Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9ab21b42 by security tracker role at 2025-08-08T20:13:02+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -17,17 +17,17 @@ CVE-2025-8733 (A vulnerability was found in GNU Bison up to
3.8.2. It has been r
CVE-2025-8732 (A vulnerability was found in libxml2 up to 2.14.5. It has been
declare ...)
TODO: check
CVE-2025-8731 (A vulnerability was found in TRENDnet TI-G160i, TI-PG102i and
TPL-430A ...)
- TODO: check
+ NOT-FOR-US: TRENDnet
CVE-2025-8730 (A vulnerability was found in Belkin F9K1009 and F9K1010
2.00.04/2.00.0 ...)
- TODO: check
+ NOT-FOR-US: Belkin
CVE-2025-8729 (A vulnerability has been found in MigoXLab LMeterX 1.2.0 and
classifie ...)
TODO: check
CVE-2025-8393 (A TLS vulnerability exists in the phone application used to
manage a ...)
TODO: check
CVE-2025-8356 (In Xerox FreeFlow Core version 8.0.4, an attacker can exploit a
Path T ...)
- TODO: check
+ NOT-FOR-US: Xerox
CVE-2025-8355 (In Xerox FreeFlow Core version 8.0.4, improper handling of XML
input a ...)
- TODO: check
+ NOT-FOR-US: Xerox
CVE-2025-8284 (By default, the Packet Power Monitoring and Control Web
Interface do n ...)
TODO: check
CVE-2025-8088 (A path traversal vulnerability affecting the Windows version of
WinRAR ...)
@@ -57,19 +57,19 @@ CVE-2025-50466 (OpenMetadata <=1.4.4 is vulnerable to SQL
Injection. An attacker
CVE-2025-50465 (OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An
attacker can e ...)
TODO: check
CVE-2025-4796 (The Eventin plugin for WordPress is vulnerable to privilege
escalation ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-4576 (A reflected cross-site scripting (XSS) vulnerability in the
Liferay Po ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-48913 (If untrusted users are allowed to configure JMS for Apache
CXF, previo ...)
- TODO: check
+ NOT-FOR-US: Apache software not packaged in Debian
CVE-2025-47872 (The public-facing product registration endpoint server
responds diffe ...)
TODO: check
CVE-2025-46414 (The affected product does not limit the number of attempts for
inputti ...)
TODO: check
CVE-2025-36119 (IBM i 7.3, 7.4, 7.5, and 7.6 is affected by an authenticated
user obta ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-36023 (IBM Cloud Pak for Business Automation 24.0.0 through 24.0.0
IF005 and ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2012-10053 (Simple Web Server 2.2 rc2 contains a stack-based buffer
overflow vulne ...)
TODO: check
CVE-2012-10052 (EGallery version 1.2 contains an unauthenticated arbitrary
file upload ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9ab21b42bbd9a1cc1e9fa32ee7e10818d526ad67
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9ab21b42bbd9a1cc1e9fa32ee7e10818d526ad67
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
