Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
251cef69 by Salvatore Bonaccorso at 2025-04-14T22:14:25+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,7 +5,7 @@ CVE-2025-3585 (A vulnerability classified as critical has been
found in westboy
CVE-2025-3571 (A vulnerability was found in Fannuo Enterprise Content
Management Syst ...)
TODO: check
CVE-2025-3570 (A vulnerability was found in JamesZBL/code-projects
db-hospital-drug 1 ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-3569 (A vulnerability was found in JamesZBL/code-projects
db-hospital-drug 1 ...)
TODO: check
CVE-2025-3568 (A vulnerability has been found in Webkul Krayin CRM up to 2.1.0
and cl ...)
@@ -55,7 +55,7 @@ CVE-2025-32907 (A flaw was found in libsoup. The
implementation of HTTP range re
CVE-2025-32906 (A flaw was found in libsoup, where the
soup_headers_parse_request() fu ...)
TODO: check
CVE-2025-2572 (In WhatsUp Gold versions released before 2024.0.3, a database
manipu ...)
- TODO: check
+ NOT-FOR-US: Progress Software
CVE-2025-2475 (Mattermost versions 10.5.x <= 10.5.1, 10.4.x <= 10.4.3, 9.11.x
<= 9.11 ...)
TODO: check
CVE-2025-2424 (Mattermost versions 10.5.x <= 10.5.1, 9.11.x <= 9.11.9 fail to
check i ...)
@@ -67,7 +67,7 @@ CVE-2025-2160 (Pega Platform versions 8.4.3 to Infinity
24.2.1 are affected by a
CVE-2025-29720 (Dify v1.0 was discovered to contain a Server-Side Request
Forgery (SSR ...)
TODO: check
CVE-2025-27009 (Cross-Site Request Forgery (CSRF) vulnerability in wphocus My
auctions ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22373 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
TODO: check
CVE-2025-22372 (Insufficiently Protected Credentials vulnerability in
SicommNet BASEC ...)
@@ -77,7 +77,7 @@ CVE-2025-22371 (Improper Neutralization of Special Elements
used in an SQL Comma
CVE-2025-1782 (In HylaFAX Enterprise Web Interface and AvantFAX, the language
form el ...)
TODO: check
CVE-2024-49825 (IBM Robotic Process Automation and Robotic Process Automation
for Clou ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-49709 (Internet Starter, one of SoftCOM iKSORIS system modules,allows
for set ...)
TODO: check
CVE-2024-49708 (Internet Starter, one of SoftCOM iKSORIS system modules, is
vulnerable ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/251cef6955fe9baa2ae135f9e336a72aa3f4ac6e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/251cef6955fe9baa2ae135f9e336a72aa3f4ac6e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
