Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f956c0bd by Salvatore Bonaccorso at 2025-08-19T22:46:43+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -118,23 +118,23 @@ CVE-2025-50938 (Cross site scripting (XSS) vulnerability
in Hustoj 2025-01-31 vi
CVE-2025-50926 (Easy Hosting Control Panel EHCP v20.04.1.b was discovered to
contain a ...)
NOT-FOR-US: Easy Hosting Control Panel EHCP
CVE-2025-50897 (A vulnerability exists in riscv-boom SonicBOOM 1.2 (BOOMv1.2)
processo ...)
- TODO: check
+ NOT-FOR-US: riscv-boom SonicBOOM
CVE-2025-50891 (Adform Site Tracking 1.1 allows attackers to inject HTML or
execute ar ...)
- TODO: check
+ NOT-FOR-US: Adform Site Tracking
CVE-2025-50579 (A CORS misconfiguration in Nginx Proxy Manager v2.12.3 allows
unauthor ...)
- TODO: check
+ NOT-FOR-US: Nginx Proxy Manager
CVE-2025-50567 (Saurus CMS Community Edition 4.7.1 contains a vulnerability in
the cus ...)
TODO: check
CVE-2025-50461 (A deserialization vulnerability exists in Volcengine's verl
3.0.0, spe ...)
- TODO: check
+ NOT-FOR-US: Volcengine verl
CVE-2025-50434 (A security issue has been identified in Appian Enterprise
Business Pro ...)
- TODO: check
+ NOT-FOR-US: Appian Enterprise Business Process Management
CVE-2025-4690 (A regular expression used by AngularJS' linky
https://docs.angularjs.o ...)
TODO: check
CVE-2025-4046 (A missing authorization vulnerability in Lexmark Cloud Services
badge ...)
- TODO: check
+ NOT-FOR-US: Lexmark
CVE-2025-4044 (Improper Restriction of XML External Entity Reference in
various Lexma ...)
- TODO: check
+ NOT-FOR-US: Lexmark
CVE-2025-43745 (A CSRF vulnerability in Liferay Portal 7.4.0 through
7.4.3.132, and Li ...)
NOT-FOR-US: Liferay
CVE-2025-43744 (A stored DOM-based Cross-Site Scripting (XSS) vulnerability in
Liferay ...)
@@ -150,9 +150,9 @@ CVE-2025-43738 (A reflected cross-site scripting (XSS)
vulnerability in the Life
CVE-2025-43737 (A reflected cross-site scripting (XSS) vulnerability in the
Liferay Po ...)
NOT-FOR-US: Liferay
CVE-2025-41689 (An unauthenticated remote attacker can grant access without
password p ...)
- TODO: check
+ NOT-FOR-US: Motherbox
CVE-2025-41685 (A low-privileged remote attacker can obtain the username of
another re ...)
- TODO: check
+ NOT-FOR-US: SMA Solar Technology
CVE-2025-33008 (IBM Sterling B2B Integrator 6.2.1.0 and IBM Sterling File
Gateway6.2.1 ...)
NOT-FOR-US: IBM
CVE-2025-31988 (HCL Digital Experience is susceptible to cross site scripting
(XSS) in ...)
@@ -162,7 +162,7 @@ CVE-2025-2988 (IBM Sterling B2B Integrator and IBM Sterling
File Gateway 6.0.0.0
CVE-2024-45062 (A stack based buffer overflow vulnerability is present in
OpenPrinting ...)
TODO: check
CVE-2024-44373 (A Path Traversal vulnerability in AllSky v2023.05.01_04 allows
an unau ...)
- TODO: check
+ NOT-FOR-US: AllSky
CVE-2025-38615 (In the Linux kernel, the following vulnerability has been
resolved: f ...)
- linux <unfixed>
[bullseye] - linux <not-affected> (Vulnerable code not present)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f956c0bd1718141275882ecb9a52475a52b30a77
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f956c0bd1718141275882ecb9a52475a52b30a77
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
