[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Oct 14 21:13:54 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
dd151f9c by security tracker role at 2025-10-14T20:13:47+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,35 +1,35 @@
CVE-2025-9437 (A security issue exists within the Studio 5000 Logix Designer add-on p ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-9178 (A denial-of-service security issue exists in the affected product and ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-9177 (A denial-of-service security issue exists in the affected product and ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-9124 (A denial-of-service security issue in the affected product. The securi ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-9068 (A security issue exists within the Rockwell Automation Driver Package ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-9067 (A security issue exists within the x86 Microsoft Installer File (MSI), ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-9066 (A security issue was discovered within FactoryTalk\xae ViewPoint, allo ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-9064 (A path traversal security issue exists within FactoryTalk View Machine ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-9063 (An authentication bypass security issue exists within FactoryTalk View ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-8459 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2025-8430 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2025-8429 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2025-8428 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2025-7330 (A cross-site request forgery security issue exists in the product and ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-7329 (A Stored Cross-Site Scripting security issue exists in the affected pr ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-7328 (Multiple Broken Authentication security issues exist in the affected p ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-62366 (mailgen is a Node.js package that generates responsive HTML e-mails fo ...)
TODO: check
CVE-2025-62172 (Home Assistant is open source home automation software that puts local ...)
@@ -39,23 +39,23 @@ CVE-2025-62157 (Argo Workflows is an open source container-native workflow engin
CVE-2025-62156 (Argo Workflows is an open source container-native workflow engine for ...)
TODO: check
CVE-2025-61807 (Substance3D - Stager versions 3.1.4 and earlier are affected by an Int ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-61806 (Substance3D - Stager versions 3.1.4 and earlier are affected by an out ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-61805 (Substance3D - Stager versions 3.1.4 and earlier are affected by an out ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-61803 (Substance3D - Stager versions 3.1.4 and earlier are affected by an Int ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-61802 (Substance3D - Stager versions 3.1.4 and earlier are affected by a Use ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-61801 (Dimension versions 4.1.4 and earlier are affected by a Use After Free ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-61800 (Dimension versions 4.1.4 and earlier are affected by an Integer Overfl ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-61799 (Dimension versions 4.1.4 and earlier are affected by an out-of-bounds ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-61798 (Dimension versions 4.1.4 and earlier are affected by an out-of-bounds ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-61678 (FreePBX Endpoint Manager is a module for managing telephony endpoints ...)
TODO: check
CVE-2025-61675 (FreePBX Endpoint Manager is a module for managing telephony endpoints ...)
@@ -71,15 +71,15 @@ CVE-2025-60535 (A Cross-Site Request Forgery (CSRF) in the component /endpoints/
CVE-2025-60374 (Stored Cross-Site Scripting (XSS) in Perfex CRM chatbot before 3.3.1 a ...)
TODO: check
CVE-2025-5946 (Improper Neutralization of Special Elements used in an OS Command ('OS ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2025-59921 (An exposure of sensitive information to an unauthorized actor vulnerab ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-59502 (Uncontrolled resource consumption in Windows Remote Procedure Call all ...)
TODO: check
CVE-2025-59497 (Time-of-check time-of-use (toctou) race condition in Microsoft Defende ...)
TODO: check
CVE-2025-59494 (Improper access control in Azure Monitor Agent allows an authorized at ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59429 (FreePBX is an open source GUI for managing Asterisk. In versions prior ...)
TODO: check
CVE-2025-59428 (EspoCRM is an open source customer relationship management application ...)
@@ -101,7 +101,7 @@ CVE-2025-59288 (Improper verification of cryptographic signature in GitHub allow
CVE-2025-59287 (Deserialization of untrusted data in Windows Server Update Service all ...)
TODO: check
CVE-2025-59285 (Deserialization of untrusted data in Azure Monitor Agent allows an aut ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59284 (Exposure of sensitive information to an unauthorized actor in Windows ...)
TODO: check
CVE-2025-59282 (Concurrent execution using shared resource with improper synchronizati ...)
@@ -245,7 +245,7 @@ CVE-2025-59184 (Exposure of sensitive information to an unauthorized actor in Wi
CVE-2025-59051 (The FreePBX Endpoint Manager module includes a Network Scanning featur ...)
