Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5287fcaa by Moritz Muehlenhoff at 2025-03-19T11:03:16+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -133,7 +133,7 @@ CVE-2025-2449 (NI FlexLogger usiReg URI File Parsing
Directory Traversal Remote
CVE-2025-29930 (imFAQ is an advanced questions and answers management system
for Impre ...)
NOT-FOR-US: ImpressCMS
CVE-2025-29907 (jsPDF is a library to generate PDFs in JavaScript. Prior to
3.0.1, use ...)
- TODO: check
+ - jspdf <itp> (bug #998381)
CVE-2025-29790 (Contao is an Open Source CMS. Users can upload SVG files with
maliciou ...)
NOT-FOR-US: Contao CMS
CVE-2025-27688 (Dell ThinOS 2408 and prior, contains an improper permissions
vulnerabi ...)
@@ -159,7 +159,7 @@ CVE-2025-25582 (yimioa before v2024.07.04 was discovered to
contain a SQL inject
CVE-2025-25580 (yimioa before v2024.07.04 was discovered to contain a SQL
injection vu ...)
NOT-FOR-US: yimioa
CVE-2025-25500 (An issue in CosmWasm prior to v2.2.0 allows attackers to
bypass capabi ...)
- TODO: check
+ NOT-FOR-US: CosmWasm
CVE-2025-25220 (Improper neutralization of special elements used in an OS
command ('OS ...)
NOT-FOR-US: +F FS010M
CVE-2025-25042 (A vulnerability in the AOS-CX REST interface could allow an
authentica ...)
@@ -195,11 +195,11 @@ CVE-2024-44314 (TastyIgniter 3.7.6 contains an Incorrect
Access Control vulnerab
CVE-2024-44313 (TastyIgniter 3.7.6 contains an Incorrect Access Control
vulnerability ...)
NOT-FOR-US: TastyIgniter
CVE-2024-41975 (An unauthenticated remote attacker can gain limited
information of the ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2024-23943 (An unauthenticated remote attacker can gain access to the
cloud API du ...)
- TODO: check
+ NOT-FOR-US: mbCONNECT24
CVE-2024-23942 (A local user may find a configuration file on the client
workstation w ...)
- TODO: check
+ NOT-FOR-US: mbCONNECT24
CVE-2024-21760 (An improper control of generation of code ('Code Injection')
vulnerabi ...)
NOT-FOR-US: Fortinet
CVE-2023-47539 (An improper access control vulnerability in FortiMail version
7.4.0 co ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5287fcaa31a071a22d5da8bfe196ff710b6b9775
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5287fcaa31a071a22d5da8bfe196ff710b6b9775
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
