Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2a3b5e6a by Salvatore Bonaccorso at 2025-04-08T11:11:14+02:00
Process more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11,11 +11,11 @@ CVE-2025-3427 (The 3DPrint Lite plugin for WordPress is
vulnerable to SQL Inject
CVE-2025-3413 (A vulnerability has been found in opplus springboot-admin up to
a2d531 ...)
TODO: check
CVE-2025-3412 (A vulnerability, which was classified as critical, was found in
mymagi ...)
- TODO: check
+ NOT-FOR-US: mymagicpower AIAS
CVE-2025-3411 (A vulnerability, which was classified as critical, has been
found in m ...)
- TODO: check
+ NOT-FOR-US: mymagicpower AIAS
CVE-2025-3410 (A vulnerability classified as critical was found in
mymagicpower AIAS ...)
- TODO: check
+ NOT-FOR-US: mymagicpower AIAS
CVE-2025-3409 (A vulnerability classified as critical has been found in
Nothings stb ...)
TODO: check
CVE-2025-3408 (A vulnerability was found in Nothings stb up to f056911. It has
been r ...)
@@ -25,11 +25,11 @@ CVE-2025-3407 (A vulnerability was found in Nothings stb up
to f056911. It has b
CVE-2025-3406 (A vulnerability was found in Nothings stb up to f056911. It has
been c ...)
TODO: check
CVE-2025-3405 (A vulnerability was found in FCJ Venture Builder appclientefiel
3.0.27 ...)
- TODO: check
+ NOT-FOR-US: FCJ Venture Builder appclientefiel
CVE-2025-3403 (A vulnerability was found in Vivotek NVR ND8422P, NVR ND9525P
and NVR ...)
- TODO: check
+ NOT-FOR-US: Vivotek
CVE-2025-3402 (A vulnerability was found in Seeyon Zhiyuan Interconnect FE
Collaborat ...)
- TODO: check
+ NOT-FOR-US: Seeyon Zhiyuan Interconnect FE Collaborative Office Platform
CVE-2025-3401 (A vulnerability has been found in ESAFENET CDG
5.6.3.154.205_20250114 ...)
NOT-FOR-US: ESAFENET
CVE-2025-3400 (A vulnerability, which was classified as critical, was found in
ESAFEN ...)
@@ -37,45 +37,45 @@ CVE-2025-3400 (A vulnerability, which was classified as
critical, was found in E
CVE-2025-3399 (A vulnerability, which was classified as critical, has been
found in E ...)
NOT-FOR-US: ESAFENET
CVE-2025-3398 (A vulnerability classified as critical was found in lenve VBlog
up to ...)
- TODO: check
+ NOT-FOR-US: lenve VBlog
CVE-2025-3397 (A vulnerability classified as problematic has been found in
YzmCMS 7.1 ...)
- TODO: check
+ NOT-FOR-US: YzmCMS
CVE-2025-3393 (A vulnerability was found in mrcen springboot-ucan-admin up to
5f35162 ...)
TODO: check
CVE-2025-3392 (A vulnerability was found in hailey888 oa_system up to
2025.01.01 and ...)
- TODO: check
+ NOT-FOR-US: hailey888 oa_system
CVE-2025-3391 (A vulnerability has been found in hailey888 oa_system up to
2025.01.01 ...)
- TODO: check
+ NOT-FOR-US: hailey888 oa_system
CVE-2025-3390 (A vulnerability, which was classified as problematic, was found
in hai ...)
- TODO: check
+ NOT-FOR-US: hailey888 oa_system
CVE-2025-3389 (A vulnerability, which was classified as problematic, has been
found i ...)
- TODO: check
+ NOT-FOR-US: hailey888 oa_system
CVE-2025-3388 (A vulnerability classified as problematic was found in
hailey888 oa_sy ...)
- TODO: check
+ NOT-FOR-US: hailey888 oa_system
CVE-2025-3387 (A vulnerability classified as problematic has been found in
renrenio r ...)
- TODO: check
+ NOT-FOR-US: renrenio renren-security
CVE-2025-3386 (A vulnerability was found in LinZhaoguan pb-cms 2.0. It has
been rated ...)
- TODO: check
+ NOT-FOR-US: LinZhaoguan pb-cms
CVE-2025-3385 (A vulnerability was found in LinZhaoguan pb-cms 2.0. It has
been decla ...)
- TODO: check
+ NOT-FOR-US: LinZhaoguan pb-cms
CVE-2025-3384 (A vulnerability was found in 1000 Projects Human Resource
Management S ...)
- TODO: check
+ NOT-FOR-US: 1000 Projects Human Resource Management System
CVE-2025-3383 (A vulnerability was found in SourceCodester Web-based Pharmacy
Product ...)
NOT-FOR-US: SourceCodester
CVE-2025-3364 (The SSH service of PowerStation from HGiga has a Chroot Escape
vulnera ...)
- TODO: check
+ NOT-FOR-US: HGiga
CVE-2025-3363 (The web service of iSherlock from HGiga has an OS Command
Injection vu ...)
- TODO: check
+ NOT-FOR-US: HGiga
CVE-2025-3362 (The web service of iSherlock from HGiga has an OS Command
Injection vu ...)
- TODO: check
+ NOT-FOR-US: HGiga
CVE-2025-3361 (The web service of iSherlock from HGiga has an OS Command
Injection vu ...)
- TODO: check
+ NOT-FOR-US: HGiga
CVE-2025-32414 (In libxml2 before 2.13.8 and 2.14.x before 2.14.2,
out-of-bounds memor ...)
TODO: check
CVE-2025-32413 (Vulnerability-Lookup before 2.7.1 allows stored XSS via a user
bio in ...)
TODO: check
CVE-2025-32409 (Ratta SuperNote A6 X2 Nomad before December 2024 allows remote
code ex ...)
- TODO: check
+ NOT-FOR-US: Ratta SuperNote A6 X2 Nomad
CVE-2025-32034 (The Apollo Router Core is a configurable, high-performance
graph route ...)
TODO: check
CVE-2025-32033 (The Apollo Router Core is a configurable, high-performance
graph route ...)
@@ -345,7 +345,7 @@ CVE-2025-0050 (Improper Restriction of Operations within
the Bounds of a Memory
CVE-2024-49848 (Memory corruption while processing multiple IOCTL calls from
HLOS to D ...)
NOT-FOR-US: Qualcomm
CVE-2024-46494 (A cross-site scripting (XSS) vulnerability in Typecho v1.2.1
allows at ...)
- TODO: check
+ NOT-FOR-US: Typecho
CVE-2024-45557 (Memory corruption can occur when TME processes addresses from
TZ and M ...)
NOT-FOR-US: Qualcomm
CVE-2024-45556 (Cryptographic issue may arise because the access control
configuration ...)
@@ -377,7 +377,7 @@ CVE-2024-38797 (EDK2 contains a vulnerability in the
HashPeImageByType(). A user
CVE-2024-33058 (Memory corruption while assigning memory from the source DDR
memory(HL ...)
NOT-FOR-US: Qualcomm
CVE-2024-11859 (DLL Search Order Hijacking vulnerability potentially allowed
an attack ...)
- TODO: check
+ NOT-FOR-US: ESET
CVE-2025-30195 (An attacker can publish a zone containing specific Resource
Record Set ...)
- pdns-recursor 5.2.1-1
[bookworm] - pdns-recursor <not-affected> (Vulnerable code not present)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2a3b5e6a23f569d123e31973bedef5f4ee8545c8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2a3b5e6a23f569d123e31973bedef5f4ee8545c8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
