[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Feb 11 20:35:07 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b56a8cd6 by Salvatore Bonaccorso at 2025-02-11T21:34:45+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,407 +1,407 @@
CVE-2025-26495 (Cleartext Storage of Sensitive Information vulnerability in Salesforce ...)
- TODO: check
+ NOT-FOR-US: Salesforce Tableau Server
CVE-2025-26494 (Server-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau ...)
- TODO: check
+ NOT-FOR-US: Salesforce Tableau Server
CVE-2025-26493 (In JetBrains TeamCity before 2024.12.2 several DOM-based XSS were poss ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2025-26492 (In JetBrains TeamCity before 2024.12.2 improper Kubernetes connection ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2025-26491 (A vulnerability has been identified in Opcenter Intelligence (All vers ...)
- TODO: check
+ NOT-FOR-US: Opcenter Intelligence
CVE-2025-26490 (A vulnerability has been identified in Opcenter Intelligence (All vers ...)
- TODO: check
+ NOT-FOR-US: Opcenter Intelligence
CVE-2025-26411 (An authenticated attacker is able to use the Plugin Manager of the web ...)
- TODO: check
+ NOT-FOR-US: Wattsense Bridge devices
CVE-2025-26410 (The firmware of all Wattsense Bridge devices contain the same hard-cod ...)
- TODO: check
+ NOT-FOR-US: Wattsense Bridge devices
CVE-2025-26409 (A serial interface can be accessed with physical access to the PCB of ...)
- TODO: check
+ NOT-FOR-US: Wattsense Bridge devices
CVE-2025-26408 (The JTAG interface of Wattsense Bridge devices can be accessed with ph ...)
- TODO: check
+ NOT-FOR-US: Wattsense Bridge devices
CVE-2025-25530 (Buffer overflow vulnerability in Digital China DCBI-Netlog-LAB Gateway ...)
- TODO: check
+ NOT-FOR-US: Digital China DCBI-Netlog-LAB Gateway
CVE-2025-25529 (Buffer overflow vulnerability in Digital China DCBC Gateway 200-2.1.1 ...)
- TODO: check
+ NOT-FOR-US: Digital China DCBI-Netlog-LAB Gateway
CVE-2025-25528 (Multiple buffer overflow vulnerabilities in Wavlink WL-WN575A3 RPT75A3 ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2025-25527 (Buffer overflow vulnerability in Ruijie RG-NBR2600S Gateway 10.3(4b12) ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-25526 (Buffer overflow vulnerability in Mercury MIPC552W Camera v1.0 due to t ...)
- TODO: check
+ NOT-FOR-US: Mercury MIPC552W Camera
CVE-2025-25525 (Buffer overflow vulnerability in H3C FA3010L access points SWFA1B0V100 ...)
- TODO: check
+ NOT-FOR-US: H3C FA3010L access points SWFA1B0V100R005
CVE-2025-25524 (Buffer overflow vulnerability in TOTOLink X6000R routers V9.4.0cu.652_ ...)
- TODO: check
+ NOT-FOR-US: TOTOLink
CVE-2025-25523 (Buffer overflow vulnerability in Trendnet TEG-40128 Web Smart Switch v ...)
- TODO: check
+ NOT-FOR-US: Trendnet
CVE-2025-25522 (Buffer overflow vulnerability in Linksys WAP610N v1.0.05.002 due to th ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2025-25202 (Ash Authentication is an authentication framework for Elixir applicati ...)
- TODO: check
+ NOT-FOR-US: Ash Authentication
CVE-2025-24976 (Distribution is a toolkit to pack, ship, store, and deliver container ...)
TODO: check
CVE-2025-24973 (Concorde, formerly know as Nexkey, is a fork of the federated microblo ...)
- TODO: check
+ NOT-FOR-US: Concorde
CVE-2025-24956 (A vulnerability has been identified in OpenV2G (All versions < V0.9.6) ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-24900 (Concorde, formerly know as Nexkey, is a fork of the federated microblo ...)
- TODO: check
+ NOT-FOR-US: Concorde
CVE-2025-24897 (Misskey is an open source, federated social media platform. Starting i ...)
- TODO: check
+ NOT-FOR-US: Misskey
CVE-2025-24896 (Misskey is an open source, federated social media platform. Starting i ...)
