Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8420eda5 by Salvatore Bonaccorso at 2025-03-10T21:29:29+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9,7 +9,7 @@ CVE-2025-2149 (A vulnerability was found in PyTorch
2.6.0+cu124. It has been rat
CVE-2025-2148 (A vulnerability was found in PyTorch 2.6.0+cu124. It has been
declared ...)
TODO: check
CVE-2025-2147 (A vulnerability was found in Beijing Zhide Intelligent Internet
Techno ...)
- TODO: check
+ NOT-FOR-US: Beijing Zhide Intelligent Internet Technology Modern Farm
Digital Integrated Management System
CVE-2025-27913 (Passbolt API before 5, if the server is misconfigured (with an
incorre ...)
NOT-FOR-US: Passbolt API
CVE-2025-27616 (Vela is a Pipeline Automation (CI/CD) framework built on Linux
contain ...)
@@ -33,9 +33,9 @@ CVE-2025-26936 (Improper Control of Generation of Code ('Code
Injection') vulner
CVE-2025-26933 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
NOT-FOR-US: WordPress plugin
CVE-2025-26916 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26910 (Cross-Site Request Forgery (CSRF) vulnerability in Iqonic
Design WPBoo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26696 (Certain crafted MIME email messages that claimed to contain an
encrypt ...)
TODO: check
CVE-2025-26695 (When requesting an OpenPGP key from a WKD server, an incorrect
padding ...)
@@ -43,31 +43,31 @@ CVE-2025-26695 (When requesting an OpenPGP key from a WKD
server, an incorrect p
CVE-2025-25977 (An issue in canvg v.4.0.2 allows an attacker to execute
arbitrary code ...)
TODO: check
CVE-2025-25940 (VisiCut 2.1 allows code execution via Insecure XML
Deserialization in ...)
- TODO: check
+ NOT-FOR-US: VisiCut
CVE-2025-25620 (Unifiedtransform 2.0 is vulnerable to Cross Site Scripting
(XSS) in th ...)
- TODO: check
+ NOT-FOR-US: Unifiedtransform
CVE-2025-25616 (Unifiedtransform 2.0 is vulnerable to Incorrect Access
Control, which ...)
- TODO: check
+ NOT-FOR-US: Unifiedtransform
CVE-2025-25615 (Unifiedtransform 2.0 is vulnerable to Incorrect Access Control
which a ...)
- TODO: check
+ NOT-FOR-US: Unifiedtransform
CVE-2025-25614 (Incorrect Access Control in Unifiedtransform 2.0 leads to
Privilege Es ...)
- TODO: check
+ NOT-FOR-US: Unifiedtransform
CVE-2025-25382 (An issue in the Property Tax Payment Portal in Information
Kerala Miss ...)
- TODO: check
+ NOT-FOR-US: Property Tax Payment Portal in Information Kerala Mission
SANCHAYA
CVE-2025-25306 (Misskey is an open source, federated social media platform.
The patch ...)
- TODO: check
+ NOT-FOR-US: Misskey
CVE-2025-24813 (Path Equivalence: 'file.Name' (Internal Dot) leading toRemote
Code Exe ...)
TODO: check
CVE-2025-24387 (A vulnerability in OTRS Application Server allows session
hijacking du ...)
TODO: check
CVE-2025-22603 (AutoGPT is a platform that allows users to create, deploy, and
manage ...)
- TODO: check
+ NOT-FOR-US: AutoGPT
CVE-2025-1945 (picklescan before 0.0.23 fails to detect malicious pickle files
inside ...)
- TODO: check
+ NOT-FOR-US: picklescan
CVE-2025-1944 (picklescan before 0.0.23 is vulnerable to a ZIP archive
manipulation a ...)
- TODO: check
+ NOT-FOR-US: picklescan
CVE-2025-1497 (A vulnerability, that could result in Remote Code Execution
(RCE), has ...)
- TODO: check
+ NOT-FOR-US: PlotAI
CVE-2025-1296 (Nomad Community and Nomad Enterprise (\u201cNomad\u201d) are
vulnerabl ...)
TODO: check
CVE-2024-57492 (An issue in redoxOS relibc before commit 98aa4ea5 allows a
local attac ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8420eda5c7fe3628a5736b6f1fea89172800d749
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8420eda5c7fe3628a5736b6f1fea89172800d749
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
