Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3268e6d0 by Moritz Muehlenhoff at 2025-03-25T10:45:43+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -55,9 +55,9 @@ CVE-2025-2720 (A vulnerability was found in GNOME libgsf up
to 1.14.53 and class
CVE-2025-2717 (A vulnerability, which was classified as critical, has been
found in D ...)
NOT-FOR-US: D-Link
CVE-2025-2716 (A vulnerability classified as problematic was found in China
Mobile P2 ...)
- TODO: check
+ NOT-FOR-US: China Mobile P22g-CIac
CVE-2025-2715 (A vulnerability classified as problematic has been found in
timschofie ...)
- TODO: check
+ NOT-FOR-US: webERP
CVE-2025-2714 (A vulnerability was found in JoomlaUX JUX Real Estate 3.4.0. It
has be ...)
NOT-FOR-US: JoomlaUX JUX Real Estate
CVE-2025-2712 (A vulnerability was found in Yonyou UFIDA ERP-NC 5.0. It has
been decl ...)
@@ -91,7 +91,7 @@ CVE-2025-27810 (Mbed TLS before 2.28.10 and 3.x before 3.6.3,
in some cases of f
CVE-2025-27809 (Mbed TLS before 2.28.10 and 3.x before 3.6.3, on the client
side, acce ...)
TODO: check
CVE-2025-26512 (SnapCenter versions prior to 6.0.1P1 and 6.1P1 are
susceptible to a v ...)
- TODO: check
+ NOT-FOR-US: NetApp
CVE-2025-1798 (The does not sanitise and escape some parameters when
outputting them ...)
NOT-FOR-US: WordPress plugin
CVE-2025-1452 (The Favorites WordPress plugin before 2.3.5 does not sanitise
and esca ...)
@@ -121,7 +121,7 @@ CVE-2024-45481 (An Incomplete Filtering of Special Elements
vulnerability in scr
CVE-2024-45480 (An improper control of generation of code ('Code Injection')
vulnerabi ...)
NOT-FOR-US: ABB group
CVE-2024-44903 (SQL Injection can occur in the SirsiDynix Horizon Information
Portal ( ...)
- TODO: check
+ NOT-FOR-US: SirsiDynix Horizon Information Portal
CVE-2024-13863 (The Stylish Google Sheet Reader 4.0 WordPress plugin before
4.1 does ...)
NOT-FOR-US: WordPress plugin
CVE-2024-13618 (The aoa-downloadable WordPress plugin through 0.1.0 lacks
authorizatio ...)
@@ -385,7 +385,7 @@ CVE-2025-2702 (A vulnerability, which was classified as
critical, has been found
CVE-2025-2701 (A vulnerability classified as critical was found in AMTT Hotel
Broadba ...)
NOT-FOR-US: AMTT Hotel Broadband Operation System
CVE-2025-2700 (A vulnerability classified as problematic has been found in
michelson ...)
- TODO: check
+ NOT-FOR-US: Dante Editor
CVE-2025-2326
REJECTED
CVE-2025-2231 (PDF-XChange Editor RTF File Parsing Out-Of-Bounds Read Remote
Code Exe ...)
@@ -415,7 +415,7 @@ CVE-2024-8774 (The SIMPLE.ERP client stores superuser
password in a recoverable
CVE-2024-8773 (SIMPLE.ERP client is vulnerable to MS SQL protocol downgrade
request f ...)
NOT-FOR-US: SIMPLE.ERP
CVE-2024-55279 (Uguu through 1.8.9 allows Cross Site Scripting (XSS) via
JavaScript in ...)
- TODO: check
+ NOT-FOR-US: Uguu
CVE-2025-2699 (A vulnerability was found in GetmeUK ContentTools up to 1.6.16.
It has ...)
NOT-FOR-US: GetmeUK ContentTools
CVE-2025-2690 (A vulnerability, which was classified as critical, was found in
yiisof ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3268e6d08115be700fb3ea617e584c0c58bfc3f3
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3268e6d08115be700fb3ea617e584c0c58bfc3f3
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
