Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
48b0bbb1 by Salvatore Bonaccorso at 2025-03-18T21:16:20+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -59,7 +59,7 @@ CVE-2025-29907 (jsPDF is a library to generate PDFs in
JavaScript. Prior to 3.0.
CVE-2025-29790 (Contao is an Open Source CMS. Users can upload SVG files with
maliciou ...)
TODO: check
CVE-2025-27688 (Dell ThinOS 2408 and prior, contains an improper permissions
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-27080 (Vulnerabilities in the command line interface of AOS-CX could
allow an ...)
TODO: check
CVE-2025-26138 (Systemic Risk Value <=2.8.0 is vulnerable to improper access
control i ...)
@@ -107,11 +107,11 @@ CVE-2024-57170 (SOPlanning 1.53.00 is vulnerable to a
directory traversal issue
CVE-2024-57169 (A file upload bypass vulnerability exists in SOPlanning
1.53.00, speci ...)
TODO: check
CVE-2024-56347 (IBM AIX 7.2 and 7.3 nimsh service SSL/TLS protection
mechanisms could ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-56346 (IBM AIX 7.2 and 7.3 nimesis NIM master service could allow a
remote at ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-49822 (IBM QRadar Advisor 1.0.0 through 2.6.5 is vulnerable to
server-side re ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-44314 (TastyIgniter 3.7.6 contains an Incorrect Access Control
vulnerability ...)
TODO: check
CVE-2024-44313 (TastyIgniter 3.7.6 contains an Incorrect Access Control
vulnerability ...)
@@ -123,9 +123,9 @@ CVE-2024-23943 (An unauthenticated remote attacker can gain
access to the cloud
CVE-2024-23942 (A local user may find a configuration file on the client
workstation w ...)
TODO: check
CVE-2024-21760 (An improper control of generation of code ('Code Injection')
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2023-47539 (An improper access control vulnerability in FortiMail version
7.4.0 co ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-0755 (The various bson_appendfunctions in the MongoDB C driver
library may b ...)
- mongo-c-driver 1.27.5-1
[bookworm] - mongo-c-driver <no-dsa> (Minor issue; can be fixed via
point-release)
@@ -188539,7 +188539,7 @@ CVE-2023-22516 (This High severity RCE (Remote Code
Execution) vulnerability was
CVE-2023-22515 (Atlassian has been made aware of an issue reported by a
handful of cus ...)
NOT-FOR-US: Atlassian
CVE-2023-22514 (This High severity RCE (Remote Code Execution) vulnerability
was intro ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2023-22513 (This High severity RCE (Remote Code Execution) vulnerability
was intro ...)
NOT-FOR-US: Bitbucket Data Center and Server
CVE-2023-22512 (This High severity DoS (Denial of Service) vulnerability was
introduce ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/48b0bbb1ab713a53c478c996ea9f34e466ecd0fc
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/48b0bbb1ab713a53c478c996ea9f34e466ecd0fc
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
