Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d15fb247 by Salvatore Bonaccorso at 2025-03-17T21:14:57+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3,53 +3,53 @@ CVE-2025-30143 (Rule 3000216 (before version 2) in Akamai App
& API Protector (w
CVE-2025-2401 (Buffer overflow vulnerability in Immunity Debugger affecting
version 1 ...)
TODO: check
CVE-2025-2392 (A vulnerability, which was classified as critical, has been
found in c ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-2391 (A vulnerability classified as critical was found in
code-projects Bloo ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-2390 (A vulnerability classified as critical has been found in
code-projects ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-2389 (A vulnerability was found in code-projects Blood Bank
Management Syste ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-2388 (A vulnerability was found in Keytop
\u8def\u5185\u505c\u8f66\u6536\u8d ...)
TODO: check
CVE-2025-2387 (A vulnerability was found in SourceCodester Online Food
Ordering Syste ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-2386 (A vulnerability was found in PHPGurukul Local Services Search
Engine M ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-2385 (A vulnerability has been found in code-projects Modern Bag 1.0
and cla ...)
TODO: check
CVE-2025-2384 (A vulnerability, which was classified as critical, was found in
code-p ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-2383 (A vulnerability, which was classified as critical, has been
found in P ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-2382 (A vulnerability classified as critical was found in PHPGurukul
Online ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-2381 (A vulnerability classified as critical has been found in
PHPGurukul Cu ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-2380 (A vulnerability was found in PHPGurukul Apartment Visitors
Management ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-2379 (A vulnerability was found in PHPGurukul Apartment Visitors
Management ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-2378 (A vulnerability was found in PHPGurukul Medical Card Generation
System ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-2377 (A vulnerability was found in SourceCodester Vehicle Management
System ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-2376 (A vulnerability has been found in viames Pair Framework up to
1.9.11 a ...)
TODO: check
CVE-2025-2375 (A vulnerability, which was classified as problematic, was found
in PHP ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-2374 (A vulnerability, which was classified as critical, has been
found in P ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-2373 (A vulnerability classified as critical was found in PHPGurukul
Human M ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-2372 (A vulnerability classified as critical has been found in
PHPGurukul Hu ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-2371 (A vulnerability was found in PHPGurukul Human Metapneumovirus
Testing ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-2370 (A vulnerability was found in TOTOLINK EX1800T up to
9.1.0cu.2112_B2022 ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-2369 (A vulnerability was found in TOTOLINK EX1800T up to
9.1.0cu.2112_B2022 ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-2241 (A flaw was found in Hive, a component of Multicluster Engine
(MCE) and ...)
TODO: check
CVE-2025-2202 (Broken access control vulnerability in the Innovaci\xf3n y
Cualificaci ...)
@@ -67,15 +67,15 @@ CVE-2025-29787 (`zip` is a zip library for rust which
supports reading and writi
CVE-2025-29786 (Expr is an expression language and expression evaluation for
Go. Prior ...)
TODO: check
CVE-2025-29431 (Code-projects Online Class and Exam Scheduling System V1.0 is
vulnerab ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-29430 (Code-projects Online Class and Exam Scheduling System V1.0 is
vulnerab ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-29429 (Code-projects Online Class and Exam Scheduling System V1.0 is
vulnerab ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-29427 (Code-projects Online Class and Exam Scheduling System V1.0 is
vulnerab ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-29425 (Code-projects Online Class and Exam Scheduling System 1.0 is
vulnerabl ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-27512 (Zincati is an auto-update agent for Fedora CoreOS hosts.
Zincati ships ...)
TODO: check
CVE-2025-27102 (Agate is central authentication server software for OBiBa
epidemiology ...)
@@ -103,13 +103,13 @@ CVE-2025-25618 (Incorrect Access Control in
Unifiedtransform 2.0 leads to Privil
CVE-2025-25612 (FS Inc S3150-8T2F prior to version S3150-8T2F_2.2.0D_135103 is
vulnera ...)
TODO: check
CVE-2025-24185 (An out-of-bounds write issue was addressed with improved input
validat ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-22474 (Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x,
10.5.6. ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-22473 (Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x,
10.5.6. ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-22472 (Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x,
10.5.6. ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-1774 (Incorrect string encodingvulnerability in NASK - PIB BotSense
allows i ...)
TODO: check
CVE-2025-1398 (Mattermost Desktop App versions <=5.10.0 explicitly declared
unnecessa ...)
@@ -143,37 +143,37 @@ CVE-2025-0595 (A stored Cross-site Scripting (XSS)
vulnerability affecting 3DDas
CVE-2025-0495 (Buildx is a Docker CLI plugin that extends build capabilities
using Bu ...)
TODO: check
CVE-2024-9055 (The DPA countermeasures on Silicon Labs' Series 2 devices are
not rese ...)
- TODO: check
+ NOT-FOR-US: Silicon Labs
CVE-2024-8510 (N-central is vulnerable to a path traversal that allows
unintended acc ...)
TODO: check
CVE-2024-54565 (The issue was addressed with improved checks. This issue is
fixed in m ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-54559 (The issue was addressed with improved checks. This issue is
fixed in m ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-54525 (A logic issue was addressed with improved file handling. This
issue is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-54027 (A Use of Hard-coded Cryptographic Key vulnerability [CWE-321]
in Forti ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-49561 (Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x,
10.5.6. ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2024-49559 (Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x,
10.5.6. ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2024-48831 (Dell SmartFabric OS10 Software, version(s) 10.5.6.x,
contain(s) a Use ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2024-48830 (Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x,
10.5.6. ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2024-48828 (Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x,
10.5.6. ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2024-48017 (Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x,
10.5.6. ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2024-48015 (Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x,
10.5.6. ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2024-48013 (Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x,
10.5.6. ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2024-44866 (A buffer overflow in the GuitarPro1::read function of
MuseScore Studio ...)
