[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri May 23 09:40:11 BST 2025
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
aeba7eb2 by Moritz Muehlenhoff at 2025-05-23T10:37:41+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -164,25 +164,25 @@ CVE-2024-48850 (Absolute File Traversal vulnerabilities in ASPECT allows access
CVE-2024-48848 (Large content vulnerabilities are present in ASPECT exposing a device ...)
NOT-FOR-US: ABB group
CVE-2024-41199 (An issue in Ocuco Innovation - JOBMANAGER.EXE v2.10.24.16 allows attac ...)
- TODO: check
+ NOT-FOR-US: Ocuco Innovation
CVE-2024-41198 (An issue in Ocuco Innovation - REPORTS.EXE v2.10.24.13 allows attacker ...)
- TODO: check
+ NOT-FOR-US: Ocuco Innovation
CVE-2024-41197 (An issue in Ocuco Innovation - INVCLIENT.EXE v2.10.24.5 allows attacke ...)
- TODO: check
+ NOT-FOR-US: Ocuco Innovation
CVE-2024-41196 (An issue in Ocuco Innovation - REPORTSERVER.EXE v2.10.24.13 allows att ...)
- TODO: check
+ NOT-FOR-US: Ocuco Innovation
CVE-2024-41195 (An issue in Ocuco Innovation - INNOVASERVICEINTF.EXE v2.10.24.17 allow ...)
- TODO: check
+ NOT-FOR-US: Ocuco Innovation
CVE-2024-40462 (An issue in Ocuco Innovation v.2.10.24.51 allows a local attacker to e ...)
- TODO: check
+ NOT-FOR-US: Ocuco Innovation
CVE-2024-40461 (An issue in Ocuco Innovation v.2.10.24.51 allows a local attacker to e ...)
- TODO: check
+ NOT-FOR-US: Ocuco Innovation
CVE-2024-40460 (An issue in Ocuco Innovation v.2.10.24.51 allows a local attacker to e ...)
- TODO: check
+ NOT-FOR-US: Ocuco Innovation
CVE-2024-40459 (An issue in Ocuco Innovation APPMANAGER.EXE v.2.10.24.51 allows a loca ...)
- TODO: check
+ NOT-FOR-US: Ocuco Innovation
CVE-2024-40458 (An issue in Ocuco Innovation Tracking.exe v.2.10.24.51 allows a local ...)
- TODO: check
+ NOT-FOR-US: Ocuco Innovation
CVE-2024-25010 (Ericsson RAN Compute and Site Controller 6610 contains in certain conf ...)
TODO: check
CVE-2024-13958 (Stored Cross Site Scripting vulnerabilities exist in ASPECT if adminis ...)
@@ -410,7 +410,7 @@ CVE-2025-3751 (The component listed above contains a vulnerability that can be e
CVE-2025-3750 (The Network Posts Extended plugin for WordPress is vulnerable to Store ...)
NOT-FOR-US: WordPress plugin
CVE-2025-36535 (The embedded web server lacks authentication and access controls, allo ...)
- TODO: check
+ NOT-FOR-US: AutomationDirect MB-Gateway
CVE-2025-2261 (Stored XSS in TIBCO ActiveMatrix Administrator allows malicious data t ...)
NOT-FOR-US: TIBCO
CVE-2025-2102 (Improper Link Resolution Before File Access ('Link Following') vulnera ...)
@@ -418,15 +418,15 @@ CVE-2025-2102 (Improper Link Resolution Before File Access ('Link Following') vu
CVE-2025-27998 (An issue in Valvesoftware Steam Client Steam Client 1738026274 allows ...)
TODO: check
CVE-2025-27997 (An issue in Blizzard Battle.net v2.40.0.15267 allows attackers to esca ...)
- TODO: check
+ NOT-FOR-US: Blizzard Battle.net
CVE-2025-27804 (Several OS command injection vulnerabilities exist in the device firmw ...)
- TODO: check
+ NOT-FOR-US: eCharge Hardy Barth charging stations
CVE-2025-27803 (The devices do not implement any authentication for the web interface ...)
- TODO: check
+ NOT-FOR-US: eCharge Hardy Barth charging stations
CVE-2025-27558 (IEEE P802.11-REVme D1.1 through D7.0 allows FragAttacks against mesh n ...)
TODO: check
CVE-2025-25539 (Local File Inclusion vulnerability in Vasco v3.14and before allows a r ...)
- TODO: check
+ NOT-FOR-US: Vasco
CVE-2025-20267 (A vulnerability in the web-based management interface of Cisco Identit ...)
NOT-FOR-US: Cisco
CVE-2025-20258 (A vulnerability in the self-service portal of Cisco Duo could allow an ...)
@@ -458,25 +458,25 @@ CVE-2025-1712 (Argument injection in special agent configuration in Checkmk <2.4
CVE-2025-1421 (Data provided in a request performed to the server while activating a ...)
TODO: check
CVE-2025-1420 (Input provided in a field containing "activationMessage"in Konsola Pro ...)
- TODO: check
+ NOT-FOR-US: Proget
CVE-2025-1419 (Input provided in comment section of Konsola Proget is not sanitized c ...)
- TODO: check
+ NOT-FOR-US: Proget
CVE-2025-1418 (A low-privileged user can access information about profiles created in ...)
- TODO: check
+ NOT-FOR-US: Proget
CVE-2025-1417 (In Proget MDM, a low-privileged user can access information about chan ...)
- TODO: check
+ NOT-FOR-US: Proget
CVE-2025-1416 (In Proget MDM, a low-privileged user can retrieve passwords for manage ...)
- TODO: check
+ NOT-FOR-US: Proget
CVE-2025-1415 (A low-privileged user is able to obtain information about tasks execut ...)
- TODO: check
+ NOT-FOR-US: Proget
CVE-2025-0372 (Concurrent Execution using Shared Resource with Improper Synchronizati ...)
TODO: check
CVE-2024-57529 (Cross Site Scripting vulnerability in Jeppesen JetPlanner Pro v.1.6.2. ...)
- TODO: check
+ NOT-FOR-US: Jeppesen JetPlanner Pro
CVE-2024-56429 (itech iLabClient 3.7.1 relies on the hard-coded YngAYdgAE/kKZYu2F2wm6w ...)
- TODO: check
+ NOT-FOR-US: itech iLabClient
CVE-2024-56428 (The local iLabClient database in itech iLabClient 3.7.1 allows local a ...)
- TODO: check
+ NOT-FOR-US: itech iLabClient
CVE-2024-42922 (AAPanel v7.0.7 was discovered to contain an OS command injection vulne ...)
TODO: check
CVE-2024-23337 (jq is a command-line JSON processor. In versions up to and including 1 ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aeba7eb2234624a68141d753d4ce302b085bd773
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aeba7eb2234624a68141d753d4ce302b085bd773
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250523/c803efbf/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list