Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d60fa0e1 by security tracker role at 2025-05-06T20:16:53+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2025-4388 (A reflected cross-site scripting (XSS) vulnerability in the
Liferay Po ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-4384 (The MQTT add-on of PcVue fails to verify that a remote
device\u2019s c ...)
TODO: check
CVE-2025-4374 (A flaw was found in Quay. When an organization acts as a proxy
cache, ...)
@@ -7,51 +7,51 @@ CVE-2025-4374 (A flaw was found in Quay. When an organization
acts as a proxy ca
CVE-2025-4373 (A flaw was found in GLib, which is vulnerable to an integer
overflow i ...)
TODO: check
CVE-2025-4368 (A vulnerability, which was classified as critical, was found in
Tenda ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-4363 (A vulnerability, which was classified as critical, has been
found in i ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-4362 (A vulnerability classified as critical was found in
itsourcecode Gym M ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-4361 (A vulnerability classified as critical has been found in
PHPGurukul Co ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4360 (A vulnerability, which was classified as critical, has been
found in i ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-4359 (A vulnerability classified as critical was found in
itsourcecode Gym M ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-4358 (A vulnerability classified as critical has been found in
PHPGurukul Co ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4357 (A vulnerability was found in Tenda RX3 16.03.13.11_multi. It
has been ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-4356 (A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02. It
has bee ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-4355 (A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02. It
has bee ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-4354 (A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02 and
classif ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-4353 (A vulnerability, which was classified as critical, was found in
Golden ...)
TODO: check
CVE-2025-4352 (A vulnerability, which was classified as critical, has been
found in G ...)
TODO: check
CVE-2025-4350 (A vulnerability classified as critical was found in D-Link
DIR-600L up ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4349 (A vulnerability classified as critical has been found in D-Link
DIR-60 ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4348 (A vulnerability was found in D-Link DIR-600L up to 2.07B01. It
has bee ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4347 (A vulnerability was found in D-Link DIR-600L up to 2.07B01. It
has bee ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4346 (A vulnerability was found in D-Link DIR-600L up to 2.07B01. It
has bee ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4345 (A vulnerability was found in D-Link DIR-600L up to 2.07B01 and
classif ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4344 (A vulnerability, which was classified as critical, was found in
D-Link ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4343 (A vulnerability has been found in D-Link DIR-600L up to 2.07B01
and cl ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4342 (A vulnerability, which was classified as critical, has been
found in D ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4341 (A vulnerability classified as critical was found in D-Link
DIR-880L up ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4041 (In Optigo Networks ONS NC600 versions 4.2.1-084 through
4.7.2-330, an ...)
TODO: check
CVE-2025-47417 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
@@ -71,21 +71,21 @@ CVE-2025-46736 (Umbraco is a free and open source .NET
content management system
CVE-2025-46735 (Terraform WinDNS Provider allows users to manage their Windows
DNS ser ...)
TODO: check
CVE-2025-45492 (Netgear EX8000 V1.0.0.126 is vulnerable to Command Injection
via the I ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2025-45491 (Linksys E5600 v1.1.0.26 was discovered to contain a command
injection ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2025-45490 (Linksys E5600 v1.1.0.26 was discovered to contain a command
injection ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2025-45489 (Linksys E5600 v1.1.0.26 was discovered to contain a command
injection ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2025-45488 (Linksys E5600 v1.1.0.26 was discovered to contain a command
injection ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2025-45487 (Linksys E5600 v1.1.0.26 was discovered to contain a command
injection ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2025-45250 (MrDoc v0.95 and before is vulnerable to Server-Side Request
Forgery (S ...)
TODO: check
CVE-2025-44900 (In Tenda RX3 V1.0br_V16.03.13.11 in the GetParentControlInfo
function ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-40625 (Unrestricted file upload in TCMAN's GIM v11. This
vulnerability allows ...)
TODO: check
CVE-2025-40624 (SQL injection in TCMAN's GIM v11. This vulnerability allows an
unauthe ...)
@@ -99,7 +99,7 @@ CVE-2025-40621 (SQL injection in TCMAN's GIM v11. This
vulnerability allows an u
CVE-2025-40620 (SQL injection in TCMAN's GIM v11. This vulnerability allows an
unauthe ...)
TODO: check
CVE-2025-3782 (The Cision Block plugin for WordPress is vulnerable to Stored
Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-37730 (Improper certificate validation in Logstash's TCP output could
lead to ...)
TODO: check
CVE-2025-32022 (Finit provides fast init for Linux systems. Finit's urandom
plugin has ...)
@@ -107,107 +107,107 @@ CVE-2025-32022 (Finit provides fast init for Linux
systems. Finit's urandom plug
CVE-2025-30165 (vLLM is an inference and serving engine for large language
models. In ...)
