Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4eb29eba by security tracker role at 2025-06-02T20:12:57+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,33 +1,33 @@
CVE-2025-5455 (An issue was found in the private API function qDecodeDataUrl()
in QtC ...)
TODO: check
CVE-2025-5447 (A vulnerability was found in Linksys RE6500, RE6250, RE6300,
RE6350, R ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2025-5446 (A vulnerability was found in Linksys RE6500, RE6250, RE6300,
RE6350, R ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2025-5445 (A vulnerability was found in Linksys RE6500, RE6250, RE6300,
RE6350, R ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2025-5444 (A vulnerability has been found in Linksys RE6500, RE6250,
RE6300, RE63 ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2025-5443 (A vulnerability, which was classified as critical, was found in
Linksy ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2025-5442 (A vulnerability, which was classified as critical, has been
found in L ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2025-5441 (A vulnerability classified as critical was found in Linksys
RE6500, RE ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2025-5440 (A vulnerability classified as critical has been found in
Linksys RE650 ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2025-5439 (A vulnerability was found in Linksys RE6500, RE6250, RE6300,
RE6350, R ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2025-5438 (A vulnerability was found in Linksys RE6500, RE6250, RE6300,
RE6350, R ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2025-5437 (A vulnerability classified as critical has been found in
Multilaser Si ...)
TODO: check
CVE-2025-5086 (A deserialization of untrusted data vulnerability affecting
DELMIA Apr ...)
- TODO: check
+ NOT-FOR-US: Dassault Systemes
CVE-2025-5036 (A maliciously crafted RFA file, when linked or imported into
Autodesk ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2025-49069 (Cross-Site Request Forgery (CSRF) vulnerability in Cimatti
Consulting ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48996 (HAX open-apis provides microservice apis for HAX webcomponents
repo th ...)
TODO: check
CVE-2025-48995 (SignXML is an implementation of the W3C XML Signature standard
in Pyth ...)
@@ -43,9 +43,9 @@ CVE-2025-48957 (AstrBot is a large language model chatbot and
development framew
CVE-2025-48955 (Para is a multitenant backend server/framework for object
persistence ...)
TODO: check
CVE-2025-48941 (MyBB is free and open source forum software. Prior to version
1.8.39, ...)
- TODO: check
+ NOT-FOR-US: MyBB
CVE-2025-48940 (MyBB is free and open source forum software. Prior to version
1.8.39, ...)
- TODO: check
+ NOT-FOR-US: MyBB
CVE-2025-48866 (ModSecurity is an open source, cross platform web application
firewall ...)
TODO: check
CVE-2025-48745
@@ -71,25 +71,25 @@ CVE-2025-45542 (SQL injection vulnerability in the
registrationform endpoint of
CVE-2025-45387 (osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken
Access ...)
TODO: check
CVE-2025-44172 (Tenda AC6 V15.03.05.16 was discovered to contain a stack
overflow via ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-44115 (A vulnerability has been found in Cotonti Siena v0.9.25.
Affected by t ...)
TODO: check
CVE-2025-37096 (A command injection remote code execution vulnerability exists
in HPE ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37095 (A directory traversal information disclosure
vulnerabilityexists in HP ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37094 (A directory traversal arbitrary file deletion
vulnerabilityexists in H ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37093 (An authentication bypass vulnerabilityexists in HPE StoreOnce
Software ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37092 (A command injection remote code execution vulnerability exists
in HPE ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37091 (A command injection remote code execution vulnerabilityexists
in HPE S ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37090 (A server-side request forgery vulnerabilityexists in HPE
StoreOnce Sof ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37089 (A command injection remote code execution vulnerability exists
in HPE ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-29785 (quic-go is an implementation of the QUIC protocol in Go. The
loss reco ...)
TODO: check
CVE-2025-27956 (Directory Traversal vulnerability in WebLaudos 24.2 (04)
allows a remo ...)
@@ -101,7 +101,7 @@ CVE-2025-27954 (An issue in Clinical Collaboration Platform
12.2.1.5 allows a re
CVE-2025-27953 (An issue in Clinical Collaboration Platform 12.2.1.5 allows a
remote a ...)
TODO: check
CVE-2025-26396 (The SolarWinds Dameware Mini Remote Control was determined to
be affec ...)
- TODO: check
+ NOT-FOR-US: SolarWinds
CVE-2025-23105 (An issue was discovered in Samsung Mobile Processor Exynos
2200, 1480, ...)
TODO: check
CVE-2025-23104 (An issue was discovered in Samsung Mobile Processor Exynos
2200, 1480, ...)
@@ -111,7 +111,7 @@ CVE-2025-23099 (An issue was discovered in Samsung Mobile
Processor Exynos 1480
CVE-2025-20298 (In Universal Forwarder for Windows versions below 9.4.2,
9.3.4, 9.2.6, ...)
TODO: check
CVE-2025-20297 (In Splunk Enterprise versions below 9.4.2, 9.3.4 and 9.2.6,
and Splunk ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2025-20001 (An out-of-bounds read vulnerability exists in High-Logic
FontCreator 1 ...)
TODO: check
CVE-2025-1750 (An SQL injection vulnerability exists in the delete function of
DuckDB ...)
@@ -125,11 +125,11 @@ CVE-2025-0819 (Use After Free vulnerability in Arm Ltd
Bifrost GPU Kernel Driver
CVE-2025-0073 (Use After Free vulnerability in Arm Ltd Valhall GPU Kernel
Driver, Arm ...)
TODO: check
CVE-2024-8008 (A reflected cross-site scripting (XSS) vulnerability exists in
multipl ...)
- TODO: check
+ NOT-FOR-US: WSO2
CVE-2024-7074 (An arbitrary file upload vulnerability exists in multiple WSO2
product ...)
- TODO: check
+ NOT-FOR-US: WSO2
CVE-2024-7073 (A server-side request forgery (SSRF) vulnerability exists in
multiple ...)
- TODO: check
+ NOT-FOR-US: WSO2
CVE-2024-57783 (The desktop application in Dot through 0.9.3 allows XSS and
resultant ...)
TODO: check
CVE-2024-57459 (A time-based SQL injection vulnerability exists in
mydetailsstudent.ph ...)
@@ -141,9 +141,9 @@ CVE-2024-40113 (Sitecom WLX-2006 Wall Mount Range Extender
N300 v.1.5 and before
CVE-2024-40112 (A Local File Inclusion (LFI) vulnerability exists in Sitecom
WLX-2006 ...)
TODO: check
CVE-2024-3509 (A stored cross-site scripting (XSS) vulnerability exists in the
Manage ...)
- TODO: check
+ NOT-FOR-US: WSO2
CVE-2024-1440 (An open redirection vulnerability exists in multiple WSO2
products due ...)
- TODO: check
+ NOT-FOR-US: WSO2
CVE-2024-12168 (Yandex Telemost for Desktop before 2.7.0has a DLL Hijacking
Vulnerabil ...)
TODO: check
CVE-2024-52035 (An integer overflow vulnerability exists in the OLE Document
File Allo ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4eb29ebaa56ed4af9071c67f267ecf3d74b9e295
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4eb29ebaa56ed4af9071c67f267ecf3d74b9e295
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