- TODO: check
+ NOT-FOR-US: Misskey
CVE-2025-24812 (A vulnerability has been identified in SIMATIC S7-1200 CPU 1211C AC/DC ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-24811 (A vulnerability has been identified in SIMATIC S7-1200 CPU 1211C AC/DC ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-24807 (eprosima Fast DDS is a C++ implementation of the DDS (Data Distributio ...)
TODO: check
CVE-2025-24532 (A vulnerability has been identified in SCALANCE WAB762-1 (6GK5762-1AJ0 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-24499 (A vulnerability has been identified in SCALANCE WAB762-1 (6GK5762-1AJ0 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-24472 (AnAuthentication Bypass Using an Alternate Path or Channel vulnerabili ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2025-24470 (AnImproper Resolution of Path Equivalence vulnerability [CWE-41] in Fo ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2025-24438 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-24437 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-24436 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-24435 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-24434 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-24432 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-24430 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-24429 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-24428 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-24427 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-24426 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-24425 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-24424 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-24423 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-24422 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-24421 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-24420 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-24419 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-24418 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-24417 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-24416 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-24415 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-24414 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-24413 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-24412 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-24411 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-24410 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-24409 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-24408 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-24407 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-24406 (Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2. ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-24042 (Visual Studio Code JS Debug Extension Elevation of Privilege Vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-24039 (Visual Studio Code Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-24036 (Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-23403 (A vulnerability has been identified in SIMATIC IPC DiagBase (All versi ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-23363 (A vulnerability has been identified in Teamcenter (All versions < V14. ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-22467 (A stack-based buffer overflow in Ivanti Connect Secure before version ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2025-22399 (Dell UCC Edge, version 2.3.0, contains a Blind SSRF on Add Customer SF ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2025-21420 (Windows Disk Cleanup Tool Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21419 (Windows Setup Files Cleanup Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21418 (Windows Ancillary Function Driver for WinSock Elevation of Privilege V ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21414 (Windows Core Messaging Elevation of Privileges Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21410 (Windows Routing and Remote Access Service (RRAS) Remote Code Execution ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21407 (Windows Telephony Service Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21406 (Windows Telephony Service Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21400 (Microsoft SharePoint Server Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21397 (Microsoft Office Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21394 (Microsoft Excel Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21392 (Microsoft Office Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21391 (Windows Storage Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21390 (Microsoft Excel Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21387 (Microsoft Excel Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21386 (Microsoft Excel Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21383 (Microsoft Excel Information Disclosure Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21381 (Microsoft Excel Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21379 (DHCP Client Service Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21377 (NTLM Hash Disclosure Spoofing Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21376 (Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execu ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21375 (Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulne ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21373 (Windows Installer Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21371 (Windows Telephony Service Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21369 (Microsoft Digest Authentication Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21368 (Microsoft Digest Authentication Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21367 (Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21359 (Windows Kernel Security Feature Bypass Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21358 (Windows Core Messaging Elevation of Privileges Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21352 (Internet Connection Sharing (ICS) Denial of Service Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21351 (Windows Active Directory Domain Services API Denial of Service Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21350 (Windows Kerberos Denial of Service Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21349 (Windows Remote Desktop Configuration Service Tampering Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21347 (Windows Deployment Services Denial of Service Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21337 (Windows NTFS Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21322 (Microsoft PC Manager Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21259 (Microsoft Outlook Spoofing Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21254 (Internet Connection Sharing (ICS) Denial of Service Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21216 (Internet Connection Sharing (ICS) Denial of Service Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21212 (Internet Connection Sharing (ICS) Denial of Service Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21208 (Windows Routing and Remote Access Service (RRAS) Remote Code Execution ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21206 (Visual Studio Installer Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21201 (Windows Telephony Server Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21200 (Windows Telephony Service Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21198 (Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vu ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21194 (Microsoft Surface Security Feature Bypass Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21190 (Windows Telephony Service Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21188 (Azure Network Watcher VM Extension Elevation of Privilege Vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21184 (Windows Core Messaging Elevation of Privileges Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21183 (Windows Resilient File System (ReFS) Deduplication Service Elevation o ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21182 (Windows Resilient File System (ReFS) Deduplication Service Elevation o ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21181 (Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21179 (DHCP Client Service Denial of Service Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21163 (Illustrator versions 29.1, 28.7.3 and earlier are affected by a Stack- ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-21162 (Photoshop Elements versions 2025.0 and earlier are affected by a Creat ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-21161 (Substance3D - Designer versions 14.0.2 and earlier are affected by an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-21160 (Illustrator versions 29.1, 28.7.3 and earlier are affected by an Integ ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-21159 (Illustrator versions 29.1, 28.7.3 and earlier are affected by a Use Af ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-21158 (InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-21157 (InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-21156 (InCopy versions 20.0, 19.5.1 and earlier are affected by an Integer Un ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-21155 (Substance3D - Stager versions 3.1.0 and earlier are affected by a NULL ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-21126 (InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-21125 (InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-21124 (InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-21123 (InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-21121 (InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-1231 (Improper password reset in PAM Module in Devolutions Server 2024.3.10. ...)