TODO: check
CVE-2024-44276 (This issue was addressed by using HTTPS when sending
information over ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-12992 (Improper Neutralization of Special Elements used in a Command
vulnerab ...)
TODO: check
CVE-2024-12971 (Improper Neutralization of Special Elements used in a Command
vulnerab ...)
@@ -309938,7 +309938,7 @@ CVE-2021-32586 (An improper input validation
vulnerability in the web server CGI
CVE-2021-32585 (An improper neutralization of input during web page generation
vulnera ...)
NOT-FOR-US: FortiWAN
CVE-2021-32584 (An improper access control (CWE-284) vulnerability in FortiWLC
version ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2021-32583
RESERVED
CVE-2021-32582 (An issue was discovered in ConnectWise Automate before 2021.5.
A blind ...)
@@ -326956,7 +326956,7 @@ CVE-2021-26089 (An improper symlink following in
FortiClient for Mac 6.4.3 and b
CVE-2021-26088 (An improper authentication vulnerability in FSSO Collector
version 5.0 ...)
NOT-FOR-US: Fortinet
CVE-2021-26087 (An improper neutralization of input during web page generation
in Fort ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2021-26086 (Affected versions of Atlassian Jira Server and Data Center
allow remot ...)
NOT-FOR-US: Atlassian
CVE-2021-26085 (Affected versions of Atlassian Confluence Server allow remote
attacker ...)
@@ -336409,7 +336409,7 @@ CVE-2021-22128 (An improper access control
vulnerability in FortiProxy SSL VPN p
CVE-2021-22127 (An improper input validation vulnerability in FortiClient for
Linux 6. ...)
NOT-FOR-US: FortiClient
CVE-2021-22126 (A use of hard-coded password vulnerability in FortiWLC version
8.5.2 a ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2021-22125 (An instance of improper neutralization of special elements in
the snif ...)
NOT-FOR-US: FortiSandbox
CVE-2021-22124 (An uncontrolled resource consumption (denial of service)
vulnerability ...)
@@ -348018,7 +348018,7 @@ CVE-2020-29012 (An insufficient session expiration
vulnerability in FortiSandbox
CVE-2020-29011 (Instances of SQL Injection vulnerabilities in the checksum
search and ...)
NOT-FOR-US: FortiSandbox
CVE-2020-29010 (An exposure of sensitive information to an unauthorized actor
vulnerab ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2020-29009
RESERVED
CVE-2020-29008
@@ -400713,7 +400713,7 @@ CVE-2020-9297 (Netflix Titus, all versions prior to
version v0.1.1-rc.274, uses
CVE-2020-9296 (Netflix Titus uses Java Bean Validation (JSR 380) custom
constraint va ...)
NOT-FOR-US: Netflix Conductor
CVE-2020-9295 (FortiOS 6.2 running AV engine version 6.00142 and below,
FortiOS 6.4 r ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2020-9294 (An improper authentication vulnerability in FortiMail 5.4.10,
6.0.7, 6 ...)
NOT-FOR-US: FortiMail Fortiguard
CVE-2020-9293
@@ -429330,7 +429330,7 @@ CVE-2019-17661 (A CSV injection in the
codepress-admin-columns (aka Admin Column
CVE-2019-17660 (A cross-site scripting (XSS) vulnerability in
admin/translate/translat ...)
- limesurvey <itp> (bug #472802)
CVE-2019-17659 (A use of hard-coded cryptographic key vulnerability in
FortiSIEM versi ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2019-17658 (An unquoted service path vulnerability in the FortiClient
FortiTray co ...)
NOT-FOR-US: Fortiguard
CVE-2019-17657 (An Uncontrolled Resource Consumption vulnerability in Fortinet
FortiSw ...)
@@ -435070,7 +435070,7 @@ CVE-2019-15708 (A system command injection
vulnerability in the FortiAP-S/W2 6.2
CVE-2019-15707 (An improper access control vulnerability in FortiMail admin
webUI 6.2. ...)
NOT-FOR-US: FortiMail admin webUI
CVE-2019-15706 (An improper neutralization of input during web page generation
in the ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2019-15705 (An Improper Input Validation vulnerability in the SSL VPN
portal of Fo ...)
NOT-FOR-US: Fortinet FortiOS
CVE-2019-15704 (A clear text storage of sensitive information vulnerability in
FortiCl ...)
@@ -463219,7 +463219,7 @@ CVE-2019-6699 (An improper neutralization of input
vulnerability in Fortinet For
CVE-2019-6698 (Use of Hard-coded Credentials vulnerability in FortiRecorder
all versi ...)
NOT-FOR-US: Fortinet
CVE-2019-6697 (An Improper Neutralization of Input vulnerability affecting
FortiGate ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2019-6696 (An improper input validation vulnerability in FortiOS 6.2.1,
6.2.0, 6. ...)
NOT-FOR-US: Fortiguard
CVE-2019-6695 (Lack of root file system integrity checking in Fortinet
FortiManager V ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d15fb247f9e2038cb08724ac1d4e02591b257092
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d15fb247f9e2038cb08724ac1d4e02591b257092
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
