Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f71eef5a by Salvatore Bonaccorso at 2025-10-03T15:24:14+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -224,11 +224,11 @@ CVE-2025-56162 (YOSHOP 2.0 suffers from an
unauthenticated SQL injection in the
CVE-2025-56161 (YOSHOP 2.0 allows unauthenticated information disclosure via
comment-l ...)
NOT-FOR-US: YOSHOP
CVE-2025-56154 (htmly v3.0.8 is vulnerable to Cross Site Scripting (XSS) in
the /autho ...)
- TODO: check
+ NOT-FOR-US: htmly
CVE-2025-56019 (An insecure permission vulnerability exists in the Agasta
Easytouch+ v ...)
NOT-FOR-US: Agasta Easytouch+
CVE-2025-54468 (A vulnerability has been identified within Rancher Manager
whereby `Im ...)
- TODO: check
+ NOT-FOR-US: Rancher
CVE-2025-54315 (The Matrix specification before 1.16 (i.e., with a room
version before ...)
TODO: check
CVE-2025-54293 (Path Traversal in the log file retrieval function in Canonical
LXD 5.0 ...)
@@ -270,39 +270,39 @@ CVE-2025-53881 (A UNIX Symbolic Link (Symlink) Following
vulnerability in logrot
CVE-2025-49090 (The Matrix specification before 1.16 (i.e., with a room
version before ...)
TODO: check
CVE-2025-41064 (Incorrect authentication vulnerability in OpenSIAC, which
could allow ...)
- TODO: check
+ NOT-FOR-US: OpenSIAC
CVE-2025-41010 (Incorrect Cross-Origin Resource Sharing (CORS) configuration
in Hiberu ...)
- TODO: check
+ NOT-FOR-US: Hiberus Sintra
CVE-2025-40992 (Stored XSS vulnerability in Creativeitem Sociopro due to lack
of prope ...)
- TODO: check
+ NOT-FOR-US: Creativeitem Sociopro
CVE-2025-40991 (Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0
by Creat ...)
- TODO: check
+ NOT-FOR-US: Ekushey CRM
CVE-2025-40990 (Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0
by Creat ...)
- TODO: check
+ NOT-FOR-US: Ekushey CRM
CVE-2025-40989 (Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0
by Creat ...)
- TODO: check
+ NOT-FOR-US: Ekushey CRM
CVE-2025-40646 (Exposure of sensitive information in Viday. This vulnerability
could a ...)
- TODO: check
+ NOT-FOR-US: Viday
CVE-2025-40645 (Exposure of sensitive information in Viday. This vulnerability
could a ...)
- TODO: check
+ NOT-FOR-US: Viday
CVE-2025-34210 (Vasion Print (formerly PrinterLogic) Virtual Appliance Host
and Applic ...)
- TODO: check
+ NOT-FOR-US: Vasion Print (formerly PrinterLogic)
CVE-2025-34208 (Vasion Print (formerly PrinterLogic) Virtual Appliance Host
and Applic ...)
- TODO: check
+ NOT-FOR-US: Vasion Print (formerly PrinterLogic)
CVE-2025-32942 (SSH Tectia Server before 6.6.6 sometimes allows attackers to
read and ...)
- TODO: check
+ NOT-FOR-US: SSH Tectia Server
CVE-2025-22862 (AnAuthentication Bypass Using an Alternate Path or Channel
vulnerabili ...)
NOT-FOR-US: Fortinet
CVE-2025-11240 (An open redirect vulnerability existed in KNIME Business Hub
prior to ...)
- TODO: check
+ NOT-FOR-US: KNIME
CVE-2025-11239 (Potentially sensitive information in jobs on KNIME Business
Hub prior ...)
- TODO: check
+ NOT-FOR-US: KNIME
CVE-2025-0642 (Use of Hard-coded Credentials, Authorization Bypass Through
User-Contr ...)
- TODO: check
+ NOT-FOR-US: PosCube Hardware Software and Consulting Ltd. Co. Assist
CVE-2024-58267 (A vulnerability has been identified within Rancher Manager
whereby the ...)
- TODO: check
+ NOT-FOR-US: Rancher
CVE-2024-58260 (A vulnerability has been identified within Rancher Manager
where a mis ...)
- TODO: check
+ NOT-FOR-US: Rancher
CVE-2025-61642 [Escape submit button label for Codex-based HTMLForms]
- mediawiki <unfixed>
[bookworm] - mediawiki <not-affected> (Vulnerable code not present)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f71eef5a589b6ee29c6ecfa43c563d765687f1b8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f71eef5a589b6ee29c6ecfa43c563d765687f1b8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
