Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
dff74dc4 by Salvatore Bonaccorso at 2025-07-11T22:19:23+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2025-7503 (An OEM IP camera manufactured by Shenzhen Liandian
Communication Techn ...)
- TODO: check
+ NOT-FOR-US: Shenzhen Liandian Communication Technology LTD IP camera
CVE-2025-7456 (A vulnerability, which was classified as critical, has been
found in C ...)
NOT-FOR-US: Campcodes
CVE-2025-7455 (A vulnerability classified as critical was found in Campcodes
Online M ...)
@@ -7,11 +7,11 @@ CVE-2025-7455 (A vulnerability classified as critical was
found in Campcodes Onl
CVE-2025-7454 (A vulnerability classified as critical has been found in
Campcodes Onl ...)
NOT-FOR-US: Campcodes
CVE-2025-7453 (A vulnerability was found in saltbo zpan up to
1.6.5/1.7.0-beta2. It h ...)
- TODO: check
+ NOT-FOR-US: saltbo zpan
CVE-2025-7452 (A vulnerability was found in kone-net go-chat up to
f9e58d0afa9bbdb31f ...)
- TODO: check
+ NOT-FOR-US: kone-net go-chat
CVE-2025-7450 (A vulnerability was found in letseeqiji gorobbs up to 1.0.8. It
has be ...)
- TODO: check
+ NOT-FOR-US: letseeqiji gorobbs
CVE-2025-7029 (A vulnerability in the Software SMI handler (SwSmiInputValue
0xB2) all ...)
TODO: check
CVE-2025-7028 (A vulnerability in the Software SMI handler (SwSmiInputValue
0x20) all ...)
@@ -31,11 +31,11 @@ CVE-2025-6549 (An Incorrect Authorization vulnerability in
the web server of Jun
CVE-2025-6438 (CWE-611: Improper Restriction of XML External Entity Reference
vulnera ...)
NOT-FOR-US: Schneider Electric
CVE-2025-53642 (haxcms-nodejs and haxcms-php are backends for HAXcms. The
logout funct ...)
- TODO: check
+ NOT-FOR-US: HAXcms
CVE-2025-53641 (Postiz is an AI social media scheduling tool. From 1.45.1 to
1.62.3, t ...)
- TODO: check
+ NOT-FOR-US: Postiz
CVE-2025-52994 (gif_outputAsJpeg in phpThumb through 1.7.23 allows
phpthumb.gif.php OS ...)
- TODO: check
+ NOT-FOR-US: phpThumb
CVE-2025-52989 (An Improper Neutralization of Delimiters vulnerability in the
UI of Ju ...)
NOT-FOR-US: Juniper
CVE-2025-52988 (An Improper Neutralization of Special Elements used in an OS
Command ( ...)
@@ -81,7 +81,7 @@ CVE-2025-52947 (An Improper Handling of Exceptional
Conditions vulnerability in
CVE-2025-52946 (A Use After Free vulnerability in the routing protocol daemon
(rpd) of ...)
NOT-FOR-US: Juniper
CVE-2025-52089 (A hidden remote support feature protected by a static secret
in TOTOLI ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-51591 (A Server-Side Request Forgery (SSRF) in JGM Pandoc v3.6.4
allows attac ...)
TODO: check
CVE-2025-50125 (CWE-918: Server-Side Request Forgery (SSRF) vulnerability
exists that ...)
@@ -103,7 +103,7 @@ CVE-2025-47182 (Improper input validation in Microsoft Edge
(Chromium-based) all
CVE-2025-45582 (GNU Tar through 1.35 allows file overwrite via directory
traversal in ...)
TODO: check
CVE-2025-43856 (immich is a high performance self-hosted photo and video
management so ...)
- TODO: check
+ NOT-FOR-US: immich
CVE-2025-3933 (A Regular Expression Denial of Service (ReDoS) vulnerability
was disco ...)
TODO: check
CVE-2025-3631 (An IBM MQ 9.3 and 9.4 Client connecting to an MQ Queue Manager
can cau ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dff74dc417fa99c62ba05b42c9573547477abfac
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dff74dc417fa99c62ba05b42c9573547477abfac
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
