Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b4cf999a by Moritz Muehlenhoff at 2025-06-02T10:21:15+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,53 +1,53 @@
CVE-2025-5436 (A vulnerability was found in Multilaser Sirius RE016 MLT1.0. It
has be ...)
- TODO: check
+ NOT-FOR-US: Multilaser Sirius RE016
CVE-2025-5435 (A vulnerability was found in Marwal Infotech CMS 1.0. It has
been decl ...)
- TODO: check
+ NOT-FOR-US: Marwal Infotech CMS
CVE-2025-5434 (A vulnerability was found in Aem Solutions CMS up to 1.0. It
has been ...)
- TODO: check
+ NOT-FOR-US: Aem Solutions CMS
CVE-2025-5433 (A vulnerability was found in Fengoffice Feng Office 3.5.1.5 and
classi ...)
- TODO: check
+ NOT-FOR-US: Fengoffice Feng Office
CVE-2025-5432 (A vulnerability has been found in AssamLook CMS 1.0 and
classified as ...)
- TODO: check
+ NOT-FOR-US: AssamLook CMS
CVE-2025-5431 (A vulnerability, which was classified as critical, was found in
AssamL ...)
- TODO: check
+ NOT-FOR-US: AssamLook CMS
CVE-2025-5430 (A vulnerability, which was classified as critical, has been
found in A ...)
- TODO: check
+ NOT-FOR-US: AssamLook CMS
CVE-2025-5429 (A vulnerability classified as critical was found in juzaweb CMS
up to ...)
- TODO: check
+ NOT-FOR-US: juzaweb CMS
CVE-2025-5428 (A vulnerability classified as critical has been found in
juzaweb CMS u ...)
- TODO: check
+ NOT-FOR-US: juzaweb CMS
CVE-2025-5427 (A vulnerability was found in juzaweb CMS up to 3.4.2. It has
been rate ...)
- TODO: check
+ NOT-FOR-US: juzaweb CMS
CVE-2025-5426 (A vulnerability was found in juzaweb CMS up to 3.4.2. It has
been decl ...)
- TODO: check
+ NOT-FOR-US: juzaweb CMS
CVE-2025-5425 (A vulnerability was found in juzaweb CMS up to 3.4.2. It has
been clas ...)
- TODO: check
+ NOT-FOR-US: juzaweb CMS
CVE-2025-5424 (A vulnerability was found in juzaweb CMS up to 3.4.2 and
classified as ...)
- TODO: check
+ NOT-FOR-US: juzaweb CMS
CVE-2025-5423 (A vulnerability has been found in juzaweb CMS up to 3.4.2 and
classifi ...)
- TODO: check
+ NOT-FOR-US: juzaweb CMS
CVE-2025-5422 (A vulnerability, which was classified as problematic, was found
in juz ...)
- TODO: check
+ NOT-FOR-US: juzaweb CMS
CVE-2025-5421 (A vulnerability, which was classified as critical, has been
found in j ...)
- TODO: check
+ NOT-FOR-US: juzaweb CMS
CVE-2025-5420 (A vulnerability classified as problematic was found in juzaweb
CMS up ...)
- TODO: check
+ NOT-FOR-US: juzaweb CMS
CVE-2025-5412 (A vulnerability classified as problematic has been found in
Mist Commu ...)
- TODO: check
+ NOT-FOR-US: Mist Community Edition
CVE-2025-5411 (A vulnerability was found in Mist Community Edition up to
4.7.1. It ha ...)
- TODO: check
+ NOT-FOR-US: Mist Community Edition
CVE-2025-5410 (A vulnerability was found in Mist Community Edition up to
4.7.1. It ha ...)
- TODO: check
+ NOT-FOR-US: Mist Community Edition
CVE-2025-5409 (A vulnerability was found in Mist Community Edition up to
4.7.1. It ha ...)
- TODO: check
+ NOT-FOR-US: Mist Community Edition
CVE-2025-5408 (A vulnerability was found in WAVLINK QUANTUM D2G, QUANTUM D3G,
WL-WN53 ...)
NOT-FOR-US: Wavlink
CVE-2025-5407 (A vulnerability has been found in chaitak-gorai Blogbook up to
92f5cf9 ...)
- TODO: check
+ NOT-FOR-US: chaitak-gorai Blogbook
CVE-2025-5113 (The Diviotec professional series exposes a web interface. One
endpoint ...)
- TODO: check
+ NOT-FOR-US: Diviotec
CVE-2025-4010 (The Netcom NTC 6200 and NWL 222 series expose a web interface
to be co ...)
- TODO: check
+ NOT-FOR-US: Netcom NTC 6200 and NWL 222 series
CVE-2025-49113 (Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows
remote ...)
TODO: check
CVE-2025-49112 (setDeferredReply in networking.c in Valkey through 8.1.1 has
an intege ...)
@@ -73,7 +73,7 @@ CVE-2025-20672 (In Bluetooth driver, there is a possible out
of bounds write due
CVE-2025-1485 (The Real Cookie Banner: GDPR & ePrivacy Cookie Consent
WordPress plugi ...)
NOT-FOR-US: WordPress plugin
CVE-2025-1235 (A low privileged attacker can set the date of the devices to
the 19th ...)
- TODO: check
+ NOT-FOR-US: WAGO
CVE-2025-0358 (During an annual penetration test conducted on behalf of Axis
Communic ...)
NOT-FOR-US: Axis Communication
CVE-2025-0325 (A Guard Tour VAPIX API parameter allowed the use of arbitrary
values a ...)
@@ -81,7 +81,7 @@ CVE-2025-0325 (A Guard Tour VAPIX API parameter allowed the
use of arbitrary val
CVE-2025-0324 (The VAPIX Device Configuration framework allowed a privilege
escalatio ...)
NOT-FOR-US: Axis Communication
CVE-2024-11857 (Bluetooth HCI Adaptor from Realtek has a Link Following
vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Realtek
CVE-2025-XXXX [Post-Auth RCE via PHP Object Deserialization]
- roundcube 1.6.11+dfsg-1 (bug #1107073)
NOTE:
https://roundcube.net/news/2025/06/01/security-updates-1.6.11-and-1.5.10
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b4cf999aa83dcab90c5d9898f3d00dcc7a5a4b7e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b4cf999aa83dcab90c5d9898f3d00dcc7a5a4b7e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
