[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jan 22 09:08:46 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4823e45c by Salvatore Bonaccorso at 2025-01-22T10:08:19+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2025-23237 (Improper neutralization of special elements used in an OS command ('OS ...)
- TODO: check
+ NOT-FOR-US: UD-LT2 firmware
CVE-2025-23090 (With the aid of the diagnostics_channel utility, an event can be hooke ...)
TODO: check
CVE-2025-23089 (This CVE has been issued to inform users that they are using End-of-Li ...)
@@ -9,103 +9,103 @@ CVE-2025-23088 (This CVE has been issued to inform users that they are using End
CVE-2025-23087 (This CVE has been issued to inform users that they are using End-of-Li ...)
TODO: check
CVE-2025-22450 (Inclusion of undocumented features issue exists in UD-LT2 firmware Ver ...)
- TODO: check
+ NOT-FOR-US: UD-LT2 firmware
CVE-2025-21571 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
TODO: check
CVE-2025-21570 (Vulnerability in the Oracle Life Sciences Argus Safety product of Orac ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21569 (Vulnerability in the Oracle Hyperion Data Relationship Management prod ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21568 (Vulnerability in the Oracle Hyperion Data Relationship Management prod ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21567 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
TODO: check
CVE-2025-21566 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
TODO: check
CVE-2025-21565 (Vulnerability in the Oracle Agile PLM Framework product of Oracle Supp ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21564 (Vulnerability in the Oracle Agile PLM Framework product of Oracle Supp ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21563 (Vulnerability in the PeopleSoft Enterprise CC Common Application Objec ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21562 (Vulnerability in the PeopleSoft Enterprise CC Common Application Objec ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21561 (Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of O ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21560 (Vulnerability in the Oracle Agile PLM Framework product of Oracle Supp ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21559 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
TODO: check
CVE-2025-21558 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21557 (Vulnerability in Oracle Application Express (component: General). Sup ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21556 (Vulnerability in the Oracle Agile PLM Framework product of Oracle Supp ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21555 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
TODO: check
CVE-2025-21554 (Vulnerability in the Oracle Communications Order and Service Managemen ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21553 (Vulnerability in the Java VM component of Oracle Database Server. Sup ...)
TODO: check
CVE-2025-21552 (Vulnerability in the JD Edwards EnterpriseOne Orchestrator product of ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21551 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21550 (Vulnerability in the Oracle Financial Services Behavior Detection Plat ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21549 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21548 (Vulnerability in the MySQL Connectors product of Oracle MySQL (compone ...)
TODO: check
CVE-2025-21547 (Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hosp ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21546 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
TODO: check
CVE-2025-21545 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21544 (Vulnerability in the Oracle Communications Order and Service Managemen ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21543 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
TODO: check
CVE-2025-21542 (Vulnerability in the Oracle Communications Order and Service Managemen ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21541 (Vulnerability in the Oracle Workflow product of Oracle E-Business Suit ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21540 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
TODO: check
CVE-2025-21539 (Vulnerability in the PeopleSoft Enterprise FIN eSettlements product of ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21538 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21537 (Vulnerability in the PeopleSoft Enterprise FIN Cash Management product ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21536 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
TODO: check
CVE-2025-21535 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21534 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
TODO: check
CVE-2025-21533 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
TODO: check
CVE-2025-21532 (Vulnerability in the Oracle Analytics Desktop product of Oracle Analyt ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21531 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
TODO: check
CVE-2025-21530 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21529 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
TODO: check
CVE-2025-21528 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21527 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21526 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21525 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
TODO: check
CVE-2025-21524 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21523 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
TODO: check
CVE-2025-21522 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
@@ -119,29 +119,29 @@ CVE-2025-21519 (Vulnerability in the MySQL Server product of Oracle MySQL (compo
CVE-2025-21518 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
TODO: check
CVE-2025-21517 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21516 (Vulnerability in the Oracle Customer Care product of Oracle E-Business ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21515 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21514 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21513 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21512 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21511 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21510 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21509 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21508 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21507 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21506 (Vulnerability in the Oracle Project Foundation product of Oracle E-Bus ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21505 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
TODO: check
CVE-2025-21504 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
@@ -157,7 +157,7 @@ CVE-2025-21500 (Vulnerability in the MySQL Server product of Oracle MySQL (compo
CVE-2025-21499 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
TODO: check
CVE-2025-21498 (Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middl ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-21497 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
TODO: check
CVE-2025-21495 (Vulnerability in the MySQL Enterprise Firewall product of Oracle MySQL ...)
@@ -173,39 +173,39 @@ CVE-2025-21491 (Vulnerability in the MySQL Server product of Oracle MySQL (compo
CVE-2025-21490 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
TODO: check
CVE-2025-21489 (Vulnerability in the Oracle Advanced Outbound Telephony product of Ora ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2025-20617 (Improper neutralization of special elements used in an OS command ('OS ...)
- TODO: check
+ NOT-FOR-US: UD-LT2 firmware
CVE-2025-0625 (A vulnerability, which was classified as problematic, was found in Cam ...)
- TODO: check
+ NOT-FOR-US: CampCodes School Management Software
CVE-2025-0429 (The "AI Power: Complete AI Pack" plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-0428 (The "AI Power: Complete AI Pack" plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-57545 (Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overfl ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2024-57544 (Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overfl ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2024-57543 (Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overfl ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2024-57542 (Linksys E8450 v1.2.00.360516 was discovered to contain a command injec ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2024-57541 (Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overfl ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2024-57540 (Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overfl ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2024-57539 (Linksys E8450 v1.2.00.360516 was discovered to contain a command injec ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2024-57538 (Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overfl ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2024-57537 (Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overfl ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2024-57536 (Linksys E8450 v1.2.00.360516 was discovered to contain a command injec ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2024-57360 (https://www.gnu.org/software/binutils/ nm >=2.43 is affected by: Incor ...)
TODO: check
CVE-2024-55959 (Northern.tech Mender Client 4.x before 4.0.5 has Insecure Permissions.)
- TODO: check
+ NOT-FOR-US: Northern.tech Mender Client
CVE-2024-55958 (Northern.tech CFEngine Enterprise Mission Portal 3.24.0, 3.21.5, and b ...)
TODO: check
CVE-2024-49749 (In DGifSlurp of dgif_lib.c, there is a possible out of bounds write du ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4823e45c873aac793fdf72c5917ddf7d954b14ed
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4823e45c873aac793fdf72c5917ddf7d954b14ed
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250122/909ec2bd/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list