Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bfaaaaee by security tracker role at 2025-04-25T20:13:28+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,23 +1,23 @@
CVE-2025-46618 (In JetBrains TeamCity before 2025.03.1 stored XSS was possible
on Data ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-46535 (Missing Authorization vulnerability in AlphaEfficiencyTeam
Custom Logi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-46433 (In JetBrains TeamCity before 2025.03.1 improper path
validation in log ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-46432 (In JetBrains TeamCity before 2025.03.1 base64-encoded
credentials coul ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-43862 (Dify is an open-source LLM app development platform. Prior to
version ...)
TODO: check
CVE-2025-43016 (In JetBrains Rider before 2025.1.2 custom archive unpacker
allowed arb ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-3935 (ScreenConnect versions 25.2.3 and earlier versions may be
susceptible ...)
TODO: check
CVE-2025-3928 (Commvault Web Server has an unspecified vulnerability that can
be expl ...)
TODO: check
CVE-2025-3912 (The WS Form LITE \u2013 Drag & Drop Contact Form Builder for
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-3870 (The 1 Decembrie 1918 plugin for WordPress is vulnerable to
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-3647 (A flaw was discovered in Moodle. Additional checks were
required to en ...)
TODO: check
CVE-2025-3645 (A flaw was found in Moodle. Insufficient capability checks in a
messag ...)
@@ -55,9 +55,9 @@ CVE-2025-32045 (A flaw has been identified in Moodle where
insufficient capabili
CVE-2025-32044 (A flaw has been identified in Moodle where, on certain sites,
unauthen ...)
TODO: check
CVE-2025-2986 (IBM Maximo Asset Management 7.6.1.3 is vulnerable to stored
cross-site ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-2470 (The Service Finder Bookings plugin for WordPress, used by the
Service ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-2070 (An improper XML parsing vulnerability was reported in the FileZ
client ...)
TODO: check
CVE-2025-2069 (A cross-site scripting vulnerability was reported in the FileZ
client ...)
@@ -71,11 +71,11 @@ CVE-2025-28128 (An issue in Mytel Telecom Online Account
System v1.0 allows atta
CVE-2025-28076 (Multiple SQL injection vulnerabilities in EasyVirt DCScope <=
8.6.4 an ...)
TODO: check
CVE-2025-25775 (Codeastro Bus Ticket Booking System v1.0 is vulnerable to SQL
injectio ...)
- TODO: check
+ NOT-FOR-US: CodeAstro
CVE-2025-1565 (The Mayosis Core plugin for WordPress is vulnerable to
Arbitrary File ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-1279 (The BM Content Builder plugin for WordPress is vulnerable to
unauthori ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6199 (An unauthenticated attacker on the WAN interface, with the
ability to ...)
TODO: check
CVE-2024-6198 (The device exposes a web interface on ports TCP/3030 and
TCP/9882. Thi ...)
@@ -85,9 +85,9 @@ CVE-2024-57375 (Andamiro Pump It Up 20th Anniversary (aka
Double X or XX/2019) 1
CVE-2024-56156 (Halo is an open source website building tool. Prior to version
2.20.13 ...)
TODO: check
CVE-2024-30152 (HCL SX v21 is affected by usage of a weak cryptographic
algorithm. An ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2024-11917 (The JobSearch WP Job Board plugin for WordPress is vulnerable
to authe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-23244
- nvidia-graphics-drivers <unfixed> (bug #1104068)
[bookworm] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bfaaaaee8864e04364f4307df05d9d8e7cb5d3bf
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bfaaaaee8864e04364f4307df05d9d8e7cb5d3bf
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