TODO: check
CVE-2025-2898 (IBM Maximo Application Suite 9.0 could allow an attacker with
some lev ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-2011 (The Slider & Popup Builder by Depicter plugin for WordPress is
vulnera ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-27248 (in OpenHarmony v5.0.3 and prior versions allow a local
attacker case D ...)
- TODO: check
+ NOT-FOR-US: OpenHarmony
CVE-2025-27241 (in OpenHarmony v5.0.3 and prior versions allow a local
attacker case D ...)
- TODO: check
+ NOT-FOR-US: OpenHarmony
CVE-2025-27132 (in OpenHarmony v5.0.3 and prior versions allow a local
attacker arbitr ...)
- TODO: check
+ NOT-FOR-US: OpenHarmony
CVE-2025-26262 (An issue in the component /internals/functions of R-fx
Networks Linux ...)
TODO: check
CVE-2025-25218 (in OpenHarmony v5.0.3 and prior versions allow a local
attacker case D ...)
- TODO: check
+ NOT-FOR-US: OpenHarmony
CVE-2025-25052 (in OpenHarmony v5.0.3 and prior versions allow a local
attacker cause ...)
- TODO: check
+ NOT-FOR-US: OpenHarmony
CVE-2025-25014 (A Prototype pollution vulnerability in Kibana leads to
arbitrary code ...)
TODO: check
CVE-2025-23379 (Dell Storage Center - Dell Storage Manager, version(s)
21.0.20, contai ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-22886 (in OpenHarmony v5.0.3 and prior versions allow a local
attacker case D ...)
- TODO: check
+ NOT-FOR-US: OpenHarmony
CVE-2025-22479 (Dell Storage Center - Dell Storage Manager, version(s)
20.0.21, contai ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-22478 (Dell Storage Center - Dell Storage Manager, version(s)
20.1.20, contai ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-22477 (Dell Storage Center - Dell Storage Manager, version(s)
20.1.20, contai ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-22476 (Dell Storage Center - Dell Storage Manager, version(s)
20.1.20, contai ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-21475 (Memory corruption while processing escape code, when DisplayId
is pass ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21470 (Memory corruption while processing image encoding, when
configuration ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21469 (Memory corruption while processing image encoding, when input
buffer l ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21468 (Memory corruption while reading response from FW, when buffer
size is ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21467 (Memory corruption while reading the FW response from the
shared queue.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21462 (Memory corruption while processing an IOCTL request, when
buffer signi ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21460 (Memory corruption while processing a message, when the buffer
is contr ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21459 (Transient DOS while parsing per STA profile in ML IE.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21453 (Memory corruption while processing a data structure, when an
iterator ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-0984 (Unrestricted Upload of File with Dangerous Type, Improper
Neutralizati ...)
TODO: check
CVE-2024-49847 (Transient DOS while processing of a registration acceptance
OTA due to ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-49846 (Memory corruption while decoding of OTA messages from T3448
IE.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-49845 (Memory corruption during the FRS UDS generation process.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-49844 (Memory corruption while triggering commands in the PlayReady
Trusted a ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-49842 (Memory corruption during memory mapping into protected VM
address spac ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-49841 (Memory corruption during memory assignment to headless
peripheral VM d ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-49835 (Memory corruption while reading secure file.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-49830 (Memory corruption while processing an IOCTL call to set mixer
controls ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-49829 (Memory corruption can occur during context user dumps due to
inadequat ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45583 (Memory corruption while handling multiple IOCTL calls from
userspace t ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45581 (Memory corruption while sound model registration for voice
activation ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45579 (Memory corruption may occur when invoking IOCTL calls from
userspace t ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45578 (Memory corruption while acquire and update IOCTLs during IFE
output re ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45577 (Memory corruption while invoking IOCTL calls from userspace to
camera ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45576 (Memory corruption while prociesing command buffer buffer in
OPE module ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45575 (Memory corruption Camera kernel when large number of devices
are attac ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45574 (Memory corruption during array access in Camera kernel due to
invalid ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45570 (Memory corruption may occur during IO configuration processing
when th ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45568 (Memory corruption due to improper bounds check while command
handling ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45567 (Memory corruption while encoding JPEG format.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45566 (Memory corruption during concurrent buffer access due to
modification ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45565 (Memory corruption when blob structure is modified by
user-space after ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45564 (Memory corruption during concurrent access to server info
object due t ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45563 (Memory corruption while handling schedule request in Camera
Request Ma ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45562 (Memory corruption during concurrent access to server info
object due t ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45554 (Memory corruption during concurrent SSR execution due to race
conditio ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33770 (Real Estate Management System v1.0 was discovered to contain a
SQL inj ...)
TODO: check
CVE-2025-22873
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d60fa0e10f479008d8e078a097cf40ecf4f4a74b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d60fa0e10f479008d8e078a097cf40ecf4f4a74b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
