[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue May 20 21:30:04 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2db3150f by Salvatore Bonaccorso at 2025-05-20T22:29:39+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
CVE-2025-4997 (A vulnerability, which was classified as problematic, was found in H3C ...)
- TODO: check
+ NOT-FOR-US: H3C R2+ProG
CVE-2025-4996 (A vulnerability, which was classified as problematic, has been found i ...)
- TODO: check
+ NOT-FOR-US: Intelbras
CVE-2025-4980 (A vulnerability has been found in Netgear DGND3700 1.1.00.15_1.00.15NA ...)
NOT-FOR-US: Netgear
CVE-2025-4978 (A vulnerability, which was classified as very critical, was found in N ...)
@@ -9,9 +9,9 @@ CVE-2025-4978 (A vulnerability, which was classified as very critical, was found
CVE-2025-4977 (A vulnerability, which was classified as problematic, has been found i ...)
NOT-FOR-US: Netgear
CVE-2025-4951 (Editions of Rapid7 AppSpider Pro before version7.5.018 is vulnerable t ...)
- TODO: check
+ NOT-FOR-US: Rapid7 AppSpider Pro
CVE-2025-4364 (The affected products could allow an unauthenticated attacker to acces ...)
- TODO: check
+ NOT-FOR-US: Assured Telematics Inc.
CVE-2025-48391 (In JetBrains YouTrack before 2025.1.76253 deletion of issues was possi ...)
NOT-FOR-US: JetBrains
CVE-2025-48056 (Hubble is a fully distributed networking and security observability pl ...)
@@ -27,17 +27,17 @@ CVE-2025-48015 (Failed login response could be different depending on whether th
CVE-2025-48014 (Password guessing limits could be bypassed when using LDAP authenticat ...)
NOT-FOR-US: Schweitzer Engineering Laboratories (SEL)
CVE-2025-47941 (TYPO3 is an open source, PHP based web content management system. In v ...)
- TODO: check
+ NOT-FOR-US: TYPO3
CVE-2025-47940 (TYPO3 is an open source, PHP based web content management system. Star ...)
- TODO: check
+ NOT-FOR-US: TYPO3
CVE-2025-47939 (TYPO3 is an open source, PHP based web content management system. By d ...)
- TODO: check
+ NOT-FOR-US: TYPO3
CVE-2025-47938 (TYPO3 is an open source, PHP based web content management system. Star ...)
- TODO: check
+ NOT-FOR-US: TYPO3
CVE-2025-47937 (TYPO3 is an open source, PHP based web content management system. Star ...)
- TODO: check
+ NOT-FOR-US: TYPO3
CVE-2025-47936 (TYPO3 is an open source, PHP based web content management system. In v ...)
- TODO: check
+ NOT-FOR-US: TYPO3
CVE-2025-47854 (In JetBrains TeamCity before 2025.03.2 open redirect was possible on e ...)
NOT-FOR-US: JetBrains
CVE-2025-47853 (In JetBrains TeamCity before 2025.03.2 stored XSS via Jira integration ...)
@@ -57,31 +57,31 @@ CVE-2025-46725 (Langroid is a Python framework to build large language model (LL
CVE-2025-46724 (Langroid is a Python framework to build large language model (LLM)-pow ...)
TODO: check
CVE-2025-45862 (TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buff ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-44893 (FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow ...)
- TODO: check
+ NOT-FOR-US: FW-WGS-804HPT
CVE-2025-44890 (FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow ...)
- TODO: check
+ NOT-FOR-US: FW-WGS-804HPT
CVE-2025-44885 (FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow ...)
- TODO: check
+ NOT-FOR-US: FW-WGS-804HPT
CVE-2025-44084 (D-link DI-8100 16.07.26A1 is vulnerable to Command Injection. An attac ...)
NOT-FOR-US: D-Link
CVE-2025-41231 (VMware Cloud Foundationcontains a missing authorisation vulnerability. ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2025-41230 (VMware Cloud Foundationcontains an information disclosure vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2025-41229 (VMware Cloud Foundationcontains a directory traversal vulnerability.A ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2025-41228 (VMware ESXi and vCenter Server contain a reflected cross-site scriptin ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2025-41227 (VMware ESXi,Workstation, and Fusion contain a denial-of-service vulner ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2025-41226 (VMwareESXi contains a denial-of-service vulnerability that occurs when ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2025-41225 (The vCenter Server contains an authenticated command-execution vulnera ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2025-40635 (SQL injection vulnerability in Comerzzia Backoffice: Sales Orchestrato ...)
- TODO: check
+ NOT-FOR-US: Comerzzia Backoffice
CVE-2025-40634 (Stack-based buffer overflow vulnerability in the 'conn-indicator' bina ...)
NOT-FOR-US: TP-Link
CVE-2025-40633 (A Stored Cross-Site Scripting (XSS) vulnerability has been found in K ...)
@@ -89,7 +89,7 @@ CVE-2025-40633 (A Stored Cross-Site Scripting (XSS) vulnerability has been found
CVE-2025-30193 (In some circumstances, when DNSdist is configured to allow an unlimite ...)
TODO: check
CVE-2025-26086 (An unauthenticated blind SQL injection vulnerability exists in RSI Que ...)
- TODO: check
+ NOT-FOR-US: RSI Queue Management System
CVE-2025-22157 (This High severity PrivEsc (Privilege Escalation) vulnerability was in ...)
NOT-FOR-US: Atlassian
CVE-2024-53359 (An issue in Zalo v23.09.01 allows attackers to obtain sensitive user i ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2db3150f277ce50aefbcb65adc4aba9aea8024cb
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2db3150f277ce50aefbcb65adc4aba9aea8024cb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250520/cc99bea1/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list