Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7b6114eb by Salvatore Bonaccorso at 2025-05-02T22:34:21+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,17 +1,17 @@
CVE-2025-4214 (A vulnerability was found in PHPGuruku Online DJ Booking
Management Sy ...)
- TODO: check
+ NOT-FOR-US: PHPGuruku Online DJ Booking Management System
CVE-2025-4213 (A vulnerability has been found in PHPGurukul Online Birth
Certificate ...)
NOT-FOR-US: PHPGurukul
CVE-2025-4210 (A vulnerability classified as critical was found in Casdoor up
to 1.81 ...)
- TODO: check
+ NOT-FOR-US: Casdoor
CVE-2025-4204 (The Ultimate Auction Pro plugin for WordPress is vulnerable to
SQL Inj ...)
NOT-FOR-US: WordPress plugin
CVE-2025-4166 (Vault Community and Vault Enterprise Key/Value (kv) Version 2
plugin m ...)
- TODO: check
+ NOT-FOR-US: Vault Community and Vault Enterprise Key/Value (kv) Version
2 plugin
CVE-2025-46332 (Flags SDK is an open-source feature flags toolkit for Next.js
and Svel ...)
- TODO: check
+ NOT-FOR-US: Flags SDK
CVE-2025-45800 (TOTOLINK A950RG V4.1.2cu.5204_B20210112 contains a command
execution v ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-44877 (Tenda AC9 V15.03.06.42_multi was found to contain a command
injection ...)
NOT-FOR-US: Tenda
CVE-2025-44872 (Tenda AC9 V15.03.06.42_multi was found to contain a command
injection ...)
@@ -19,27 +19,27 @@ CVE-2025-44872 (Tenda AC9 V15.03.06.42_multi was found to
contain a command inje
CVE-2025-44868 (Wavlink WL-WN530H4 20220801 was found to contain a command
injection v ...)
TODO: check
CVE-2025-3927 (Digigram's PYKO-OUT audio-over-IP (AoIP) web-server does not
require a ...)
- TODO: check
+ NOT-FOR-US: Digigram's PYKO-OUT audio-over-IP (AoIP) web-server
CVE-2025-3879 (Vault Community, Vault Enterprise (\u201cVault\u201d) Azure
Auth metho ...)
- TODO: check
+ NOT-FOR-US: HashiCorp Vault
CVE-2025-2812 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: Mydata Informatics Ticket Sales Automation
CVE-2025-2605 (Improper Neutralization of Special Elements used in an OS
Command ('OS ...)
TODO: check
CVE-2025-2488 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: Profelis Informatics SambaBox
CVE-2025-2421 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: Profelis Informatics SambaBox
CVE-2025-1884 (Use-After-Free vulnerability exists in the SLDPRT file reading
procedu ...)
TODO: check
CVE-2025-1883 (Out-Of-Bounds Write vulnerability exists in the OBJ file
reading proce ...)
TODO: check
CVE-2025-1301 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: Yordam Informatics Library Automation System
CVE-2025-0427 (Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel
Driver, Arm ...)
- TODO: check
+ NOT-FOR-US: Arm
CVE-2025-0072 (Use After Free vulnerability in Arm Ltd Valhall GPU Kernel
Driver, Arm ...)
- TODO: check
+ NOT-FOR-US: Arm
CVE-2024-58253 (In the obfstr crate before 0.4.4 for Rust, the obfstr!
argument type i ...)
TODO: check
CVE-2023-53144 (In the Linux kernel, the following vulnerability has been
resolved: e ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7b6114eb795f99a411a40647f982cc2e8631774a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7b6114eb795f99a411a40647f982cc2e8631774a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
