Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
985f58ce by Salvatore Bonaccorso at 2025-04-28T22:28:00+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -66,9 +66,9 @@ CVE-2025-43854 (DIFY is an open-source LLM app development
platform. Prior to ve
CVE-2025-42598 (Multiple SEIKO EPSON printer drivers for Windows OS are
configured wit ...)
NOT-FOR-US: EPSON
CVE-2025-3224 (A vulnerability in the update process of Docker Desktop for
Windows ve ...)
- TODO: check
+ NOT-FOR-US: Docker Desktop for Windows
CVE-2025-3200 (An unauthenticated remote attacker could exploit the used,
insecure TL ...)
- TODO: check
+ NOT-FOR-US: Wiesemann & Theis GmbH
CVE-2025-39367 (Missing Authorization vulnerability in SeventhQueen Kleo.This
issue af ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-34491 (GFI MailEssentials prior to version 21.8 is vulnerable to a
.NET deser ...)
@@ -96,19 +96,19 @@ CVE-2025-23376 (Dell PowerProtect Data Manager Reporting,
version(s) 19.16, 19.1
CVE-2025-23375 (Dell PowerProtect Data Manager Reporting, version(s) 19.17,
contain(s) ...)
NOT-FOR-US: Dell / EMC
CVE-2024-32499 (Newforma Project Center Server through 2023.3.0.32259 allows
remote co ...)
- TODO: check
+ NOT-FOR-US: Newforma Project Center Server
CVE-2024-12706 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: OpenText
CVE-2023-42404 (OneVision Workspace before WS23.1 SR1 (build w31.040) allows
arbitrary ...)
- TODO: check
+ NOT-FOR-US: OneVision Workspace
CVE-2023-35817 (DevExpress before 23.1.3 allows AsyncDownloader SSRF.)
- TODO: check
+ NOT-FOR-US: DevExpress
CVE-2023-35816 (DevExpress before 23.1.3 allows arbitrary TypeConverter
conversion.)
- TODO: check
+ NOT-FOR-US: DevExpress
CVE-2023-35815 (DevExpress before 23.1.3 has a data-source protection
mechanism bypass ...)
- TODO: check
+ NOT-FOR-US: DevExpress
CVE-2023-35814 (DevExpress before 23.1.3 does not properly protect XtraReport
serializ ...)
- TODO: check
+ NOT-FOR-US: DevExpress
CVE-2025-4007 (A vulnerability classified as critical was found in Tenda W12
and i24 ...)
NOT-FOR-US: Tenda
CVE-2025-4006 (A vulnerability classified as critical has been found in
youyiio Beyon ...)
@@ -226348,7 +226348,7 @@ CVE-2022-41873 (Contiki-NG is an open-source,
cross-platform operating system fo
CVE-2022-41872
RESERVED
CVE-2022-41871 (SEPPmail through 12.1.17 allows command injection within the
Admin Por ...)
- TODO: check
+ NOT-FOR-US: SEPPmail
CVE-2022-41870 (AP Manager in Innovaphone before 13r2 Service Release 17
allows comman ...)
NOT-FOR-US: Innovaphone
CVE-2022-41869
@@ -644340,7 +644340,7 @@ CVE-2015-4584
CVE-2015-4583
RESERVED
CVE-2015-4582 (The TheCartPress boot-store (aka Boot Store) theme 1.6.4 for
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2015-4581
RESERVED
CVE-2015-4580
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/985f58ce97ad82892414321b94994fdb1cc65888
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/985f58ce97ad82892414321b94994fdb1cc65888
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
