[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Dec 26 20:14:09 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
84eab6df by security tracker role at 2025-12-26T20:13:58+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -15,29 +15,29 @@ CVE-2025-66737 (Yealink T21P_E2 Phone 52.84.0.15 is vulnerable to Directory Trav
CVE-2025-65885 (An issue was discovered in the Delight Custom Firmware (CFW) for Nokia ...)
TODO: check
CVE-2025-64645 (IBM Concert 1.0.0 through 2.1.0 could allow a local user to escalate t ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-57403 (Cola Dnslog v1.3.2 is vulnerable to Directory Traversal. When a DNS qu ...)
TODO: check
CVE-2025-36230 (IBM Aspera Faspex 5 5.0.0 through 5.0.14.1 is vulnerable to HTML injec ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-36229 (IBM Aspera Faspex 5 5.0.0 through 5.0.14.1 could allow authenticated u ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-36228 (IBM Aspera Faspex 5 5.0.0 through 5.0.14.1 may allow inconsistent perm ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-36192 (IBM DS8A00( R10.1) 10.10.106.0 and IBM DS8A00 ( R10.0) 10.1.3.010.2.45 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-25341 (A vulnerability exists in the libxmljs 1.0.11 when parsing a specially ...)
TODO: check
CVE-2025-1721 (IBM Concert 1.0.0 through 2.1.0 could allow a remote attacker to obtai ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-14687 (IBM Db2 Intelligence Center 1.1.0, 1.1.1, 1.1.2 could allow an authent ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-13915 (IBM API Connect 10.0.8.0 through 10.0.8.5, and 10.0.11.0 could allow a ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-13158 (Prototype pollution vulnerability in apidoc-core versions 0.2.0 and al ...)
- TODO: check
+ NOT-FOR-US: Sonatype
CVE-2025-12771 (IBM Concert 1.0.0 through 2.1.0 is vulnerable to a stack-based buffer ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-44065 (Time-based blind SQL Injection vulnerability in Cloudlog v2.6.15 at th ...)
TODO: check
CVE-2024-42718 (A path traversal vulnerability in Croogo CMS 4.0.7 allows remote attac ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84eab6dfca1da40bc3904a2b15c1ac906d149c26
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84eab6dfca1da40bc3904a2b15c1ac906d149c26
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251226/abc0770a/attachment.htm>
More information about the debian-security-tracker-commits
mailing list