Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
81d10aa3 by security tracker role at 2025-12-09T08:12:57+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -39,55 +39,55 @@ CVE-2025-66202 (Astro is a web framework. Versions 5.15.7
and below have a doubl
CVE-2025-65964 (n8n is an open source workflow automation platform. Versions
0.123.1 t ...)
TODO: check
CVE-2025-65962 (Tuleap is a free and open source suite for management of
software deve ...)
- TODO: check
+ NOT-FOR-US: Tuleap
CVE-2025-65229 (A stored cross-site scripting (XSS) vulnerability exists in
the web in ...)
TODO: check
CVE-2025-65228 (A stored cross-site scripting vulnerability exists in the web
manageme ...)
TODO: check
CVE-2025-64760 (Tuleap is a free and open source suite for management of
software deve ...)
- TODO: check
+ NOT-FOR-US: Tuleap
CVE-2025-64650 (IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.18
could d ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-64499 (Tuleap is a free and open source suite for management of
software deve ...)
- TODO: check
+ NOT-FOR-US: Tuleap
CVE-2025-64498 (Tuleap is an Open Source Suite for management of software
development ...)
- TODO: check
+ NOT-FOR-US: Tuleap
CVE-2025-64497 (Tuleap is an Open Source Suite for management of software
development ...)
- TODO: check
+ NOT-FOR-US: Tuleap
CVE-2025-42928 (Under certain conditions, a high privileged user could exploit
a deser ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42904 (Due to an Information Disclosure vulnerability in Application
Server A ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42896 (SAP BusinessObjects Business Intelligence Platform lets an
unauthentic ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42891 (Due to a missing authorization check in SAP Enterprise Search
for ABAP ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42880 (Due to missing input sanitation, SAP Solution Manager allows
an authen ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42878 (SAP Web Dispatcher and ICM may expose internal testing
interfaces that ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42877 (SAP Web Dispatcher, Internet Communication Manager (ICM), and
SAP Cont ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42876 (Due to a Missing Authorization Check vulnerability in SAP S/4
HANA Pri ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42875 (The SAP Internet Communication Framework does not conduct any
authenti ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42874 (SAP NetWeaver remote service for Xcelsius allows an attacker
with netw ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42873 (SAPUI5 (and OpenUI5) packages use outdated 3rd party libraries
with kn ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42872 (Due to a Cross-Site Scripting (XSS) vulnerability in SAP
NetWeaver Ent ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-36140 (IBM watsonx.data 2.2 through 2.2.1 could allow an
authenticated user t ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-36102 (IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller
11.0.0 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-36017 (IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller
11.0.0 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-36015 (IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller
11.0.0 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-33111 (IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller
11.0.0 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-14311 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
TODO: check
CVE-2025-14310 (Buffer Copy without Checking Size of Input ('Classic Buffer
Overflow') ...)
@@ -101,27 +101,27 @@ CVE-2025-14307 (An insecure temporary file creation
vulnerability exists in the
CVE-2025-14306 (A directory traversal vulnerability exists in the CacheCleaner
compone ...)
TODO: check
CVE-2025-14286 (A vulnerability was determined in Tenda AC9 15.03.05.14_multi.
Affecte ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-14285 (A vulnerability was found in code-projects Employee Profile
Management ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-14284 (Versions of the package @tiptap/extension-link before 2.10.4
are vulne ...)
TODO: check
CVE-2025-14276 (A vulnerability was determined in Ilevia EVE X1 Server up to
4.6.5.0.e ...)
TODO: check
CVE-2025-13604 (The Login Security, FireWall, Malware removal by CleanTalk
plugin for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13428 (A vulnerability exists in the SecOps SOAR server. The custom
integrati ...)
TODO: check
CVE-2025-13071 (The Custom Admin Menu WordPress plugin through 1.0.0 does not
sanitise ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13070 (The CSV to SortTable WordPress plugin through 4.2 does not
validate so ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13031 (The WPeMatico RSS Feed Fetcher WordPress plugin before 2.8.13
does not ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12832 (IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is
vulnera ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-12635 (IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere
Applicatio ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-40344 (In the Linux kernel, the following vulnerability has been
resolved: A ...)
- linux 6.17.8-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/81d10aa3d3d4a0efe72ea673d4fb4f51cb13330f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/81d10aa3d3d4a0efe72ea673d4fb4f51cb13330f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
