Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f3db4f55 by Salvatore Bonaccorso at 2025-04-07T22:39:55+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,37 +1,37 @@
CVE-2025-3426 (We observed that Intellispace Portal binaries doesn\u2019t have
any pr ...)
- TODO: check
+ NOT-FOR-US: Intellispace Portal
CVE-2025-3425 (The IntelliSpace portal application utilizes .NET Remoting for
its fun ...)
- TODO: check
+ NOT-FOR-US: Intellispace Portal
CVE-2025-3424 (The IntelliSpace portal application utilizes .NET Remoting for
its fun ...)
- TODO: check
+ NOT-FOR-US: Intellispace Portal
CVE-2025-3382 (A vulnerability has been found in joey-zhou
xiaozhi-esp32-server-java ...)
- TODO: check
+ NOT-FOR-US: joey-zhou xiaozhi-esp32-server-java
CVE-2025-3381 (A vulnerability, which was classified as critical, was found in
zhangy ...)
- TODO: check
+ NOT-FOR-US: zhangyanbo2007 youkefu
CVE-2025-3380 (A vulnerability, which was classified as critical, has been
found in P ...)
- TODO: check
+ NOT-FOR-US: PCMan FTP Server
CVE-2025-3379 (A vulnerability classified as critical was found in PCMan FTP
Server 2 ...)
- TODO: check
+ NOT-FOR-US: PCMan FTP Server
CVE-2025-3378 (A vulnerability classified as critical has been found in PCMan
FTP Ser ...)
- TODO: check
+ NOT-FOR-US: PCMan FTP Server
CVE-2025-3377 (A vulnerability was found in PCMan FTP Server 2.0.7. It has
been rated ...)
- TODO: check
+ NOT-FOR-US: PCMan FTP Server
CVE-2025-3376 (A vulnerability was found in PCMan FTP Server 2.0.7. It has
been decla ...)
- TODO: check
+ NOT-FOR-US: PCMan FTP Server
CVE-2025-3375 (A vulnerability was found in PCMan FTP Server 2.0.7. It has
been class ...)
- TODO: check
+ NOT-FOR-US: PCMan FTP Server
CVE-2025-3374 (A vulnerability was found in PCMan FTP Server 2.0.7 and
classified as ...)
- TODO: check
+ NOT-FOR-US: PCMan FTP Server
CVE-2025-3373 (A vulnerability has been found in PCMan FTP Server 2.0.7 and
classifie ...)
- TODO: check
+ NOT-FOR-US: PCMan FTP Server
CVE-2025-3372 (A vulnerability, which was classified as critical, was found in
PCMan ...)
- TODO: check
+ NOT-FOR-US: PCMan FTP Server
CVE-2025-3371 (A vulnerability, which was classified as critical, has been
found in P ...)
- TODO: check
+ NOT-FOR-US: PCMan FTP Server
CVE-2025-3370 (A vulnerability classified as critical has been found in
PHPGurukul Me ...)
NOT-FOR-US: PHPGurukul
CVE-2025-3369 (A vulnerability was found in xxyopen Novel-Plus 5.1.0. It has
been rat ...)
- TODO: check
+ NOT-FOR-US: xxyopen Novel-Plus
CVE-2025-3360 (A flaw was found in GLib. An integer overflow and buffer
under-read oc ...)
TODO: check
CVE-2025-3359 (A flaw was found in GNUPlot. A segmentation fault via
IO_str_init_stat ...)
@@ -45,7 +45,7 @@ CVE-2025-3351 (A vulnerability has been found in PHPGurukul
Old Age Home Managem
CVE-2025-3350 (A vulnerability, which was classified as critical, was found in
PHPGur ...)
NOT-FOR-US: PHPGurukul
CVE-2025-3349 (A vulnerability, which was classified as critical, has been
found in P ...)
- TODO: check
+ NOT-FOR-US: PCMan FTP Server
CVE-2025-3348 (A vulnerability classified as critical was found in
code-projects Pati ...)
NOT-FOR-US: code-projects
CVE-2025-3347 (A vulnerability classified as critical has been found in
code-projects ...)