TODO: check
CVE-2025-58903 (An Unchecked Return Value vulnerability [CWE-252] in Fortinet FortiOS ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-58739 (Exposure of sensitive information to an unauthorized actor in Windows ...)
TODO: check
CVE-2025-58738 (Use after free in Inbox COM Objects allows an unauthorized attacker to ...)
@@ -295,15 +295,15 @@ CVE-2025-58715 (Integer overflow or wraparound in Microsoft Windows Speech allow
CVE-2025-58714 (Improper access control in Windows Ancillary Function Driver for WinSo ...)
TODO: check
CVE-2025-58325 (An Incorrect Provision of Specified Functionality vulnerability [CWE-6 ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-58324 (An improper neutralization of input during web page generation vulnera ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-57741 (An Incorrect Permission Assignment for Critical Resource vulnerability ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-57740 (An Heap-based Buffer Overflow vulnerability [CWE-122] in FortiOS versi ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-57716 (An Uncontrolled Search Path Element vulnerability [CWE-427] in FortiCl ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-57618 (A path traversal vulnerability in FastX3 thru 3.3.67 allows an unauthe ...)
TODO: check
CVE-2025-57563 (A path traversal in StarNet Communications Corporation FastX v.4 throu ...)
@@ -401,39 +401,39 @@ CVE-2025-55247 (Improper link resolution before file access ('link following') i
CVE-2025-55240 (Improper access control in Visual Studio allows an authorized attacker ...)
TODO: check
CVE-2025-54973 (A concurrent execution using shared resource with improper synchroniza ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-54893 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2025-54892 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2025-54891 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2025-54889 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2025-54822 (An improper authorization vulnerability [CWE-285] in Fortinet FortiOS ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-54603 (An incorrect OIDC authentication flow in Claroty Secure Access 3.3.0 t ...)
TODO: check
CVE-2025-54284 (Illustrator versions 29.7, 28.7.9 and earlier are affected by an out-o ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-54283 (Illustrator versions 29.7, 28.7.9 and earlier are affected by an out-o ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-54282 (Adobe Framemaker versions 2020.9, 2022.7 and earlier are affected by a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-54281 (Adobe Framemaker versions 2020.9, 2022.7 and earlier are affected by a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-54280 (Substance3D - Viewer versions 0.25.2 and earlier are affected by an ou ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-54276 (Substance3D - Modeler versions 1.22.3 and earlier are affected by an o ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-54275 (Substance3D - Viewer versions 0.25.2 and earlier are affected by an ou ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-54274 (Substance3D - Viewer versions 0.25.2 and earlier are affected by a Sta ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-54273 (Substance3D - Viewer versions 0.25.2 and earlier are affected by an ou ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-53845 (An improper authentication vulnerability [CWE-287] in Fortinet FortiAn ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-53782 (Incorrect implementation of authentication algorithm in Microsoft Exch ...)
TODO: check
CVE-2025-53768 (Use after free in Xbox allows an authorized attacker to elevate privil ...)
@@ -453,7 +453,7 @@ CVE-2025-50152 (Out-of-bounds read in Windows Kernel allows an authorized attack
CVE-2025-49708 (Use after free in Microsoft Graphics Component allows an authorized at ...)
TODO: check
CVE-2025-49201 (A weak authentication in Fortinet FortiPAM 1.5.0, 1.4.0 through 1.4.2, ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-48813 (Use of a key past its expiration date in Virtual Secure Mode allows an ...)
TODO: check
CVE-2025-48004 (Use after free in Microsoft Brokering File System allows an unauthoriz ...)
@@ -463,13 +463,13 @@ CVE-2025-47989 (Improper access control in Azure Connected Machine Agent allows
CVE-2025-47979 (Insertion of sensitive information into log file in Windows Failover C ...)
TODO: check
CVE-2025-47890 (An URL Redirection to Untrusted Site vulnerabilities [CWE-601] in Fort ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-47856 (Two improper neutralization of special elements used in an OS command ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-46774 (An Improper Verification of Cryptographic Signature vulnerability [CWE ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-46581 (ZTE's ZXCDN product is affected by a Struts remote code execution (RC ...)
- TODO: check
+ NOT-FOR-US: ZTE
CVE-2025-41718 (A cleartext transmission of sensitive information vulnerability in the ...)
