Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cbad0384 by Moritz Muehlenhoff at 2025-04-02T11:03:20+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -65,7 +65,7 @@ CVE-2025-31441 (Improper Neutralization of Input During Web
Page Generation ('Cr
CVE-2025-31431 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-31135 (Go-Guerrilla SMTP Daemon is a lightweight SMTP server written
in Go. P ...)
- TODO: check
+ NOT-FOR-US: Go-Guerrilla
CVE-2025-31097 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
NOT-FOR-US: ho3einie Material Dashboard
CVE-2025-31089 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
@@ -119,7 +119,7 @@ CVE-2025-29981 (Dell Wyse Management Suite, versions prior
to WMS 5.1, contains
CVE-2025-29070 (A heap buffer overflow vulnerability has been identified in
thesmooth2 ...)
TODO: check
CVE-2025-29049 (Cross Site Scripting vulnerability in arnog MathLive Versions
v0.103.0 ...)
- TODO: check
+ NOT-FOR-US: MathLive
CVE-2025-29036 (An issue in hackathon-starter v.8.1.0 allows a remote attacker
to esca ...)
NOT-FOR-US: hackathon-starter
CVE-2025-29033 (An issue in BambooHR Build v.25.0210.170831-83b08dd allows a
remote at ...)
@@ -135,9 +135,9 @@ CVE-2025-27244 (AssetView and AssetView CLOUD contain an
issue with acquiring se
CVE-2025-25060 (Missing authentication for critical function vulnerability
exists in A ...)
NOT-FOR-US: Hammock Corporation AssetView
CVE-2025-0676 (This vulnerability involves command injection in tcpdump within
Moxa p ...)
- TODO: check
+ NOT-FOR-US: Moxa
CVE-2025-0415 (A remote attacker with web administrator privileges can exploit
the de ...)
- TODO: check
+ NOT-FOR-US: Moxa
CVE-2024-45700 (Zabbix server is vulnerable to a DoS vulnerability due to
uncontrolled ...)
TODO: check
CVE-2024-45699 (The endpoint /zabbix.php?action=export.valuemaps suffers from
a Cross- ...)
@@ -151,7 +151,7 @@ CVE-2024-36469 (Execution time for an unsuccessful login
differs when using a no
CVE-2024-36465 (A low privilege (regular) Zabbix user with API access can use
SQL inje ...)
TODO: check
CVE-2024-13941 (A vulnerability was found in ouch-org ouch up to 0.3.1. It has
been cl ...)
- TODO: check
+ NOT-FOR-US: ouch-org ouch
CVE-2023-46988 (Directory Traversal vulnerability in ONLYOFFICE Document
Server v.7.5. ...)
NOT-FOR-US: ONLYOFFICE
CVE-2003-20001 (An issue was discovered on Mitel ICP VoIP 3100 devices. When a
remote ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cbad0384b5687f7eaa1ddaa569b09d95c042c9f7
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cbad0384b5687f7eaa1ddaa569b09d95c042c9f7
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