@@ -57,9 +57,9 @@ CVE-2025-3345 (A vulnerability was found in codeprojects
Online Restaurant Manag
CVE-2025-3344 (A vulnerability was found in codeprojects Online Restaurant
Management ...)
NOT-FOR-US: code-projects
CVE-2025-3248 (Langflow versions prior to 1.3.0 are susceptible to code
injection in ...)
- TODO: check
+ NOT-FOR-US: Langflow
CVE-2025-32014 (estree-util-value-to-estree converts a JavaScript value to an
ESTree e ...)
- TODO: check
+ NOT-FOR-US: estree-util-value-to-estree
CVE-2025-31476 (tarteaucitron.js is a compliant and accessible cookie banner.
A vulner ...)
TODO: check
CVE-2025-31475 (tarteaucitron.js is a compliant and accessible cookie banner.
A vulner ...)
@@ -73,7 +73,7 @@ CVE-2025-2251 (A security flaw exists in WildFly and JBoss
Enterprise Applicatio
CVE-2025-29769 (libvips is a demand-driven, horizontally threaded image
processing lib ...)
TODO: check
CVE-2025-29594 (A vulnerability exists in the errorpage.php file of the
CS2-WeaponPain ...)
- TODO: check
+ NOT-FOR-US: CS2-WeaponPaints-Website
CVE-2025-29482 (Buffer Overflow vulnerability in libheif 1.19.7 allows a local
attacke ...)
TODO: check
CVE-2025-29481 (Buffer Overflow vulnerability in libbpf 1.5.0 allows a local
attacker ...)
@@ -83,43 +83,43 @@ CVE-2025-29480 (Buffer Overflow vulnerability in gdal
3.10.2 allows a local atta
CVE-2025-29479 (Buffer Overflow in hiredis 1.2.0 allows a local attacker to
cause a de ...)
TODO: check
CVE-2025-29478 (An issue in fluent-bit v.3.7.2 allows a local attacker to
cause a deni ...)
- TODO: check
+ NOT-FOR-US: fluent-bit
CVE-2025-29087 (Sqlite 3.49.0 is susceptible to integer overflow through the
concat fu ...)
TODO: check
CVE-2025-28413 (An issue in RUoYi v.4.8.0 allows a remote attacker to escalate
privile ...)
- TODO: check
+ NOT-FOR-US: RUoYi
CVE-2025-28412 (An issue in RUoYi v.4.8.0 allows a remote attacker to escalate
privile ...)
- TODO: check
+ NOT-FOR-US: RUoYi
CVE-2025-28411 (An issue in RUoYi v.4.8.0 allows a remote attacker to escalate
privile ...)
- TODO: check
+ NOT-FOR-US: RUoYi
CVE-2025-28410 (An issue in RUoYi v.4.8.0 allows a remote attacker to escalate
privile ...)
- TODO: check
+ NOT-FOR-US: RUoYi
CVE-2025-28409 (An issue in RUoYi v.4.8.0 allows a remote attacker to escalate
privile ...)
- TODO: check
+ NOT-FOR-US: RUoYi
CVE-2025-28408 (An issue in RUoYi v.4.8.0 allows a remote attacker to escalate
privile ...)
- TODO: check
+ NOT-FOR-US: RUoYi
CVE-2025-28407 (An issue in RUoYi v.4.8.0 allows a remote attacker to escalate
privile ...)
- TODO: check
+ NOT-FOR-US: RUoYi
CVE-2025-28406 (An issue in RUoYi v.4.8.0 allows a remote attacker to escalate
privile ...)
- TODO: check
+ NOT-FOR-US: RUoYi
CVE-2025-28405 (An issue in RUoYi v.4.8.0 allows a remote attacker to escalate
privile ...)
- TODO: check
+ NOT-FOR-US: RUoYi
CVE-2025-28403 (An issue in RUoYi v.4.8.0 allows a remote attacker to escalate
privile ...)
- TODO: check
+ NOT-FOR-US: RUoYi
CVE-2025-28402 (An issue in RUoYi v.4.8.0 allows a remote attacker to escalate
privile ...)
