Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
83b9500b by security tracker role at 2025-10-28T20:14:02+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7,7 +7,7 @@ CVE-2025-61235 (An issue was discovered in Dataphone A920
v2025.07.161103. A cus
CVE-2025-61155 (Hotta Studio GameDriverX64.sys 7.23.4.7, a signed kernel-mode
anti-che ...)
TODO: check
CVE-2025-61128 (Stack-based buffer overflow vulnerability in WAVLINK QUANTUM
D3G/WL-WN ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2025-61107 (FRRouting/frr from v4.0 through v10.4.1 was discovered to
contain a NU ...)
TODO: check
CVE-2025-61106 (FRRouting/frr from v4.0 through v10.4.1 was discovered to
contain a NU ...)
@@ -37,7 +37,7 @@ CVE-2025-59837 (Astro is a web framework that includes an
image proxy. In versio
CVE-2025-56399 (alexusmai laravel-file-manager 3.3.1 and before allows an
authenticate ...)
TODO: check
CVE-2025-55758 (Multiple CSRF attack vectors in JDownloads component
1.0.0-4.0.47 for ...)
- TODO: check
+ NOT-FOR-US: Joomla
CVE-2025-54605 (Bitcoin Core through 29.0 allows Uncontrolled Resource
Consumption (is ...)
TODO: check
CVE-2025-54604 (Bitcoin Core through 29.0 allows Uncontrolled Resource
Consumption (is ...)
@@ -49,15 +49,15 @@ CVE-2025-53814 (A use-after-free vulnerability exists in
the XML parser function
CVE-2025-41090 (microCLAUDIA in v3.2.0 and prior has an improper access
control vulner ...)
TODO: check
CVE-2025-40843 (CodeChecker is an analyzer tooling, defect database and viewer
extensi ...)
- TODO: check
+ NOT-FOR-US: Ericsson
CVE-2025-36386 (IBM Maximo Application Suite 9.0.0 through 9.0.15 and 9.1.0
through 9. ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-36085 (IBM Concert 1.0.0 through 2.0.0 Software is vulnerable to
server-side ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-36083 (IBM Concert Software 1.0.0 through 2.0.0could allow a local
user to ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-36081 (IBM ConcertSoftware 1.0.0 through 2.0.0 could allow a user to
modify ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-34318 (IPFire versions prior to 2.29 (Core Update 198) containa
stored cross- ...)
TODO: check
CVE-2025-34317 (IPFire versions prior to 2.29 (Core Update 198) containa
stored cross- ...)
@@ -99,19 +99,19 @@ CVE-2025-34294 (Wazuh's File Integrity Monitoring (FIM),
when configured with au
CVE-2025-27093 (Sliver is a command and control framework that uses a custom
Wireguard ...)
TODO: check
CVE-2025-1038 (The \u201cDiagnostics Tools\u201d page of the web-based
configuration ...)
- TODO: check
+ NOT-FOR-US: Hitachi Energy
CVE-2025-1037 (By making minor configuration changes to the TropOS 4th Gen
device, an ...)
- TODO: check
+ NOT-FOR-US: Hitachi Energy
CVE-2025-1036 (Command injection vulnerability exists in the
\u201cLogging\u201d page ...)
- TODO: check
+ NOT-FOR-US: Hitachi Energy
CVE-2025-12425 (Local Privilege Escalation.This issue affects BLU-IC2: through
1.19.5; ...)
- TODO: check
+ NOT-FOR-US: Azure Access Technology
CVE-2025-12424 (Privilege Escalation through SUID-bit Binary.This issue
affects BLU-IC ...)
- TODO: check
+ NOT-FOR-US: Azure Access Technology
CVE-2025-12423 (Protocol manipulation might lead to denial of service.This
issue affec ...)
- TODO: check
+ NOT-FOR-US: Azure Access Technology
CVE-2025-12422 (Vulnerable Upgrade Feature (Arbitrary File Write) may lead to
obtainin ...)
- TODO: check
+ NOT-FOR-US: Azure Access Technology
CVE-2025-12390 (A flaw was found in Keycloak. In Keycloak where a user can
accidentall ...)
TODO: check
CVE-2025-12380 (Starting with Firefox 142, it was possible for a compromised
child pro ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/83b9500bc1e1fb828245331409e9e4a787edb2a8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/83b9500bc1e1fb828245331409e9e4a787edb2a8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
