Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
dd151f9c by security tracker role at 2025-10-14T20:13:47+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,35 +1,35 @@
CVE-2025-9437 (A security issue exists within the Studio 5000 Logix Designer
add-on p ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-9178 (A denial-of-service security issue exists in the affected
product and ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-9177 (A denial-of-service security issue exists in the affected
product and ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-9124 (A denial-of-service security issue in the affected product. The
securi ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-9068 (A security issue exists within the Rockwell Automation Driver
Package ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-9067 (A security issue exists within the x86 Microsoft Installer File
(MSI), ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-9066 (A security issue was discovered within FactoryTalk\xae
ViewPoint, allo ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-9064 (A path traversal security issue exists within FactoryTalk View
Machine ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-9063 (An authentication bypass security issue exists within
FactoryTalk View ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-8459 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2025-8430 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2025-8429 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2025-8428 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2025-7330 (A cross-site request forgery security issue exists in the
product and ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-7329 (A Stored Cross-Site Scripting security issue exists in the
affected pr ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-7328 (Multiple Broken Authentication security issues exist in the
affected p ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-62366 (mailgen is a Node.js package that generates responsive HTML
e-mails fo ...)
TODO: check
CVE-2025-62172 (Home Assistant is open source home automation software that
puts local ...)
@@ -39,23 +39,23 @@ CVE-2025-62157 (Argo Workflows is an open source
container-native workflow engin
CVE-2025-62156 (Argo Workflows is an open source container-native workflow
engine for ...)
TODO: check
CVE-2025-61807 (Substance3D - Stager versions 3.1.4 and earlier are affected
by an Int ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-61806 (Substance3D - Stager versions 3.1.4 and earlier are affected
by an out ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-61805 (Substance3D - Stager versions 3.1.4 and earlier are affected
by an out ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-61803 (Substance3D - Stager versions 3.1.4 and earlier are affected
by an Int ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-61802 (Substance3D - Stager versions 3.1.4 and earlier are affected
by a Use ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-61801 (Dimension versions 4.1.4 and earlier are affected by a Use
After Free ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-61800 (Dimension versions 4.1.4 and earlier are affected by an
Integer Overfl ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-61799 (Dimension versions 4.1.4 and earlier are affected by an
out-of-bounds ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-61798 (Dimension versions 4.1.4 and earlier are affected by an
out-of-bounds ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-61678 (FreePBX Endpoint Manager is a module for managing telephony
endpoints ...)
TODO: check
CVE-2025-61675 (FreePBX Endpoint Manager is a module for managing telephony
endpoints ...)
@@ -71,15 +71,15 @@ CVE-2025-60535 (A Cross-Site Request Forgery (CSRF) in the
component /endpoints/
CVE-2025-60374 (Stored Cross-Site Scripting (XSS) in Perfex CRM chatbot before
3.3.1 a ...)
TODO: check
CVE-2025-5946 (Improper Neutralization of Special Elements used in an OS
Command ('OS ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2025-59921 (An exposure of sensitive information to an unauthorized actor
vulnerab ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-59502 (Uncontrolled resource consumption in Windows Remote Procedure
Call all ...)
TODO: check
CVE-2025-59497 (Time-of-check time-of-use (toctou) race condition in Microsoft
Defende ...)
TODO: check
CVE-2025-59494 (Improper access control in Azure Monitor Agent allows an
authorized at ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59429 (FreePBX is an open source GUI for managing Asterisk. In
versions prior ...)
TODO: check
CVE-2025-59428 (EspoCRM is an open source customer relationship management
application ...)
@@ -101,7 +101,7 @@ CVE-2025-59288 (Improper verification of cryptographic
signature in GitHub allow
CVE-2025-59287 (Deserialization of untrusted data in Windows Server Update
Service all ...)
TODO: check
CVE-2025-59285 (Deserialization of untrusted data in Azure Monitor Agent
allows an aut ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59284 (Exposure of sensitive information to an unauthorized actor in
Windows ...)
TODO: check
CVE-2025-59282 (Concurrent execution using shared resource with improper
synchronizati ...)
@@ -245,7 +245,7 @@ CVE-2025-59184 (Exposure of sensitive information to an
unauthorized actor in Wi
CVE-2025-59051 (The FreePBX Endpoint Manager module includes a Network
Scanning featur ...)
