Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6a527038 by Salvatore Bonaccorso at 2025-03-18T21:56:46+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -50,9 +50,9 @@ CVE-2025-2487 (A flaw was found in the 389-ds-base LDAP
Server. This issue occur
- 389-ds-base <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2353071
CVE-2025-2450 (NI Vision Builder AI VBAI File Processing Missing Warning
Remote Code ...)
- TODO: check
+ NOT-FOR-US: NI
CVE-2025-2449 (NI FlexLogger usiReg URI File Parsing Directory Traversal
Remote Code ...)
- TODO: check
+ NOT-FOR-US: NI
CVE-2025-29930 (imFAQ is an advanced questions and answers management system
for Impre ...)
NOT-FOR-US: ImpressCMS
CVE-2025-29907 (jsPDF is a library to generate PDFs in JavaScript. Prior to
3.0.1, use ...)
@@ -94,19 +94,19 @@ CVE-2025-24801 (GLPI is a free asset and IT management
software package. An auth
CVE-2025-24799 (GLPI is a free asset and IT management software package. An
unauthenti ...)
TODO: check
CVE-2025-24306 (Improper neutralization of special elements used in an OS
command ('OS ...)
- TODO: check
+ NOT-FOR-US: +F FS010M
CVE-2025-21619 (GLPI is a free asset and IT management software package. An
administra ...)
TODO: check
CVE-2025-1468 (An unauthenticated remote attacker can gain access to sensitive
inform ...)
- TODO: check
+ NOT-FOR-US: CODESYS OPC UA Server
CVE-2025-0694 (Insufficient path validation in CODESYS Control allows low
privileged ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2024-8997 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: Vestel EVC04 Configuration Interface
CVE-2024-57170 (SOPlanning 1.53.00 is vulnerable to a directory traversal
issue in /pr ...)
- TODO: check
+ NOT-FOR-US: SOPlanning
CVE-2024-57169 (A file upload bypass vulnerability exists in SOPlanning
1.53.00, speci ...)
- TODO: check
+ NOT-FOR-US: SOPlanning
CVE-2024-56347 (IBM AIX 7.2 and 7.3 nimsh service SSL/TLS protection
mechanisms could ...)
NOT-FOR-US: IBM
CVE-2024-56346 (IBM AIX 7.2 and 7.3 nimesis NIM master service could allow a
remote at ...)
@@ -114,9 +114,9 @@ CVE-2024-56346 (IBM AIX 7.2 and 7.3 nimesis NIM master
service could allow a rem
CVE-2024-49822 (IBM QRadar Advisor 1.0.0 through 2.6.5 is vulnerable to
server-side re ...)
NOT-FOR-US: IBM
CVE-2024-44314 (TastyIgniter 3.7.6 contains an Incorrect Access Control
vulnerability ...)
- TODO: check
+ NOT-FOR-US: TastyIgniter
CVE-2024-44313 (TastyIgniter 3.7.6 contains an Incorrect Access Control
vulnerability ...)
- TODO: check
+ NOT-FOR-US: TastyIgniter
CVE-2024-41975 (An unauthenticated remote attacker can gain limited
information of the ...)
TODO: check
CVE-2024-23943 (An unauthenticated remote attacker can gain access to the
cloud API du ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a52703853feb92d8b00b081c0423b2282303943
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a52703853feb92d8b00b081c0423b2282303943
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
