Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bdb146af by Moritz Muehlenhoff at 2025-05-22T15:23:43+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -101,7 +101,7 @@ CVE-2025-48414 (There are several scripts in the web
interface that are accessib
CVE-2025-48413 (The `/etc/passwd` and `/etc/shadow` files reveal hard-coded
password h ...)
TODO: check
CVE-2025-48207 (The reint_downloadmanager extension through 5.0.0 for TYPO3
allows Ins ...)
- TODO: check
+ NOT-FOR-US: TYPO3 extension
CVE-2025-48206 (The ns_backup extension through 13.0.0 for TYPO3 allows XSS.)
NOT-FOR-US: TYPO3 extension
CVE-2025-48205 (The sr_feuser_register extension through 12.4.8 for TYPO3
allows Insec ...)
@@ -119,7 +119,7 @@ CVE-2025-48200 (The sr_feuser_register extension through
12.4.8 for TYPO3 allows
CVE-2025-48069 (ejson2env allows users to decrypt EJSON secrets and export
them as env ...)
TODO: check
CVE-2025-48064 (GitHub Desktop is an open-source, Electron-based GitHub app
designed f ...)
- TODO: check
+ NOT-FOR-US: GitHub Desktop
CVE-2025-48063 (XWiki is a generic wiki platform. In XWiki 16.10.0, required
rights we ...)
NOT-FOR-US: XWiki
CVE-2025-48060 (jq is a command-line JSON processor. In versions up to and
including 1 ...)
@@ -139,21 +139,21 @@ CVE-2025-46822 (OsamaTaher/Java-springboot-codebase is a
collection of Java and
CVE-2025-46412 (Affected Vertiv products do not properly protect webserver
functions t ...)
TODO: check
CVE-2025-45755 (A Stored Cross-Site Scripting (XSS) vulnerability exists in
Vtiger CRM ...)
- TODO: check
+ NOT-FOR-US: Vtiger CRM
CVE-2025-45754 (A stored cross-site scripting (XSS) vulnerability exists in
SeedDMS 6. ...)
- TODO: check
+ NOT-FOR-US: SeedDMS
CVE-2025-45752 (A vulnerability in SeedDMS 6.0.32 allows an attacker with
admin privil ...)
- TODO: check
+ NOT-FOR-US: SeedDMS
CVE-2025-44895 (FW-WGS-804HPT v1.305b241111 was discovered to contain a stack
overflow ...)
- TODO: check
+ NOT-FOR-US: FW-WGS-804HPT
CVE-2025-44892 (FW-WGS-804HPT v1.305b241111 was discovered to contain a stack
overflow ...)
- TODO: check
+ NOT-FOR-US: FW-WGS-804HPT
CVE-2025-44083 (An issue in D-Link DI-8100 16.07.26A1 allows a remote attacker
to bypa ...)
NOT-FOR-US: D-Link
CVE-2025-41426 (Affected Vertiv products contain a stack based buffer overflow
vulnera ...)
TODO: check
CVE-2025-41232 (Spring Security Aspects may not correctly locate method
security annot ...)
- TODO: check
+ - libspring-security-2.0-java <removed>
CVE-2025-3781 (The Raisely Donation Form plugin for WordPress is vulnerable to
Stored ...)
NOT-FOR-US: WordPress plugin
CVE-2025-3751 (The component listed above contains a vulnerability that can be
exploi ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bdb146af36cfb1dc4e5af2e80a5faf6a76aebd87
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bdb146af36cfb1dc4e5af2e80a5faf6a76aebd87
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
