Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
14f2f4ba by security tracker role at 2025-09-29T20:14:08+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
CVE-2025-9648 (A vulnerability in the CivetWeb library's function
mg_handle_form_requ ...)
TODO: check
CVE-2025-8868 (In Progress Chef Automate, versions earlier than 4.13.295, on
Linux x8 ...)
- TODO: check
+ NOT-FOR-US: Progress Software
CVE-2025-7104 (A mass assignment vulnerability exists in
danny-avila/librechat, affec ...)
TODO: check
CVE-2025-6724 (In Progress Chef Automate, versions earlier than 4.13.295, on
Linux x8 ...)
- TODO: check
+ NOT-FOR-US: Progress Software
CVE-2025-61659 (bash-git-prompt 2.6.1 through 2.7.1 insecurely uses the
/tmp/git-index ...)
TODO: check
CVE-2025-57879 (There is an unvalidated redirect vulnerability in Esri Portal
for ArcG ...)
@@ -53,7 +53,7 @@ CVE-2025-55795 (The openml/openml.org web application version
v2.0.20241110 uses
CVE-2025-51495 (An integer overflow vulnerability exists in the WebSocket
component of ...)
TODO: check
CVE-2025-43400 (An out-of-bounds write issue was addressed with improved
bounds checki ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-41252 (Description: VMware NSX contains a username enumeration
vulnerability. ...)
TODO: check
CVE-2025-41251 (VMware NSX contains a weak password recovery mechanism
vulnerability. ...)
@@ -61,11 +61,11 @@ CVE-2025-41251 (VMware NSX contains a weak password
recovery mechanism vulnerabi
CVE-2025-41250 (VMware vCenter contains an SMTP header injection
vulnerability.A malic ...)
TODO: check
CVE-2025-36352 (IBM License Metric Tool 9.2.0 through 9.2.40 is vulnerable to
stored c ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-36351 (IBM License Metric Tool 9.2.0 through 9.2.40 could allow an
authenti ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-36099 (IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to
a denial ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-35034 (Medical Informatics Engineering Enterprise Health has a
reflected cros ...)
TODO: check
CVE-2025-35033 (Medical Informatics Engineering Enterprise Health has a CSV
injection ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/14f2f4ba4fdcd39c81991699c546e57f2a431c3c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/14f2f4ba4fdcd39c81991699c546e57f2a431c3c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
