Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
79690d6c by Salvatore Bonaccorso at 2025-02-11T09:23:04+01:00
Process several CVEs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2025-25243 (SAP Supplier Relationship Management (Master Data Management
Catalog) ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-25241 (Due to a missing authorization check, an attacker who is
logged in to ...)
TODO: check
CVE-2025-25194 (Lemmy, a link aggregator and forum for the fediverse, is
vulnerable to ...)
@@ -13,25 +13,25 @@ CVE-2025-25189 (The ZOO-Project is an open source
processing platform. A reflect
CVE-2025-24970 (Netty, an asynchronous, event-driven network application
framework, ha ...)
TODO: check
CVE-2025-24876 (The SAP Approuter Node.js package version v16.7.1 and before
is vulner ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-24875 (SAP Commerce, by default, sets certain cookies with the
SameSite attri ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-24874 (SAP Commerce (Backoffice) uses the deprecated X-FRAME-OPTIONS
header t ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-24872 (The ABAP Build Framework in SAP ABAP Platform allows an
authenticated ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-24870 (SAP GUI for Windows & RFC service credentials are incorrectly
stored i ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-24869 (SAP NetWeaver Application Server Java allows an attacker to
access an ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-24868 (The User Account and Authentication service (UAA) for SAP HANA
extende ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-24867 (SAP BusinessObjects Platform (BI Launchpad) does not
sufficiently hand ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-23193 (SAP NetWeaver Server ABAP allows an unauthenticated attacker
to exploi ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-23191 (Cached values belonging to the SAP OData endpoint in SAP Fiori
for SAP ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-23190 (Due to missing authorization check, an authenticated attacker
could ca ...)
TODO: check
CVE-2025-23189 (Due to missing authorization check in an RFC enabled function
module i ...)
@@ -103,9 +103,9 @@ CVE-2025-0181 (The WP Foodbakery plugin for WordPress is
vulnerable to privilege
CVE-2025-0180 (The WP Foodbakery plugin for WordPress is vulnerable to
privilege esca ...)
TODO: check
CVE-2025-0064 (Under specific conditions, the Central Management Console of
the SAP B ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-0054 (SAP NetWeaver Application Server Java does not sufficiently
handle use ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2024-9688
REJECTED
CVE-2024-9625
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/79690d6c579b8f1796f62c2a5eb6a874219b28ba
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/79690d6c579b8f1796f62c2a5eb6a874219b28ba
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
