ...)
- TODO: check
+ NOT-FOR-US: Apryse WebViewer
CVE-2024-55570 (/api/user/users in the web GUI for the Cubro EXA48200 network
packet b ...)
- TODO: check
+ NOT-FOR-US: Cubro EXA48200 network packet broker
CVE-2024-55532 (Improper Neutralization of Formula Elements in Export CSV
feature of A ...)
- TODO: check
+ NOT-FOR-US: Apache Ranger
CVE-2024-54179 (IBM Business Automation Workflow and IBM Business Automation
Workflow ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-53388 (A DOM Clobbering vulnerability in mavo v0.3.2 allows attackers
to exec ...)
- TODO: check
+ NOT-FOR-US: mavo
CVE-2024-53387 (A DOM Clobbering vulnerability in umeditor v1.2.3 allows
attackers to ...)
- TODO: check
+ NOT-FOR-US: umeditor
CVE-2024-53384 (A DOM Clobbering vulnerability in tsup v8.3.4 allows attackers
to exec ...)
- TODO: check
+ NOT-FOR-US: tsup
CVE-2024-53034 (Memory corruption occurs during an Escape call if an invalid
Kernel Mo ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-53033 (Memory corruption while doing Escape call when user provides
valid ker ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-53032 (Memory corruption may occur in keyboard virtual device due to
guest VM ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-53031 (Memory corruption while reading a type value from a buffer
controlled ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-53030 (Memory corruption while processing input message passed from
FE driver ...)
TODO: check
CVE-2024-53029 (Memory corruption while reading a value from a buffer
controlled by th ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/990177617b483e4ab45bb983aea1a5cceb8e8c70
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/990177617b483e4ab45bb983aea1a5cceb8e8c70
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