- TODO: check
+ NOT-FOR-US: Devolutions
CVE-2025-1182 (A vulnerability, which was classified as critical, was found in GNU Bi ...)
TODO: check
CVE-2025-1126 (A Reliance on Untrusted Inputs in a Security Decision vulnerability ha ...)
- TODO: check
+ NOT-FOR-US: Lexmark
CVE-2025-1052 (Mintty Sixel Image Parsing Heap-based Buffer Overflow Remote Code Exec ...)
TODO: check
CVE-2025-1044 (Logsign Unified SecOps Platform Authentication Bypass Vulnerability. T ...)
TODO: check
CVE-2025-0911 (PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Dis ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2025-0910 (PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Ex ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2025-0909 (PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Dis ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2025-0908 (PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Dis ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2025-0907 (PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Dis ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2025-0906 (PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Dis ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2025-0905 (PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Dis ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2025-0904 (PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Dis ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2025-0903 (PDF-XChange Editor RTF File Parsing Heap-based Buffer Overflow Remote ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2025-0902 (PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Dis ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2025-0901 (PDF-XChange Editor Doc Object Out-Of-Bounds Read Remote Code Execution ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2025-0899 (PDF-XChange Editor AcroForm Use-After-Free Remote Code Execution Vulne ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2025-0862 (The SuperSaaS \u2013 online appointment scheduling plugin for WordPres ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-0589 (In affected versions of Octopus Deploy where customers are using Activ ...)
- TODO: check
+ NOT-FOR-US: Octopus Deploy
CVE-2025-0588 (In affected versions of Octopus Server it was possible for a user with ...)
- TODO: check
+ NOT-FOR-US: Octopus Server
CVE-2025-0526 (In affected versions of Octopus Deploy it was possible to upload files ...)
- TODO: check
+ NOT-FOR-US: Octopus Deploy
CVE-2025-0525 (In affected versions of Octopus Server the preview import feature coul ...)
- TODO: check
+ NOT-FOR-US: Octopus Server
CVE-2025-0513 (In affected versions of Octopus Server error messages were handled uns ...)
- TODO: check
+ NOT-FOR-US: Octopus Server
CVE-2024-54090 (A vulnerability has been identified in APOGEE PXC Series (BACnet) (All ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-54089 (A vulnerability has been identified in APOGEE PXC Series (BACnet) (All ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-54015 (A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All v ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-53977 (A vulnerability has been identified in ModelSim (All versions < V2025. ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-53651 (A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All v ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-53648 (A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All v ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-52968 (An improper authentication in Fortinet FortiClientMac 7.0.11 through 7 ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2024-52966 (An exposure of sensitive information to an unauthorized actor in Forti ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2024-50569 (A improper neutralization of special elements used in an os command (' ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2024-50567 (An improper neutralization of special elements used in an os command ( ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2024-47908 (OS command injection in the admin web console of Ivanti CSA before ver ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2024-45386 (A vulnerability has been identified in SIMATIC PCS neo V4.0 (All versi ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-40591 (An incorrect privilege assignment vulnerability [CWE-266] in Fortinet ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2024-40586 (AnImproper Access Control vulnerability [CWE-284] in FortiClient Windo ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2024-40584 (An improper neutralization of special elements used in an OS command ( ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2024-36508 (An improper limitation of a pathname to a restricted directory ('Path ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2024-35279 (A stack-based buffer overflow [CWE-121] vulnerability in Fortinet Fort ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2024-33659 (AMI APTIOV contains a vulnerability in BIOS where an attacker may caus ...)
- TODO: check
+ NOT-FOR-US: AMI APTIOV
CVE-2024-33504 (A use of hard-coded cryptographic key to encrypt sensitive data vulner ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2024-27781 (An improper neutralization of input during web page generation ('cross ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2024-27780 (MultipleImproper Neutralization of Input During Web Page Generation (' ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2024-23814 (A vulnerability has been identified in SCALANCE WAB762-1 (6GK5762-1AJ0 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-21966 (A DLL hijacking vulnerability in the AMD Ryzen\u2122 Master Utility c ...)
