Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a552c89f by Salvatore Bonaccorso at 2025-05-13T22:45:26+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -15,7 +15,7 @@ CVE-2025-4428 (Remote Code Execution in API component in
Ivanti Endpoint Manager
CVE-2025-4427 (An authentication bypass in the API component of Ivanti
Endpoint Manag ...)
NOT-FOR-US: Ivanti
CVE-2025-47280 (Umbraco Forms is a form builder that integrates with the
Umbraco conte ...)
- TODO: check
+ NOT-FOR-US: Umbraco Forms
CVE-2025-47278 (Flask is a web server gateway interface (WSGI) web application
framewo ...)
- flask <unfixed>
[bookworm] - flask <not-affected> (Vulnerable code introduced later)
@@ -29,29 +29,29 @@ CVE-2025-47204 (An issue was discovered in post.php in
bootstrap-multiselect (ak
CVE-2025-46721 (nosurf is cross-site request forgery (CSRF) protection
middleware for ...)
TODO: check
CVE-2025-45867 (TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to
contain a buff ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-45866 (TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to
contain a buff ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-45865 (TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to
contain a buff ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-45864 (TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to
contain a buff ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-45863 (TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to
contain a buff ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-45861 (TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to
contain a buff ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-45859 (TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to
contain a buff ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-45858 (TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to
contain a comm ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-45857 (EDIMAX CV7428NS v1.20 was discovered to contain a remote code
executio ...)
- TODO: check
+ NOT-FOR-US: EDIMAX CV7428NS
CVE-2025-45746 (In ZKT ZKBio CVSecurity 6.4.1_R an unauthenticated attacker
can craft ...)
- TODO: check
+ NOT-FOR-US: ZKT ZKBio CVSecurity
CVE-2025-44831 (EngineerCMS v1.02 through v2.0.5 has a SQL injection
vulnerability in ...)
- TODO: check
+ NOT-FOR-US: EngineerCMS
CVE-2025-44039 (CP-XR-DE21-S -4G Router Firmware version 1.031.022 was
discovered to c ...)
- TODO: check
+ NOT-FOR-US: CP-XR-DE21-S -4G Router Firmware
CVE-2025-43557 (Animate versions 24.0.8, 23.0.11 and earlier are affected by
an Access ...)
NOT-FOR-US: Adobe
CVE-2025-43556 (Animate versions 24.0.8, 23.0.11 and earlier are affected by
an Intege ...)
@@ -67,7 +67,7 @@ CVE-2025-43545 (Bridge versions 15.0.3, 14.1.6 and earlier
are affected by an Ac
CVE-2025-41645 (An unauthenticated remote attacker could use a demo account of
the por ...)
TODO: check
CVE-2025-40628 (SQL injection vulnerability in DomainsPRO 1.2. This
vulnerability coul ...)
- TODO: check
+ NOT-FOR-US: DomainsPRO
CVE-2025-40583 (A vulnerability has been identified in SCALANCE LPE9403
(6GK5998-3GS00 ...)
NOT-FOR-US: Siemens
CVE-2025-40582 (A vulnerability has been identified in SCALANCE LPE9403
(6GK5998-3GS00 ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a552c89f034bdad3741f46b82b20ddc9fb1ac525
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a552c89f034bdad3741f46b82b20ddc9fb1ac525
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
