Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3bf76b6b by security tracker role at 2025-05-05T20:14:13+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,19 +1,19 @@
CVE-2025-4318 (The AWS Amplify Studio UI component property expressions in the
aws-am ...)
- TODO: check
+ NOT-FOR-US: Amazon
CVE-2025-4316 (Improper access control in PAM feature in Devolutions Server
2025.1.6. ...)
- TODO: check
+ NOT-FOR-US: Devolutions
CVE-2025-4287 (A vulnerability was found in PyTorch 2.6.0+cu124. It has been
rated as ...)
TODO: check
CVE-2025-4286 (A vulnerability was found in Intelbras InControl up to 2.21.59.
It has ...)
TODO: check
CVE-2025-4283 (A vulnerability was found in SourceCodester/oretnom23 Stock
Management ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-4282 (A vulnerability has been found in SourceCodester/oretnom23
Stock Manag ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-4281 (A vulnerability, which was classified as problematic, was found
in She ...)
TODO: check
CVE-2025-4279 (The External image replace plugin for WordPress is vulnerable
to arbit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-4272 (A vulnerability was found in Mechrevo Control Console 1.0.2.70.
It has ...)
TODO: check
CVE-2025-47240
@@ -43,7 +43,7 @@ CVE-2025-46340 (Misskey is an open source, federated social
media platform. Star
CVE-2025-46335 (Mobile Security Framework (MobSF) is a security research
platform for ...)
TODO: check
CVE-2025-45751 (SourceCodester Web Based Pharmacy Product Management System
1.0 is vul ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-45618 (Incorrect access control in the component
/admin/sys/datasource/ajaxLi ...)
TODO: check
CVE-2025-45617 (Incorrect access control in the component /user/list of
production_ssm ...)
@@ -87,7 +87,7 @@ CVE-2025-45237 (Incorrect access control in the component
/config/download of DB
CVE-2025-45236 (A stored cross-site scripting (XSS) vulnerability in the Edit
Profile ...)
TODO: check
CVE-2025-45042 (Tenda AC9 v15.03.05.14 was discovered to contain a command
injection v ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-43915 (In Buoyant Edge releases before edge-25.2.1 and Enterprise for
Linkerd ...)
TODO: check
CVE-2025-43852 (Retrieval-based-Voice-Conversion-WebUI is a voice changing
framework b ...)
@@ -131,9 +131,9 @@ CVE-2025-25504 (An issue in the /usr/local/bin/jncs.sh
script of Gefen WebFWC (I
CVE-2025-24977 (OpenCTI is an open cyber threat intelligence (CTI) platform.
Prior to ...)
TODO: check
CVE-2025-1992 (IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect
Server) 11.5 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-1909 (The BuddyBoss Platform Pro plugin for WordPress is vulnerable
to authe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-0217 (BeyondTrust Privileged Remote Access (PRA) versions prior to
25.1 are ...)
TODO: check
CVE-2024-58237 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
@@ -143,27 +143,27 @@ CVE-2024-58100 (In the Linux kernel, the following
vulnerability has been resolv
CVE-2024-58098 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
TODO: check
CVE-2024-57235 (NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to
contain ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-57234 (NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to
contain ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-57233 (NETGEAR RAX5 (AX1600 WiFi Router) v1.0.2.26 was discovered to
contain ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-57232 (NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to
contain ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-57231 (NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to
contain ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-57230 (NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to
contain ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-57229 (NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to
contain ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-51991 (October is a Content Management System (CMS) and web platform.
A vulne ...)
TODO: check
CVE-2024-42213 (HCL BigFix Compliance is affected by inclusion of temporary
files left ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2024-42212 (HCL BigFix Compliance is affected by an improper or missing
SameSite a ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2024-11615 (The Envolve Plugin plugin for WordPress is vulnerable to
arbitrary fil ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-47268 (ping in iputils through 20240905 allows a denial of service
(applicati ...)
- iputils <unfixed> (bug #1104746)
[bookworm] - iputils <no-dsa> (Minor issue)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3bf76b6b0f6e0e8fb86fbfe56879bbc995060ab6
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3bf76b6b0f6e0e8fb86fbfe56879bbc995060ab6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