TODO: check
CVE-2025-41707 (The websocket handler is vulnerable to a denial of service condition. ...)
@@ -485,61 +485,61 @@ CVE-2025-41703 (An unauthenticated remote attacker can cause a Denial of Service
CVE-2025-41699 (An low privileged remote attacker with an account for the Web-based ma ...)
TODO: check
CVE-2025-40812 (A vulnerability has been identified in Solid Edge SE2024 (All versions ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40811 (A vulnerability has been identified in Solid Edge SE2024 (All versions ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40810 (A vulnerability has been identified in Solid Edge SE2024 (All versions ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40809 (A vulnerability has been identified in Solid Edge SE2024 (All versions ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40774 (A vulnerability has been identified in SiPass integrated (All versions ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40773 (A vulnerability has been identified in SiPass integrated (All versions ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40772 (A vulnerability has been identified in SiPass integrated (All versions ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40771 (A vulnerability has been identified in SIMATIC CP 1542SP-1 (6GK7542-6U ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40765 (A vulnerability has been identified in TeleControl Server Basic V3.1 ( ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40755 (A vulnerability has been identified in SINEC NMS (All versions < V4.0 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-37149 (A potential out-of-bound reads vulnerability in HPE ProLiant RL300 G ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37148 (A vulnerability in the parsing of ethernet frames in AOS-8 Instant and ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37147 (A Secure Boot Bypass Vulnerability exists in affected Access Points th ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37146 (A vulnerability in the web-based management interface of network acces ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37145 (Arbitrary file download vulnerabilities exist in a low-level interface ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37144 (Arbitrary file download vulnerabilities exist in a low-level interface ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37143 (An arbitrary file download vulnerability exists in the web-based manag ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37142 (Arbitrary file download vulnerabilities exist in the CLI binary of AOS ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37141 (Arbitrary file download vulnerabilities exist in the CLI binary of AOS ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37140 (Arbitrary file download vulnerabilities exist in the CLI binary of AOS ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37139 (A vulnerability in an AOS firmware binary allows an authenticated mali ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37138 (An authenticated command injection vulnerability exists in the command ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37137 (Arbitrary file deletion vulnerabilities have been identified in the co ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37136 (Arbitrary file deletion vulnerabilities have been identified in the co ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37135 (Arbitrary file deletion vulnerabilities have been identified in the co ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37134 (An authenticated command injection vulnerability exists in the CLI bin ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37133 (An authenticated command injection vulnerability exists in the CLI bin ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37132 (An arbitrary file write vulnerability exists in the web-based manageme ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-36730 (A prompt injection vulnerability exists in Windsurft version 1.10.7 in ...)
TODO: check
CVE-2025-34267 (Flowise v3.0.1 < 3.0.8 and all versions after with 'ALLOW_BUILTIN_DEP' ...)
@@ -549,21 +549,21 @@ CVE-2025-33182 (NVIDIA Jetson Linux contains a vulnerability in UEFI, where impr
CVE-2025-33177 (NVIDIA Jetson Linux and IGX OS contain a vulnerability in NvMap, where ...)
TODO: check
CVE-2025-33044 (APTIOV contains a vulnerability in BIOS where an attacker may cause an ...)
- TODO: check
+ NOT-FOR-US: AMI
CVE-2025-31514 (An Insertion of Sensitive Information into Log File vulnerability [CWE ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-31366 (An Improper Neutralization of Input During Web Page Generation vulnera ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-31365 (An Improper Control of Generation of Code ('Code Injection') vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-27906 (IBM Content Navigator 3.0.11, 3.0.15, 3.1.0, and 3.2.0 could expose th ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-25255 (An Improperly Implemented Security Check for Standard vulnerability [C ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-25253 (An Improper Validation of Certificate with Host Mismatch vulnerability ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-25252 (An Insufficient Session Expiration vulnerability [CWE-613] in FortiOS ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-25004 (Improper access control in Microsoft PowerShell allows an authorized a ...)
TODO: check
CVE-2025-24990 (Microsoft is aware of vulnerabilities in the third party Agere Modem d ...)
