Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
142cf2b2 by Salvatore Bonaccorso at 2025-05-14T22:21:04+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,25 +1,25 @@
CVE-2025-4641 (Improper Restriction of XML External Entity Reference
vulnerability in ...)
- TODO: check
+ NOT-FOR-US: bonigarcia webdrivermanager WebDriverManager
CVE-2025-4640 (Out-of-bounds Write vulnerability in PointCloudLibrary pcl
allows Over ...)
TODO: check
CVE-2025-4639 (CWE-611 Improper Restriction of XML External Entity Reference
in the g ...)
- TODO: check
+ NOT-FOR-US: Peergos
CVE-2025-4638 (A vulnerability exists in the inftrees.c component of the zlib
library ...)
TODO: check
CVE-2025-4637 (Divide By Zero vulnerability in davisking dlib allows remote
attacke ...)
- TODO: check
+ NOT-FOR-US: davisking dlib
CVE-2025-4430 (Unauthorized access to "/api/Token/gettoken" endpoint in EZD RP
allows ...)
- TODO: check
+ NOT-FOR-US: EZD RP
CVE-2025-47782 (motionEye is an online interface for the software motion, a
video surv ...)
- TODO: check
+ NOT-FOR-US: motionEye
CVE-2025-47781 (Rallly is an open-source scheduling and collaboration tool.
Versions u ...)
- TODO: check
+ NOT-FOR-US: Rallly
CVE-2025-47778 (Sulu is an open-source PHP content management system based on
the Symf ...)
- TODO: check
+ NOT-FOR-US: Sulu
CVE-2025-47777 (5ire is a cross-platform desktop artificial intelligence
assistant and ...)
- TODO: check
+ NOT-FOR-US: 5ire
CVE-2025-47775 (Bullfrog is a GithHb Action to block unauthorized outbound
traffic in ...)
- TODO: check
+ NOT-FOR-US: Bullfrog GithHb Action
CVE-2025-47710 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
NOT-FOR-US: Drupal core and addons
CVE-2025-47709 (Missing Authorization vulnerability in Drupal Enterprise MFA -
TFA for ...)
@@ -41,11 +41,11 @@ CVE-2025-47702 (Improper Neutralization of Input During Web
Page Generation ('Cr
CVE-2025-47701 (Cross-Site Request Forgery (CSRF) vulnerability in Drupal
Restrict rou ...)
NOT-FOR-US: Drupal core and addons
CVE-2025-47445 (Relative Path Traversal vulnerability in Themewinter Eventin
allows Pa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-47436 (Heap-based Buffer Overflow vulnerability in Apache ORC. A
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Apache ORC
CVE-2025-47292 (Cap Collectif is an online decision making platform that
integrates se ...)
- TODO: check
+ NOT-FOR-US: Cap Collectif
CVE-2025-46786 (Improper neutralization of special elements in some Zoom
Workplace App ...)
NOT-FOR-US: Zoom
CVE-2025-46785 (Buffer over-read in some Zoom Workplace Apps for Windows may
allow an ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/142cf2b234897fa29aef65ccad86c1b8b0a2628a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/142cf2b234897fa29aef65ccad86c1b8b0a2628a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
