Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
aeba7eb2 by Moritz Muehlenhoff at 2025-05-23T10:37:41+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -164,25 +164,25 @@ CVE-2024-48850 (Absolute File Traversal vulnerabilities
in ASPECT allows access
CVE-2024-48848 (Large content vulnerabilities are present in ASPECT exposing a
device ...)
NOT-FOR-US: ABB group
CVE-2024-41199 (An issue in Ocuco Innovation - JOBMANAGER.EXE v2.10.24.16
allows attac ...)
- TODO: check
+ NOT-FOR-US: Ocuco Innovation
CVE-2024-41198 (An issue in Ocuco Innovation - REPORTS.EXE v2.10.24.13 allows
attacker ...)
- TODO: check
+ NOT-FOR-US: Ocuco Innovation
CVE-2024-41197 (An issue in Ocuco Innovation - INVCLIENT.EXE v2.10.24.5 allows
attacke ...)
- TODO: check
+ NOT-FOR-US: Ocuco Innovation
CVE-2024-41196 (An issue in Ocuco Innovation - REPORTSERVER.EXE v2.10.24.13
allows att ...)
- TODO: check
+ NOT-FOR-US: Ocuco Innovation
CVE-2024-41195 (An issue in Ocuco Innovation - INNOVASERVICEINTF.EXE
v2.10.24.17 allow ...)
- TODO: check
+ NOT-FOR-US: Ocuco Innovation
CVE-2024-40462 (An issue in Ocuco Innovation v.2.10.24.51 allows a local
attacker to e ...)
- TODO: check
+ NOT-FOR-US: Ocuco Innovation
CVE-2024-40461 (An issue in Ocuco Innovation v.2.10.24.51 allows a local
attacker to e ...)
- TODO: check
+ NOT-FOR-US: Ocuco Innovation
CVE-2024-40460 (An issue in Ocuco Innovation v.2.10.24.51 allows a local
attacker to e ...)
- TODO: check
+ NOT-FOR-US: Ocuco Innovation
CVE-2024-40459 (An issue in Ocuco Innovation APPMANAGER.EXE v.2.10.24.51
allows a loca ...)
- TODO: check
+ NOT-FOR-US: Ocuco Innovation
CVE-2024-40458 (An issue in Ocuco Innovation Tracking.exe v.2.10.24.51 allows
a local ...)
- TODO: check
+ NOT-FOR-US: Ocuco Innovation
CVE-2024-25010 (Ericsson RAN Compute and Site Controller 6610 contains in
certain conf ...)
TODO: check
CVE-2024-13958 (Stored Cross Site Scripting vulnerabilities exist in ASPECT if
adminis ...)
@@ -410,7 +410,7 @@ CVE-2025-3751 (The component listed above contains a
vulnerability that can be e
CVE-2025-3750 (The Network Posts Extended plugin for WordPress is vulnerable
to Store ...)
NOT-FOR-US: WordPress plugin
CVE-2025-36535 (The embedded web server lacks authentication and access
controls, allo ...)
- TODO: check
+ NOT-FOR-US: AutomationDirect MB-Gateway
CVE-2025-2261 (Stored XSS in TIBCO ActiveMatrix Administrator allows malicious
data t ...)
NOT-FOR-US: TIBCO
CVE-2025-2102 (Improper Link Resolution Before File Access ('Link Following')
vulnera ...)
@@ -418,15 +418,15 @@ CVE-2025-2102 (Improper Link Resolution Before File
Access ('Link Following') vu
CVE-2025-27998 (An issue in Valvesoftware Steam Client Steam Client 1738026274
allows ...)
TODO: check
CVE-2025-27997 (An issue in Blizzard Battle.net v2.40.0.15267 allows attackers
to esca ...)
- TODO: check
+ NOT-FOR-US: Blizzard Battle.net
CVE-2025-27804 (Several OS command injection vulnerabilities exist in the
device firmw ...)
- TODO: check
+ NOT-FOR-US: eCharge Hardy Barth charging stations
CVE-2025-27803 (The devices do not implement any authentication for the web
interface ...)
- TODO: check
+ NOT-FOR-US: eCharge Hardy Barth charging stations
CVE-2025-27558 (IEEE P802.11-REVme D1.1 through D7.0 allows FragAttacks
against mesh n ...)
TODO: check
CVE-2025-25539 (Local File Inclusion vulnerability in Vasco v3.14and before
allows a r ...)
- TODO: check
+ NOT-FOR-US: Vasco
CVE-2025-20267 (A vulnerability in the web-based management interface of Cisco
Identit ...)
NOT-FOR-US: Cisco
CVE-2025-20258 (A vulnerability in the self-service portal of Cisco Duo could
allow an ...)
@@ -458,25 +458,25 @@ CVE-2025-1712 (Argument injection in special agent
configuration in Checkmk <2.4
CVE-2025-1421 (Data provided in a request performed to the server while
activating a ...)
TODO: check
CVE-2025-1420 (Input provided in a field containing "activationMessage"in
Konsola Pro ...)
- TODO: check
+ NOT-FOR-US: Proget
CVE-2025-1419 (Input provided in comment section of Konsola Proget is not
sanitized c ...)
- TODO: check
+ NOT-FOR-US: Proget
CVE-2025-1418 (A low-privileged user can access information about profiles
created in ...)
- TODO: check
+ NOT-FOR-US: Proget
CVE-2025-1417 (In Proget MDM, a low-privileged user can access information
about chan ...)
- TODO: check
+ NOT-FOR-US: Proget
CVE-2025-1416 (In Proget MDM, a low-privileged user can retrieve passwords for
manage ...)
- TODO: check
+ NOT-FOR-US: Proget
CVE-2025-1415 (A low-privileged user is able to obtain information about tasks
execut ...)
- TODO: check
+ NOT-FOR-US: Proget
CVE-2025-0372 (Concurrent Execution using Shared Resource with Improper
Synchronizati ...)
TODO: check
CVE-2024-57529 (Cross Site Scripting vulnerability in Jeppesen JetPlanner Pro
v.1.6.2. ...)
- TODO: check
+ NOT-FOR-US: Jeppesen JetPlanner Pro
CVE-2024-56429 (itech iLabClient 3.7.1 relies on the hard-coded
YngAYdgAE/kKZYu2F2wm6w ...)
- TODO: check
+ NOT-FOR-US: itech iLabClient
CVE-2024-56428 (The local iLabClient database in itech iLabClient 3.7.1 allows
local a ...)
- TODO: check
+ NOT-FOR-US: itech iLabClient
CVE-2024-42922 (AAPanel v7.0.7 was discovered to contain an OS command
injection vulne ...)
TODO: check
CVE-2024-23337 (jq is a command-line JSON processor. In versions up to and
including 1 ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aeba7eb2234624a68141d753d4ce302b085bd773
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aeba7eb2234624a68141d753d4ce302b085bd773
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