@@ -573,85 +573,85 @@ CVE-2025-24052 (Microsoft is aware of vulnerabilities in the third party Agere M
CVE-2025-23356 (NVIDIA Isaac Lab contains a vulnerability in SB3 configuration parsing ...)
TODO: check
CVE-2025-22833 (APTIOV contains a vulnerability in BIOS where an attacker may cause a ...)
- TODO: check
+ NOT-FOR-US: AMI
CVE-2025-22832 (APTIOV contains a vulnerability in BIOS where an attacker may cause an ...)
- TODO: check
+ NOT-FOR-US: AMI
CVE-2025-22831 (APTIOV contains a vulnerability in BIOS where an attacker may cause an ...)
- TODO: check
+ NOT-FOR-US: AMI
CVE-2025-22258 (A heap-based buffer overflow in Fortinet FortiSRA 1.5.0, 1.4.0 through ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-20724 (In wlan AP driver, there is a possible out of bounds read due to an in ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20723 (In gnss driver, there is a possible out of bounds write due to an inco ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20722 (In gnss driver, there is a possible out of bounds read due to an integ ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20721 (In imgsensor, there is a possible out of bounds write due to a missing ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20720 (In wlan AP driver, there is a possible out of bounds write due to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20719 (In wlan AP driver, there is a possible out of bounds write due to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20718 (In wlan AP driver, there is a possible out of bounds write due to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20717 (In wlan AP driver, there is a possible out of bounds write due to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20716 (In wlan AP driver, there is a possible out of bounds write due to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20715 (In wlan AP driver, there is a possible out of bounds write due to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20714 (In wlan AP driver, there is a possible out of bounds write due to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20713 (In wlan AP driver, there is a possible out of bounds write due to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20712 (In wlan AP driver, there is a possible out of bounds write due to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20711 (In wlan AP driver, there is a possible out of bounds write due to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20710 (In wlan AP driver, there is a possible out of bounds write due to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20709 (In wlan AP driver, there is a possible out of bounds write due to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-11736 (A flaw has been found in itsourcecode Online Examination System 1.0. A ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-11577 (Clevo\u2019s UEFI firmware update packages, including B10717.exe, inad ...)
TODO: check
CVE-2025-11548 (A remote, unauthenticated privilege escalation in ibi WebFOCUS allows ...)
- TODO: check
+ NOT-FOR-US: TIBCO
CVE-2025-11498 (An Improper Neutralization of Formula Elements in a CSV File vulnerabi ...)
- TODO: check
+ NOT-FOR-US: ABB group
CVE-2025-10986 (Path traversal in the admin panel of Ivanti EPMM before version 12.6.0 ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2025-10985 (OS command injection in the admin panel of Ivanti EPMM before version ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2025-10610 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
TODO: check
CVE-2025-10243 (OS command injection in the admin panel of Ivanti EPMM before version ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2025-10242 (OS command injection in the admin panel of Ivanti EPMM before version ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2025-10228 (Session Fixation vulnerability in Rolantis Information Technologies Ag ...)
TODO: check
CVE-2025-0033 (Improper access control within AMD SEV-SNP could allow an admin privil ...)
TODO: check
CVE-2024-50571 (A heap-based buffer overflow in Fortinet FortiOS 7.6.0 through 7.6.1, ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-48891 (An Improper Neutralization of Special Elements used in an OS Command ( ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-47569 (A insertion of sensitive information into sent data in Fortinet FortiM ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-44088 (Malicious script injection ('Cross-site Scripting') vulnerability in A ...)
TODO: check
CVE-2024-33507 (An insufficient session expiration vulnerability [CWE-613] and an inco ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-26008 (An improper check or handling of exceptional conditions vulnerability ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2023-46718 (A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 throug ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2011-20002 (A vulnerability has been identified in SIMATIC S7-1200 CPU V1 family ( ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2011-20001 (A vulnerability has been identified in SIMATIC S7-1200 CPU V1 family ( ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-11687
- gi-docgen <unfixed>
NOTE: https://gitlab.gnome.org/GNOME/gi-docgen/-/issues/228
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd151f9c1f12fdc6e029023d937bb93d96999ef3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd151f9c1f12fdc6e029023d937bb93d96999ef3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251014/64e24612/attachment.htm>
More information about the debian-security-tracker-commits
mailing list