- TODO: check
+ NOT-FOR-US: RUoYi
CVE-2025-28401 (An issue in RUoYi v.4.8.0 allows a remote attacker to escalate
privile ...)
- TODO: check
+ NOT-FOR-US: RUoYi
CVE-2025-28400 (An issue in RUoYi v.4.8.0 allows a remote attacker to escalate
privile ...)
- TODO: check
+ NOT-FOR-US: RUoYi
CVE-2025-27686 (Dell Unisphere for PowerMax, version(s) prior to 10.2.0.9 and
PowerMax ...)
NOT-FOR-US: Dell / EMC
CVE-2025-21448 (Transient DOS may occur while parsing SSID in action frames.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21447 (Memory corruption may occur while processing device IO control
call fo ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21443 (Memory corruption while processing message content in eAVB.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21442 (Memory corruption while transmitting packet mapping
information with i ...)
TODO: check
CVE-2025-21441 (Memory corruption when IOCTL call is invoked from user-space
to write ...)
@@ -230,19 +230,19 @@ CVE-2025-3331 (A vulnerability, which was classified as
critical, has been found
CVE-2025-3330 (A vulnerability classified as critical was found in
codeprojects Onlin ...)
NOT-FOR-US: code-projects
CVE-2025-3329 (A vulnerability classified as problematic has been found in
Consumer C ...)
- TODO: check
+ NOT-FOR-US: Consumer Comanda Mobile
CVE-2025-3328 (A vulnerability was found in Tenda AC1206 15.03.06.23. It has
been cla ...)
NOT-FOR-US: Tenda
CVE-2025-3327 (A vulnerability was found in iteaj iboot
\u7269\u8054\u7f51\u7f51\u517 ...)
- TODO: check
+ NOT-FOR-US: iteaj iboot
CVE-2025-3326 (A vulnerability has been found in iteaj iboot
\u7269\u8054\u7f51\u7f51 ...)
- TODO: check
+ NOT-FOR-US: iteaj iboot
CVE-2025-3325 (A vulnerability, which was classified as problematic, was found
in ite ...)
- TODO: check
+ NOT-FOR-US: iteaj iboot
CVE-2025-3324 (A vulnerability, which was classified as critical, has been
found in g ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-3323 (A vulnerability classified as critical was found in
godcheese/code-pro ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-31175 (Deserialization mismatch vulnerability in the DSoftBus module
Impact: ...)
NOT-FOR-US: Huawei
CVE-2025-31174 (Path traversal vulnerability in the DFS module Impact:
Successful expl ...)
@@ -336,7 +336,7 @@ CVE-2025-32013 (LNbits is a Lightning wallet and accounts
system. A Server-Side
CVE-2025-31492 (mod_auth_openidc is an OpenID Certified authentication and
authorizati ...)
TODO: check
CVE-2025-31488 (Plain Craft Launcher (PCL) is a launcher for Minecraft. PCL
allows use ...)
- TODO: check
+ NOT-FOR-US: Plain Craft Launcher (PCL)
CVE-2025-2260 (In NetX HTTP server functionality of Eclipse ThreadX NetX Duo
before ...)
NOT-FOR-US: Eclipse ThreadX NetX Duo
CVE-2025-2259 (In NetX HTTP server functionality of Eclipse ThreadX NetX Duo
before ...)
@@ -864,7 +864,7 @@ CVE-2025-3195 (A vulnerability, which was classified as
critical, has been found
CVE-2025-3194 (Versions of the package bigint-buffer from 0.0.0 are vulnerable
to Buf ...)
TODO: check
CVE-2025-3192 (Versions of the package spatie/browsershot from 0.0.0 are
vulnerable t ...)
- TODO: check
+ NOT-FOR-US: spatie/browsershot
CVE-2025-3191 (All versions of the package react-draft-wysiwyg are vulnerable
to Cros ...)
TODO: check
CVE-2025-3188 (A vulnerability classified as critical has been found in
PHPGurukul e- ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f3db4f551e936fdb9c0f2223e702842bc18b7890
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f3db4f551e936fdb9c0f2223e702842bc18b7890
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
