Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2db3150f by Salvatore Bonaccorso at 2025-05-20T22:29:39+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
CVE-2025-4997 (A vulnerability, which was classified as problematic, was found
in H3C ...)
- TODO: check
+ NOT-FOR-US: H3C R2+ProG
CVE-2025-4996 (A vulnerability, which was classified as problematic, has been
found i ...)
- TODO: check
+ NOT-FOR-US: Intelbras
CVE-2025-4980 (A vulnerability has been found in Netgear DGND3700
1.1.00.15_1.00.15NA ...)
NOT-FOR-US: Netgear
CVE-2025-4978 (A vulnerability, which was classified as very critical, was
found in N ...)
@@ -9,9 +9,9 @@ CVE-2025-4978 (A vulnerability, which was classified as very
critical, was found
CVE-2025-4977 (A vulnerability, which was classified as problematic, has been
found i ...)
NOT-FOR-US: Netgear
CVE-2025-4951 (Editions of Rapid7 AppSpider Pro before version7.5.018 is
vulnerable t ...)
- TODO: check
+ NOT-FOR-US: Rapid7 AppSpider Pro
CVE-2025-4364 (The affected products could allow an unauthenticated attacker
to acces ...)
- TODO: check
+ NOT-FOR-US: Assured Telematics Inc.
CVE-2025-48391 (In JetBrains YouTrack before 2025.1.76253 deletion of issues
was possi ...)
NOT-FOR-US: JetBrains
CVE-2025-48056 (Hubble is a fully distributed networking and security
observability pl ...)
@@ -27,17 +27,17 @@ CVE-2025-48015 (Failed login response could be different
depending on whether th
CVE-2025-48014 (Password guessing limits could be bypassed when using LDAP
authenticat ...)
NOT-FOR-US: Schweitzer Engineering Laboratories (SEL)
CVE-2025-47941 (TYPO3 is an open source, PHP based web content management
system. In v ...)
- TODO: check
+ NOT-FOR-US: TYPO3
CVE-2025-47940 (TYPO3 is an open source, PHP based web content management
system. Star ...)
- TODO: check
+ NOT-FOR-US: TYPO3
CVE-2025-47939 (TYPO3 is an open source, PHP based web content management
system. By d ...)
- TODO: check
+ NOT-FOR-US: TYPO3
CVE-2025-47938 (TYPO3 is an open source, PHP based web content management
system. Star ...)
- TODO: check
+ NOT-FOR-US: TYPO3
CVE-2025-47937 (TYPO3 is an open source, PHP based web content management
system. Star ...)
- TODO: check
+ NOT-FOR-US: TYPO3
CVE-2025-47936 (TYPO3 is an open source, PHP based web content management
system. In v ...)
- TODO: check
+ NOT-FOR-US: TYPO3
CVE-2025-47854 (In JetBrains TeamCity before 2025.03.2 open redirect was
possible on e ...)
NOT-FOR-US: JetBrains
CVE-2025-47853 (In JetBrains TeamCity before 2025.03.2 stored XSS via Jira
integration ...)
@@ -57,31 +57,31 @@ CVE-2025-46725 (Langroid is a Python framework to build
large language model (LL
CVE-2025-46724 (Langroid is a Python framework to build large language model
(LLM)-pow ...)
TODO: check
CVE-2025-45862 (TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to
contain a buff ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-44893 (FW-WGS-804HPT v1.305b241111 was discovered to contain a stack
overflow ...)
- TODO: check
+ NOT-FOR-US: FW-WGS-804HPT
CVE-2025-44890 (FW-WGS-804HPT v1.305b241111 was discovered to contain a stack
overflow ...)
- TODO: check
+ NOT-FOR-US: FW-WGS-804HPT
CVE-2025-44885 (FW-WGS-804HPT v1.305b241111 was discovered to contain a stack
overflow ...)
- TODO: check
+ NOT-FOR-US: FW-WGS-804HPT
CVE-2025-44084 (D-link DI-8100 16.07.26A1 is vulnerable to Command Injection.
An attac ...)
NOT-FOR-US: D-Link
CVE-2025-41231 (VMware Cloud Foundationcontains a missing authorisation
vulnerability. ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2025-41230 (VMware Cloud Foundationcontains an information disclosure
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2025-41229 (VMware Cloud Foundationcontains a directory traversal
vulnerability.A ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2025-41228 (VMware ESXi and vCenter Server contain a reflected cross-site
scriptin ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2025-41227 (VMware ESXi,Workstation, and Fusion contain a
denial-of-service vulner ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2025-41226 (VMwareESXi contains a denial-of-service vulnerability that
occurs when ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2025-41225 (The vCenter Server contains an authenticated command-execution
vulnera ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2025-40635 (SQL injection vulnerability in Comerzzia Backoffice: Sales
Orchestrato ...)
- TODO: check
+ NOT-FOR-US: Comerzzia Backoffice
CVE-2025-40634 (Stack-based buffer overflow vulnerability in the
'conn-indicator' bina ...)
NOT-FOR-US: TP-Link
CVE-2025-40633 (A Stored Cross-Site Scripting (XSS) vulnerability has been
found in K ...)
@@ -89,7 +89,7 @@ CVE-2025-40633 (A Stored Cross-Site Scripting (XSS)
vulnerability has been found
CVE-2025-30193 (In some circumstances, when DNSdist is configured to allow an
unlimite ...)
TODO: check
CVE-2025-26086 (An unauthenticated blind SQL injection vulnerability exists in
RSI Que ...)
- TODO: check
+ NOT-FOR-US: RSI Queue Management System
CVE-2025-22157 (This High severity PrivEsc (Privilege Escalation)
vulnerability was in ...)
NOT-FOR-US: Atlassian
CVE-2024-53359 (An issue in Zalo v23.09.01 allows attackers to obtain
sensitive user i ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2db3150f277ce50aefbcb65adc4aba9aea8024cb
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2db3150f277ce50aefbcb65adc4aba9aea8024cb
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
