Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
318169ea by Salvatore Bonaccorso at 2025-07-17T14:16:06+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
CVE-2025-7735 (The Hospital Information System developed by UNIMAX has a SQL
Injectio ...)
- TODO: check
+ NOT-FOR-US: Hospital Information System developed by UNIMAX
CVE-2025-7729 (A vulnerability classified as problematic was found in
Scada-LTS up to ...)
- TODO: check
+ NOT-FOR-US: Scada-LTS
CVE-2025-7728 (A vulnerability classified as problematic has been found in
Scada-LTS ...)
- TODO: check
+ NOT-FOR-US: Scada-LTS
CVE-2025-7712 (The Madara - Core plugin for WordPress is vulnerable to
arbitrary file ...)
NOT-FOR-US: WordPress plugin
CVE-2025-6983 (A Clickjackingvulnerability in TP-Link Archer C1200 web
management p ...)
@@ -13,33 +13,33 @@ CVE-2025-5396 (The Bears Backup plugin for WordPress is
vulnerable to Remote Cod
CVE-2025-4302 (The Stop User Enumeration WordPress plugin before version 1.7.3
blocks ...)
NOT-FOR-US: WordPress plugin
CVE-2025-34132 (A command injection vulnerability exists in LILIN Digital
Video Record ...)
- TODO: check
+ NOT-FOR-US: LILIN Digital Video Recorder (DVR) devices
CVE-2025-34130 (An unauthenticated arbitrary file read exists in LILIN Digital
Video R ...)
- TODO: check
+ NOT-FOR-US: LILIN Digital Video Recorder (DVR) devices
CVE-2025-34129 (A command injection vulnerability exists in LILIN LILIN
Digital Video ...)
- TODO: check
+ NOT-FOR-US: LILIN Digital Video Recorder (DVR) devices
CVE-2025-34128 (A buffer overflow vulnerability exists in the X360 VideoPlayer
ActiveX ...)
- TODO: check
+ NOT-FOR-US: X360 VideoPlayer ActiveX control (VideoPlayer.ocx)
CVE-2025-34127 (A stack-based buffer overflow exists in Achat v0.150 in its
default co ...)
- TODO: check
+ NOT-FOR-US: Achat
CVE-2025-34126 (A path traversal vulnerability exists in RIPS Scanner version
0.54. Th ...)
- TODO: check
+ NOT-FOR-US: RIPS Scanner
CVE-2025-34125 (An unauthenticated command injection vulnerability exists in
the cooki ...)
NOT-FOR-US: D-Link
CVE-2025-34124 (A buffer overflow vulnerability exists in Heroes of Might and
Magic II ...)
- TODO: check
+ NOT-FOR-US: Heroes of Might and Magic III Complete
CVE-2025-34123 (A stack-based buffer overflow vulnerability exists in
VideoCharge Stud ...)
- TODO: check
+ NOT-FOR-US: VideoCharge Studio
CVE-2025-34121 (An unauthenticated arbitrary file upload vulnerability exists
in Idera ...)
- TODO: check
+ NOT-FOR-US: Idera Up.Time Monitoring Station
CVE-2025-34120 (An unauthenticated file download vulnerability exists in
LimeSurvey ve ...)
TODO: check
CVE-2025-34119 (A remote file disclosure vulnerability exists in EasyCafe
Server 2.2.1 ...)
- TODO: check
+ NOT-FOR-US: EasyCafe Server
CVE-2025-34118 (A path traversal vulnerability exists in Linknat VOS Manager
versions ...)
- TODO: check
+ NOT-FOR-US: Linknat VOS Manager
CVE-2025-34117 (A remote code execution vulnerability exists in multiple
Netcore and N ...)
- TODO: check
+ NOT-FOR-US: Netcore and Netis routers
CVE-2024-12498
REJECTED
CVE-2025-7703 (Authentication vulnerability in the mobile
application\uff08tech.palm. ...)
@@ -322,13 +322,13 @@ CVE-2025-24779 (Deserialization of Untrusted Data
vulnerability in NooTheme Yogi
CVE-2025-24777 (Deserialization of Untrusted Data vulnerability in awethemes
Hillter a ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-24759 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22227 (In some specific scenarios with chained redirects, Reactor
Netty HTTP ...)
TODO: check
CVE-2025-20337 (A vulnerability in a specific API of Cisco ISE and Cisco
ISE-PIC could ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2025-20288 (A vulnerability in the web-based management interface of Cisco
Unified ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2025-20285 (A vulnerability in the IP Access Restriction feature of Cisco
ISE and ...)
NOT-FOR-US: Cisco
CVE-2025-20284 (A vulnerability in a specific API of Cisco ISE and Cisco
ISE-PIC could ...)
@@ -336,9 +336,9 @@ CVE-2025-20284 (A vulnerability in a specific API of Cisco
ISE and Cisco ISE-PIC
CVE-2025-20283 (A vulnerability in a specific API of Cisco ISE and Cisco
ISE-PIC could ...)
NOT-FOR-US: Cisco
CVE-2025-20274 (A vulnerability in the web-based management interface of Cisco
Unified ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2025-20272 (A vulnerability in a subset of REST APIs of Cisco Prime
Infrastructure ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-9408 (In Eclipse GlassFish since version 6.2.5 it is possible to
perform a S ...)
TODO: check
CVE-2024-9343 (In Eclipse GlassFish version 7.0.15 is possible to perform
Stored Cros ...)
@@ -346,7 +346,7 @@ CVE-2024-9343 (In Eclipse GlassFish version 7.0.15 is
possible to perform Stored
CVE-2024-9342 (In Eclipse GlassFish version 7.0.16 or earlier it is possible
to perfo ...)
TODO: check
CVE-2024-42912 (A cross-site scripting (XSS) vulnerability in META-INF Kft.
Email This ...)
- TODO: check
+ NOT-FOR-US: META-INF Kft. Email This Issue (Data Center)
CVE-2024-10032 (In Eclipse GlassFish version 7.0.15 is possible to perform
Stored Cros ...)
TODO: check
CVE-2024-10031 (In Eclipse GlassFish version 7.0.15 is possible to perform
Stored Cros ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/318169ea4ffeb3067e65789417dafc8818547f2e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/318169ea4ffeb3067e65789417dafc8818547f2e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
