Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
de5791c8 by security tracker role at 2025-05-20T20:13:10+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3,29 +3,29 @@ CVE-2025-4997 (A vulnerability, which was classified as
problematic, was found i
CVE-2025-4996 (A vulnerability, which was classified as problematic, has been
found i ...)
TODO: check
CVE-2025-4980 (A vulnerability has been found in Netgear DGND3700
1.1.00.15_1.00.15NA ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2025-4978 (A vulnerability, which was classified as very critical, was
found in N ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2025-4977 (A vulnerability, which was classified as problematic, has been
found i ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2025-4951 (Editions of Rapid7 AppSpider Pro before version7.5.018 is
vulnerable t ...)
TODO: check
CVE-2025-4364 (The affected products could allow an unauthenticated attacker
to acces ...)
TODO: check
CVE-2025-48391 (In JetBrains YouTrack before 2025.1.76253 deletion of issues
was possi ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-48056 (Hubble is a fully distributed networking and security
observability pl ...)
TODO: check
CVE-2025-48018 (An authenticated user can modify application state data.)
- TODO: check
+ NOT-FOR-US: Schweitzer Engineering Laboratories (SEL)
CVE-2025-48017 (Improper limitation of pathname in Circuit Provisioning and
File Impor ...)
- TODO: check
+ NOT-FOR-US: Schweitzer Engineering Laboratories (SEL)
CVE-2025-48016 (OpenFlow discovery protocol can exhaust resources because it
is not ra ...)
- TODO: check
+ NOT-FOR-US: Schweitzer Engineering Laboratories (SEL)
CVE-2025-48015 (Failed login response could be different depending on whether
the user ...)
- TODO: check
+ NOT-FOR-US: Schweitzer Engineering Laboratories (SEL)
CVE-2025-48014 (Password guessing limits could be bypassed when using LDAP
authenticat ...)
- TODO: check
+ NOT-FOR-US: Schweitzer Engineering Laboratories (SEL)
CVE-2025-47941 (TYPO3 is an open source, PHP based web content management
system. In v ...)
TODO: check
CVE-2025-47940 (TYPO3 is an open source, PHP based web content management
system. Star ...)
@@ -39,15 +39,15 @@ CVE-2025-47937 (TYPO3 is an open source, PHP based web
content management system
CVE-2025-47936 (TYPO3 is an open source, PHP based web content management
system. In v ...)
TODO: check
CVE-2025-47854 (In JetBrains TeamCity before 2025.03.2 open redirect was
possible on e ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-47853 (In JetBrains TeamCity before 2025.03.2 stored XSS via Jira
integration ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-47852 (In JetBrains TeamCity before 2025.03.2 stored XSS via YouTrack
integra ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-47851 (In JetBrains TeamCity before 2025.03.2 stored XSS via GitHub
Checks We ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-47850 (In JetBrains YouTrack before 2025.1.74704 restricted
attachments could ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-47290 (containerd is a container runtime. A time-of-check to
time-of-use (TOC ...)
TODO: check
CVE-2025-47277 (vLLM, an inference and serving engine for large language
models (LLMs) ...)
@@ -65,7 +65,7 @@ CVE-2025-44890 (FW-WGS-804HPT v1.305b241111 was discovered to
contain a stack ov
CVE-2025-44885 (FW-WGS-804HPT v1.305b241111 was discovered to contain a stack
overflow ...)
TODO: check
CVE-2025-44084 (D-link DI-8100 16.07.26A1 is vulnerable to Command Injection.
An attac ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-41231 (VMware Cloud Foundationcontains a missing authorisation
vulnerability. ...)
TODO: check
CVE-2025-41230 (VMware Cloud Foundationcontains an information disclosure
vulnerabilit ...)
@@ -83,7 +83,7 @@ CVE-2025-41225 (The vCenter Server contains an authenticated
command-execution v
CVE-2025-40635 (SQL injection vulnerability in Comerzzia Backoffice: Sales
Orchestrato ...)
TODO: check
CVE-2025-40634 (Stack-based buffer overflow vulnerability in the
'conn-indicator' bina ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2025-40633 (A Stored Cross-Site Scripting (XSS) vulnerability has been
found in K ...)
TODO: check
CVE-2025-30193 (In some circumstances, when DNSdist is configured to allow an
unlimite ...)
@@ -91,13 +91,13 @@ CVE-2025-30193 (In some circumstances, when DNSdist is
configured to allow an un
CVE-2025-26086 (An unauthenticated blind SQL injection vulnerability exists in
RSI Que ...)
TODO: check
CVE-2025-22157 (This High severity PrivEsc (Privilege Escalation)
vulnerability was in ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2024-53359 (An issue in Zalo v23.09.01 allows attackers to obtain
sensitive user i ...)
TODO: check
CVE-2024-45641 (IBM Security ReaQta EDR 3.12 could allow an attacker to
perform unauth ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2023-33861 (IBM Security ReaQta EDR 3.12 could allow an attacker to spoof
a truste ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-37991 (In the Linux kernel, the following vulnerability has been
resolved: p ...)
- linux 6.12.29-1
NOTE:
https://git.kernel.org/linus/de3629baf5a33af1919dec7136d643b0662e85ef (6.15-rc5)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/de5791c8008579710856f0ce62257b4f80604279
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/de5791c8008579710856f0ce62257b4f80604279
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
