Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
52c75e9a by Moritz Muehlenhoff at 2025-04-01T11:31:08+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -29,7 +29,7 @@ CVE-2025-3036 (A vulnerability, which was classified as
problematic, was found i
CVE-2025-3018 (A vulnerability, which was classified as critical, was found in
Source ...)
NOT-FOR-US: SourceCodester
CVE-2025-3017 (A vulnerability, which was classified as critical, has been
found in T ...)
- TODO: check
+ NOT-FOR-US: TA-Lib
CVE-2025-3016 (A vulnerability classified as problematic was found in Open
Asset Impo ...)
TODO: check
CVE-2025-3015 (A vulnerability classified as critical has been found in Open
Asset Im ...)
@@ -491,7 +491,7 @@ CVE-2025-1986 (The Gutentor WordPress plugin before 3.4.7
does not sanitize and
CVE-2025-1665 (The Avada (Fusion) Builder plugin for WordPress is vulnerable
to Store ...)
NOT-FOR-US: WordPress plugin
CVE-2025-1534 (CVE-79: Improper Neutralization of Input During Web Page
Generation (' ...)
- TODO: check
+ NOT-FOR-US: Payara
CVE-2025-1512 (The PowerPack Elementor Addons (Free Widgets, Extensions and
Templates ...)
NOT-FOR-US: WordPress plugin
CVE-2025-1267 (The Groundhogg plugin for Wordpress is vulnerable to Stored
Cross-Site ...)
@@ -736,9 +736,9 @@ CVE-2025-31386 (Missing Authorization vulnerability in
Simplepress Simple:Press
CVE-2025-31376 (Missing Authorization vulnerability in Mayeenul Islam
NanoSupport allo ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-31129 (Jooby is a web framework for Java and Kotlin. The pac4j
io.jooby.inter ...)
- TODO: check
+ NOT-FOR-US: Jooby
CVE-2025-31128 (gifplayer is a customizable jquery plugin to play and stop
animated gi ...)
- TODO: check
+ NOT-FOR-US: gifplayer jquery plugin
CVE-2025-31125 (Vite is a frontend tooling framework for javascript. Vite
exposes cont ...)
- node-vite <itp> (bug #1053782)
CVE-2025-31124 (Zitadel is open-source identity infrastructure software.
ZITADEL admin ...)
@@ -750,7 +750,7 @@ CVE-2025-31122 (scratch-coding-hut.github.io is the website
for Coding Hut. In 1
CVE-2025-31117 (OpenEMR is a free and open source electronic health records
and medica ...)
NOT-FOR-US: OpenEMR
CVE-2025-31116 (Mobile Security Framework (MobSF) is a pen-testing, malware
analysis a ...)
- TODO: check
+ NOT-FOR-US: Mobile Security Framework (MobSF)
CVE-2025-30963 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-30961 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
@@ -818,7 +818,7 @@ CVE-2025-2071 (A critical OS Command Injection
vulnerability has been identified
CVE-2025-29929 (Tuleap is an Open Source Suite to improve management of
software devel ...)
NOT-FOR-US: Tuleap
CVE-2025-29908 (Netty QUIC codec is a QUIC codec for netty which makes use of
quiche. ...)
- TODO: check
+ NOT-FOR-US: Netty QUIC codec
CVE-2025-29772 (OpenEMR is a free and open source electronic health records
and medica ...)
NOT-FOR-US: OpenEMR
CVE-2025-29766 (Tuleap is an Open Source Suite to improve management of
software devel ...)
@@ -844,7 +844,7 @@ CVE-2025-22937 (An issue in Adtran 411 ONT vL80.00.0011.M2
allows attackers to e
CVE-2025-1449 (A vulnerability exists in the Rockwell Automation Verve Asset
Manager ...)
NOT-FOR-US: Rockwell Automation
CVE-2024-55093 (phpIPAM through 1.7.3 has a reflected Cross-Site Scripting
(XSS) vulne ...)
- TODO: check
+ - phpipam <itp> (bug #731713)
CVE-2024-12021 (Coverity versions prior to 2024.9.0 are vulnerable to stored
cross-sit ...)
NOT-FOR-US: Black Duck
CVE-2023-33302 (A buffer copy without checking size of input ('classic buffer
overflow ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/52c75e9a31a7c2bac8431c138aba5f5ba3111958
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/52c75e9a31a7c2bac8431c138aba5f5ba3111958
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