TODO: check
CVE-2025-58903 (An Unchecked Return Value vulnerability [CWE-252] in Fortinet
FortiOS ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-58739 (Exposure of sensitive information to an unauthorized actor in
Windows ...)
TODO: check
CVE-2025-58738 (Use after free in Inbox COM Objects allows an unauthorized
attacker to ...)
@@ -295,15 +295,15 @@ CVE-2025-58715 (Integer overflow or wraparound in
Microsoft Windows Speech allow
CVE-2025-58714 (Improper access control in Windows Ancillary Function Driver
for WinSo ...)
TODO: check
CVE-2025-58325 (An Incorrect Provision of Specified Functionality
vulnerability [CWE-6 ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-58324 (An improper neutralization of input during web page generation
vulnera ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-57741 (An Incorrect Permission Assignment for Critical Resource
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-57740 (An Heap-based Buffer Overflow vulnerability [CWE-122] in
FortiOS versi ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-57716 (An Uncontrolled Search Path Element vulnerability [CWE-427] in
FortiCl ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-57618 (A path traversal vulnerability in FastX3 thru 3.3.67 allows an
unauthe ...)
TODO: check
CVE-2025-57563 (A path traversal in StarNet Communications Corporation FastX
v.4 throu ...)
@@ -401,39 +401,39 @@ CVE-2025-55247 (Improper link resolution before file
access ('link following') i
CVE-2025-55240 (Improper access control in Visual Studio allows an authorized
attacker ...)
TODO: check
CVE-2025-54973 (A concurrent execution using shared resource with improper
synchroniza ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-54893 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2025-54892 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2025-54891 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2025-54889 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2025-54822 (An improper authorization vulnerability [CWE-285] in Fortinet
FortiOS ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-54603 (An incorrect OIDC authentication flow in Claroty Secure Access
3.3.0 t ...)
TODO: check
CVE-2025-54284 (Illustrator versions 29.7, 28.7.9 and earlier are affected by
an out-o ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-54283 (Illustrator versions 29.7, 28.7.9 and earlier are affected by
an out-o ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-54282 (Adobe Framemaker versions 2020.9, 2022.7 and earlier are
affected by a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-54281 (Adobe Framemaker versions 2020.9, 2022.7 and earlier are
affected by a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-54280 (Substance3D - Viewer versions 0.25.2 and earlier are affected
by an ou ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-54276 (Substance3D - Modeler versions 1.22.3 and earlier are affected
by an o ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-54275 (Substance3D - Viewer versions 0.25.2 and earlier are affected
by an ou ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-54274 (Substance3D - Viewer versions 0.25.2 and earlier are affected
by a Sta ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-54273 (Substance3D - Viewer versions 0.25.2 and earlier are affected
by an ou ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-53845 (An improper authentication vulnerability [CWE-287] in Fortinet
FortiAn ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-53782 (Incorrect implementation of authentication algorithm in
Microsoft Exch ...)
TODO: check
CVE-2025-53768 (Use after free in Xbox allows an authorized attacker to
elevate privil ...)
@@ -453,7 +453,7 @@ CVE-2025-50152 (Out-of-bounds read in Windows Kernel allows
an authorized attack
CVE-2025-49708 (Use after free in Microsoft Graphics Component allows an
authorized at ...)
TODO: check
CVE-2025-49201 (A weak authentication in Fortinet FortiPAM 1.5.0, 1.4.0
through 1.4.2, ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-48813 (Use of a key past its expiration date in Virtual Secure Mode
allows an ...)
TODO: check
CVE-2025-48004 (Use after free in Microsoft Brokering File System allows an
unauthoriz ...)
@@ -463,13 +463,13 @@ CVE-2025-47989 (Improper access control in Azure
Connected Machine Agent allows
CVE-2025-47979 (Insertion of sensitive information into log file in Windows
Failover C ...)
TODO: check
CVE-2025-47890 (An URL Redirection to Untrusted Site vulnerabilities [CWE-601]
in Fort ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-47856 (Two improper neutralization of special elements used in an OS
command ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-46774 (An Improper Verification of Cryptographic Signature
vulnerability [CWE ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-46581 (ZTE's ZXCDN product is affected by a Struts remote code
execution (RC ...)
