Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b3019f4b by Salvatore Bonaccorso at 2025-03-10T21:22:19+01:00
Process two NFUs
- - - - -
8c697e87 by Salvatore Bonaccorso at 2025-03-10T21:22:21+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11,27 +11,27 @@ CVE-2025-2148 (A vulnerability was found in PyTorch
2.6.0+cu124. It has been dec
CVE-2025-2147 (A vulnerability was found in Beijing Zhide Intelligent Internet
Techno ...)
TODO: check
CVE-2025-27913 (Passbolt API before 5, if the server is misconfigured (with an
incorre ...)
- TODO: check
+ NOT-FOR-US: Passbolt API
CVE-2025-27616 (Vela is a Pipeline Automation (CI/CD) framework built on Linux
contain ...)
- TODO: check
+ NOT-FOR-US: Vela
CVE-2025-27615 (umatiGateway is software for connecting OPC Unified
Architecture serve ...)
- TODO: check
+ NOT-FOR-US: umatiGateway
CVE-2025-27257 (Insufficient Verification of Data Authenticity vulnerability
in GE Ver ...)
- TODO: check
+ NOT-FOR-US: GE Vernova UR IED family devices
CVE-2025-27256 (Missing Authentication for Critical Function vulnerability in
GE Verno ...)
- TODO: check
+ NOT-FOR-US: GE Vernova Enervista UR Setup application
CVE-2025-27255 (Use of Hard-coded Credentials vulnerability in GE Vernova
EnerVista UR ...)
- TODO: check
+ NOT-FOR-US: GE Vernova EnerVista UR Setup
CVE-2025-27254 (Improper Authentication vulnerability in GE Vernova EnerVista
UR Setup ...)
- TODO: check
+ NOT-FOR-US: GE Vernova EnerVista UR Setup
CVE-2025-27253 (An improper input validation in GE Vernova UR IED family
devices from ...)
- TODO: check
+ NOT-FOR-US: GE Vernova UR IED family devices
CVE-2025-27136 (LocalS3 is an Amazon S3 mock service for testing and local
development ...)
TODO: check
CVE-2025-26936 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26933 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26916 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
TODO: check
CVE-2025-26910 (Cross-Site Request Forgery (CSRF) vulnerability in Iqonic
Design WPBoo ...)
@@ -101,11 +101,11 @@ CVE-2024-54463 (This issue was addressed with improved
entitlements. This issue
CVE-2024-53307 (A reflected cross-site scripting (XSS) vulnerability in the
/mw/ endpo ...)
TODO: check
CVE-2024-52905 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through
6.1.2.6 a ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-52812 (LF Edge eKuiper is an internet-of-things data analytics and
stream pro ...)
TODO: check
CVE-2024-47109 (IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0
through ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-44227 (The issue was addressed with improved memory handling. This
issue is f ...)
TODO: check
CVE-2024-44192 (The issue was addressed with improved checks. This issue is
fixed in w ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/39bd01fd52f9f8a536c8e8b2cd4e7b06afc363a9...8c697e8765fe5f6ba1247bf68ccfdc9f7cabee60
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/39bd01fd52f9f8a536c8e8b2cd4e7b06afc363a9...8c697e8765fe5f6ba1247bf68ccfdc9f7cabee60
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
