Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
796eec74 by security tracker role at 2025-10-02T20:13:46+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,23 +5,23 @@ CVE-2025-61734 (Files or Directories Accessible to External
Parties vulnerabilit
CVE-2025-61733 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
TODO: check
CVE-2025-61603 (WeGIA is a Web manager for charitable institutions. Versions
3.4.12 an ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-61595 (MANTRA is a purpose-built RWA Layer 1 Blockchain, capable of
adherence ...)
TODO: check
CVE-2025-61096 (PHPGurukul Online Shopping Portal Project v2.1 is vulnerable
to SQL In ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-61087 (SourceCodester Pet Grooming Management Software 1.0 is
vulnerable to C ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-60782 (PHP Education Manager v1.0 is vulnerable to Cross Site
Scripting (XSS) ...)
TODO: check
CVE-2025-60663 (Tenda AC18 V15.03.05.19 was discovered to contain a stack
overflow via ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-60662 (Tenda AC18 V15.03.05.19 was discovered to contain a stack
overflow via ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-60661 (Tenda AC18 V15.03.05.19 was discovered to contain a stack
overflow via ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-60660 (Tenda AC18 V15.03.05.19 was discovered to contain a stack
overflow via ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-59835 (LangBot is a global IM bot platform designed for LLMs. In
versions 4.1 ...)
TODO: check
CVE-2025-59774 (Cross-site scripting (XSS) vulnerability reflected in
AndSoft's e-TMS ...)
@@ -153,7 +153,7 @@ CVE-2025-54287 (Template Injection in instance snapshot
creation component in Ca
CVE-2025-54286 (Cross-Site Request Forgery (CSRF) in LXD-UI in Canonical LXD
versions ...)
TODO: check
CVE-2025-54086 (CVE-2025-54086 is an excess permissions vulnerability in the
Warehouse ...)
- TODO: check
+ NOT-FOR-US: Absolute Software
CVE-2025-53881 (A UNIX Symbolic Link (Symlink) Following vulnerability in
logrotate co ...)
TODO: check
CVE-2025-49090 (The Matrix specification before 1.16 (i.e., with a room
version before ...)
@@ -181,7 +181,7 @@ CVE-2025-34208 (Vasion Print (formerly PrinterLogic)
Virtual Appliance Host and
CVE-2025-32942 (SSH Tectia Server before 6.6.6 sometimes allows attackers to
read and ...)
TODO: check
CVE-2025-22862 (AnAuthentication Bypass Using an Alternate Path or Channel
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-11240 (An open redirect vulnerability existed in KNIME Business Hub
prior to ...)
TODO: check
CVE-2025-11239 (Potentially sensitive information in jobs on KNIME Business
Hub prior ...)
@@ -235211,7 +235211,7 @@ CVE-2023-28762 (SAP BusinessObjects Business
Intelligence Platform - versions 42
CVE-2023-28761 (InSAP NetWeaver Enterprise Portal - version 7.50,an
unauthenticated at ...)
NOT-FOR-US: SAP
CVE-2023-28760 (TP-Link AX1800 WiFi 6 Router (Archer AX21) devices allow
unauthenticat ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2023-28759 (An issue was discovered in Veritas NetBackup before 10.0 on
Windows. A ...)
NOT-FOR-US: Veritas
CVE-2023-28758 (An issue was discovered in Veritas NetBackup before 8.3.0.2.
BPCD allo ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/796eec7401645fc72c68e1bb043cb2820fcb2cfa
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/796eec7401645fc72c68e1bb043cb2820fcb2cfa
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
