Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f498fbe8 by Salvatore Bonaccorso at 2025-11-18T21:41:57+01:00
Add new grub2 issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -68,13 +68,17 @@ CVE-2025-63225 (The Eurolab ELTS100_UBX device (firmware
version ELTS100v1.UBX)
CVE-2025-61713 (A Cleartext Storage of Sensitive Information in Memory
vulnerability [ ...)
NOT-FOR-US: Fortinet
CVE-2025-61664 (A vulnerability in the GRUB2 bootloader has been identified in
the nor ...)
- TODO: check
+ - grub2 <unfixed>
+ NOTE:
https://gitweb.git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=05d3698b8b03eccc49e53491bbd75dba15f40917
CVE-2025-61663 (A vulnerability has been identified in the GRUB2 bootloader's
normal c ...)
- TODO: check
+ - grub2 <unfixed>
+ NOTE:
https://gitweb.git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=05d3698b8b03eccc49e53491bbd75dba15f40917
CVE-2025-61662 (A Use-After-Free vulnerability has been discovered in GRUB's
gettext m ...)
- TODO: check
+ - grub2 <unfixed>
+ NOTE:
https://gitweb.git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=8ed78fd9f0852ab218cc1f991c38e5a229e43807
CVE-2025-61661 (A vulnerability has been identified in the GRUB (Grand Unified
Bootloa ...)
- TODO: check
+ - grub2 <unfixed>
+ NOTE:
https://gitweb.git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=549a9cc372fd0b96a4ccdfad0e12140476cc62a3
CVE-2025-60455 (Unsafe Deserialization vulnerability in Modular Max Serve
before 25.6, ...)
NOT-FOR-US: Modular Max Serve
CVE-2025-59669 (A use of hard-coded credentials vulnerability in Fortinet
FortiWeb 7.6 ...)
@@ -126,9 +130,11 @@ CVE-2025-54971 (An exposure of sensitive information to an
unauthorized actor vu
CVE-2025-54821 (An Improper Privilege Management vulnerability [CWE-269] in
Fortinet F ...)
NOT-FOR-US: Fortinet
CVE-2025-54771 (A use-after-free vulnerability has been identified in the GNU
GRUB (Gr ...)
- TODO: check
+ - grub2 <unfixed>
+ NOTE:
https://gitweb.git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=c4fb4cbc941981894a00ba8e75d634a41967a27f
CVE-2025-54770 (A vulnerability has been identified in the GRUB2 bootloader's
network ...)
- TODO: check
+ - grub2 <unfixed>
+ NOTE:
https://gitweb.git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=10e58a14db20e17d1b6a39abe38df01fef98e29d
CVE-2025-54660 (An active debug code vulnerability in Fortinet
FortiClientWindows 7.4. ...)
NOT-FOR-US: Fortinet
CVE-2025-54321 (In Ascertia SigningHub through 8.6.8, there is a lack of rate
limiting ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f498fbe8df28dea100233e81b47e189e7c337894
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f498fbe8df28dea100233e81b47e189e7c337894
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
