Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cbc1147f by security tracker role at 2025-09-02T20:13:42+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
CVE-2025-9830 (A security flaw has been discovered in PHPGurukul Beauty
Parlour Manag ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-9829 (A vulnerability was identified in PHPGurukul Beauty Parlour
Management ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-9828 (A vulnerability was determined in Tenda CP6 11.10.00.243. The
affected ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-9784 (A flaw was found in Undertow where malformed client requests
can trigg ...)
TODO: check
CVE-2025-9696 (The SunPower PVS6's BluetoothLE interface is vulnerable due to
its use ...)
@@ -19,9 +19,9 @@ CVE-2025-9274 (Oxford Instruments Imaris Viewer IMS File
Parsing Uninitialized P
CVE-2025-9273 (CData API Server MySQL Misconfiguration Information Disclosure
Vulnera ...)
TODO: check
CVE-2025-9189 (There is an out of bounds write vulnerability due to improper
bounds c ...)
- TODO: check
+ NOT-FOR-US: National Instruments
CVE-2025-9188 (There is a deserialization of untrusted data vulnerability in
Digilent ...)
- TODO: check
+ NOT-FOR-US: National Instruments
CVE-2025-8614 (NoMachine Uncontrolled Search Path Element Local Privilege
Escalation ...)
TODO: check
CVE-2025-8613 (Vacron Camera ping Command Injection Remote Code Execution
Vulnerabili ...)
@@ -49,15 +49,15 @@ CVE-2025-6519 (E3 Site Supervisor (firmware version <
2.31F01) has a default adm
CVE-2025-5662 (A deserialization vulnerability exists in the H2O-3 REST API
(POST /99 ...)
TODO: check
CVE-2025-57778 (There is an out of bounds write vulnerability due to improper
bounds c ...)
- TODO: check
+ NOT-FOR-US: National Instruments
CVE-2025-57777 (There is an out of bounds write vulnerability due to improper
bounds c ...)
- TODO: check
+ NOT-FOR-US: National Instruments
CVE-2025-57776 (There is an out of bounds write vulnerability due to improper
bounds c ...)
- TODO: check
+ NOT-FOR-US: National Instruments
CVE-2025-57775 (There is a heap-based Buffer Overflow vulnerability due to
improper bo ...)
- TODO: check
+ NOT-FOR-US: National Instruments
CVE-2025-57774 (There is an out of bounds write vulnerability due to improper
bounds c ...)
- TODO: check
+ NOT-FOR-US: National Instruments
CVE-2025-57616 (An issue was discovered in rust-ffmpeg 0.3.0 (after comit
5ac0527) A u ...)
TODO: check
CVE-2025-57615 (An issue was discovered in rust-ffmpeg 0.3.0 (after comit
5ac0527) An ...)
@@ -73,7 +73,7 @@ CVE-2025-57611 (An issue was discovered in rust-ffmpeg 0.3.0
(after comit 5ac052
CVE-2025-57140 (rsbi-pom 4.7 is vulnerable to SQL Injection in the
/bi/service/model/D ...)
TODO: check
CVE-2025-56254 (PHPGurukul Employee Leave Management System 2.1 contains an
Insecure D ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-55824 (ModStartCMS v9.5.0 has an arbitrary file write vulnerability,
which al ...)
TODO: check
CVE-2025-55476 (FireShare FileShare 1.2.25 contains a time-based blind SQL
injection v ...)
@@ -111,9 +111,9 @@ CVE-2025-52543 (E3 Site Supervisor Control (firmware
version < 2.31F01) applicat
CVE-2025-51966 (A cross-site scripting (XSS) vulnerability exists in the PDF
preview f ...)
TODO: check
CVE-2025-50757 (Wavlink WN535K3 20191010 was found to contain a command
injection vuln ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2025-50755 (Wavlink WN535K3 20191010 was found to contain a command
injection vuln ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2025-50565 (Doubo ERP 1.0 has an SQL injection vulnerability due to a lack
of filt ...)
TODO: check
CVE-2025-46810 (A UNIX Symbolic Link (Symlink) Following vulnerability in the
packagin ...)
@@ -121,7 +121,7 @@ CVE-2025-46810 (A UNIX Symbolic Link (Symlink) Following
vulnerability in the pa
CVE-2025-46047 (A User enumeration vulnerability in the
/CredentialsServlet/ForgotPass ...)
TODO: check
CVE-2025-43726 (Dell Alienware Command Center 5.x (AWCC), versions prior to
5.10.2.0, ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-41690 (A low-privileged attacker in bluetooth range may be able to
access the ...)
TODO: check
CVE-2025-41031 (Lack of authorisation in Deporsite by T-INNOVA. This
vulnerability all ...)
@@ -129,7 +129,7 @@ CVE-2025-41031 (Lack of authorisation in Deporsite by
T-INNOVA. This vulnerabili
CVE-2025-41030 (Lack of authorisation in Deporsite by T-INNOVA. This
vulnerability all ...)
TODO: check
CVE-2025-36162 (IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) 8.1 before
8.1.2.2 coul ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-32100 (An issue was discovered in Samsung Mobile Processor, Wearable
Processo ...)
TODO: check
CVE-2025-32098 (An issue was discovered in Samsung Magician 6.3 through 8.3 on
Windows ...)
@@ -149,7 +149,7 @@ CVE-2024-52284 (Unauthorized disclosure of sensitive data:
Any user with `GET` o
CVE-2024-51423 (Cross Site Scripting vulnerability in Infor Global HR GHR
v.11.23.03.0 ...)
TODO: check
CVE-2024-48705 (Wavlink AC1200 with firmware versions M32A3_V1410_230602 and
M32A3_V14 ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-12974 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
TODO: check
CVE-2024-12973 (Origin Validation Error vulnerability in Akinsoft OctoCloud
allows HTT ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cbc1147fc979c5d3ac267169851fee339dde01e4
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cbc1147fc979c5d3ac267169851fee339dde01e4
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
