Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
81a59a35 by Salvatore Bonaccorso at 2025-07-08T22:43:44+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -88,141 +88,141 @@ CVE-2025-53480 (The CheckUser extension\u2019s
Special:Investigate page has a vu
CVE-2025-53479 (The CheckUser extension\u2019s Special:CheckUser interface is
vulnerab ...)
TODO: check
CVE-2025-53372 (node-code-sandbox-mcp is a Node.js\u2013based Model Context
Protocol s ...)
- TODO: check
+ NOT-FOR-US: node-code-sandbox-mcp
CVE-2025-53355 (MCP Server Kubernetes is an MCP Server that can connect to a
Kubernete ...)
- TODO: check
+ NOT-FOR-US: MCP Server Kubernetes
CVE-2025-50130 (A heap-based buffer overflow vulnerability exists in
VS6Sim.exe contai ...)
- TODO: check
+ NOT-FOR-US: Fuji Electric
CVE-2025-4663 (An Improper Check for Unusual or Exceptional Conditions
vulnerability ...)
NOT-FOR-US: Brocade
CVE-2025-49760 (External control of file name or path in Windows Storage
allows an aut ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49756 (Use of a broken or risky cryptographic algorithm in Office
Developer P ...)
NOT-FOR-US: Microsoft
CVE-2025-49753 (Heap-based buffer overflow in Windows Routing and Remote
Access Servic ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49744 (Heap-based buffer overflow in Microsoft Graphics Component
allows an a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49742 (Integer overflow or wraparound in Microsoft Graphics Component
allows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49740 (Protection mechanism failure in Windows SmartScreen allows an
unauthor ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49739 (Improper link resolution before file access ('link following')
in Visu ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49738 (Improper link resolution before file access ('link following')
in Micr ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49737 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49735 (Use after free in Windows KDC Proxy Service (KPSSVC) allows an
unautho ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49733 (Use after free in Windows Win32K - ICOMP allows an authorized
attacker ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49732 (Heap-based buffer overflow in Microsoft Graphics Component
allows an a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49731 (Improper handling of insufficient permissions or privileges in
Microso ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49730 (Time-of-check time-of-use (toctou) race condition in Microsoft
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49729 (Heap-based buffer overflow in Windows Routing and Remote
Access Servic ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49727 (Heap-based buffer overflow in Windows Win32K - GRFX allows an
authoriz ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49726 (Use after free in Windows Notification allows an authorized
attacker t ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49725 (Use after free in Windows Notification allows an authorized
attacker t ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49724 (Use after free in Windows Connected Devices Platform Service
allows an ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49723 (Missing authorization in Windows StateRepository API allows an
authori ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49722 (Uncontrolled resource consumption in Windows Print Spooler
Components ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49721 (Heap-based buffer overflow in Windows Fast FAT Driver allows
an unauth ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49719 (Improper input validation in SQL Server allows an unauthorized
attacke ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49718 (Use of uninitialized resource in SQL Server allows an
unauthorized att ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49717 (Heap-based buffer overflow in SQL Server allows an authorized
attacker ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49716 (Uncontrolled resource consumption in Windows Netlogon allows
an unauth ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49714 (Trust boundary violation in Visual Studio Code - Python
extension allo ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49711 (Use after free in Microsoft Office Excel allows an
unauthorized attack ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49706 (Improper authentication in Microsoft Office SharePoint allows
an autho ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49705 (Heap-based buffer overflow in Microsoft Office PowerPoint
allows an un ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49704 (Improper control of generation of code ('code injection') in
Microsoft ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49703 (Use after free in Microsoft Office Word allows an unauthorized
attacke ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49702 (Access of resource using incompatible type ('type confusion')
in Micro ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49701 (Improper authorization in Microsoft Office SharePoint allows
an author ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49700 (Use after free in Microsoft Office Word allows an unauthorized
attacke ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49699 (Use after free in Microsoft Office allows an unauthorized
attacker to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49698 (Use after free in Microsoft Office Word allows an unauthorized
attacke ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49697 (Heap-based buffer overflow in Microsoft Office allows an
unauthorized ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49696 (Out-of-bounds read in Microsoft Office allows an unauthorized
attacker ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49695 (Use after free in Microsoft Office allows an unauthorized
attacker to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49694 (Null pointer dereference in Microsoft Brokering File System
allows an ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49693 (Double free in Microsoft Brokering File System allows an
authorized at ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49691 (Heap-based buffer overflow in Windows Media allows an
unauthorized att ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49690 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49689 (Integer overflow or wraparound in Virtual Hard Disk (VHDX)
allows an u ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49688 (Double free in Windows Routing and Remote Access Service
(RRAS) allows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49687 (Out-of-bounds read in Microsoft Input Method Editor (IME)
allows an au ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49686 (Null pointer dereference in Windows TCP/IP allows an
authorized attack ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49685 (Use after free in Microsoft Windows Search Component allows an
authori ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49684 (Buffer over-read in Storage Port Driver allows an authorized
attacker ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49683 (Integer overflow or wraparound in Virtual Hard Disk (VHDX)
allows an u ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49682 (Use after free in Windows Media allows an authorized attacker
to eleva ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49681 (Out-of-bounds read in Windows Routing and Remote Access
Service (RRAS) ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49680 (Improper link resolution before file access ('link following')
in Wind ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49679 (Numeric truncation error in Windows Shell allows an authorized
attacke ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49678 (Null pointer dereference in Windows NTFS allows an authorized
attacker ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49677 (Use after free in Microsoft Brokering File System allows an
authorized ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49676 (Heap-based buffer overflow in Windows Routing and Remote
Access Servic ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49675 (Use after free in Kernel Streaming WOW Thunk Service Driver
allows an ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49674 (Heap-based buffer overflow in Windows Routing and Remote
Access Servic ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49673 (Heap-based buffer overflow in Windows Routing and Remote
Access Servic ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49672 (Heap-based buffer overflow in Windows Routing and Remote
Access Servic ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49671 (Exposure of sensitive information to an unauthorized actor in
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49670 (Heap-based buffer overflow in Windows Routing and Remote
Access Servic ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49669 (Heap-based buffer overflow in Windows Routing and Remote
Access Servic ...)
TODO: check
CVE-2025-49668 (Heap-based buffer overflow in Windows Routing and Remote
Access Servic ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/81a59a352bba3f94083ed0d431fdc741fe956f63
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/81a59a352bba3f94083ed0d431fdc741fe956f63
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
