Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ef2ec974 by Salvatore Bonaccorso at 2025-04-18T09:37:17+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -451,9 +451,9 @@ CVE-2025-26478 (Dell ECS version 3.8.1.4 and prior contain
an Improper Certifica
CVE-2025-26477 (Dell ECS version 3.8.1.4 and prior contain an Improper Input
Validatio ...)
NOT-FOR-US: Dell / EMC
CVE-2025-26269 (DragonflyDB Dragonfly through 1.28.2 allows authenticated
users to cau ...)
- TODO: check
+ NOT-FOR-US: DragonflyDB Dragonfly
CVE-2025-26268 (DragonflyDB Dragonfly before 1.27.0 allows authenticated users
to caus ...)
- TODO: check
+ NOT-FOR-US: DragonflyDB Dragonfly
CVE-2025-25457 (Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer
Overflow in Adv ...)
NOT-FOR-US: Tenda
CVE-2025-25455 (Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer
Overflow in Adv ...)
@@ -541,11 +541,11 @@ CVE-2025-1532 (Phoneservice module is affected by code
injection vulnerability,
CVE-2024-56518 (Hazelcast Management Center through 6.0 allows remote code
execution v ...)
NOT-FOR-US: Hazelcast Management Center
CVE-2024-55238 (OpenMetadata <=1.4.1 is vulnerable to SQL Injection. An
attacker can e ...)
- TODO: check
+ NOT-FOR-US: OpenMetadata
CVE-2024-55211 (An issue in Think Router Tk-Rt-Wr135G V3.0.2-X000 allows
attackers to ...)
NOT-FOR-US: Think Router
CVE-2024-53924 (Pycel through 1.0b30, when operating on an untrusted
spreadsheet, allo ...)
- TODO: check
+ NOT-FOR-US: Pycel
CVE-2024-42177 (HCL MyXalytics is affected by SSL\u2215TLS Protocol affected
with BREA ...)
NOT-FOR-US: HCL
CVE-2024-40124 (Pydio Core <= 8.2.5 is vulnerable to Cross Site Scripting
(XSS) via th ...)
@@ -2341,7 +2341,7 @@ CVE-2025-22372 (Insufficiently Protected Credentials
vulnerability in SicommNet
CVE-2025-22371 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: SicommNet BASEC
CVE-2025-1782 (In HylaFAX Enterprise Web Interface and AvantFAX, the language
form el ...)
- TODO: check
+ NOT-FOR-US: HylaFAX Enterprise Web Interface / AvantFAX
CVE-2024-49825 (IBM Robotic Process Automation and Robotic Process Automation
for Clou ...)
NOT-FOR-US: IBM
CVE-2024-49709 (Internet Starter, one of SoftCOM iKSORIS system modules,allows
for set ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ef2ec97469013c3743dc7f50ceb6f19129138cdb
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ef2ec97469013c3743dc7f50ceb6f19129138cdb
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
