Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7856660d by Moritz Muehlenhoff at 2025-08-29T08:46:32+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -343,19 +343,19 @@ CVE-2025-39496 (Improper Neutralization of Special
Elements used in an SQL Comma
CVE-2025-36003 (IBM Security Verify Governance Identity Manager 10.0.2 could
allow a r ...)
NOT-FOR-US: IBM
CVE-2025-34523 (A heap-based buffer overflow vulnerability exists in the
exists in the ...)
- TODO: check
+ NOT-FOR-US: Arcserve
CVE-2025-34522 (A heap-based buffer overflow vulnerability exists in the input
parsing ...)
- TODO: check
+ NOT-FOR-US: Arcserve
CVE-2025-34521 (A reflected cross-site scripting (XSS) vulnerability exists in
the web ...)
- TODO: check
+ NOT-FOR-US: Arcserve
CVE-2025-34520 (An authentication bypass vulnerability in Arcserve Unified
Data Protec ...)
- TODO: check
+ NOT-FOR-US: Arcserve
CVE-2025-34163 (Dongsheng Logistics Software exposes an unauthenticated
endpoint at /C ...)
- TODO: check
+ NOT-FOR-US: Dongsheng Logistics Software
CVE-2025-34162 (An unauthenticated SQL injection vulnerability exists in the
GetLyfsBy ...)
- TODO: check
+ NOT-FOR-US: Bian Que Feijiu Intelligent Emergency and Quality Control
System
CVE-2025-34160 (AnyShare contains a critical unauthenticated remote code
execution vul ...)
- TODO: check
+ NOT-FOR-US: AnyShare
CVE-2025-31979 (A File Upload Validation Bypass vulnerability has been
identified in t ...)
NOT-FOR-US: HCL
CVE-2025-31977 (HCL BigFix SM is affected by cryptographic weakness due to
weak or out ...)
@@ -367,7 +367,7 @@ CVE-2025-31971 (AIML Solutions for HCL SX is vulnerable to
a URL validation vuln
CVE-2025-29364 (spimsimulator spim v9.1.24 and before is vulnerable to Buffer
Overflow ...)
TODO: check
CVE-2025-25010 (Incorrect authorization in Kibana can lead to privilege
escalation via ...)
- TODO: check
+ - kibana <itp> (bug #700337)
CVE-2025-0951 (Multiple plugins and/or themes for WordPress by LiquidThemes
are vulne ...)
NOT-FOR-US: WordPress plugin
CVE-2024-9648 (The WP ULike Pro plugin for WordPress is vulnerable to
arbitrary file ...)
@@ -375,29 +375,29 @@ CVE-2024-9648 (The WP ULike Pro plugin for WordPress is
vulnerable to arbitrary
CVE-2024-49790 (IBM Watson Studio on Cloud Pak for Data 4.0 and 5.0 is
vulnerable to c ...)
NOT-FOR-US: IBM
CVE-2024-48908 (lychee link checking action checks links in Markdown, HTML,
and text f ...)
- TODO: check
+ NOT-FOR-US: lychee link
CVE-2024-13986 (Nagios XI < 2024R1.3.2 contains a remote code execution
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Nagios XI
CVE-2024-13985 (A command injection vulnerability in Dahua EIMS versions prior
to 2240 ...)
- TODO: check
+ NOT-FOR-US: Dahua EIMS
CVE-2024-13984 (QiAnXin TianQing Management Center versions up to and
including 6.7.0. ...)
- TODO: check
+ NOT-FOR-US: QiAnXin TianQing Management Center
CVE-2024-13982 (SPON IP Network Broadcast System, a digital audio transmission
platfor ...)
- TODO: check
+ NOT-FOR-US: SPON IP Network Broadcast System
CVE-2024-13981 (LiveBOS, an object-oriented business architecture middleware
suite dev ...)
- TODO: check
+ NOT-FOR-US: LiveBOS
CVE-2024-13980 (H3C Intelligent Management Center (IMC) versions up to and
including E ...)
- TODO: check
+ NOT-FOR-US: H3C
CVE-2024-13979 (A SQL injection vulnerability exists in the St. Joe ERP system
("\u572 ...)
- TODO: check
+ NOT-FOR-US: St. Joe ERP system
CVE-2024-13807 (The Xagio SEO plugin for WordPress is vulnerable to Sensitive
Informat ...)
NOT-FOR-US: WordPress plugin
CVE-2023-7309 (A path traversal vulnerability exists in the Dahua Smart Park
Integrat ...)
- TODO: check
+ NOT-FOR-US: Dahua Smart Park Integration
CVE-2023-7308 (SecGate3600, a network firewall product developed by NSFOCUS,
contains ...)
- TODO: check
+ NOT-FOR-US: SecGate3600
CVE-2023-7307 (Sangfor Behavior Management System (also referred to as DC
Management ...)
- TODO: check
+ NOT-FOR-US: Sangfor Behavior Management System
CVE-2018-25115 (Multiple D-Link DIR-series routers, including DIR-110,
DIR-412, DIR-60 ...)
NOT-FOR-US: D-Link
CVE-2025-XXXX [RUSTSEC-2025-0051]
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7856660d0b016b26685d5604e4a63d3684fe88af
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7856660d0b016b26685d5604e4a63d3684fe88af
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