- TODO: check
+ NOT-FOR-US: ZTE
CVE-2025-41718 (A cleartext transmission of sensitive information
vulnerability in the ...)
TODO: check
CVE-2025-41707 (The websocket handler is vulnerable to a denial of service
condition. ...)
@@ -485,61 +485,61 @@ CVE-2025-41703 (An unauthenticated remote attacker can
cause a Denial of Service
CVE-2025-41699 (An low privileged remote attacker with an account for the
Web-based ma ...)
TODO: check
CVE-2025-40812 (A vulnerability has been identified in Solid Edge SE2024 (All
versions ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40811 (A vulnerability has been identified in Solid Edge SE2024 (All
versions ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40810 (A vulnerability has been identified in Solid Edge SE2024 (All
versions ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40809 (A vulnerability has been identified in Solid Edge SE2024 (All
versions ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40774 (A vulnerability has been identified in SiPass integrated (All
versions ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40773 (A vulnerability has been identified in SiPass integrated (All
versions ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40772 (A vulnerability has been identified in SiPass integrated (All
versions ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40771 (A vulnerability has been identified in SIMATIC CP 1542SP-1
(6GK7542-6U ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40765 (A vulnerability has been identified in TeleControl Server
Basic V3.1 ( ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40755 (A vulnerability has been identified in SINEC NMS (All versions
< V4.0 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-37149 (A potential out-of-bound reads vulnerability in HPE ProLiant
RL300 G ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37148 (A vulnerability in the parsing of ethernet frames in AOS-8
Instant and ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37147 (A Secure Boot Bypass Vulnerability exists in affected Access
Points th ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37146 (A vulnerability in the web-based management interface of
network acces ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37145 (Arbitrary file download vulnerabilities exist in a low-level
interface ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37144 (Arbitrary file download vulnerabilities exist in a low-level
interface ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37143 (An arbitrary file download vulnerability exists in the
web-based manag ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37142 (Arbitrary file download vulnerabilities exist in the CLI
binary of AOS ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37141 (Arbitrary file download vulnerabilities exist in the CLI
binary of AOS ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37140 (Arbitrary file download vulnerabilities exist in the CLI
binary of AOS ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37139 (A vulnerability in an AOS firmware binary allows an
authenticated mali ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37138 (An authenticated command injection vulnerability exists in the
command ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37137 (Arbitrary file deletion vulnerabilities have been identified
in the co ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37136 (Arbitrary file deletion vulnerabilities have been identified
in the co ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37135 (Arbitrary file deletion vulnerabilities have been identified
in the co ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37134 (An authenticated command injection vulnerability exists in the
CLI bin ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37133 (An authenticated command injection vulnerability exists in the
CLI bin ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37132 (An arbitrary file write vulnerability exists in the web-based
manageme ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-36730 (A prompt injection vulnerability exists in Windsurft version
1.10.7 in ...)
TODO: check
CVE-2025-34267 (Flowise v3.0.1 < 3.0.8 and all versions after with
'ALLOW_BUILTIN_DEP' ...)
@@ -549,21 +549,21 @@ CVE-2025-33182 (NVIDIA Jetson Linux contains a
vulnerability in UEFI, where impr
CVE-2025-33177 (NVIDIA Jetson Linux and IGX OS contain a vulnerability in
NvMap, where ...)
TODO: check
CVE-2025-33044 (APTIOV contains a vulnerability in BIOS where an attacker may
cause an ...)
- TODO: check
+ NOT-FOR-US: AMI
CVE-2025-31514 (An Insertion of Sensitive Information into Log File
vulnerability [CWE ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-31366 (An Improper Neutralization of Input During Web Page Generation
vulnera ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-31365 (An Improper Control of Generation of Code ('Code Injection')
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-27906 (IBM Content Navigator 3.0.11, 3.0.15, 3.1.0, and 3.2.0 could
expose th ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-25255 (An Improperly Implemented Security Check for Standard
vulnerability [C ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-25253 (An Improper Validation of Certificate with Host Mismatch
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-25252 (An Insufficient Session Expiration vulnerability [CWE-613] in
FortiOS ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-25004 (Improper access control in Microsoft PowerShell allows an
authorized a ...)
TODO: check
CVE-2025-24990 (Microsoft is aware of vulnerabilities in the third party Agere
Modem d ...)
