Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
de5ca3f9 by Moritz Muehlenhoff at 2025-01-15T09:23:39+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,77 +1,77 @@
CVE-2025-23061 (Mongoose before 8.9.5 can improperly use a nested $where
filter with a ...)
- TODO: check
+ NOT-FOR-US: Mongoose
CVE-2025-23013 (In Yubico pam-u2f before 1.3.1, local privilege escalation can
sometim ...)
TODO: check
CVE-2025-22997 (A stored cross-site scripting (XSS) vulnerability in the
prf_table_con ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2025-22996 (A stored cross-site scripting (XSS) vulnerability in the
spf_table_con ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2025-22394 (Dell Display Manager, versions prior to 2.3.2.18, contain a
Time-of-ch ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2025-21101 (Dell Display Manager, versions prior to 2.3.2.20, contain a
race condi ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2025-0356 (NEC Corporation Aterm WX1500HP Ver.1.4.2 and earlier and
WX3600HP Ver. ...)
- TODO: check
+ NOT-FOR-US: NEC
CVE-2025-0355 (Missing Authentication for Critical Function vulnerability in
NEC Corp ...)
- TODO: check
+ NOT-FOR-US: NEC
CVE-2025-0354 (Cross-site scripting vulnerability in NEC Corporation Aterm
WG2600HS V ...)
- TODO: check
+ NOT-FOR-US: NEC
CVE-2025-0343 (Swift ASN.1 can be caused to crash when parsing certain BER/DER
constr ...)
- TODO: check
+ NOT-FOR-US: swift-asn1
CVE-2024-7322 (A ZigBee coordinator, router, or end device may change their
node ID w ...)
- TODO: check
+ NOT-FOR-US: Silabs
CVE-2024-57767 (MSFM before v2025.01.01 was discovered to contain a
Server-Side Reques ...)
- TODO: check
+ NOT-FOR-US: MSFM (mysiteforme)
CVE-2024-57766 (MSFM before 2025.01.01 was discovered to contain a fastjson
deserializ ...)
- TODO: check
+ NOT-FOR-US: MSFM (mysiteforme)
CVE-2024-57765 (MSFM before 2025.01.01 was discovered to contain a SQL
injection vulne ...)
- TODO: check
+ NOT-FOR-US: MSFM (mysiteforme)
CVE-2024-57764 (MSFM before 2025.01.01 was discovered to contain a fastjson
deserializ ...)
- TODO: check
+ NOT-FOR-US: MSFM (mysiteforme)
CVE-2024-57763 (MSFM before 2025.01.01 was discovered to contain a fastjson
deserializ ...)
- TODO: check
+ NOT-FOR-US: MSFM (mysiteforme)
CVE-2024-57762 (MSFM before v2025.01.01 was discovered to contain a
deserialization vu ...)
- TODO: check
+ NOT-FOR-US: MSFM (mysiteforme)
CVE-2024-57761 (An arbitrary file upload vulnerability in the parserXML()
method of Je ...)
- TODO: check
+ NOT-FOR-US: JeeWMS
CVE-2024-57760 (JeeWMS before v2025.01.01 was discovered to contain a SQL
injection vu ...)
- TODO: check
+ NOT-FOR-US: JeeWMS
CVE-2024-57757 (JeeWMS before v2025.01.01 was discovered to contain a
permission bypas ...)
- TODO: check
+ NOT-FOR-US: JeeWMS
CVE-2024-57483 (Tenda i24 V2.0.0.5 is vulnerable to Buffer Overflow in the
addWifiMacF ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-57482 (H3C N12 V100R005 contains a buffer overflow vulnerability due
to the l ...)
- TODO: check
+ NOT-FOR-US: H3C N12 V100R005
CVE-2024-57480 (H3C N12 V100R005 contains a buffer overflow vulnerability due
to the l ...)
- TODO: check
+ NOT-FOR-US: H3C N12 V100R005
CVE-2024-57479 (H3C N12 V100R005 contains a buffer overflow vulnerability due
to the l ...)
- TODO: check
+ NOT-FOR-US: H3C N12 V100R005
CVE-2024-57473 (H3C N12 V100R005 contains a buffer overflow vulnerability due
to the l ...)
- TODO: check
+ NOT-FOR-US: H3C N12 V100R005
CVE-2024-57471 (H3C N12 V100R005 contains a buffer overflow vulnerability due
to the l ...)
- TODO: check
+ NOT-FOR-US: H3C N12 V100R005
CVE-2024-55577 (Stack-based buffer overflow vulnerability exists in Linux
Ratfor 1.06 ...)
TODO: check
CVE-2024-54730 (Flatnotes <v5.3.1 is vulnerable to denial of service through
the uploa ...)
TODO: check
CVE-2024-54142 (Discourse AI is a Discourse plugin which provides a number of
AI featu ...)
- TODO: check
+ NOT-FOR-US: Discourse plugin
CVE-2024-53277 (Silverstripe Framework is a PHP framework which powers the
Silverstrip ...)
TODO: check
CVE-2024-50861 (The ip_mod_dns_key_form.cgi request in GestioIP v3.5.7 is
vulnerable t ...)
- TODO: check
+ NOT-FOR-US: GestioIP
CVE-2024-50859 (The ip_import_acl_csv request in GestioIP v3.5.7 is vulnerable
to Refl ...)
- TODO: check
+ NOT-FOR-US: GestioIP
CVE-2024-50858 (Multiple endpoints in GestioIP v3.5.7 are vulnerable to
Cross-Site Req ...)
- TODO: check
+ NOT-FOR-US: GestioIP
CVE-2024-50857 (The ip_do_job request in GestioIP v3.5.7 is vulnerable to
Cross-Site S ...)
- TODO: check
+ NOT-FOR-US: GestioIP
CVE-2024-4227 (In Genivia gSOAP with a specific configuration an
unauthenticated remo ...)
- TODO: check
+ NOT-FOR-US: GestioIP
CVE-2024-48760 (An issue in GestioIP v3.5.7 allows a remote attacker to
execute arbitr ...)
- TODO: check
+ NOT-FOR-US: GestioIP
CVE-2024-47605 (silverstripe-asset-admin is a silverstripe assets gallery for
asset ma ...)
- TODO: check
+ NOT-FOR-US: silverstripe-asset-admin
CVE-2024-45102 (A privilege escalation vulnerability was discovered that could
allow a ...)
TODO: check
CVE-2024-42911 (ECOVACS Robotics Deebot T20 OMNI and T20e OMNI before 1.24.0
was disco ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/de5ca3f9ef48513a585bf25f8f72de2901692c53
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/de5ca3f9ef48513a585bf25f8f72de2901692c53
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
