Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ead8a2f3 by Salvatore Bonaccorso at 2025-06-03T10:22:54+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7,11 +7,11 @@ CVE-2025-4224 (The wpForo + wpForo Advanced Attachments
plugin for WordPress is
CVE-2025-4047 (The Broken Link Checker plugin for WordPress is vulnerable to
unauthor ...)
NOT-FOR-US: WordPress plugin
CVE-2025-49164 (Arris VIP1113 devices through 2025-05-30 with KreaTV SDK have
a firmwa ...)
- TODO: check
+ NOT-FOR-US: Arris VIP1113 devices
CVE-2025-49163 (Arris VIP1113 devices through 2025-05-30 with KreaTV SDK allow
booting ...)
- TODO: check
+ NOT-FOR-US: Arris VIP1113 devices
CVE-2025-49162 (Arris VIP1113 devices through 2025-05-30 with KreaTV SDK allow
file ov ...)
- TODO: check
+ NOT-FOR-US: Arris VIP1113 devices
CVE-2025-3919 (The WordPress Comments Import & Export plugin for WordPress is
vulnera ...)
NOT-FOR-US: WordPress plugin
CVE-2025-3662 (The FancyBox for WordPress plugin before 3.3.6 does not escape
caption ...)
@@ -197,7 +197,7 @@ CVE-2025-23104 (An issue was discovered in Samsung Mobile
Processor Exynos 2200,
CVE-2025-23099 (An issue was discovered in Samsung Mobile Processor Exynos
1480 and 24 ...)
NOT-FOR-US: Samsung
CVE-2025-20298 (In Universal Forwarder for Windows versions below 9.4.2,
9.3.4, 9.2.6, ...)
- TODO: check
+ NOT-FOR-US: Universal Forwarder for Windows
CVE-2025-20297 (In Splunk Enterprise versions below 9.4.2, 9.3.4 and 9.2.6,
and Splunk ...)
NOT-FOR-US: Cisco
CVE-2025-20001 (An out-of-bounds read vulnerability exists in High-Logic
FontCreator 1 ...)
@@ -205,13 +205,13 @@ CVE-2025-20001 (An out-of-bounds read vulnerability
exists in High-Logic FontCre
CVE-2025-1750 (An SQL injection vulnerability exists in the delete function of
DuckDB ...)
NOT-FOR-US: run-llama/llama_index
CVE-2025-1246 (Improper Restriction of Operations within the Bounds of a
Memory Buffe ...)
- TODO: check
+ NOT-FOR-US: ARM
CVE-2025-1051 (Sonos Era 300 Heap-based Buffer Overflow Remote Code Execution
Vulnera ...)
NOT-FOR-US: Sonos Era 300
CVE-2025-0819 (Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel
Driver, Arm ...)
- TODO: check
+ NOT-FOR-US: ARM
CVE-2025-0073 (Use After Free vulnerability in Arm Ltd Valhall GPU Kernel
Driver, Arm ...)
- TODO: check
+ NOT-FOR-US: ARM
CVE-2024-8008 (A reflected cross-site scripting (XSS) vulnerability exists in
multipl ...)
NOT-FOR-US: WSO2
CVE-2024-7074 (An arbitrary file upload vulnerability exists in multiple WSO2
product ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ead8a2f3b6da5bdd4c62f8897fac95660e3524fe
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ead8a2f3b6da5bdd4c62f8897fac95660e3524fe
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