@@ -573,85 +573,85 @@ CVE-2025-24052 (Microsoft is aware of vulnerabilities in
the third party Agere M
CVE-2025-23356 (NVIDIA Isaac Lab contains a vulnerability in SB3 configuration
parsing ...)
TODO: check
CVE-2025-22833 (APTIOV contains a vulnerability in BIOS where an attacker may
cause a ...)
- TODO: check
+ NOT-FOR-US: AMI
CVE-2025-22832 (APTIOV contains a vulnerability in BIOS where an attacker may
cause an ...)
- TODO: check
+ NOT-FOR-US: AMI
CVE-2025-22831 (APTIOV contains a vulnerability in BIOS where an attacker may
cause an ...)
- TODO: check
+ NOT-FOR-US: AMI
CVE-2025-22258 (A heap-based buffer overflow in Fortinet FortiSRA 1.5.0, 1.4.0
through ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-20724 (In wlan AP driver, there is a possible out of bounds read due
to an in ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20723 (In gnss driver, there is a possible out of bounds write due to
an inco ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20722 (In gnss driver, there is a possible out of bounds read due to
an integ ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20721 (In imgsensor, there is a possible out of bounds write due to a
missing ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20720 (In wlan AP driver, there is a possible out of bounds write due
to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20719 (In wlan AP driver, there is a possible out of bounds write due
to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20718 (In wlan AP driver, there is a possible out of bounds write due
to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20717 (In wlan AP driver, there is a possible out of bounds write due
to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20716 (In wlan AP driver, there is a possible out of bounds write due
to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20715 (In wlan AP driver, there is a possible out of bounds write due
to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20714 (In wlan AP driver, there is a possible out of bounds write due
to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20713 (In wlan AP driver, there is a possible out of bounds write due
to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20712 (In wlan AP driver, there is a possible out of bounds write due
to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20711 (In wlan AP driver, there is a possible out of bounds write due
to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20710 (In wlan AP driver, there is a possible out of bounds write due
to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20709 (In wlan AP driver, there is a possible out of bounds write due
to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-11736 (A flaw has been found in itsourcecode Online Examination
System 1.0. A ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-11577 (Clevo\u2019s UEFI firmware update packages, including
B10717.exe, inad ...)
TODO: check
CVE-2025-11548 (A remote, unauthenticated privilege escalation in ibi WebFOCUS
allows ...)
- TODO: check
+ NOT-FOR-US: TIBCO
CVE-2025-11498 (An Improper Neutralization of Formula Elements in a CSV File
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: ABB group
CVE-2025-10986 (Path traversal in the admin panel of Ivanti EPMM before
version 12.6.0 ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2025-10985 (OS command injection in the admin panel of Ivanti EPMM before
version ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2025-10610 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
TODO: check
CVE-2025-10243 (OS command injection in the admin panel of Ivanti EPMM before
version ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2025-10242 (OS command injection in the admin panel of Ivanti EPMM before
version ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2025-10228 (Session Fixation vulnerability in Rolantis Information
Technologies Ag ...)
TODO: check
CVE-2025-0033 (Improper access control within AMD SEV-SNP could allow an admin
privil ...)
TODO: check
CVE-2024-50571 (A heap-based buffer overflow in Fortinet FortiOS 7.6.0 through
7.6.1, ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-48891 (An Improper Neutralization of Special Elements used in an OS
Command ( ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-47569 (A insertion of sensitive information into sent data in
Fortinet FortiM ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-44088 (Malicious script injection ('Cross-site Scripting')
vulnerability in A ...)
TODO: check
CVE-2024-33507 (An insufficient session expiration vulnerability [CWE-613] and
an inco ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-26008 (An improper check or handling of exceptional conditions
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2023-46718 (A stack-based buffer overflow in Fortinet FortiOS version
7.4.0 throug ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2011-20002 (A vulnerability has been identified in SIMATIC S7-1200 CPU V1
family ( ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2011-20001 (A vulnerability has been identified in SIMATIC S7-1200 CPU V1
family ( ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-11687
- gi-docgen <unfixed>
NOTE: https://gitlab.gnome.org/GNOME/gi-docgen/-/issues/228
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd151f9c1f12fdc6e029023d937bb93d96999ef3
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd151f9c1f12fdc6e029023d937bb93d96999ef3
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