TODO: check
CVE-2024-13843 (Cleartext storage of information in Ivanti Connect Secure before versi ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2024-13842 (A hardcoded key in Ivanti Connect Secure before version 22.7R2.3 and I ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2024-13830 (Reflected XSS in Ivanti Connect Secure before version 22.7R2.6 and Iva ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2024-13813 (Insufficient permissions in Ivanti Secure Access Client before version ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2024-13506 (The GeoDirectory \u2013 WP Business Directory Plugin and Classified Li ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12833 (Paessler PRTG Network Monitor SNMP Cross-Site Scripting Authentication ...)
- TODO: check
+ NOT-FOR-US: Paessler PRTG Network Monitor SNMP
CVE-2024-12756 (An HTML Injection vulnerability in Avaya Spaces may have allowed discl ...)
- TODO: check
+ NOT-FOR-US: Avaya
CVE-2024-12755 (A Cross-Site Scripting (XSS) vulnerability in Avaya Spaces may have al ...)
- TODO: check
+ NOT-FOR-US: Avaya
CVE-2024-12551 (Tungsten Automation Power PDF JP2 File Parsing Out-Of-Bounds Read Remo ...)
- TODO: check
+ NOT-FOR-US: Tungsten Automation
CVE-2024-12550 (Tungsten Automation Power PDF JP2 File Parsing Out-Of-Bounds Read Info ...)
- TODO: check
+ NOT-FOR-US: Tungsten Automation
CVE-2024-12549 (Tungsten Automation Power PDF JP2 File Parsing Out-Of-Bounds Read Remo ...)
- TODO: check
+ NOT-FOR-US: Tungsten Automation
CVE-2024-12548 (Tungsten Automation Power PDF JP2 File Parsing Use-After-Free Informat ...)
- TODO: check
+ NOT-FOR-US: Tungsten Automation
CVE-2024-12547 (Tungsten Automation Power PDF JPF File Parsing Out-Of-Bounds Write Rem ...)
- TODO: check
+ NOT-FOR-US: Tungsten Automation
CVE-2024-12366 (PandasAI uses an interactive prompt function that is vulnerable to pro ...)
- TODO: check
+ NOT-FOR-US: PandasAI
CVE-2024-12058 (External control of a file name in Ivanti Connect Secure before versio ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2024-11771 (Path traversal in Ivanti CSA before version 5.0.5 allows a remote unau ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2024-10644 (Code injection in Ivanti Connect Secure before version 22.7R2.4 and Iv ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2023-40721 (A use of externally-controlled format string vulnerability [CWE-134] i ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2023-37482 (The login functionality of the web server in affected devices does not ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-31361 (A DLL hijacking vulnerability in AMD Integrated Management Technology ...)
TODO: check
CVE-2023-31360 (Incorrect default permissions in the AMD Integrated Management Technol ...)
@@ -217634,7 +217634,7 @@ CVE-2022-35204 (Vitejs Vite before v2.9.13 was discovered to allow attackers to
CVE-2022-35203 (An access control issue in TrendNet TV-IP572PI v1.0 allows unauthentic ...)
NOT-FOR-US: TrendNet TV-IP572PI
CVE-2022-35202 (A security issue in Sitevision version 10.3.1 and older allows a remot ...)
- TODO: check
+ NOT-FOR-US: Sitevision
CVE-2022-35201 (Tenda-AC18 V15.03.05.05 was discovered to contain a remote command exe ...)
NOT-FOR-US: Tenda
CVE-2022-35200
@@ -425123,7 +425123,7 @@ CVE-2019-15004 (The Customer Context Filter in Atlassian Jira Service Desk Serve
CVE-2019-15003 (The Customer Context Filter in Atlassian Jira Service Desk Server and ...)
NOT-FOR-US: Atlassian
CVE-2019-15002 (An exploitable CSRF vulnerability exists in Atlassian Jira, from versi ...)
- TODO: check
+ NOT-FOR-US: Atlassian Jira
CVE-2019-15001 (The Jira Importers Plugin in Atlassian Jira Server and Data Cente from ...)
NOT-FOR-US: Atlassian
CVE-2019-15000 (The commit diff rest endpoint in Bitbucket Server and Data Center befo ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b56a8cd619bbf959136e5d0cf8d66e7a2bd4d8cb
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b56a8cd619bbf959136e5d0cf8d66e7a2bd4d8cb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250211/d872eda0/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list